From 779c3e3a632f887a7249a5cae8cce6eeacb67e3f Mon Sep 17 00:00:00 2001 From: Andrew Yourtchenko Date: Thu, 8 Jun 2017 20:03:35 +0200 Subject: acl-plugin: store sessions in a single hash table instead of a per-interface A bihash-per-interface is convenient, but turns out tricky difficult from the maintenance standpoint with the large number of interfaces. This patch makes the sessions reside in a single hash table for all the interfaces, adding the lower 16 bit of sw_if_index as part of the key into the previously unused space. There is a tradeoff, that a session with an identical 5-tuple and the same sw_if_index modulo 65536 will match on either of the interfaces. The probability of that is deemed sufficiently small to not worry about it. In case it still happens before the heat death of the universe, there is a clib_warning and the colliding packet will be dropped, at which point we will need to bump the hash key size by another u64, but rather not pay the cost of doing that right now. Change-Id: I2747839cfcceda73e597cbcafbe1e377fb8f1889 Signed-off-by: Andrew Yourtchenko --- src/plugins/acl/acl.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/plugins/acl/acl.c') diff --git a/src/plugins/acl/acl.c b/src/plugins/acl/acl.c index 4174a570..e7b85495 100644 --- a/src/plugins/acl/acl.c +++ b/src/plugins/acl/acl.c @@ -1823,6 +1823,11 @@ acl_show_aclplugin_fn (vlib_main_t * vm, u64 n_dels = sw_if_index < vec_len(am->fa_session_dels_by_sw_if_index) ? am->fa_session_dels_by_sw_if_index[sw_if_index] : 0; out0 = format(out0, "sw_if_index %d: add %lu - del %lu = %lu\n", sw_if_index, n_adds, n_dels, n_adds - n_dels); })); + { + u64 n_adds = am->fa_session_total_adds; + u64 n_dels = am->fa_session_total_dels; + out0 = format(out0, "TOTAL: add %lu - del %lu = %lu\n", n_adds, n_dels, n_adds - n_dels); + } out0 = format(out0, "\n\nPer-worker data:\n"); for (wk = 0; wk < vec_len (am->per_worker_data); wk++) { acl_fa_per_worker_data_t *pw = &am->per_worker_data[wk]; -- cgit 1.2.3-korg