Hi Ilya, Eelco,
I’ve tried this patch against 3.1 and latest master branch. There are no
warnings anymore,
but it seems that in my installation it has broken offload capability.
In tcpdump I see packets, which I expect to be offloaded,
so not to appear in tcpdump output, also there is an empty output
of ovs-appctl dpctl/dump-flows type=offloaded.
On ovs without this patch the same host offloads this traffic but with warnings.
Let me know which debug information you need from me.
As a reminder, the test system runs CentOS 8.4 with 6.5.7-1.el8.elrepo.x86_64
elrepo kernel.
SmartNIC is Mellanox Technologies MT2892 Family [ConnectX-6 Dx].
> On 31 Oct 2023, at 11:33, Eelco Chaudron <echau...@redhat.com> wrote:
>
>
>
> On 30 Oct 2023, at 15:00, Ilya Maximets wrote:
>
>> There is no TCA_TUNNEL_KEY_ENC_SRC_PORT in the kernel, so the offload
>> should not be attempted if OVS_TUNNEL_KEY_ATTR_TP_SRC is requested
>> by OVS. Current code just ignores the attribute in the tunnel(set())
>> action leading to a flow mismatch and potential incorrect datapath
>> behavior:
>>
>> |tc(handler21)|DBG|tc flower compare failed action compare
>> ...
>> Action 0 mismatch:
>> - Expected Action:
>> 00000010 01 00 00 00 00 00 00 00-00 00 00 00 00 ff 00 11
>> 00000020 c0 5b 17 c1 00 40 00 00-0a 01 00 6d 0a 01 01 12
>> 00000050 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>> 00000060 01 02 80 01 00 18 00 0b-00 00 00 00 00 00 00 00
>> ...
>> - Received Action:
>> 00000010 01 00 00 00 00 00 00 00-00 00 00 00 00 ff 00 11
>> 00000020 00 00 17 c1 00 40 00 00-0a 01 00 6d 0a 01 01 12
>> 00000050 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>> 00000060 01 02 80 01 00 18 00 0b-00 00 00 00 00 00 00 00
>> ...
>>
>> In the tc_action dump above we can see the difference on the second
>> line. The action dumped from a kernel is missing 'c0 5b' - source
>> port for a tunnel(set()) action on the second line.
>>
>> Removing the field from the tc_action_encap structure entirely to
>> avoid any potential confusion.
>>
>> Note: In general, the source port number in the tunnel(set()) action
>> is not particularly useful for most tunnels, because they may just
>> ignore the value. Specs for Geneve and VXLAN suggest using a value
>> based on the headers of the inner packet as a source port.
>> And I'm not really sure how to make OVS to generate the action with
>> a source port in it, so the commit doesn't include the test case.
>> In vast majority of scenarios the source port doesn't actually end
>> up in the action itself.
>> Having a mismatch between the userspace and TC leads to constant
>> revalidation of the flow and warnings in the log, and might
>> potentially cause mishandling of the traffic, even though the impact
>> is unclear at the moment.
>>
>> Fixes: 8f283af89298 ("netdev-tc-offloads: Implement netdev flow put using tc
>> interface")
>> Reported-at:
>> https://mail.openvswitch.org/pipermail/ovs-discuss/2023-October/052744.html
>> Reported-by: Vladislav Odintsov <odiv...@gmail.com>
>> Signed-off-by: Ilya Maximets <i.maxim...@ovn.org>
>
> Thanks Ilya, this change seems correct as the kernel does not seem to support
> setting the source port. I did some additional tests, and found no problems.
>
> Acked-by: Eelco Chaudron <echau...@redhat.com <mailto:echau...@redhat.com>>
>
> _______________________________________________
> dev mailing list
> d...@openvswitch.org <mailto:d...@openvswitch.org>
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Regards,
Vladislav Odintsov
_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
