leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7d0446c234
linux/net
History
Neil Horman a44a4a006b xfrm: export xfrm garbage collector thresholds via sysctl 
Export garbage collector thresholds for xfrm[4|6]_dst_ops

Had a problem reported to me recently in which a high volume of ipsec
connections on a system began reporting ENOBUFS for new connections
eventually.

It seemed that after about 2000 connections we started being unable to
create more.  A quick look revealed that the xfrm code used a dst_ops
structure that limited the gc_thresh value to 1024, and always
dropped route cache entries after 2x the gc_thresh.

It seems the most direct solution is to export the gc_thresh values in
the xfrm[4|6] dst_ops as sysctls, like the main routing table does, so
that higher volumes of connections can be supported.  This patch has
been tested and allows the reporter to increase their ipsec connection
volume successfully.

Reported-by: Joe Nall <joe@nall.com>
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>

ipv4/xfrm4_policy.c |   18 ++++++++++++++++++
ipv6/xfrm6_policy.c |   18 ++++++++++++++++++
2 files changed, 36 insertions(+)
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-07-27 11:35:32 -07:00
..
9p net/9p: Fix crash due to bad mount parameters. 2009-07-02 13:17:01 -07:00
802 net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
8021q vlan: Propagate physical MTU changes 2009-07-20 07:35:37 -07:00
appletalk net: correct off-by-one write allocations reports 2009-06-18 00:29:12 -07:00
atm Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-07-09 20:18:24 -07:00
ax25 net: Move rx skb_orphan call to where needed 2009-06-23 16:36:25 -07:00
bluetooth net: use NETDEV_TX_OK instead of 0 in ndo_start_xmit() functions 2009-07-05 19:16:04 -07:00
bridge net, bridge: align br_nf_ops assignment 2009-07-05 19:16:14 -07:00
can net/can: add module alias to can protocol drivers 2009-07-15 11:20:38 -07:00
core net: ethtool_op_get_rx_csum() should be public and exported 2009-07-27 11:35:31 -07:00
dcb DCB: fix kfree(skb) 2009-01-04 17:29:21 -08:00
dccp net: adding memory barrier to the poll and receive callbacks 2009-07-09 17:06:57 -07:00
decnet net: remove NET_RX_BAD and NET_RX_CN* defines 2009-07-05 19:15:35 -07:00
dsa dsa: fix 88e6xxx statistics counter snapshotting 2009-07-05 18:03:35 -07:00
econet econet: use NET_RX_SUCCESS instead of magic number 0 for econet_rcv successful return 2009-07-06 18:07:59 -07:00
ethernet net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
ieee802154 ieee802154: move headers out of extra directory 2009-07-23 17:08:51 +04:00
ipv4 xfrm: export xfrm garbage collector thresholds via sysctl 2009-07-27 11:35:32 -07:00
ipv6 xfrm: export xfrm garbage collector thresholds via sysctl 2009-07-27 11:35:32 -07:00
ipx net: correct off-by-one write allocations reports 2009-06-18 00:29:12 -07:00
irda genetlink: make netns aware 2009-07-12 14:03:27 -07:00
iucv net: adding memory barrier to the poll and receive callbacks 2009-07-09 17:06:57 -07:00
key net: correct off-by-one write allocations reports 2009-06-18 00:29:12 -07:00
lapb net: remove NET_RX_BAD and NET_RX_CN* defines 2009-07-05 19:15:35 -07:00
llc net: correct off-by-one write allocations reports 2009-06-18 00:29:12 -07:00
mac80211 mac80211: Fix regression in mesh forwarding path. 2009-07-24 15:05:31 -04:00
netfilter Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-07-16 20:21:24 -07:00
netlabel net/netlabel: Correct redundant test 2009-07-27 11:35:29 -07:00
netlink net/compat/wext: send different messages to compat tasks 2009-07-15 08:53:39 -07:00
netrom net: use NETDEV_TX_OK instead of 0 in ndo_start_xmit() functions 2009-07-05 19:16:04 -07:00
packet af_packet: style cleanups 2009-07-23 18:01:10 -07:00
phonet phonet: phonet_device_get() fix 2009-07-27 08:03:18 -07:00
rds RDS: Refactor end of __conn_create for readability 2009-07-20 08:03:17 -07:00
rfkill Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-07-23 19:03:51 -07:00
rose net: use NETDEV_TX_OK instead of 0 in ndo_start_xmit() functions 2009-07-05 19:16:04 -07:00
rxrpc net: adding memory barrier to the poll and receive callbacks 2009-07-09 17:06:57 -07:00
sched net: use NETDEV_TX_OK instead of 0 in ndo_start_xmit() functions 2009-07-05 19:16:04 -07:00
sctp sctp: fix warning at inet_sock_destruct() while release sctp socket 2009-07-06 12:47:08 -07:00
sunrpc sunrpc: Use rcu_barrier() on unload. 2009-06-26 13:51:34 -07:00
tipc genetlink: make netns aware 2009-07-12 14:03:27 -07:00
unix net: adding memory barrier to the poll and receive callbacks 2009-07-09 17:06:57 -07:00
wanrouter wanrouter: fix sparse warnings: context imbalance 2009-02-26 23:13:36 -08:00
wimax wimax: fix warning caused by not checking retval of rfkill_set_hw_state() 2009-06-11 11:12:48 -07:00
wireless cfg80211: avoid setting default_key if add_key fails 2009-07-24 15:05:29 -04:00
x25 net: correct off-by-one write allocations reports 2009-06-18 00:29:12 -07:00
xfrm xfrm: use xfrm_addr_cmp() instead of compare addresses directly 2009-06-29 19:41:46 -07:00
compat.c net/compat/wext: send different messages to compat tasks 2009-07-15 08:53:39 -07:00
Kconfig net/compat/wext: send different messages to compat tasks 2009-07-15 08:53:39 -07:00
Makefile net: remove redundant sched/ in net/Makefile 2009-07-12 20:11:14 -07:00
nonet.c
socket.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2009-04-06 18:05:43 -07:00
sysctl_net.c net: sysctl_net - use net_eq to compare nets 2009-03-16 16:23:30 +01:00
TUNABLE