Skip to content

Commit

Permalink
Merge pull request #43 from thearossman/main
Browse files Browse the repository at this point in the history 
Fix for High Mempool Drops on UDP Connections
  • Loading branch information
@thearossman
thearossman authored Sep 7, 2024
2 parents ae34332 + 3d16ed1 commit 335a798
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 9 deletions.
2 changes: 1 addition & 1 deletion core/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[build-dependencies]
bindgen = "0.69.4"
bindgen = "0.69.4"
cc = "1.0.79"

[dependencies]
Expand Down
23 changes: 17 additions & 6 deletions core/src/conntrack/conn/conn_info.rs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
use crate::conntrack::conn_id::FiveTuple;
use crate::conntrack::pdu::L4Pdu;
use crate::filter::FilterResult;
use crate::protocols::packet::udp::UDP_PROTOCOL;
use crate::protocols::stream::{
ConnData, ParseResult, ParserRegistry, ProbeRegistryResult, Session,
};
Expand Down Expand Up @@ -47,7 +48,7 @@ where
ConnState::Tracking => {
self.on_track(pdu, subscription);
}
ConnState::Remove => {
ConnState::Remove | ConnState::Dropped => {
drop(pdu);
}
}
Expand All @@ -69,7 +70,7 @@ where
self.on_parse(pdu, subscription);
}
FilterResult::NoMatch => {
self.state = ConnState::Remove;
self.state = self.get_drop_state();
}
}
}
Expand All @@ -82,10 +83,10 @@ where
self.state = self.get_match_state(0);
}
FilterResult::MatchNonTerminal(_idx) => {
self.state = ConnState::Remove;
self.state = self.get_drop_state();
}
FilterResult::NoMatch => {
self.state = ConnState::Remove;
self.state = self.get_drop_state();
}
}
}
Expand All @@ -108,7 +109,7 @@ where
}
} else {
log::error!("Done parse but no mru");
self.state = ConnState::Remove;
self.state = self.get_drop_state();
}
}
ParseResult::Continue(id) => {
Expand All @@ -134,11 +135,18 @@ where

fn get_nomatch_state(&self, session_id: usize) -> ConnState {
if session_id == 0 && T::Subscribed::level() == Level::Connection {
ConnState::Remove
self.get_drop_state()
} else {
self.cdata.conn_parser.session_nomatch_state()
}
}

fn get_drop_state(&self) -> ConnState {
if self.cdata.five_tuple.proto == UDP_PROTOCOL {
return ConnState::Dropped;
}
ConnState::Remove
}
}

#[derive(Debug, PartialEq, Eq, Clone, Copy)]
Expand All @@ -151,4 +159,7 @@ pub enum ConnState {
Tracking,
/// Connection will be removed
Remove,
/// Unmatched UDP connection; waiting to be aged out by timerwheel.
/// Prevents dropped UDP conns from being re-inserted in table
Dropped,
}
2 changes: 1 addition & 1 deletion core/src/conntrack/conn/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ where
ConnState::Tracking => {
self.info.sdata.on_terminate(subscription);
}
ConnState::Remove => {
ConnState::Remove | ConnState::Dropped => {
// do nothing
}
}
Expand Down
8 changes: 7 additions & 1 deletion core/src/conntrack/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,8 +83,14 @@ where
match self.table.raw_entry_mut().from_key(&conn_id) {
RawEntryMut::Occupied(mut occupied) => {
let conn = occupied.get_mut();
let dir = conn.packet_dir(&ctxt);
conn.last_seen_ts = Instant::now();
if conn.state() == ConnState::Dropped {
// Allow connection to age out.
// last_seen_ts is updated to avoid aging out long-lived UDP
// connections prematurely
return;
}
let dir = conn.packet_dir(&ctxt);
conn.inactivity_window = match &conn.l4conn {
L4Conn::Tcp(_) => self.config.tcp_inactivity_timeout,
L4Conn::Udp(_) => self.config.udp_inactivity_timeout,
Expand Down

0 comments on commit 335a798

Please sign in to comment.