Re: Thousands of interfaces

[David Miller]

From: Peter Hicks <peter.hicks@xxxxxxxxxxx>
Date: Tue, 31 Oct 2006 09:25:50 +0000

[ Discussion belongs on netdev@xxxxxxxxxxxxxxx, added to CC: ]

> I have a dual 3GHz Xeon machine with a 2.4.21 kernel and thousands (15k+) of
> ipip tunnel interfaces.  These are being used to tunnel traffic from remote
> routers, over a private network, and handed off to a third party.
 ...
> Is it possible to speed up creation of the interfaces?  Currently it takes
> around 24 hours.  Is there are more efficient way to handle a very large
> number of IP-IP tunnels?  Would upgrading to a 2.6 kernel be of use?

We just simply never imagined people would use IP tunnels on
this scale.

The following kernel patch is a quick hack that will get things to
work quickly for you, but longer term we need to add dynamic hash
table growth to this thing (and SIT tunnel, and IP GRE tunnel,
etc. etc. etc.)

diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c
index 0c45565..78055cf 100644
--- a/net/ipv4/ipip.c
+++ b/net/ipv4/ipip.c
@@ -117,8 +117,8 @@ #include <net/ipip.h>
 #include <net/inet_ecn.h>
 #include <net/xfrm.h>
 
-#define HASH_SIZE  16
-#define HASH(addr) ((addr^(addr>>4))&0xF)
+#define HASH_SIZE  16384
+#define HASH(addr) ((addr^(addr>>14))&(HASH_SIZE - 1))
 
 static int ipip_fb_tunnel_init(struct net_device *dev);
 static int ipip_tunnel_init(struct net_device *dev);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/