TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-01-07 08:07:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

wgengine/filter: add UDP flow benchmark

Browse Source 
To show the effects of the flow LRU accounting on e.g. QUIC traffic.

For an open TCP connection:

    BenchmarkFilterMatch/tcp-not-syn-v4-8           66602070                16.74 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           67718179                16.60 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           68403351                16.84 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           66076416                16.87 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           67159012                16.67 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           65009526                16.58 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           66588055                16.62 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           63037071                16.58 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           69124975                21.15 ns/op
    BenchmarkFilterMatch/tcp-not-syn-v4-8           54482922                20.41 ns/op

And an open UDP connection:

    BenchmarkFilterMatch/udp-existing-flow-v4-8             25570020                44.09 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             26725958                46.99 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             25936412                47.11 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             25418325                45.99 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             25759848                44.73 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             25212488                46.26 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             25344370                44.55 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             26399372                45.26 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             26274159                47.51 ns/op
    BenchmarkFilterMatch/udp-existing-flow-v4-8             26070472                46.79 ns/op

Updates #12486

Change-Id: Ica4263fb77972cf43db5a2e9433b4429506edfde
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2024-06-16 15:38:03 -07:00 committed by Brad Fitzpatrick
parent bf2d13cfa0
commit 20a5f939ba
1 changed files with 31 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
wgengine/filter/filter_test.go
View File

@ -19,6 +19,7 @@
"github.com/google/go-cmp/cmp/cmpopts"
"go4.org/netipx"
xmaps "golang.org/x/exp/maps"
"tailscale.com/net/flowtrack"
"tailscale.com/net/ipset"
"tailscale.com/net/packet"
"tailscale.com/net/tsaddr"
@ -999,6 +1000,15 @@ func BenchmarkFilterMatch(b *testing.B) {
wantAccept: true,
})
})
b.Run("udp-existing-flow-v4", func(b *testing.B) {
benchmarkFile(b, "testdata/matches-1.json", benchOpt{
v4: true,
validLocalDst: true,
udp: true,
udpOpen: true,
wantAccept: true,
})
})
b.Run("tcp-not-syn-v4-no-logs", func(b *testing.B) {
benchmarkFile(b, "testdata/matches-1.json", benchOpt{
v4: true,
@ -1016,6 +1026,7 @@ type benchOpt struct {
tcpNotSYN bool
noLogs bool
wantAccept bool
udp, udpOpen bool
}
func benchmarkFile(b *testing.B, file string, opt benchOpt) {
@ -1042,22 +1053,37 @@ func benchmarkFile(b *testing.B, file string, opt benchOpt) {
logIPs.AddPrefix(tsaddr.TailscaleULARange())
f := New(matches, must.Get(localNets.IPSet()), must.Get(logIPs.IPSet()), nil, logger.Discard)
var srcIP string
var dstIP netip.Addr
var srcIP, dstIP netip.Addr
if opt.v4 {
srcIP = "1.2.3.4"
srcIP = netip.MustParseAddr("1.2.3.4")
dstIP = pfx[0].Addr()
} else {
srcIP = "2012::3456"
srcIP = netip.MustParseAddr("2012::3456")
dstIP = pfx[1].Addr()
}
if !opt.validLocalDst {
dstIP = dstIP.Next() // to make it not in localNets
}
pkt := parsed(ipproto.TCP, srcIP, dstIP.String(), 33123, 443)
proto := ipproto.TCP
if opt.udp {
proto = ipproto.UDP
}
const sport = 33123
const dport = 443
pkt := parsed(proto, srcIP.String(), dstIP.String(), sport, dport)
if opt.tcpNotSYN {
pkt.TCPFlags = packet.TCPPsh // anything that's not SYN
}
if opt.udpOpen {
tuple := flowtrack.Tuple{
Proto: proto,
Src: netip.AddrPortFrom(srcIP, sport),
Dst: netip.AddrPortFrom(dstIP, dport),
}
f.state.mu.Lock()
f.state.lru.Add(tuple, struct{}{})
f.state.mu.Unlock()
}
want := Drop
if opt.wantAccept {