Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1757200AbdIHWOM (ORCPT <rfc822;w@1wt.eu>);
        Fri, 8 Sep 2017 18:14:12 -0400
Received: from mail-pg0-f45.google.com ([74.125.83.45]:38349 "EHLO
        mail-pg0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752999AbdIHWOL (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 8 Sep 2017 18:14:11 -0400
X-Google-Smtp-Source: ADKCNb4qHViEXm4J78v7B0Ve50osIVaGKSBgkCuoUo0kiKhcF3om6d56esb+TQad2Ce9BOku2pd5f3m0sj0aU7LragQ=
MIME-Version: 1.0
In-Reply-To: <1504753808-13266-1-git-send-email-yanhaishuang@cmss.chinamobile.com>
References: <1504753808-13266-1-git-send-email-yanhaishuang@cmss.chinamobile.com>
From: Cong Wang <xiyou.wangcong@gmail.com>
Date: Fri, 8 Sep 2017 15:13:50 -0700
Message-ID: <CAM_iQpV4gRwhT4VXPtJft38ixG6xE3PF9z4gB7HHJEUsqbCtOw@mail.gmail.com>
Subject: Re: [PATCH] ipv4: Namespaceify tcp_max_orphans knob
To: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
Cc: "David S. Miller" <davem@davemloft.net>,
        Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
        Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
        Eric Dumazet <edumazet@google.com>,
        Linux Kernel Network Developers <netdev@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 343
Lines: 7

On Wed, Sep 6, 2017 at 8:10 PM, Haishuang Yan
<yanhaishuang@cmss.chinamobile.com> wrote:
> Different namespace application might require different maximal number
> of TCP sockets independently of the host.

So after your patch we could have N * net->ipv4.sysctl_tcp_max_orphans
in a whole system, right? This just makes OOM easier to trigger.