This patch series introduces NAT support for the userspace datapath.
The per packet scope of lookups for NAT and un_NAT is at
the bucket level rather than global. One hash table is
introduced to support create/delete handling. The create/delete
events may be further optimized, if the need becomes clear.
The existing NAT tests are enabled for the dpdk datapath,
with an added enhancement to the V6 NAT test.
Some NAT options with limited utility (persistent, random) are
not supported yet, but will be supported in a later patch.
One V6 api is exported to facilitate selective editing the V6
header - packet_set_ipv6_addr().
alg and fragmentation support are not included here but are
being worked on.
I realize patch 4 is big. It may be clearer and easier to keep
as a single patch, so I have done that after some discussion.
v4->v5: Remove packet sorting in userspace datapath conntrack.
Simplify conntrack state code.
Fix sparse error.
Address code review comments from Daniele.
v3->v4: Fix rev_key vs key for nat_conn_keys access in a couple
places; this would have affected cleanup; at same time
rename some variables and change nat_conn_keys APIs to
use conn key, rather than conn.
Fix conntrack_flush() CT_CONN_TYPE_DEFAULT flag placement;
the intention was that it be the same as in sweep_bucket().
Fix nat_ipv6_addrs_delta() max boundary checking logic. I
also enhanced the conntrack - IPv6 HTTP with NAT test to
give it more coverage as partial penance.
Rebase
v2->v3: Fix a theoretical resend for closed connection restart.
Parse out a function to help and also limit
conn_state_update() to one.
I decided to cap V6 address range delta at 4 billion using
internal adjustment (user visibility not required).
Some cleanup of deprecated code path.
Parse out some more changes as separate patches.
v1->v2: Updates/fixes that were missed in v1 patches.
Darrell Ball (8):
Export packet_set_ipv6_addr() for DPDK.
Parse NAT netlink for userspace datapath.
Remove batch sorting in userspace conntrack.
Userspace Datapath: Introduce NAT Support.
Enhance V6 NAT test.
Add missing CHECK_CONNTRACK_ALG guards.
Enable NAT tests for userspace datapath.
Update NEWS for userspace datapath NAT
NEWS | 2 +
lib/conntrack-private.h | 25 +-
lib/conntrack.c | 799 +++++++++++++++++++++++++++++++++------
lib/conntrack.h | 75 +++-
lib/dpif-netdev.c | 82 +++-
lib/packets.c | 2 +-
lib/packets.h | 4 +
tests/system-traffic.at | 7 +-
tests/system-userspace-macros.at | 7 +-
tests/test-conntrack.c | 8 +-
10 files changed, 867 insertions(+), 144 deletions(-)
--
1.9.1
_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
