[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter-devel
Subject:    conntrack session information
From:       Amin Azez <azez () ufomechanic ! net>
Date:       2005-04-20 12:11:14
Message-ID: 426646E2.5040504 () ufomechanic ! net
[Download RAW message or body]


Wang Jian wrote:
> There is problem to create whole sessions record from events. event
> messages should carry necessary information for correlation

I'm proposing that we base this session id on a 64 bit counter.
I will also want to adjust conntrack to record the system time at which 
the conntrack was created anyway.

If we also associate with this a serial number, the chances "in normal 
use" that the counter will wrap around with the same system time are 
miniscule.

For most purposes the connection serial number is unique, but the 
associated timestamp makes it historically unique.

Final question, I suppose that ip_conntrack.master references will cause 
the master conntrack (of related conntracks) to hang around until the 
related conntracks have been deleted? Thus, the netlink stuff can report 
the id of the master conntrack when it reports other conntrack info.

Does this sound reasonable to folk? Is this too much overheard per 
conntrack? What bottlenecks are there?

Maybe it would require a cross-cpu counter with serialized access. Is 
there a standard kernel form for this, or do we use spinlocked structs 
or something? Or is a per-cpu counter preferred, combined with a CPU-id?

Amin


[prev in list] [next in list] [prev in thread] [next in thread]