Re: [RFC/RFT, net-next, 00/17] net: Convert neighbor tables to per-namespace

From: David Ahern
Date: Sun Aug 12 2018 - 13:37:13 EST

On 8/12/18 12:46 AM, Vasily Averin wrote:
> On 07/17/2018 03:06 PM, dsahern@xxxxxxxxxx wrote:
>> From: David Ahern <dsahern@xxxxxxxxx>
>> Nikita Leshenko reported that neighbor entries in one namespace can
>> evict neighbor entries in another. The problem is that the neighbor
>> tables have entries across all namespaces without separate accounting
>> and with global limits on when to scan for entries to evict.
>> Resolve by making the neighbor tables for ipv4, ipv6 and decnet per
>> namespace and making the accounting and threshold limits per namespace.
> Dear David,
> I prepared own patch set to fix this problem and found your one.
> It looks perfect for me, and I hope David Miller will merge it soon,
> however I have found a few drawbacks:


I just returned from an extended vacation. I will revive this topic in
the next few days.

Thanks for the comments. I will address in the next version.