On Wed, Jun 19, 2024 at 5:20 PM Florian Westphal <[email protected]> wrote: > > Xin Long <[email protected]> wrote: > > Got it, I will fix this in ovs. > > Thanks! > > I don't want to throw more work at you, but since you are > already working on ovs+conntrack: > > ovs_ct_init() is bad, as this runs unconditionally. > > modprobe openvswitch -> conntrack becomes active in all > existing and future namespaces. > > Conntrack is slow, we should avoid this behaviour. > > ovs_ct_limit_init() should be called only when the feature is > configured (the problematic call is nf_conncount_init, as that > turns on connection tracking, the kmalloc etc is fine). understand.
> > Likewise, nf_connlabels_get() should only be called when > labels are added/configured, not at the start. > > I resolved this for tc in 70f06c115bcc but it seems i never > got around to fix it for ovs. I will take a look. Thanks. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
