|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v3 1/3][xen-netback] add a pseudo pps rate limit
Thursday, December 18, 2014, 9:13:18 AM, you wrote: >>On Tue, 2013-07-09 at 16:01 +0200, William Dauchy wrote: >>> On Jul09 15:48, Sander Eikelenboom wrote: >>> > Just wondering, why should this be done in the drivers ? >>> > Couldn't this also be achieved with netfilter and the recent/limit >>> > modules ? >>> > The limit module can already handle bursts. >>> >>> We indeed forgot to talk about it since we already got the question from >>> Wei. >>> The first thing is that your comment is also true for bandwidth which is >>> already present. Moreover PPS is linked to bandwidth. >>> By using netfilter, PPS shaping is done on backend level, once packet >>> has left the VM; which means after using an additional memory transaction >>> to copy packet from frontend. IMHO, at scale, shaping in this way should >>> save some memory transactions comparing to netfilter. >> >>Have you tried the netfilter approach and found it to be insufficient in >>practice? >> >>I'm not sure how netfilter recent/limit is implemented but if it queues >>rather than drops you would naturally find that you end up with back >>pressure onto the netback device where the ring would fill with >>in-progress requests and therefore netback would have to stop processing >>more packets. >> >>Ian. >> > The maximum limit rate of the netfilter limit module is 10000/s that is too > small nowadays. Even if the size of the packet is 1500, the bandwidth is > as small as 14 MiB. So it is not a good practise to use the limit module. > $ sudo iptables -I INPUT -m limit --limit 10001/s --limit-burst 100 -j RETURN > iptables v1.4.19.1: Rate too fast "10001/s" And using TC / qdisc ? (http://lartc.org/manpages/tc.txt) _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |