Public bug reported:

The default xfrm4_gc_thresh (and xfrm6_gc_thresh) value is currently
32k, but in systems with > 16 cpus, this will (eventually) cause
failures when ipsec uses too many dst objects.  As xfrm doesn't actually
manage its dst objects, the flowcache does, this parameter doesn't
actually control xfrm dst gc, it only causes failures when exceeded.
Thus is should simply be set to INT_MAX.

Upstream commit that fixes this is
c386578f1cdb4dac230395a951f88027f64346e3

** Affects: linux (Ubuntu)
     Importance: Undecided
     Assignee: Dan Streetman (ddstreet)
         Status: Incomplete

** Changed in: linux (Ubuntu)
     Assignee: (unassigned) => Dan Streetman (ddstreet)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1549332

Title:
  xfrm4_gc_thresh should default to INT_MAX

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1549332/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to