It's a very interesting diff. If i have time i'll test it on -CURRENT on the two next weeks.
-- Best regards, Loïc BLOT, Engineering UNIX Systems, Security and Network Engineer http://www.unix-experience.fr Le jeudi 03 juillet 2014 à 11:35 -0500, patric conant a écrit : > This seems relevant to a lot of interest. > > commit 3a0038bfb239dd522057809c52d7d23dd2134c38 > > Author: Matthew Dillon <dillon at apollo.backplane.com > <http://lists.dragonflybsd.org/mailman/listinfo/commits>> > Date: Thu Jun 26 20:40:32 2014 -0700 > > pf - make the bulk of PF concurrent under normal operation > > * state and ip fragment tables are now per-cpu. > > * packet paths acquire pf_token shared instead of exclusive. Packet > processing runs concurrently. > > * Any dynamic rules updates will run synchronously for now. > > * State expiration from the pfpurge thread runs synchronously for now. > More work can be done here. > > * ioctl (and also pfsync) paths acquire pf_token exclusively. That is, > primarily pfctl commands. This includes rules updates and state scans. > More work can be done here. > > Summary of changes: > sys/net/pf/Makefile | 2 + > sys/net/pf/if_pfsync.c | 85 +++++++--- > sys/net/pf/if_pfsync.h | 2 + > sys/net/pf/pf.c | 260 ++++++++++++++++++++---------- > sys/net/pf/pf_ioctl.c | 427 > +++++++++++++++++++++++++++++++------------------ > sys/net/pf/pf_norm.c | 118 ++++++++------ > sys/net/pf/pfvar.h | 17 +- > 7 files changed, 588 insertions(+), 323 deletions(-) > http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3a0038bfb239dd522057809c52d7d23dd2134c38
