On Fri, May 26, 2017 at 08:47:45PM -0700, Andy Zhou wrote: > When available, use datapath 'clone' for patch port translation. > Clone provides a stronger guarantee that packet will be restored > after going through a patch port, Even in case the packet is > NAT'd by the bridge behind the patch port. > > Signed-off-by: Andy Zhou <[email protected]>
Thanks for working on this. It is good to improve the correctness of the datapath implementation of OpenFlow actions, and this is the weakest point in correctness that I currently know about. This approach seems correct, but expensive in the common case where the packet does not need to be restored, since "clone" and "sample" are expensive datapath actions: I expect that they are more expensive than a few "set field" actions, and certainly more expensive than doing nothing. I think that there are only a few datapath actions that make changes that later datapath actions can't restore. Can the code here check whether any of those actions are actually used, and avoid using "clone" or "sample" in the common case? _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
