On Wed, Feb 08, 2017 at 12:17:53AM -0800, Darrell Ball wrote: > This patch series introduces NAT support for the userspace datapath.
Thanks a lot for this work, nice. I did a quick look at the patches and provided feedback on the easier ones, but I plan to go over the long ones too. > The per packet scope of lookups for NAT and un_NAT is at > the bucket level rather than global. One hash table is > introduced to support create/delete handling. The create/delete > events may be further optimized, if the need becomes clear. > > The existing NAT tests are enabled for the dpdk datapath, > with an added enhancement to the V6 NAT test. > > Some NAT options with limited utility (persistent, random) are > not supported yet, but will be supported in a later patch. > > One V6 api is exported to facilitate selective editing the V6 > header - packet_set_ipv6_addr(). > > alg and fragmentation support are not included here but are > being worked on. If you don't mind, I'd appreciate if you could post RFCs of what you have already. Thanks! Flavio > > I realize patch 4 is big. It may be clearer and easier to keep > as a single patch, so I have done that after some discussion. > > v4->v5: Remove packet sorting in userspace datapath conntrack. > Simplify conntrack state code. > Fix sparse error. > Address code review comments from Daniele. > > v3->v4: Fix rev_key vs key for nat_conn_keys access in a couple > places; this would have affected cleanup; at same time > rename some variables and change nat_conn_keys APIs to > use conn key, rather than conn. > > Fix conntrack_flush() CT_CONN_TYPE_DEFAULT flag placement; > the intention was that it be the same as in sweep_bucket(). > > Fix nat_ipv6_addrs_delta() max boundary checking logic. I > also enhanced the conntrack - IPv6 HTTP with NAT test to > give it more coverage as partial penance. > > Rebase > > v2->v3: Fix a theoretical resend for closed connection restart. > Parse out a function to help and also limit > conn_state_update() to one. > > I decided to cap V6 address range delta at 4 billion using > internal adjustment (user visibility not required). > > Some cleanup of deprecated code path. > > Parse out some more changes as separate patches. > > v1->v2: Updates/fixes that were missed in v1 patches. > > Darrell Ball (8): > Export packet_set_ipv6_addr() for DPDK. > Parse NAT netlink for userspace datapath. > Remove batch sorting in userspace conntrack. > Userspace Datapath: Introduce NAT Support. > Enhance V6 NAT test. > Add missing CHECK_CONNTRACK_ALG guards. > Enable NAT tests for userspace datapath. > Update NEWS for userspace datapath NAT > > NEWS | 2 + > lib/conntrack-private.h | 25 +- > lib/conntrack.c | 799 > +++++++++++++++++++++++++++++++++------ > lib/conntrack.h | 75 +++- > lib/dpif-netdev.c | 82 +++- > lib/packets.c | 2 +- > lib/packets.h | 4 + > tests/system-traffic.at | 7 +- > tests/system-userspace-macros.at | 7 +- > tests/test-conntrack.c | 8 +- > 10 files changed, 867 insertions(+), 144 deletions(-) > > -- > 1.9.1 > > _______________________________________________ > dev mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-dev -- Flavio _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
