Thanks for the reviews, I pushed this to master except for the system tests part.
On 26/07/2016 17:58, "Daniele Di Proietto" <diproiet...@vmware.com> wrote: >This series aims to implement the ct() action for the dpif-netdev datapath. >The bulk of the code is in the new conntrack module: it contains some packet >parsing code, some lookup tables and the logic to implements all the ct bits. > >The conntrack module is helped by conntrack-tcp, for TCP window and flags >tracking: the bulk of the code of this submodule is from the FreeBSD's pf >subsystem, therefore is BSD licensed. > >The rest of the series integrates the connection tracker with the rest of >OVS: the ct() action is implemented in dpif-netdev, and the debugging >interfaces required by dpctl/{dump,flush}-conntrack are implemented. > >Besides adding some unit tests, this series ports the existing conntrack >system test to the userspace datapath. Some small modifications are >required to pass the testsuite, and some tests still have to be skipped. > >This can also be downloaded at: > >https://github.com/ddiproietto/ovs/tree/userconntrack_20160726 > >Any feedback is appreciated, thanks. > >v4 -> v5: >* Rebase: hmap.h is moved, include ct_* field in some unit tests, > skip and adapt to the new ct dump format the OVN tests. >* Style and typo fixes. >* Add coverage counter to detect long cleanup. >* Use ovs_barrier instead of pthread_barrier in test (fix compilation > on OS X). >* Fix dumping tcp state in the reply direction. >* Squash together flow_compose improvements (checksum and udp_len). > >v3 -> v4: >* Rebase: use struct dp_packet_batch, add extra ct_ fields in some > new tests, use struct hmap_pos, skip some new system NAT tests. >* Style and typo fixes. >* Add OVS_NOT_REACHED() in switch in process_one(). >* New commit: use dl_type from flow or matching megaflow. > >v2 -> v3: >* Rebased. >* Squashed commits for flushing (in dpif-netdev and conntrack). >* Squashed commits for dumping (in dpif-netdev and conntrack). >* Use adaptive mutex instead of spinlock: this prevents livelock > if the cleanup thread is executed on the same CPU as a forwarding > thread. Performance impact in minimal. >* Validate L3 and L4 checksum. >* Use proper L3 and L4 checksum in hardcoded packets in system and unit > tests. >* Consider ICMPv6 as well as ICMP in l4_protos and conn_key_to_tuple. >* Mention conntrack in NEWS and FAQ.md. >* Use uint16_t for ct_state. >* Fix possible NULL dereference for conn in process_one(). >* Add OVS_U128_MIN, OVS_U128_ZERO. >* Use HMAP_FOR_EACH_POP. >* Check that UDP length is valid. >* Style fix: prefer 'sizeof *object' instead of 'sizeof type' >* Don't accept packets from/to UDP/TCP port 0. >* Use defines for timeouts. >* Check expiration inside lookup loop in conn_key_lookup(). >* Limit the number of connections. >* Simplify case if tcp_get_wscale(). >* Introduce general INT_MOD_* macros for comparisons in modular arithmetic. >* Improve comments. >* New cleanup mechanism: we keep connections in an ordered list and we have > a separate thread to performs the cleanup. This doesn't block the main > thread for long intervals anymore. >* Correctly fill UDP length and UDP/TCP/ICMP checksums in flow_compose(): > it's useful to write testcases for the connection tracker. >* Added system test with ICMP traffic through the connection tracker. >* Track ICMP type and code. > >v1 -> v2: >* Fixed bug in tcp_get_wscale(), related to TCP options parsing. >* Changed names of ICMP constants: now they're different from Linux and > FreeBSD. >* Fixed bug in parse_ipv6_ext_hdrs(). >* Used ALWAYS_INLINE in parse_vlan and parse_ethertype, to avoid a > performance regression in miniflow_extract(). >* Updated copyright info in COPYING and debian/copyright.in. >* Rebased. >* Changed batching strategy in conntrack_execute() to allow a newly > created connection to be picked up by packets in the same batch. >* Added an ovs-test module to throw pcap files at the connection tracker. >* Added a workaround for the userspace testsuite on new kernels and a tcp > non-conntrack test. > > > >Daniele Di Proietto (16): > packets: Define ICMP types. > flow: Export parse_ipv6_ext_hdrs(). > flow: Introduce parse_dl_type(). > conntrack: New userspace connection tracker. > conntrack: Periodically delete expired connections. > tests: Add very simple conntrack benchmark. > tests: Add test-conntrack pcap test. > dpif-netdev: Execute conntrack action. > dpif-netdev: Implement conntrack dump functions. > dpif-netdev: Implement conntrack flush interface. > flow: Generate checksum and udp_len in flow_compose(). > tests: Add conntrack ofproto-dpif tests. > system-tests: Run conntrack tests with userspace. > system-tests: Add ping through conntrack test. > conntrack: Track ICMP type and code. > conntrack: Add 'dl_type' parameter to conntrack_execute(). > > COPYING | 1 + > FAQ.md | 2 +- > NEWS | 2 + > debian/copyright.in | 4 + > include/openvswitch/types.h | 4 + > lib/automake.mk | 6 + > lib/conntrack-icmp.c | 105 ++++ > lib/conntrack-other.c | 86 +++ > lib/conntrack-private.h | 114 ++++ > lib/conntrack-tcp.c | 498 +++++++++++++++ > lib/conntrack.c | 1235 ++++++++++++++++++++++++++++++++++++++ > lib/conntrack.h | 204 +++++++ > lib/ct-dpif.c | 24 +- > lib/ct-dpif.h | 3 +- > lib/dpif-netdev.c | 150 ++++- > lib/flow.c | 216 ++++--- > lib/flow.h | 4 + > lib/netlink-conntrack.c | 2 +- > lib/packets.h | 14 +- > lib/util.h | 9 + > tests/automake.mk | 1 + > tests/dpif-netdev.at | 16 +- > tests/ofproto-dpif.at | 900 +++++++++++++++++++++++---- > tests/pmd.at | 2 +- > tests/system-kmod-macros.at | 28 + > tests/system-ovn.at | 10 +- > tests/system-traffic.at | 146 ++++- > tests/system-userspace-macros.at | 45 +- > tests/test-conntrack.c | 283 +++++++++ > 29 files changed, 3856 insertions(+), 258 deletions(-) > create mode 100644 lib/conntrack-icmp.c > create mode 100644 lib/conntrack-other.c > create mode 100644 lib/conntrack-private.h > create mode 100644 lib/conntrack-tcp.c > create mode 100644 lib/conntrack.c > create mode 100644 lib/conntrack.h > create mode 100644 tests/test-conntrack.c > >-- >2.8.1 > _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev