diff options
| author | Daniele Di Proietto <diproiettod@vmware.com> | 2016-05-16 12:59:23 -0700 |
|---|---|---|
| committer | Daniele Di Proietto <diproiettod@vmware.com> | 2016-07-27 18:51:51 -0700 |
| commit | e6ef6cc6349b1619c74a30444874066c2bf567ff (patch) | |
| tree | 58a5ce5e81abad1ed68eeb4627967e13a76d72f8 /lib/conntrack.h | |
| parent | a489b16854b590004e3234573721fd0f676b3295 (diff) | |
| download | openvswitch-e6ef6cc6349b1619c74a30444874066c2bf567ff.tar.gz | |
conntrack: Periodically delete expired connections.
This commit adds a thread that periodically removes expired connections.
The expiration time of a connection can be expressed by:
expiration = now + timeout
For each possible 'timeout' value (there aren't many) we keep a list.
When the expiration is updated, we move the connection to the back of the
corresponding 'timeout' list. This ways, the list is always ordered by
'expiration'.
When the cleanup thread iterates through the lists for expired
connections, it can stop at the first non expired connection.
Suggested-by: Joe Stringer <joe@ovn.org>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Joe Stringer <joe@ovn.org>
Diffstat (limited to 'lib/conntrack.h')
| -rw-r--r-- | lib/conntrack.h | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/lib/conntrack.h b/lib/conntrack.h index 331a890d8..8758e5b60 100644 --- a/lib/conntrack.h +++ b/lib/conntrack.h @@ -19,8 +19,10 @@ #include <stdbool.h> +#include "latch.h" #include "odp-netlink.h" #include "openvswitch/hmap.h" +#include "openvswitch/list.h" #include "openvswitch/thread.h" #include "openvswitch/types.h" #include "ovs-atomic.h" @@ -60,7 +62,6 @@ struct dp_packet_batch; struct conntrack; void conntrack_init(struct conntrack *); -void conntrack_run(struct conntrack *); void conntrack_destroy(struct conntrack *); int conntrack_execute(struct conntrack *, struct dp_packet_batch *, @@ -113,6 +114,14 @@ static inline void ct_lock_destroy(struct ct_lock *lock) CT_TIMEOUT(OTHER_MULTIPLE, 60 * 1000) \ CT_TIMEOUT(OTHER_BIDIR, 30 * 1000) \ +/* The smallest of the above values: it is used as an upper bound for the + * interval between two rounds of cleanup of expired entries */ +#define CT_TM_MIN (30 * 1000) + +#define CT_TIMEOUT(NAME, VAL) BUILD_ASSERT_DECL(VAL >= CT_TM_MIN); + CT_TIMEOUTS +#undef CT_TIMEOUT + enum ct_timeout { #define CT_TIMEOUT(NAME, VALUE) CT_TM_##NAME, CT_TIMEOUTS @@ -124,10 +133,29 @@ enum ct_timeout { * * The connections are kept in different buckets, which are completely * independent. The connection bucket is determined by the hash of its key. + * + * Each bucket has two locks. Acquisition order is, from outermost to + * innermost: + * + * cleanup_mutex + * lock + * * */ struct conntrack_bucket { + /* Protects 'connections' and 'exp_lists'. Used in the fast path */ struct ct_lock lock; + /* Contains the connections in the bucket, indexed by 'struct conn_key' */ struct hmap connections OVS_GUARDED; + /* For each possible timeout we have a list of connections. When the + * timeout of a connection is updated, we move it to the back of the list. + * Since the connection in a list have the same relative timeout, the list + * will be ordered, with the oldest connections to the front. */ + struct ovs_list exp_lists[N_CT_TM] OVS_GUARDED; + + /* Protects 'next_cleanup'. Used to make sure that there's only one thread + * performing the cleanup. */ + struct ovs_mutex cleanup_mutex; + long long next_cleanup OVS_GUARDED; }; #define CONNTRACK_BUCKETS_SHIFT 8 @@ -140,6 +168,12 @@ struct conntrack { /* Salt for hashing a connection key. */ uint32_t hash_basis; + /* The thread performing periodic cleanup of the connection + * tracker */ + pthread_t clean_thread; + /* Latch to destroy the 'clean_thread' */ + struct latch clean_thread_exit; + /* Number of connections currently in the connection tracker. */ atomic_count n_conn; /* Connections limit. When this limit is reached, no new connection |