[ovs-dev] [PATCH v3 5/5] doc: ConnTracker cfg parameters.
Fischetti, Antonio
antonio.fischetti at intel.com
Fri Dec 15 19:07:06 UTC 2017
Thanks Darrell and Stephen for your suggestions.
I'll rework accordingly in v4.
Antonio
> -----Original Message-----
> From: Darrell Ball [mailto:dball at vmware.com]
> Sent: Monday, December 11, 2017 6:02 PM
> To: Fischetti, Antonio <antonio.fischetti at intel.com>;
> dev at openvswitch.org
> Subject: Re: [ovs-dev] [PATCH v3 5/5] doc: ConnTracker cfg parameters.
>
> Thanks Antonio for doing this.
>
> 1/ Given the comments on patches 2-4, I think the documentation would
> change in dpctl.man to be attribute specific, if
> we go that route.
> I did not write it up yet, but most of it would be obvious.
> One exception is how a case where setting a limit is handled when
> the limit is already exceeded – this needs documentation.
> I think the simple and robust approach is to set the attribute
> regardless without affecting existing connections. When existing
> connections time out, the limit would be enforced. This is what the
> proposed code does.
>
> 2/ I also think the userspace connection tracker documentation does not
> belong in dpdk documentation.
> Part of the content in intro/install/dpdk.rst could be moved to
> dpctl.man.
> dpctl.man is pulled into ovs-vswitchd.8.pdf.
>
> 3/ The documentation in dpctl.man would mention that support is
> presently only in the userspace connection tracker.
>
> Thanks Darrell
>
>
>
> On 10/13/17, 1:28 AM, "ovs-dev-bounces at openvswitch.org on behalf of
> antonio.fischetti at intel.com" <ovs-dev-bounces at openvswitch.org on behalf
> of antonio.fischetti at intel.com> wrote:
>
> Update documentation with the new commands to Read/Write
> ConnTracker configuration parameters.
>
> CC: Kevin Traynor <ktraynor at redhat.com>
> CC: Darrell Ball <dlu998 at gmail.com>
> Signed-off-by: Antonio Fischetti <antonio.fischetti at intel.com>
> ---
> Documentation/intro/install/dpdk.rst | 25 +++++++++++++++++++++++++
> lib/dpctl.man | 10 ++++++++++
> 2 files changed, 35 insertions(+)
>
> diff --git a/Documentation/intro/install/dpdk.rst
> b/Documentation/intro/install/dpdk.rst
> index bb69ae5..a1f259c 100644
> --- a/Documentation/intro/install/dpdk.rst
> +++ b/Documentation/intro/install/dpdk.rst
> @@ -568,6 +568,31 @@ not needed i.e. jumbo frames are not needed, it
> can be forced off by adding
> chains of descriptors it will make more individual virtio
> descriptors available
> for rx to the guest using dpdkvhost ports and this can improve
> performance.
>
> +Connection Tracker
> +~~~~~~~~~~~~~~~~~~
> +
> +When the Connection Tracker is enabled the overall performance can
> be deeply
> +affected, even with simple firewall rules and with stateless
> protocols like
> +UDP. In order to find a better tuning, commands like
> +
> +::
> +
> + $ ovs-appctl dpctl/ct-get-glbl-cfg <cfg param>
> + $ ovs-appctl dpctl/ct-set-glbl-cfg <cfg param>=<value>
> +
> +allow respectively to read the current value, or set a new value to
> a
> +configuration parameter.
> +For example, to reduce the impact of the Connection Tracker load on
> the
> +system performance, the maximum number of tracked connections can
> be
> +reduced.
> +
> +The available configuration parameters are:
> +
> +- maxconn: Maximum number of connections managed by the Connection
> Tracker
> + module. It's both readable and writeable.
> +- totconn: Total number of connections currently managed by the
> Connection
> + Tracker module. Readable only.
> +
> Limitations
> ------------
>
> diff --git a/lib/dpctl.man b/lib/dpctl.man
> index 675fe5a..64ad105 100644
> --- a/lib/dpctl.man
> +++ b/lib/dpctl.man
> @@ -235,3 +235,13 @@ For each ConnTracker bucket, displays the
> number of connections used
> by \fIdp\fR.
> If \fBgt=\fIThreshold\fR is specified, bucket numbers are displayed
> when
> the number of connections in a bucket is greater than
> \fIThreshold\fR.
> +.
> +.TP
> +\*(DX\fBct\-get\-glbl\-cfg\fR [\fIdp\fR] \fBparam\fR
> +Read the current value of the specified ConnTracker parameter used
> +by \fIdp\fR.
> +.
> +.TP
> +\*(DX\fBct\-set\-glbl\-cfg\fR [\fIdp\fR] \fBparam=\fI..\fR
> +Set a value to the specified ConnTracker parameter used
> +by \fIdp\fR.
> --
> 2.4.11
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://urldefense.proofpoint.com/v2/url?u=https-
> 3A__mail.openvswitch.org_mailman_listinfo_ovs-
> 2Ddev&d=DwICAg&c=uilaK90D4TOVoH58JNXRgQ&r=BVhFA09CGX7JQ5Ih-
> uZnsw&m=vXZ1YIrzm8yx9y_G6RlRqBJPOyEO6liY9bXSHzA0uAE&s=PHKAZck2m0ZlG-
> WVDIVcLP56XP-S94YZ2m0pGqDmjPc&e=
>
>
>
More information about the dev
mailing list