On Thu, Sep 17, 2015 at 09:23:35PM -0700, David Miller wrote:
> From: Steffen Klassert <steffen.klass...@secunet.com>
> Date: Wed, 16 Sep 2015 10:45:41 +0200
>
> > index 1e06c4f..3dffc73 100644
> > --- a/net/ipv4/xfrm4_policy.c
> > +++ b/net/ipv4/xfrm4_policy.c
> > @@ -248,7 +248,7 @@ static struct dst_ops xfrm4_dst_ops = {
> > .destroy = xfrm4_dst_destroy,
> > .ifdown = xfrm4_dst_ifdown,
> > .local_out = __ip_local_out,
> > - .gc_thresh = 32768,
> > + .gc_thresh = INT_MAX,
> > };
> >
> > static struct xfrm_policy_afinfo xfrm4_policy_afinfo = {
>
> This means the dst_ops->gc() for xfrm will never be invoked.
>
> Is that intentional?
Yes. This is already the case on systems with less than 8 cpus
because the flowcache is limited to 4096 entries per cpu. The
percpu flowcache shrinks itself to 'low_watermark' enrires if
it hits the percpu limit.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
