cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-9793) Unnecessary conversion from IPNetwork to list causes router slowdown when processing static Nat rules
Date Tue, 28 Feb 2017 00:04:45 GMT


ASF subversion and git services commented on CLOUDSTACK-9793:

Commit f9ef6ca667dd71402c1962dd7f0107b87e6b74e2 in cloudstack's branch refs/heads/master from
[;h=f9ef6ca ]

Merge pull request #1948 from greenqloud/pr-faster-static-nats

[CLOUDSTACK-9793] Faster IP in subnet checkThis change removes the conversion from IPNetwork
to list in one of the router scripts. This makes the router faster at processing static NAT
rules, which can prevent timeouts when attaching or detaching IPs.

With the `list` conversion, it has to potentially check a list of 65536 IP strings multiple
times. We assume that the comparison implemented in the IPNetwork is far more efficient. We
have seen speed-up from 218 seconds to enable static NAT with 18 IPs on the router to 2 or
3 seconds by removing this cast. This also fixes a potential bug where adding IPs to a router
time out because the scripts are taking too long. 218 seconds, for example, is beyond the
timeout on the KVM agent for script execution, and then all enableStaticNat operations will

* pr/1948:
  CLOUDSTACK-9793: Faster ip in subnet check

Signed-off-by: Rajani Karuturi <>

> Unnecessary conversion from IPNetwork to list causes router slowdown when processing
static Nat rules
> -----------------------------------------------------------------------------------------------------
>                 Key: CLOUDSTACK-9793
>                 URL:
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Virtual Router
>    Affects Versions: 4.7.0, 4.8.0, 4.9.0
>            Reporter: Stefania Bergljot Stefansdottir
>             Fix For:
>   Original Estimate: 2h
>  Remaining Estimate: 2h
> In the CsInterface class in on the virtual router there's a function
> {code:java}
> def ip_in_subnet(self, ip):
>     ipo = IPAddress(ip)
>     net = IPNetwork("%s/%s" % (self.get_ip(), self.get_size()))
>     return ipo in list(net)
> {code}
> Skipping the list conversion and using "return ipo in net" is much faster and the functionality
is the same. It can prevent a router timeout when attaching or detaching multiple IPs.

This message was sent by Atlassian JIRA

View raw message