Steffen Klassert <steffen.klass...@secunet.com> wrote: > > I can run a few IPSEC benchmark tests to see if there is measureable > > impact. > > That would be good, thanks!
Will do this later today. One alternative would be to always allocate the entire maximum possible extension length when the first extension is to be added. In this case we could 'replace' secpath cache with a 'extension cache'. The only downside is the increase in allocation size. The upside is that it simplifies extension management -- no need to reallocate, only action needed on 'extension add' is a possible COW action. Allocated memory is left un-initialized aside from 8 byte metadata space. We could later move to on-demand/reallocation if the full allocation size would become too large in the future. I will have a look at 'allocate everything' too, unless someone tells me that this won't be acceptable (cost including future mptcp extension would be ~160 bytes or so).
