summaryrefslogtreecommitdiff
path: root/drivers/usb/cdns3/core.c
diff options
context:
space:
mode:
authorEric Dumazet <edumazet@google.com>2023-03-07 05:22:54 +0000
committerPablo Neira Ayuso <pablo@netfilter.org>2023-03-07 10:58:06 +0100
commitc77737b736ceb50fdf150434347dbd81ec76dbb1 (patch)
tree8f5c30ea32208c34b6f2468729dcecc28aff8e75 /drivers/usb/cdns3/core.c
parent4a02426787bf024dafdb79b362285ee325de3f5e (diff)
netfilter: conntrack: adopt safer max chain length
Customers using GKE 1.25 and 1.26 are facing conntrack issues root caused to commit c9c3b6811f74 ("netfilter: conntrack: make max chain length random"). Even if we assume Uniform Hashing, a bucket often reachs 8 chained items while the load factor of the hash table is smaller than 0.5 With a limit of 16, we reach load factors of 3. With a limit of 32, we reach load factors of 11. With a limit of 40, we reach load factors of 15. With a limit of 50, we reach load factors of 24. This patch changes MIN_CHAINLEN to 50, to minimize risks. Ideally, we could in the future add a cushion based on expected load factor (2 * nf_conntrack_max / nf_conntrack_buckets), because some setups might expect unusual values. Fixes: c9c3b6811f74 ("netfilter: conntrack: make max chain length random") Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'drivers/usb/cdns3/core.c')
0 files changed, 0 insertions, 0 deletions