Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

flow: Add cfg for optional flow reuse during low memory #10580

Closed
wants to merge 1 commit into from
Closed

flow: Add cfg for optional flow reuse during low memory #10580

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions doc/userguide/configuration/suricata-yaml.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1046,6 +1046,14 @@ percent of the 10000 flows is completed).
emergency_recovery: 30 #Percentage of 1000 prealloc'd flows.
prune_flows: 5 #Amount of flows being terminated during the emergency mode.

If aggressive flow pruning in emergency-mode is not desired, it can be disabled by
configuring flow.force_reuse.

::

flow:
force_reuse: false

Flow Time-Outs
~~~~~~~~~~~~~~

Expand Down
7 changes: 6 additions & 1 deletion src/flow-hash.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1157,9 +1157,14 @@ static inline bool StillAlive(const Flow *f, const SCTime_t ts)
*/
static Flow *FlowGetUsedFlow(ThreadVars *tv, DecodeThreadVars *dtv, const SCTime_t ts)
{
uint32_t idx = GetUsedAtomicUpdate(FLOW_GET_NEW_TRIES) % flow_config.hash_size;
uint32_t tried = 0;
uint32_t idx;

if (!flow_config.force_reuse) {
return NULL;
}

idx = GetUsedAtomicUpdate(FLOW_GET_NEW_TRIES) % flow_config.hash_size;
while (1) {
if (tried++ > FLOW_GET_NEW_TRIES) {
STATSADDUI64(counter_flow_get_used_eval, tried);
Expand Down
14 changes: 11 additions & 3 deletions src/flow.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -623,11 +623,19 @@ void FlowInitConfig(bool quiet)
}
}

int confint_val;
if (ConfGetBool("flow.force-reuse", &confint_val) != 1) {
flow_config.force_reuse = true;
} else {
flow_config.force_reuse = !!confint_val;
}

flow_config.memcap_policy = ExceptionPolicyParse("flow.memcap-policy", false);

SCLogDebug("Flow config from suricata.yaml: memcap: %"PRIu64", hash-size: "
"%"PRIu32", prealloc: %"PRIu32, SC_ATOMIC_GET(flow_config.memcap),
flow_config.hash_size, flow_config.prealloc);
SCLogDebug("Flow config from suricata.yaml: memcap: %" PRIu64 ", hash-size: "
"%" PRIu32 ", prealloc: %" PRIu32 ", reuse: %s",
SC_ATOMIC_GET(flow_config.memcap), flow_config.hash_size, flow_config.prealloc,
flow_config.force_reuse ? "force" : "disabled");

/* alloc hash memory */
uint64_t hash_size = flow_config.hash_size * sizeof(FlowBucket);
Expand Down
3 changes: 3 additions & 0 deletions src/flow.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -288,6 +288,9 @@ typedef struct FlowCnf_
uint32_t hash_size;
uint32_t prealloc;

/* Controls if non-expired flows are re-used in low memory conditions. */
bool force_reuse;

uint32_t timeout_new;
uint32_t timeout_est;

Expand Down
1 change: 1 addition & 0 deletions suricata.yaml.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1431,6 +1431,7 @@ flow:
emergency-recovery: 30
#managers: 1 # default to one flow manager
#recyclers: 1 # default to one flow recycler thread
#force-reuse: true # Default to forcing flow reuse in low memory conditions

# This option controls the use of VLAN ids in the flow (and defrag)
# hashing. Normally this should be enabled, but in some (broken)
Expand Down
Loading