[Bug 1735] Adding nftables interval sets progressively gets slower and makes the nft CLI less responsive with each added set
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Feb 8 12:41:39 CET 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1735
--- Comment #7 from Phil Sutter <phil at nwl.cc> ---
(In reply to anton.khazan from comment #6)
> 'nft -t list set' is also likely affected to some degree, as comparing the
> time it takes to list a small set (261 ip ranges) to a large set (11655 ip
> ranges), I'm noticing a significant difference - 0.01s vs 0.07s on my VM
> (the actual difference is likely higher but I'm limited to 0.01s measurement
> precision). Note that this is also with the '-t' option so it's not supposed
> to fetch elements (to my understanding).
It is. To see for yourself, use --debug=netlink:
| nft --debug=netlink -t list set ...
If debug output contains lots of "element" lines while non-debug output
doesn't, there likely is a bug (with list-like commands at least).
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240208/34690f35/attachment.html>
More information about the netfilter-buglog
mailing list