[v3.2.24] ct: endless loop when initializing netfilter/ct cache
Holger Eitzenberger
holger at eitzenberger.org
Fri Nov 7 04:57:47 PST 2014
Hi Thomas,
> That makes sense. Insertion through pickup became exponetionally
> more expensive.
>
> The right thing to do here is to introduce a flag to disable the
> dup check for individual caches and even cache types such as CT
> which do not require the dup check at all.
Yes, the insert is O(n^2) since introducing dup check. With
thousands of conntracks it is currently unusable.
If you want I can cook an RFC path for that.
/Holger
More information about the libnl
mailing list