[ovs-dev] [PATCH v2 00/15] Userspace (DPDK) connection tracker

Daniele Di Proietto diproiettod at vmware.com
Sat Apr 16 00:02:32 UTC 2016


This series aims to implement the ct() action for the dpif-netdev datapath.
The bulk of the code is in the new conntrack module: it contains some packet
parsing code, some lookup tables and the logic to implements all the ct bits.

The conntrack module is helped by conntrack-tcp, for TCP window and flags
tracking: the bulk of the code of this submodule is from the FreeBSD's pf
subsystem, therefore is BSD licensed.

The rest of the series integrates the connection tracker with the rest of
OVS: the ct() action is implemented in dpif-netdev, and the debugging
interfaces required by dpctl/{dump,flush}-conntrack are implemented.

Besides adding some unit tests, this series ports the existing conntrack
system test to the userspace datapath.  Some small modifications are
required to pass the testsuite, and some tests still have to be skipped.

On newer kernels the userspace testsuite has some problems with offloads,
so a workaround is included.

This can also be downloaded at:

https://github.com/ddiproietto/ovs/tree/userconntrack_20160415

Any feedback is appreciated, thanks.

v1 -> v2:
* Fixed bug in tcp_get_wscale(), related to TCP options parsing.
* Changed names of ICMP constants: now they're different from Linux and
  FreeBSD.
* Fixed bug in parse_ipv6_ext_hdrs().
* Used ALWAYS_INLINE in parse_vlan and parse_ethertype, to avoid a
  performance regression in miniflow_extract().
* Updated copyright info in COPYING and debian/copyright.in.
* Rebased.
* Changed batching strategy in conntrack_execute() to allow a newly
  created connection to be picked up by packets in the same batch.
* Added an ovs-test module to throw pcap files at the connection tracker.
* Added a workaround for the userspace testsuite on new kernels and a tcp
  non-conntrack test.

Daniele Di Proietto (15):
  packets: Define ICMP types.
  flow: Export parse_ipv6_ext_hdrs().
  flow: Introduce parse_dl_type().
  conntrack: New userspace connection tracker.
  tests: Add very simple conntrack benchmark.
  tests: Add test-conntrack pcap test.
  conntrack: Implement flush function.
  conntrack: Implement dumping to ct_entry.
  dpif-netdev: Execute conntrack action.
  dpif-netdev: Implement conntrack dump functions.
  dpif-netdev: Implement conntrack flush interface.
  tests: Add conntrack ofproto-dpif tests.
  system-tests: Disable offloads in userspace tests.
  system-tests: Add tcp simple test.
  system-tests: Run conntrack tests with userspace

 COPYING                          |   1 +
 debian/copyright.in              |   4 +
 lib/automake.mk                  |   5 +
 lib/conntrack-other.c            |  91 ++++
 lib/conntrack-private.h          |  80 ++++
 lib/conntrack-tcp.c              | 510 ++++++++++++++++++++
 lib/conntrack.c                  | 997 +++++++++++++++++++++++++++++++++++++++
 lib/conntrack.h                  | 162 +++++++
 lib/dpif-netdev.c                | 138 +++++-
 lib/flow.c                       | 154 +++---
 lib/flow.h                       |   4 +
 lib/packets.h                    |  14 +-
 tests/automake.mk                |   1 +
 tests/dpif-netdev.at             |  14 +-
 tests/ofproto-dpif.at            | 698 ++++++++++++++++++++++++++-
 tests/system-common-macros.at    |   1 +
 tests/system-kmod-macros.at      |  35 ++
 tests/system-traffic.at          |  69 ++-
 tests/system-userspace-macros.at |  63 ++-
 tests/test-conntrack.c           | 232 +++++++++
 20 files changed, 3164 insertions(+), 109 deletions(-)
 create mode 100644 lib/conntrack-other.c
 create mode 100644 lib/conntrack-private.h
 create mode 100644 lib/conntrack-tcp.c
 create mode 100644 lib/conntrack.c
 create mode 100644 lib/conntrack.h
 create mode 100644 tests/test-conntrack.c

-- 
2.1.4




More information about the dev mailing list