Xin Long <[email protected]> wrote: > Got it, I will fix this in ovs.
Thanks! I don't want to throw more work at you, but since you are already working on ovs+conntrack: ovs_ct_init() is bad, as this runs unconditionally. modprobe openvswitch -> conntrack becomes active in all existing and future namespaces. Conntrack is slow, we should avoid this behaviour. ovs_ct_limit_init() should be called only when the feature is configured (the problematic call is nf_conncount_init, as that turns on connection tracking, the kmalloc etc is fine). Likewise, nf_connlabels_get() should only be called when labels are added/configured, not at the start. I resolved this for tc in 70f06c115bcc but it seems i never got around to fix it for ovs. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
