各位看官非常对不起,本文是用因为写的,如果多有不便敬请见谅
代码是在商业公司编写的,在商业产品中也不能开源,再次抱歉
 
This presentation will highlight our efforts on optimizing the
Linux TCP/IP stack for providing networking in an
OpenStack environment, as deployed at our industrial customers.
 
 
Our primary goal is to provide a high-quality and highly performant TCP/IP stack.
To achieve this, we have to identify the performance bottlenecks in
the Linux TCP/IP stack for networking in OpenStack. We have performed a lot of
Linux TCP/IP stack performance tuning, related to NIC, CPU cache hit rate, spin lock,
memory alloc and others. However, we learned while measuring that conntrack NAT
uses too much CPU such for instance for the ipt_do_table function.
Linux conntrack is very good, but it is too heavy and many functions are not used.
Instead, we implemented FAST NAT in the Linux TCP/IP stack.
 
 
We will present our efforts on reducing the performance costs.
First, FAST NAT uses spin lock instead of global connection table but the entry to greatly reduces the CPU waiting time,
and user policies is instead stored as a hash table not a list. The connection table and user
policy is per-NUMA, this would avoid CPU through QPI waste much time and increase delay.
Second, FAST NAT does not record the TCP status,
but only record a tuple with relevant connection formation for NAT forward.
This can reduce much check for forwarding packet.
Entry in the connection table can be set to expire on
an absolute expiration time or relative expiration time basis.
Relative expiration time will incresae by per forwarding packet.
Global connection table don't synchronize for reducing lock's using. This may casue one TCP stream in
per-NUMA connection table. If we use Intel Ixgbe NIC with Flow Director ATR mode, the incoming
stream and outcoming stream will have same index for multiple queues. The mentioned limit above
will disappear.
 
Limitations of FAST NAT only TCP and UDP are supported.
Although some limitations exist, our work has paid off and resulted in 15-20 percentage pps improvement.

Linux内核协议栈 NAT性能优化之FAST NAT的更多相关文章

  1. (转)linux内核参数注释与优化

    linux内核参数注释与优化 原文:http://blog.51cto.com/yangrong/1321594 http://oldboy.blog.51.cto.com/2561410/13364 ...

  2. 写在学习linux内核协议栈之前

    一直很喜欢内核,但是新手,非常的痛苦啊.现在看一本linux内核协议栈源码解析一书,将自己学习的经历以及 理解记录下来,以备将来回头查漏补缺,同时校正自己的理解错误,自勉

  3. TCP/IP协议栈源码图解分析系列10:linux内核协议栈中对于socket相关API的实现

    题记:本系列文章的目的是抛开书本从Linux内核源代码的角度详细分析TCP/IP协议栈内核相关技术 轻松搞定TCP/IP协议栈,原创文章欢迎交流, byhankswang@gmail.com linu ...

  4. linux内核参数注释与优化

    目录 1.linux内核参数注释 2.两种修改内核参数方法 3.内核优化参数生产配置 参数解释由网络上收集整理,常用优化参数对比了网上多个实际应用进行表格化整理,使查看更直观. 学习linux也有不少 ...

  5. redmine在linux上的mysql性能优化方法与问题排查方案

    iredmine的linux服务器mysql性能优化方法与问题排查方案     问题定位:   客户端工具: 1. 浏览器inspect-tool的network timing工具分析   2. 浏览 ...

  6. 《嵌入式Linux内存使用与性能优化》笔记

    这本书有两个关切点:系统内存(用户层)和性能优化. 这本书和Brendan Gregg的<Systems Performance>相比,无论是技术层次还是更高的理论都有较大差距.但是这不影 ...

  7. Linux 内核协议栈之TCP连接关闭

    Close行为: 当应用程序在调用close()函数关闭TCP连接时,Linux内核的默认行为是将套接口发送队列里的原有数据(比如之前残留的数据)以及新加入 的数据(比如函数close()产生的FIN ...

  8. Linux 内核协议栈 学习资料

    终极资料 1.<Understanding Linux Network Internals> 2.<TCP/IP Architecture, Design and Implement ...

  9. Linux内核协议栈相关资料链接

    1.Linux内核网络分析(个人博客集合,分析较清晰) http://blog.csdn.net/qy532846454/article/category/1385933/2

随机推荐

  1. swift 中Value Type VS Class Type

    ios 中Value Type 和 Class Type 有哪些异同点,这个问题是在微信的公共帐号中看到的,觉得挺有意思,这里梳理一下. 1.swift 中为什么要设置值类型? 值类型在参数传递.赋值 ...

  2. Scala Apply

    class ApplyTest{ //一定要写(),不加括号就报错. def apply() = println("Into Spark!") def havaAtry(){ pr ...

  3. 免费DDOS攻击测试工具大合集

    FreeBuf微科普: DoS(Denial Of Service)攻击是指故意的攻击网络协议实现的缺陷或直接通过野蛮手段残忍地耗尽被攻击对象的资源,目的是让目标计算机或网络无法提供正常的服务或资源访 ...

  4. abap 一些小知识点的总结

    创建包含结构或表的内表: DATA: BEGIN OF it_tab.     INCLUDE TYPE/STRUCTURE name.       name:结构名或者表名 DATA: num TY ...

  5. JDOM与DOM主要有两方面不同

    我这丝毫没有吐槽的意思哟,只是想说作为一个合格的程序员大家最起码需要做到思维严谨这点,在有能力的情况下对用户体验能提点建议最好.自己写的代码一定要经过严格测试再交付,不要指望测试人员帮你测试再去修改, ...

  6. TCP跟UDP乱侃

    原文链接http://www.cnblogs.com/xiaoEight/archive/2013/02/19/2917814.html 由于最近在恶补关于网络编程的东西,所以决定做个简单的记录.之前 ...

  7. thinkphp pdo 重写问题

    ThinkPHP3.2.3版本数据库驱动采用PDO完全重写,配置和使用上面也比之前版本更加灵活和强大,我们来了解下如何使用. 首先,3.2.3的数据库配置信息有所调整,完整的数据库设置包括: 复制代码 ...

  8. MPlayerX播放视频屏幕中间有图标遮挡的解决办法

    问题如下: 解决办法: 在应用程序文件夹中找到MPlayerX,鼠标右击应用图标,在右键菜单中选择"显示包内容",进入如下目录:Contents->Resources,找到l ...

  9. jquery常用的选择器

    jquery用选择器来得到jquery对象,进而进行一些操作. 一.基本选择器 1.id选择器.示例:选择id为one的元素 var $one = $("#one"); 2.类选择 ...

  10. css3技巧属性之text-overflow

    text-overflow:clip | ellipsis 默认值:clip 取值: clip: 当对象内文本溢出时不显示省略标记(...),而是将溢出的部分裁切掉. ellipsis: 当对象内文本 ...