Sun T2000, PowerDNS, 'Completion Ports'
Posted by bert hubert Wed, 19 Apr 2006 15:40:00 GMT
Powered up the Sun CoolThreads T2000 again today to work on first class Solaris support for PowerDNS. As mentioned previously, because of the new anti-spoofing measures, PowerDNS needs to listen to hundreds or sometimes thousands of sockets. The traditional UNIX approach was to tell the kernel which sockets hold your interest, call select(2), and look at the sockets it tells you are active. And then you have to do the whole thing again, ie, report all sockets to the kernel again.
All modern UNIXes come with a better solution: tell kernel which sockets hold your interest, ask kernel which are active, do work, ask kernel which are active. In other words, there is no need to setup everything for each packet.
I implemented epoll and kqueue for Linux and FreeBSD yesterday, today I did Solaris completion ports. Some things to note:
- A ‘Completion Port’ does not survive
fork(2). So create the port after forking. - The
port_getn(2)function takes two parameters to specify how many events you want to receive, a minimum and a maximum. This is different from what kqueue and epoll do. The manpage does not make this overly clear. (UPDATE: ok, it does, I can’t read) - Contrary to kqueue and epoll, once you’ve received an event from the port, you need to add back the socket if you are still interested. I think this is a slight optimisation for PowerDNS as the common case is indeed to remove a socket once an event has hit.
To really get all those cores and strands working, I split PowerDNS 24 ways today and tried to benchmark it. This appears to have worked as it fully saturated my fine xs4all ADSL connection :-) If I want to fully test this server I may need to get it hosted somewhere with real bandwidth.
I released the third 3.0 pre-release of PowerDNS today (including .deb and .rpm!), if you have a chance, please test it.
One large deployment has already moved to this release and I’m very pleased to note that due to the multiplexer work, the additional anti-spoofing sockets have no measurable impact on the CPU load.
