I applied this series already, so you'll need to send a patch to fix up what's there, I guess.
On Mon, Feb 25, 2019 at 04:01:31PM -0800, Darrell Ball wrote: > I sent a V2 for the series as I changed patch 1 slightly. > > On Mon, Feb 25, 2019 at 3:36 PM Darrell Ball <[email protected]> wrote: > > > ICMPv4 and ICMPv6 are not subject to port address translation (PAT), > > however, a loop increments a local variable unnecessarily for > > ephemeral ports, resulting in wasted work for ICMPv4 and ICMPv6 packets > > subject to NAT. Fix this by checking for PAT being enabled before > > incrementing the local port variable and bail out otherwise. > > > > Signed-off-by: Darrell Ball <[email protected]> > > --- > > lib/conntrack.c | 12 +++++------- > > 1 file changed, 5 insertions(+), 7 deletions(-) > > > > diff --git a/lib/conntrack.c b/lib/conntrack.c > > index 4028ba9..ecac584 100644 > > --- a/lib/conntrack.c > > +++ b/lib/conntrack.c > > @@ -2179,6 +2179,8 @@ nat_select_range_tuple(struct conntrack *ct, const > > struct conn *conn, > > bool ephemeral_ports_tried = conn->nat_info->nat_action & > > NAT_ACTION_DST > > ? true : false; > > union ct_addr first_addr = ct_addr; > > + bool pat_enabled = conn->key.nw_proto != IPPROTO_ICMP && > > + conn->key.nw_proto != IPPROTO_ICMPV6; > > > > while (true) { > > if (conn->nat_info->nat_action & NAT_ACTION_SRC) { > > @@ -2186,11 +2188,7 @@ nat_select_range_tuple(struct conntrack *ct, const > > struct conn *conn, > > } else { > > nat_conn->rev_key.src.addr = ct_addr; > > } > > - > > - if ((conn->key.nw_proto == IPPROTO_ICMP) || > > - (conn->key.nw_proto == IPPROTO_ICMPV6)) { > > - all_ports_tried = true; > > - } else if (conn->nat_info->nat_action & NAT_ACTION_SRC) { > > + if (conn->nat_info->nat_action & NAT_ACTION_SRC) { > > nat_conn->rev_key.dst.port = htons(port); > > } else { > > nat_conn->rev_key.src.port = htons(port); > > @@ -2200,7 +2198,7 @@ nat_select_range_tuple(struct conntrack *ct, const > > struct conn *conn, > > ct->hash_basis); > > if (new_insert) { > > return true; > > - } else if (!all_ports_tried) { > > + } else if (pat_enabled && !all_ports_tried) { > > if (min_port == max_port) { > > all_ports_tried = true; > > } else if (port == max_port) { > > @@ -2222,7 +2220,7 @@ nat_select_range_tuple(struct conntrack *ct, const > > struct conn *conn, > > ct_addr = conn->nat_info->min_addr; > > } > > if (!memcmp(&ct_addr, &first_addr, sizeof ct_addr)) { > > - if (!ephemeral_ports_tried) { > > + if (pat_enabled && !ephemeral_ports_tried) { > > ephemeral_ports_tried = true; > > ct_addr = conn->nat_info->min_addr; > > first_addr = ct_addr; > > -- > > 1.9.1 > > > > > _______________________________________________ > dev mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-dev _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
