mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00

Files

Thomas Eizinger e81dc452f7 refactor(connlib): use a lock-free queue for the buffer pool (#9989 )

We use several buffer pools across `connlib` that are all backed by the
same buffer-pool library. Within that library, we currently use another
object-pool library to provide the actual pooling functionality.

Benchmarking has shown that spend quite a bit of time (a few % of total
CPU time), fighting for the lock to either add or remote a buffer from
the pool. This is unnecessary. By using a queue, we can remove buffers
from the front and add buffers at the back, both of which can be
implemented in a lock-free way such that they don't contend.

Using the well-known `crossbeam-queue` library, we have such a queue
directly available.

I wasn't able to directly measure a performance gain in terms of
throughput. What we can measure though, is how much time we spend
dealing with our buffer pool vs everything else. If we compare the
`perf` outputs that were recorded during an `iperf` run each, we can see
that we spend about 60% less time dealing with the buffer pool than we
did before.

|Before|After|
|---|---|
|<img width="1982" height="553" alt="Screenshot From 2025-07-24
20-27-50"
src="https://github.com/user-attachments/assets/1698f28b-5821-456f-95fa-d6f85d901920"
/>|<img width="1982" height="553" alt="Screenshot From 2025-07-24
20-27-53"
src="https://github.com/user-attachments/assets/4f26a2d1-03e3-4c0d-84da-82c53b9761dd"
/>|

The number in the thousands on the left is how often the respective
function was the currently executing function during the profiling run.

Resolves: #9972

2025-07-28 21:39:11 +00:00

bufferpool

refactor(connlib): use a lock-free queue for the buffer pool (#9989 )

2025-07-28 21:39:11 +00:00

dns-over-tcp

chore(connlib): gate more trace logs on debug_assertions (#10026 )

2025-07-28 21:38:23 +00:00

dns-types

build(deps): bump domain from 0.10.4 to 0.11.0 in /rust (#9274 )

2025-05-28 10:37:16 +00:00

etherparse-ext

refactor(rust): move crates into a more sensical hierarchy (#9066 )

2025-05-12 01:04:17 +00:00

ip-packet

feat(gateway): translate TimeExceeded ICMP messages (#9812 )

2025-07-12 21:09:48 +00:00

l3-tcp

test(connlib): establish real TCP connections in proptests (#9814 )

2025-07-11 15:10:22 +00:00

l4-tcp-dns-server

chore(rust): bump to Rust 1.88 (#9714 )

2025-07-12 06:42:50 +00:00

l4-udp-dns-server

build(rust): upgrade to Rust 1.85 and Edition 2024 (#8240 )

2025-03-19 02:58:55 +00:00

model

feat(connlib): allow controlling IP stack per DNS resource (#9300 )

2025-05-31 00:27:59 +00:00

phoenix-channel

fix(connlib): clear join requests on reconnect (#9985 )

2025-07-24 20:41:26 +00:00

snownet

refactor(snownet): learn host candidates from TURN traffic (#9998 )

2025-07-28 21:38:39 +00:00

socket-factory

refactor(connlib): only enable wire logs in debug builds (#10002 )

2025-07-25 12:24:25 +00:00

tun

ci: update to new cargo sort release (#9354 )

2025-06-02 02:01:09 +00:00

tunnel

refactor(snownet): learn host candidates from TURN traffic (#9998 )

2025-07-28 21:38:39 +00:00

.gitignore

android: update connlib dependency and integration (#1752 )

2023-07-17 18:50:39 +00:00

README.md

chore(docs): Remove outdated rust/connlib/README.md info (#3099 )

2024-01-03 18:10:52 +00:00

README.md

Connlib

Firezone's connectivity library shared by all clients.

Building Connlib

You shouldn't need to build connlib directly; it's typically built as a dependency of one of the other Firezone components. See READMEs in those directories for relevant instructions.