summaryrefslogtreecommitdiff
path: root/python/vyos/firewall.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-09-26 20:10:02 +0200
committerChristian Poessinger <christian@poessinger.com>2022-09-26 20:31:14 +0200
commit5fe0e9c163ee2f8229e298fc20dbfe6746c2cdcc (patch)
treebf1b410c0595f1509ed7d449c567c1d049dfbc0e /python/vyos/firewall.py
parent2cf6275eac10d7f7bfed70e374d2fb34eaf4a7c2 (diff)
downloadvyos-1x-5fe0e9c163ee2f8229e298fc20dbfe6746c2cdcc.tar.gz
vyos-1x-5fe0e9c163ee2f8229e298fc20dbfe6746c2cdcc.zip
ethernet: T4689: support asymetric RFS configuration on multiple interfaces
The initial implementation from commit ac4e07f9 ("rfs: T4689: Support RFS (Receive Flow Steering)") always adjusted the global rps_sock_flow_entries configuration. So if RFS was enabled for one NIC but not the other - it did not work. According to the documentation: RFS is only available if the kconfig symbol CONFIG_RPS is enabled (on by default for SMP). The functionality remains disabled until explicitly configured. The number of entries in the global flow table is set through: /proc/sys/net/core/rps_sock_flow_entries The number of entries in the per-queue flow table are set through: /sys/class/net/<dev>/queues/rx-<n>/rps_flow_cnt Both of these need to be set before RFS is enabled for a receive queue. Values for both are rounded up to the nearest power of two. The suggested flow count depends on the expected number of active connections at any given time, which may be significantly less than the number of open connections. We have found that a value of 32768 for rps_sock_flow_entries works fairly well on a moderately loaded server. This commit sets rps_sock_flow_entries via sysctl on bootup leafing the RFS configuration to the interface level.
Diffstat (limited to 'python/vyos/firewall.py')
0 files changed, 0 insertions, 0 deletions