Re: [ovs-dev] [PATCH v2] tc: On last action use drop action attribute instead of pipe

Sat, 22 Oct 2022 23:29:19 -0700 


On 23/10/2022 9:27, Roi Dayan wrote:
> OVN is setting ct drop rule with a ct clear action.
> OVS datapath behavior is if there is no forward action
> the default is drop.
> TC behavior is to continue with next match.
> Fix to match tc to ovs behavior by setting last action
> attribute as drop instead of pipe.
> Also update lastused when parsing ct action.
> 
> example rule
> recirc_id(0x1),in_port(2),ct_state(+trk),eth(),eth_type(0x0800),ipv4(frag=no),
> packets:82, bytes:8036, used:2.108s, actions:ct_clear
> 
> Reviewed-by: Maor Dickman <[email protected]>
> Signed-off-by: Roi Dayan <[email protected]>
> ---
> 
> Notes:
>     v2
>     - add missing TCA_CT_TM to policy struct ct policy.
> 
>  lib/tc.c | 15 ++++++++++++++-
>  1 file changed, 14 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/tc.c b/lib/tc.c
> index 94044cde6060..f8419e637b9d 100644
> --- a/lib/tc.c
> +++ b/lib/tc.c
> @@ -1541,6 +1541,9 @@ static const struct nl_policy ct_policy[] = {
>                                .optional = true, },
>      [TCA_CT_NAT_PORT_MAX] = { .type = NL_A_U16,
>                                .optional = true, },
> +    [TCA_CT_TM] = { .type = NL_A_UNSPEC,
> +                    .min_len = sizeof(struct tcf_t),
> +                    .optional = true, },
>  };
>  
>  static int
> @@ -1551,6 +1554,7 @@ nl_parse_act_ct(struct nlattr *options, struct 
> tc_flower *flower)
>      struct tc_action *action;
>      const struct tc_ct *ct;
>      uint16_t ct_action = 0;
> +    struct tcf_t tm;
>  
>      if (!nl_parse_nested(options, ct_policy, ct_attrs,
>                           ARRAY_SIZE(ct_policy))) {
> @@ -1636,6 +1640,11 @@ nl_parse_act_ct(struct nlattr *options, struct 
> tc_flower *flower)
>      }
>      action->type = TC_ACT_CT;
>  
> +    if (ct_attrs[TCA_CT_TM]) {
> +        memcpy(&tm, nl_attr_get_unspec(ct_attrs[TCA_CT_TM], sizeof tm),
> +               sizeof tm);
> +        nl_parse_tcf(&tm, flower);
> +    }
>      nl_parse_action_pc(ct->action, action);
>      return 0;
>  }
> @@ -3126,7 +3135,11 @@ nl_msg_put_flower_acts(struct ofpbuf *request, struct 
> tc_flower *flower)
>              uint32_t action_pc; /* Programmatic Control */
>  
>              if (!action->jump_action) {
> -                action_pc = TC_ACT_PIPE;
> +                if (i == flower->action_count - 1) {
> +                    action_pc = TC_ACT_SHOT;
> +                } else {
> +                    action_pc = TC_ACT_PIPE;
> +                }
>              } else if (action->jump_action == JUMP_ACTION_STOP) {
>                  action_pc = TC_ACT_STOLEN;
>              } else {


Hi Simon,

Seems I used old email address on v1 and v2 now.
so adding you to the thread.

Thanks,
Roi
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev






















					Reply via email to