Ticket #68 (closed Task: Solved/Applied)
BroV6 support -- memory usage
| Reported by: | gregor | Owned by: | |
|---|---|---|---|
| Priority: | Normal | Milestone: | Bro2.1 |
| Component: | Bro | Version: | 1.5.2 |
| Keywords: | BroV6, binpac++, HILTI, IPv6 | Cc: |
Description
Hi,
as by our mail discussion:
We cannot (should not) enable BroV6 support by default, because it needs *twice* as much memory as v4 only.
Solution: only use 16 Byte addresses when the connection / packet is indeed v6, otherwise use 4 byte addresses.
Maybe defer to binpac++/HILTI migration.
Memory consumptions results (scripts used: conn ftp bittorrent dpd http-request http-reply scan ssl irc weird)
Virt.Mem user_time + sys_time BroV6, Int64: 1897 MB (195m + 19m) Int64: 1060 MB (198m + 19m none 1046 MB (199m + 18m) BroV6: 1888 MB (190m + 16m)
cu
Gregor
Change History
comment:2 follow-up: ↓ 4 Changed 2 years ago by robin
Additional note: the connection compressor doesn't support v6 at the moment, and is thus skipped for all v6 connections. That certainly also contributes to the memory overhead.
comment:4 in reply to: ↑ 2 Changed 11 months ago by gregor
Replying to robin:
Additional note: the connection compressor doesn't support v6 at the moment, and is thus skipped for all v6 connections. That certainly also contributes to the memory overhead.
the trace I used at that time actually didn't contain any IPv6, so the connection compressor can't be the reason for the memory overhead.
comment:7 Changed 3 months ago by jsiwek
- Status changed from seen to closed
- Resolution set to Solved/Applied
The same results (higher memory usage after enabling IPv6 support) were no longer observed with Bro 2.0 or after the change to default IPv6 support via the new IPAddr class, possibly due to the large overhaul of Bro's scripts.