From 3d9c1b855a5fbc0205aed0b38722cd98c6a074b0 Mon Sep 17 00:00:00 2001
From: Gaetan Rivet <grive@u256.net>
Date: Mon, 11 Jul 2022 18:55:08 +0200
Subject: conntrack: Replace timeout based expiration lists with rculists.

This patch aims to replace the expiration lists as, due to the way
they are used, besides being a source of contention, they have a known
issue when used with non-default policies for different zones that
could lead to retaining expired connections potentially for a long
time.

This patch replaces them with an array of rculist used to distribute
all the newly created connections in order to, during the sweeping
phase, scan them without locking, and evict the expired connections
only locking during the actual removal.  This allows to reduce the
contention introduced by the pushback performed at every packet
update, also solving the issue related to zones and timeout policies.

Signed-off-by: Gaetan Rivet <grive@u256.net>
Co-authored-by: Paolo Valerio <pvalerio@redhat.com>
Signed-off-by: Paolo Valerio <pvalerio@redhat.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
---
 NEWS | 1 +
 1 file changed, 1 insertion(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 433bb1654..d684de6d7 100644
--- a/NEWS
+++ b/NEWS
@@ -46,6 +46,7 @@ Post-v2.17.0
        is started. A failure to create a mempool will now be logged only
        when the VM is started.
    - Userspace datapath:
+     * Improved multi-thread scalability of the userspace connection tracking.
      * 'dpif-netdev/subtable-lookup-prio-get' appctl command renamed to
        'dpif-netdev/subtable-lookup-info-get' to better reflect its purpose.
        The old variant is kept for backward compatibility.
-- 
cgit v1.2.1