Skip to content

perf(netstack2): optimize reverse NAT lookup with O(1) map #205

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
LaurenceJJones wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

perf(netstack2): optimize reverse NAT lookup with O(1) map #205

LaurenceJJones wants to merge 1 commit into from

Conversation

@LaurenceJJones
Copy link

@LaurenceJJones LaurenceJJones commented Dec 16, 2025
edited
Loading

Community Contribution License Agreement

By creating this pull request, I grant the project maintainers an unlimited,
perpetual license to use, modify, and redistribute these contributions under any terms they
choose, including both the AGPLv3 and the Fossorial Commercial license terms. I
represent that I have the right to grant this license for all contributed content.

Description

Replace O(n) linear search through NAT table with O(1) reverse lookup map for reply packet NAT translation.

Changes:

  • Add reverseConnKey type for reverse NAT lookups
  • Add reverseNatTable map to ProxyHandler for O(1) lookups
  • Populate both forward and reverse maps when creating NAT entries
  • Replace iteration-based reverse lookup with direct map access

Performance:

  • O(n) → O(1) complexity for reverse NAT lookups
  • Eliminates lock-held iteration on every reply packet
  • Removes string comparisons from hot path
  • Expected 10-50x improvement for reverse NAT lookups

This addresses Critical from performance analysis where reply path was walking the entire NAT table to find original mapping.

How to test?

Purely internal optimization, instead of walking the entire natTable every time to find where to reverse too. We create a map that is indexed by the reverse fields which stores the same netState data from the forward natTable.

@LaurenceJJones
perf: optimize reverse NAT lookup with O(1) map instead of O(n) itera…
1cf75b0 
…tion

Replace O(n) linear search through NAT table with O(1) reverse lookup map
for reply packet NAT translation.

Changes:
- Add reverseConnKey type for reverse NAT lookups
- Add reverseNatTable map to ProxyHandler for O(1) lookups
- Populate both forward and reverse maps when creating NAT entries
- Replace iteration-based reverse lookup with direct map access

Performance:
- O(n) → O(1) complexity for reverse NAT lookups
- Eliminates lock-held iteration on every reply packet
- Removes string comparisons from hot path
- Expected 10-50x improvement for reverse NAT lookups

This addresses Critical fosrl#1 from performance analysis where reply path
was walking the entire NAT table to find original mapping.
@LaurenceJJones LaurenceJJones changed the title perf: optimize reverse NAT lookup with O(1) map instead of O(n) itera… perf(netstack2): optimize reverse NAT lookup with O(1) map Dec 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@LaurenceJJones