2017-01-24 20:40 GMT-08:00 Darrell Ball <dlu...@gmail.com>: > This patch series introduces NAT support for the userspace datapath. > > The per packet scope of lookups for NAT and un_NAT is at > the bucket level rather than global. One hash table is > introduced to support create/delete handling. The create/delete > events may be further optimized, if the need becomes clear. > > The existing NAT tests are enabled for the dpdk datapath, > with an added enhancement to the V6 NAT test. > > Some NAT options with limited utility (persistent, random) are > not supported yet, but will be supported in a later patch. > > One V6 api is exported to facilitate selective editing the V6 > header - packet_set_ipv6_addr(). > > alg and fragmentation support are not included here but are > being worked on. > > NEWS is not updated in this series yet, until confirmation of > release. > > I realize patch 3 is big. It may be clearer and easier to keep > as a single patch, so I have done that after some discussion.
Thanks a lot for the series. All the NAT and OVN system tests are passing, which is great! You can include an update to NEWS, it won't be pushed before the rest of the series :-) Usually we prefix the commit message with the name of the module that the commit touches. More comments in the various commits I'm sorry I don't have more meaningful comments, yet. I'll keep looking at the series Thanks, Daniele > > v3->v4: Fix rev_key vs key for nat_conn_keys access in a couple > places; this would have affected cleanup; at same time > rename some variables and change nat_conn_keys APIs to > use conn key, rather than conn. > > Fix conntrack_flush() CT_CONN_TYPE_DEFAULT flag placement; > the intention was that it be the same as in sweep_bucket(). > > Fix nat_ipv6_addrs_delta() max boundary checking logic. I > also enhanced the conntrack - IPv6 HTTP with NAT test to > give it more coverage as partial penance. > > Rebase > > v2->v3: Fix a theoretical resend for closed connection restart. > Parse out a function to help and also limit > conn_state_update() to one. > > I decided to cap V6 address range delta at 4 billion using > internal adjustment (user visibility not required). > > Some cleanup of deprecated code path. > > Parse out some more changes as separate patches. > > v1->v2: Updates/fixes that were missed in v1 patches. > > Darrell Ball (6): > Export packet_set_ipv6_addr()fordpdkdatapath. > Parse NAT netlink for userspace datapath. > Userspace Datapath: Introduce NAT support. > Unset CS_NEW for established connections. > Enable NAT tests for userspace datapath. > Enhance V6 NAT test. > > lib/conntrack-private.h | 25 +- > lib/conntrack.c | 742 > ++++++++++++++++++++++++++++++++++----- > lib/conntrack.h | 73 +++- > lib/dpif-netdev.c | 85 ++++- > lib/packets.c | 2 +- > lib/packets.h | 4 + > tests/system-traffic.at | 4 +- > tests/system-userspace-macros.at | 7 +- > tests/test-conntrack.c | 8 +- > 9 files changed, 843 insertions(+), 107 deletions(-) > > -- > 1.9.1 > > _______________________________________________ > dev mailing list > d...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
