Currently drop action is not offloaded when using userspace datapath
with tc offload. The patch programs tc gact (generic action) chain
ID 0 to drop the packet by setting it to TC_ACT_SHOT.
Example:
$ ovs-appctl dpctl/add-flow netdev@ovs-netdev \
'recirc_id(0),in_port(2),eth(),eth_type(0x0806),\
arp(op=2,tha=00:50:56:e1:4b:ab,tip=10.255.1.116)' drop
Or no action also infers drop
$ ovs-appctl dpctl/add-flow netdev@ovs-netdev \
'recirc_id(0),in_port(2),eth(),eth_type(0x0806),\
arp(op=2,tha=00:50:56:e1:4b:ab,tip=10.255.1.116)' ''
$ tc filter show dev ovs-p0 ingress
filter protocol arp pref 2 flower chain 0
filter protocol arp pref 2 flower chain 0 handle 0x1
eth_type arp
arp_tip 10.255.1.116
arp_op reply
arp_tha 00:50:56:e1:4b:ab
skip_hw
not_in_hw
action order 1: gact action drop
...
Signed-off-by: William Tu <[email protected]>
---
v3:
remove redundant check for no action at nl_msg_put_flower_acts
---
lib/netdev-offload-tc.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/netdev-offload-tc.c b/lib/netdev-offload-tc.c
index 258d31f54b08..e50e00f23ccb 100644
--- a/lib/netdev-offload-tc.c
+++ b/lib/netdev-offload-tc.c
@@ -1788,6 +1788,10 @@ netdev_tc_flow_put(struct netdev *netdev, struct match
*match,
action->chain = nl_attr_get_u32(nla);
flower.action_count++;
recirc_act = true;
+ } else if (nl_attr_type(nla) == OVS_ACTION_ATTR_DROP) {
+ action->type = TC_ACT_GOTO;
+ action->chain = 0; /* 0 is reserved and not used by recirc. */
+ flower.action_count++;
} else {
VLOG_DBG_RL(&rl, "unsupported put action type: %d",
nl_attr_type(nla));
--
2.7.4
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
