Mailing List Archive

From:: "Theo de Raadt" <deraadt@openbsd.org>
Subject:: Re: cache route at pf state
To:: Alexander Bluhm <bluhm@openbsd.org>, tech@openbsd.org
Date:: Sat, 20 Jul 2024 11:57:11 -0600

Download raw body.

Thread

2024-07-20 17:20 Alexander Bluhm:
cache route at pf state
- 2024-07-20 17:35 Stuart Henderson:
  cache route at pf state
- - 2024-07-20 17:57 Theo de Raadt:
    cache route at pf state
  - - 2024-07-20 21:30 Alexander Bluhm:
      cache route at pf state
- 2024-07-21 07:48 Claudio Jeker:
  cache route at pf state

Stuart Henderson <stu@spacehopper.org> wrote:

> On 2024/07/20 19:20, Alexander Bluhm wrote:
> > Hi,
> > 
> > When forwarding packets, rtable_match takes quite some time.
> > 
> > http://bluhm.genua.de/perform/results/2024-07-19T07:25:47Z/2024-07-19T00%3A00%3A00Z/btrace/ssh_perform%40lt13_iperf3_-6_-cfdd7%3Ae83e%3A66bc%3A0346%3A%3A36_-P10_-t10-btrace-kstack.0.svg?s=rtable_match
> > 
> > This can be avoided by caching the route at the pf state.
> 
> Is there some way to invalidate the cache if the route changes while the
> state is active?

Right.  We've been here before.  This is incompatible with dynamic routing.

2024-07-20 17:20 Alexander Bluhm:
cache route at pf state
- 2024-07-20 17:35 Stuart Henderson:
  cache route at pf state
- - 2024-07-20 17:57 Theo de Raadt:
    cache route at pf state
  - - 2024-07-20 21:30 Alexander Bluhm:
      cache route at pf state
- 2024-07-21 07:48 Claudio Jeker:
  cache route at pf state