You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some deployments require increasing the parameter lua/ggu.lua:mailbox_max_entries_exp to handle attacks with a very large number of flows. However, the packets sitting on GGU's mailbox are not accounted for in net_conf->back.total_pkt_burst at ggu/main.c:run_ggu(), and this might limit the number of preallocated packets available to the back interface at GK instances.
For net_conf->back.total_pkt_burst to account for the packets sitting on GGU's mailbox, a new GGU parameter is needed because only accounting for the maximum number of entries in GGU's mailbox ignores that each entry can hold multiple packets. A solution is to add the parameter mailbox_pkts_per_entry to struct ggu_config with the default value max_pkt_burst / 2 set in lua/ggu.lua. This parameter can even be set to zero to save memory when the back interface can implement the filters that the GGU needs in hardware.
Finally, ggu/main.c:process_single_packet() should not release the packets, but its callers should release those packets in bulk (see rte_pktmbuf_free_bulk()) to reduce the cost of releasing packets. An option is to add process_packets() to encapsulate this pattern.
The text was updated successfully, but these errors were encountered:
Some deployments require increasing the parameter
lua/ggu.lua:mailbox_max_entries_expto handle attacks with a very large number of flows. However, the packets sitting on GGU's mailbox are not accounted for innet_conf->back.total_pkt_burstatggu/main.c:run_ggu(), and this might limit the number of preallocated packets available to the back interface at GK instances.For
net_conf->back.total_pkt_burstto account for the packets sitting on GGU's mailbox, a new GGU parameter is needed because only accounting for the maximum number of entries in GGU's mailbox ignores that each entry can hold multiple packets. A solution is to add the parametermailbox_pkts_per_entrytostruct ggu_configwith the default valuemax_pkt_burst / 2set inlua/ggu.lua. This parameter can even be set to zero to save memory when the back interface can implement the filters that the GGU needs in hardware.Finally,
ggu/main.c:process_single_packet()should not release the packets, but its callers should release those packets in bulk (seerte_pktmbuf_free_bulk()) to reduce the cost of releasing packets. An option is to addprocess_packets()to encapsulate this pattern.The text was updated successfully, but these errors were encountered: