On 10/30/2019 3:37 PM, Roi Dayan wrote: > The following patchset introduces hardware offload of OVS connection > tracking datapath rules. > > OVS uses ct() and recirc() (recirculation) actions and recirc_id()/ct_state() > matches to support connection tracking. > > The datapath rules are in the form of: > > recirc_id(0),in_port(dev1),eth_type(0x0800),ct_state(-trk) > actions:ct(),recirc(2) > recirc_id(2),in_port(dev1),eth_type(0x0800),ct_state(+trk+est) actions:4 > > This patchset will translate ct_state() and recirc_id() matches to tc > ct_state and chain matches respectively. The datapath actions ct() and > recirc() > will be translated to tc actions ct and goto chain respectively. > > The tc equivalent commands for the above rules are: > > $ tc filter add dev dev1 ingress \ > prio 1 chain 0 proto ip \ > flower tcp ct_state -trk \ > action ct pipe \ > action goto chain 2 > > $ tc filter add dev dev1 ingress \ > prio 1 chain 2 proto ip \ > flower tcp ct_state +trk+est \ > action mirred egress redirect dev dev2 > > Thanks, > Roi > > > Paul Blakey (10): > match: Add match_set_ct_zone_masked helper > compat: Add tc ct action and flower matches defines for older kernels > tc: Introduce tc_id to specify a tc filter > netdev-offload-tc: Implement netdev tc flush via tc filter del > netdev-offload-tc: Add recirculation support via tc chains > netdev-offload-tc: Add conntrack support > netdev-offload-tc: Add conntrack label and mark support > netdev-offload-tc: Add conntrack nat support > tc: Move tunnel_key unset action before output ports > netdev-offloads-tc: Probe recirc tc sharing feature on first recirc_id > rule > > acinclude.m4 | 6 +- > datapath/linux/compat/include/linux/openvswitch.h | 3 + > include/linux/automake.mk | 3 +- > include/linux/pkt_cls.h | 50 +- > include/linux/tc_act/tc_ct.h | 41 ++ > include/openvswitch/match.h | 2 + > lib/dpif-netdev.c | 1 + > lib/dpif-netlink.c | 64 ++- > lib/dpif-provider.h | 2 + > lib/dpif.c | 9 + > lib/dpif.h | 2 + > lib/match.c | 10 +- > lib/netdev-linux.c | 6 +- > lib/netdev-offload-tc.c | 635 > ++++++++++++++++------ > lib/netdev-offload.h | 2 +- > lib/tc.c | 451 ++++++++++++--- > lib/tc.h | 75 ++- > 17 files changed, 1064 insertions(+), 298 deletions(-) > create mode 100644 include/linux/tc_act/tc_ct.h
Hey guys, Any comments on the series? :) Thanks, Paul. _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
