This new method allows checking for the existence of assigned addresses without
taking an extra reference that needs to be DecRefed. DecRef takes exclusive
locks. Contention on the addressState lock causes performance issues when
multiple goroutines are processing IP packets simultaneously. This isn't the
case today since IP processing is single threaded, but will be eventually.
PiperOrigin-RevId: 623567408
It is an idea of running codespell as part of our presubmit checks.
Before enabling it for new changes, let's fix what it has found.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Currently gVisor's routing logic always prefers routes that use a local
address that is assigned to the outgoing interface. This preference is
applied even for forwarded traffic, where the local address is left
unspecified on route lookup because the source address of the packet
belongs to some other node as opposed to the stack itself. This means
that when forwarding incoming traffic, the netstack will prefer routes
that go through a NIC with a local address endpoint over those that do
not, even if a better route exists.
Change this logic such that the preference for routes with a local
address assigned to the outgoing interface only applies for locally-
generated traffic.
PiperOrigin-RevId: 573812452
Once a NIC is chosen for a route, we currently just grab the first IP on the
NIC as the source address. We should choose the address with the longest
matching prefix instead.
This is a simple linear search of the route table. That's slow for large
tables, but large tables are exceedingly rare for use with gVisor and we can
always reimplement this with a trie if it becomes necessary.
PiperOrigin-RevId: 557941259
tcp_benchmark throughput increase 2-3%, but allocations go down (25% in the
download benchmark, only 2% in the upload path).
PiperOrigin-RevId: 532523146
The important change here is in tcpip/tcpip.go, where tcpip.Address is defined.
The rest is updating uses of tcpip.Address.
This is preparation for netip.Addr or []byte based addresses, which should save
us a bunch of allocations. Currently, we allocate every time we want to, say,
get a tcpip.Address from a header. This is because the header is a byte slice,
but Address is a string. Strings are immutable, so Go allocates and copies.
PiperOrigin-RevId: 532284732
Implement this check in netstack integration (in sentry) so that the
core netstack does not prevent an integrator from removing loopback.
PiperOrigin-RevId: 493992707
ErrNoRoute gets translated to EHOSTUNREACH which causes some code paths to
produce different errors unexpectedly. Rename the error so we can clean up some
sites to return ENETUNREACH more clearly where needed.
Updates #8105
PiperOrigin-RevId: 482355099
This change has significant performance implications. bufferv2 is reference
counted and pooled, which alleviates heap/GC pressure. Below are the results
from running the iperf benchmark.
HEAD:
BenchmarkIperf/operation.Upload-16 1552 ns/op 46.6GiB total allocations
BenchmarkIperf/operation.Download-16 1114 ns/op 68.6GiB total allocations
w/ change:
BenchmarkIperf/operation.Upload-16 1139 ns/op (-27%) 1.41GiB total allocations (-97%)
BenchmarkIperf/operation.Download-16 753.2 ns/op (-33%) 706MiB total allocations (-99%)
PiperOrigin-RevId: 462453185
Introduce the AddressDispatcher interface which integrators can
provide an implementation at the time of adding an address
to receive callbacks when address properties change and when the
address is removed. Modify `NDPDispatcher`'s callback when a SLAAC
address is added to receive an implementation of `AddressDispatcher`.
Added informational preferred and valid lifetime fields to
`AddressProperties` so they can be set when adding the address; and a
way to update said lifetimes.
Added a means to disable an `AddressableEndpointState` and each
individual `addressState`, so that the `AddressDisabled` assignment
state can be reported to integrators.
Added a configurable option to `AddressableEndpointState` which
determines whether addresses of kind `PermanentDisabled` are included
in the return value of `PrimaryAddresses` and `PermanentAddresses`. This
option is set such that IPv4 addresses are returned, while IPv6
addresses are hidden, when the NIC is disabled. This is a change in
behavior for IPv6, but is consistent with behavior on Linux.
Modified tests in `ndp_test` to use the new AddressDispatcher. Fixed
some bugs along the way.
PiperOrigin-RevId: 459658009
Jing Chen
Andrei Vagin
gVisor bot
Konstantin Bogomolov
Lucas Manning
Kevin Krakauer
Andrei Vagin
Peter Johnston
Ghanan Gowripalan
Bruno Dal Bo
Tony Gong
Nate Hurley