diff options
author | Andrew Yourtchenko <ayourtch@gmail.com> | 2017-06-08 20:03:35 +0200 |
---|---|---|
committer | Ole Trøan <otroan@employees.org> | 2017-06-15 20:27:39 +0000 |
commit | 779c3e3a632f887a7249a5cae8cce6eeacb67e3f (patch) | |
tree | f240f028618e3a064302823b45d75085387c862e /src/plugins/acl/manual_fns.h | |
parent | b2d5ff349d2c6cb2b733375dca4952cdeab2e7d3 (diff) |
acl-plugin: store sessions in a single hash table instead of a per-interface
A bihash-per-interface is convenient, but turns out tricky difficult from
the maintenance standpoint with the large number of interfaces.
This patch makes the sessions reside in a single hash table for all the interfaces,
adding the lower 16 bit of sw_if_index as part of the key into the previously
unused space.
There is a tradeoff, that a session with an identical 5-tuple and the same
sw_if_index modulo 65536 will match on either of the interfaces.
The probability of that is deemed sufficiently small to not worry about it.
In case it still happens before the heat death of the universe,
there is a clib_warning and the colliding packet will be dropped,
at which point we will need to bump the hash key size by another u64,
but rather not pay the cost of doing that right now.
Change-Id: I2747839cfcceda73e597cbcafbe1e377fb8f1889
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Diffstat (limited to 'src/plugins/acl/manual_fns.h')
0 files changed, 0 insertions, 0 deletions