I am learning loopback TCP acceleration technique based on the eBPF sockmap / redirection.
I've found that in all the relevant articles and examples, it seems that we just need to add entries to the sockmap table via the bpf_sock_hash_update
method, then look up the table and redirect via the bpf_msg_redirect_hash
method. For example: here, here, and here.
I didn't find any code to delete entries from the sockmap table (eg: call bpf_map_delete_elem etc). At the same time, I also haven't found any code in the kernel that automatically deletes entries for the closed tcp connections, for example: here.
So I'm curious, why is there no need to delete sockmap entries for closed connections in these articles and code?
And do we need to detect TCP FIN events in our ebpf code and then explicitly delete the corresponding entry in the sockmap?
Thanks :-)
CodePudding user response:
After some testing, I realized that there is no need to manually delete the entries in the sockmap table.
By observing the entries in the sockmap table using bpftool map dump id <sockmap_id> | grep "key:" | wc -l
command, you can see that the table size is always equal to twice the number of concurrent TCP connections on the loopback device.
So obviously closed TCP connections are automatically removed from the sockmap table.