Hi Sairam, Thanks for the patch. Please find my comment inline.
Regards, Anand Kumar On 8/28/17, 4:56 PM, "[email protected] on behalf of Sairam Venugopal" <[email protected] on behalf of [email protected]> wrote: The current implementation lacked an upper bound of number of entries in the system. Set the size to ~2M (2^21) for the time being. Signed-off-by: Sairam Venugopal <[email protected]> --- datapath-windows/ovsext/Conntrack.c | 6 ++++++ datapath-windows/ovsext/Conntrack.h | 1 + 2 files changed, 7 insertions(+) diff --git a/datapath-windows/ovsext/Conntrack.c b/datapath-windows/ovsext/Conntrack.c index ce8c1c8..30de806 100644 --- a/datapath-windows/ovsext/Conntrack.c +++ b/datapath-windows/ovsext/Conntrack.c @@ -722,6 +722,12 @@ OvsCtExecute_(OvsForwardingContext *fwdCtx, entry = NULL; } + if (!entry && commit && ctTotalEntries >= CT_MAX_ENTRIES) { + /* Don't proceed with processing if the max limit has been hit */ + NdisReleaseRWLock(ovsConntrackLockObj, &lockState); + return NDIS_STATUS_RESOURCES; + } + [AK]: Can we add this check inside OvsCtEntryCreate() function, as entry can also be created in OvsProcessConntrackEntry() https://github.com/openvswitch/ovs/blob/master/datapath-windows/ovsext/Conntrack.c#L613 if (!entry) { /* If no matching entry was found, create one and add New state */ entry = OvsCtEntryCreate(fwdCtx, key->ipKey.nwProto, diff --git a/datapath-windows/ovsext/Conntrack.h b/datapath-windows/ovsext/Conntrack.h index bca7d90..be5f34d 100644 --- a/datapath-windows/ovsext/Conntrack.h +++ b/datapath-windows/ovsext/Conntrack.h @@ -131,6 +131,7 @@ typedef struct OvsConntrackKeyLookupCtx { BOOLEAN related; } OvsConntrackKeyLookupCtx; +#define CT_MAX_ENTRIES 1 << 21 #define CT_HASH_TABLE_SIZE ((UINT32)1 << 10) #define CT_HASH_TABLE_MASK (CT_HASH_TABLE_SIZE - 1) #define CT_INTERVAL_SEC 10000000LL //1s -- 2.9.0.windows.1 _______________________________________________ dev mailing list [email protected] https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_mailman_listinfo_ovs-2Ddev&d=DwICAg&c=uilaK90D4TOVoH58JNXRgQ&r=Q5z9tBe-nAOpE7LIHSPV8uy5-437agMXvkeHHMkR8Us&m=EAviB6UFEys3jRhv7hULyGkP2OygltyfdtEaNlvOWDY&s=co2lpZtEG_VyCk3aIxQFVq4L0rnKR5iKtU2rsu8jFxc&e= _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
