如何在内核中禁止route cache

问题：

Hi,
I have a linux router running kernel 3.2  that receive public ingress
packets and route them through an GRE tunnel, return packets don't go
through it
I've recently faced a serious issue with the route cache,  when the
router received spoofed source , the route cache will quickly get
exhausted (depending on the size of it) and soon the ip dst cache
overflow will be printed and network subsystem will hang until
restarted.
So, my question is, how can I turn off the route cache without
recompile the kernel or adding the  patch for removal  in 3.7?  I
tried to set
echo 0 > /proc/sys/net/ipv4/route/max_size but that has no effect at all.
And if some one can share some insight on why when dst cache
overflows, the network subsystem hangs, it would be great.
Thanks.

对此，eric回应到：

echo -1 >/proc/sys/net/ipv4/rt_cache_rebuild_count

这条命令为什么会禁止掉route cache了？

决定是否cache的因素

static inline bool rt_caching(const struct net *net)
{  
    return net->ipv4.current_rt_cache_rebuild_count <=
        net->ipv4.sysctl_rt_cache_rebuild_count;
}

current_rt_cache_rebuild_count初始化为0， 且在

rt_intern_hash:

         if (chain_length > rt_chain_length_max) {

            struct net *net = dev_net(rt->u.dst.dev);
            int num = ++net->ipv4.current_rt_cache_rebuild_count;
            if (!rt_caching(dev_net(rt->u.dst.dev))) {
                printk(KERN_WARNING "%s: %d rebuilds is over limit, route caching disabled\n",
                    rt->u.dst.dev->name, num);
            }
            rt_emergency_hash_rebuild(dev_net(rt->u.dst.dev));
        }

进行递增，即hash链长度超长。

在ip_route_input和__ip_route_output_key中都会依据rt_caching的结果决定是否skip cache

因此将rt_cache_rebuild_count设为-1就禁止了route cache.