From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Sat, 15 Nov 2008 21:47:43 -0800 From: Roman Shaposhnik In-reply-to: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Message-id: MIME-version: 1.0 Content-type: text/plain; delsp=yes; format=flowed; charset=US-ASCII Content-transfer-encoding: 7BIT References: <98CCE297-BE54-4ADA-B57D-DB8FE71060BA@sun.com> Subject: Re: [9fans] Do we have a catalog of 9P servers? Topicbox-Message-UUID: 458662b8-ead4-11e9-9d60-3106f5b1d025 On Nov 15, 2008, at 2:13 PM, Micah Stetson wrote: >>> I'm unclear as to what "amount of state" iptables needs to keep >> >> After you do something like: >> # iptables -t nat -A POSTROUTING -p TCP -j MASQUERADE >> the Linux kernel module called nf_conntrack starts allocating >> data structures to do its job. I'll leave it up to you to see how >> much >> memory gets wasted on each connection. Here's a hint, >> though: /proc/net/nf_conntrack > > I don't think Plan 9 is keeping any less state, is it? Not really, no. My point was that the amount of state in a typical Linux-based NAT box was quite comparable and thus couldn't be used to bash Plan9's approach as being visibly less efficient as far as TCP overhead goes. > Plan 9 does need one extra connection per client and a process (or > two?) to do the export. Yes it does need one extra connection for /net to be imported. Depending on the setup that extra connection could be reduced to one per host importing the /net. I specifically didn't address the point of extra processes running on the GW simply because I agree -- there's a price there that Linux doesn't pay (although as I've learned from Bruce Inferno has reduced the price for running identical processes quite significantly by implementing silent page sharing). > I think Eris is saying that this makes Plan > 9's resource requirements grow with the number of hosts behind the > gateway -- not just with the number of connections through it like > Linux. I don't quite follow. If by resources you mean process related resources than I would agree. My very first comment didn't have anything to do with process related resources. And for the TCP related resources I maintain that the amount of overhead in Plan9's case is definitely comparable to a Linux's case. Thanks, Roman.