[PATCH 0/2] increase maximum number of possible opened sockets per application

Thomas Haller thaller at redhat.com
Thu Jun 4 22:13:26 PDT 2015 

On Do, 2015-06-04 at 17:07 +0200, Julien Courtat wrote:
> Hello,

Hi Julien,


> The current libnl 3.2.26 allows to create 1024 sockets at maximum per 
> application.
> This value is too short on systems using lots of netns.
> For example, a program that needs 8 sockets per netns is limited to 
> 128 netns.

as you probably are aware, an application can work around that
limitation by setting the port itself (nl_socket_set_local_port()),
or by even injecting an already bound socket (nl_socket_set_fd()).

I agree it would be nice to handle it better inside libnl.



> The following two patches propose to increase the maximum number of 
> possible opened
> socket per program with a single parameter NL_BITS_FOR_PID.
> Since a portid is a bitmask split between a pid and a random number, 
> number of bits
> dedicated to pid should be decreased to allow more bits for the 
> possible random value
> and de facto increase the possible number of opened sockets per 
> application.

If you call bind() with nl_pid=0, then kernel will try to autoassign a
port. See netlink_autobind(). This will first try to use
the PID, and afterwards search for an unused u32 number with the
highest bit set.


Depending on the kernel configuration, pids can be up to 22 bits.

If you reserve less then 22 bits, then libnl might generate a port that
gets used by another process. Well, actually, another process always
could already use the same port, so not sure that is a good reasoning
for anything.


> First patch proposes to separate values that handle the size of the 
> used_port_map[]
> from the values inside each entry of this table, which were a bit 
> messy since they were
> both hardcoded to 32.
> The second patch, only set the proposed value for NL_BITS_FOR_PID to 
> 18, which allows
> 16384 opened sockets on systems with max pid of 262144.

How about instead of failing if we cannot find a local-port, just try
to connect with pid=0 and let kernel choose?

        if (port == UINT32_MAX) {
               NL_DBG(4, "nl_connect(%p): no more unused local ports.\n", sk);
                     _nl_socket_used_ports_release_all(used_ports);
+               /* TRY with nl_pid=0... */
                err = -NLE_EXIST;
                goto errout;
        }



Or maybe better, always skip trying to generate our own ports all-together:

   if (_nl_socket_is_local_port_unspecified (sk)) {
      /* try port 0 and don't generate local_port */


Does anybody know why we even try to generate local ports in the first
place?



Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.infradead.org/pipermail/libnl/attachments/20150605/75fec42b/attachment.sig>

More information about the libnl mailing list