On 8/7/19 12:49 PM, Jakub Kicinski wrote: > Perhaps I'm misinterpreting your point there.
yes, this thread is getting out of hand. I am not pushing for an in-kernel, fib resource controller. Jiri wants to remove the existing devlink resource code from netdevsim into a standalone driver, code that was added for testing and as the commit log shows as a demonstration of how one could create a controller using the devlink API. I added some color commentary as to why a devlink controller makes sense for the use case and how it should work, but I am not asking for such a controller to be added to the kernel. The netdevsim resource controller is counter based; the absolute simplest form of limits. If I wanted basic counting for a fib resource controller, I would add an option to limit the number of fib rules and routes using sysctl similar to what exists for neighbors. Consistency. I don't need the overhead and unrelated messiness of cgroups. I don't need the overhead of handling fib notifiers. fib (rule) add -- check counter, increment counter; fib (rule) delete -- decrement counter. Simple, per namespace, done.
