Thanks Antonio for doing this.
1/ Given the comments on patches 2-4, I think the documentation would change in
dpctl.man to be attribute specific, if
we go that route.
I did not write it up yet, but most of it would be obvious.
One exception is how a case where setting a limit is handled when the
limit is already exceeded – this needs documentation.
I think the simple and robust approach is to set the attribute regardless
without affecting existing connections. When existing
connections time out, the limit would be enforced. This is what the
proposed code does.
2/ I also think the userspace connection tracker documentation does not belong
in dpdk documentation.
Part of the content in intro/install/dpdk.rst could be moved to dpctl.man.
dpctl.man is pulled into ovs-vswitchd.8.pdf.
3/ The documentation in dpctl.man would mention that support is presently only
in the userspace connection tracker.
Thanks Darrell
On 10/13/17, 1:28 AM, "[email protected] on behalf of
[email protected]" <[email protected] on behalf of
[email protected]> wrote:
Update documentation with the new commands to Read/Write
ConnTracker configuration parameters.
CC: Kevin Traynor <[email protected]>
CC: Darrell Ball <[email protected]>
Signed-off-by: Antonio Fischetti <[email protected]>
---
Documentation/intro/install/dpdk.rst | 25 +++++++++++++++++++++++++
lib/dpctl.man | 10 ++++++++++
2 files changed, 35 insertions(+)
diff --git a/Documentation/intro/install/dpdk.rst
b/Documentation/intro/install/dpdk.rst
index bb69ae5..a1f259c 100644
--- a/Documentation/intro/install/dpdk.rst
+++ b/Documentation/intro/install/dpdk.rst
@@ -568,6 +568,31 @@ not needed i.e. jumbo frames are not needed, it can be
forced off by adding
chains of descriptors it will make more individual virtio descriptors
available
for rx to the guest using dpdkvhost ports and this can improve performance.
+Connection Tracker
+~~~~~~~~~~~~~~~~~~
+
+When the Connection Tracker is enabled the overall performance can be
deeply
+affected, even with simple firewall rules and with stateless protocols like
+UDP. In order to find a better tuning, commands like
+
+::
+
+ $ ovs-appctl dpctl/ct-get-glbl-cfg <cfg param>
+ $ ovs-appctl dpctl/ct-set-glbl-cfg <cfg param>=<value>
+
+allow respectively to read the current value, or set a new value to a
+configuration parameter.
+For example, to reduce the impact of the Connection Tracker load on the
+system performance, the maximum number of tracked connections can be
+reduced.
+
+The available configuration parameters are:
+
+- maxconn: Maximum number of connections managed by the Connection Tracker
+ module. It's both readable and writeable.
+- totconn: Total number of connections currently managed by the Connection
+ Tracker module. Readable only.
+
Limitations
------------
diff --git a/lib/dpctl.man b/lib/dpctl.man
index 675fe5a..64ad105 100644
--- a/lib/dpctl.man
+++ b/lib/dpctl.man
@@ -235,3 +235,13 @@ For each ConnTracker bucket, displays the number of
connections used
by \fIdp\fR.
If \fBgt=\fIThreshold\fR is specified, bucket numbers are displayed when
the number of connections in a bucket is greater than \fIThreshold\fR.
+.
+.TP
+\*(DX\fBct\-get\-glbl\-cfg\fR [\fIdp\fR] \fBparam\fR
+Read the current value of the specified ConnTracker parameter used
+by \fIdp\fR.
+.
+.TP
+\*(DX\fBct\-set\-glbl\-cfg\fR [\fIdp\fR] \fBparam=\fI..\fR
+Set a value to the specified ConnTracker parameter used
+by \fIdp\fR.
--
2.4.11
_______________________________________________
dev mailing list
[email protected]
https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_mailman_listinfo_ovs-2Ddev&d=DwICAg&c=uilaK90D4TOVoH58JNXRgQ&r=BVhFA09CGX7JQ5Ih-uZnsw&m=vXZ1YIrzm8yx9y_G6RlRqBJPOyEO6liY9bXSHzA0uAE&s=PHKAZck2m0ZlG-WVDIVcLP56XP-S94YZ2m0pGqDmjPc&e=
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
