This bug was fixed in the package linux - 4.8.0-38.41
---
linux (4.8.0-38.41) yakkety; urgency=low
[ Thadeu Lima de Souza Cascardo ]
* Release Tracking Bug
- LP: #1661232
* Backport Dirty COW patch to prevent wineserver freeze (LP: #1658270)
- SAUCE: mm: Respect
This bug was fixed in the package linux - 4.4.0-63.84
---
linux (4.4.0-63.84) xenial; urgency=low
[ Thadeu Lima de Souza Cascardo ]
* Release Tracking Bug
- LP: #1660704
* Backport Dirty COW patch to prevent wineserver freeze (LP: #1658270)
- SAUCE: mm: Respect
It has been brought to my attention :
"... we did confirm that everything looks good from our end as well.
Perf results are at
https://gist.github.com/teddyking/af3c404bc313e22048c90bb381b58300 if
you'd like to review.
Thanks so much for the great support and followup!"
- Eric
--
You received
** Tags removed: verification-needed-yakkety
** Tags added: verification-done-yakkety
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640786
Title:
netfilter regression introducing a performance
I confirm that iptables offers way better performance now on Xenial
kernel.
BEFORE:
$ uname -r
4.4.0-62-generic
$ time (./list-addrs 3000 | xargs -n1 iptables -A FORWARD -j ACCEPT -s)
real0m34.502s
user0m1.372s
sys 0m27.428s
AFTER:
$ uname -r
4.4.0-63-generic
$ time
I confirm that iptables offers way better performance now in Xenial.
BEFORE:
$ uname -r
4.4.0-63-generic
$ time (./list-addrs 3000 | xargs -n1 iptables -A FORWARD -j ACCEPT -s)
real0m34.502s
user0m1.372s
sys 0m27.428s
AFTER:
$ uname -r
4.4.0-63-generic
$ time (./list-addrs 3000
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag
This bug was fixed in the package linux - 4.9.0-15.16
---
linux (4.9.0-15.16) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1658101
* Zesty update to v4.9.5 stable release (LP: #1658099)
- Input: xpad - use correct product id for x360w controllers
** Changed in: linux (Ubuntu Yakkety)
Status: In Progress => Fix Committed
** Changed in: linux (Ubuntu Xenial)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I have submitted the patchset to the Ubuntu kernel team for the
following releases(kernel versions) :
- Zesty (v4.9)
- Yakkety (v4.8)
- Xenial (v4.4)
- Eric
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
The patchset is now in v4.10-rc1.
# git clone https://github.com/torvalds/linux.git
ae0ac0e netfilter: x_tables: pack percpu counter allocations
f28e15b netfilter: x_tables: pass xt_counters struct to counter allocator
4d31eef netfilter: x_tables: pass xt_counters struct instead of packet
** Changed in: linux (Ubuntu Yakkety)
Importance: Undecided => High
** Changed in: linux (Ubuntu Yakkety)
Assignee: (unassigned) => Eric Desrochers (slashd)
** Changed in: linux (Ubuntu Yakkety)
Status: New => In Progress
--
You received this bug notification because you are a
** Also affects: linux (Ubuntu Yakkety)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640786
Title:
netfilter regression introducing a performance
** Description changed:
- Explanation :
+ [Impact]
It has been brought to my attention that Ubuntu kernel 4.4 has a severe
netfilter regression affecting the performance of "/sbin/iptables"
command, especially when adding large number of policies. My source have
documented everything
A quick update on comment #6.
The patches are no longer set "Under Review" and has been now merge in a
repository called "nf-next" which stands for "Netfilter's -next tree"
The "-next" tree is the holding area for patches aimed at the next
kernel merge window.
Reference:
** Changed in: linux (Ubuntu)
Importance: Medium => High
** Changed in: linux (Ubuntu Xenial)
Importance: Medium => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640786
Title:
** Changed in: linux (Ubuntu Xenial)
Assignee: (unassigned) => Eric Desrochers (slashd)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640786
Title:
netfilter regression introducing a
** No longer affects: linux (Ubuntu Trusty)
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Xenial)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Xenial)
Status: New => In Progress
--
You received this
** Changed in: linux (Ubuntu Trusty)
Assignee: (unassigned) => Eric Desrochers (slashd)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640786
Title:
netfilter regression introducing a
** Also affects: linux (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Trusty)
Status: New => In Progress
** Changed in: linux (Ubuntu Trusty)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of
I have backport the "Under Review" patches into Xenial 4.4.0-49 to test,
here are the numbers :
# uname -a
Linux 4.4.0-49-generic #70hf121102v20161124b2-Ubuntu SMP Fri Nov 25
02:34:36 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
# iptables -F
# time (./list-addrs 3000 | xargs -n1 iptables -A
I also tested the protocol found here[1], on top of mainline kernel v4.9
* Without the nf-next patches :
# time (./list-addrs 3000 | xargs -n1 iptables -A FORWARD -j ACCEPT -s)
real0m32.994s
user 0m1.288s
sys 0m26.076s
* With the nf-next patches :
# time (./list-addrs 3000 | xargs
23 matches
Mail list logo
