Under this index page, you can find, grouped by dataset examined, a set of plots analyzing ip_conntrack hash functions and bucket sizes. Within the dataset groups, links to several reports are presented. Follow the links to see the respective report.
If you want to reproduce such pictures, download the latest cttest version, cttest-0.5, unpack it, and read the README file. There's not much more documentation now, sorry.
The underlying data is a one-time sample of a real life /proc/net/ip_conntrack, with duplicates removed. It comes from a transparent proxy server machine. There are about 33000 records, giving 66000 tuples to hash.
This dataset is from a web server farm (a web portal), with the server farm running on a single virtual IP address [*]. I have accumulated the /proc/net/ip_conntracks from all servers in the farm. There are 37608 unique conntrack entries (75216 tuples to hash), and all but 2385 of them refer to the virtual service IP and port 80. This dataset is to show the extreme case of a single-address-and-port server.
|happily working for|