[ovs-dev] [DPDK:patch_v5 0/8] Userspace Datapath: Introduce NAT support.

Wed Feb 15 18:00:07 UTC 2017

On Wed, Feb 08, 2017 at 12:17:53AM -0800, Darrell Ball wrote:
> This patch series introduces NAT support for the userspace datapath.

Thanks a lot for this work, nice.  I did a quick look at the
patches and provided feedback on the easier ones, but I plan
to go over the long ones too.

> The per packet scope of lookups for NAT and un_NAT is at
> the bucket level rather than global. One hash table is
> introduced to support create/delete handling. The create/delete
> events may be further optimized, if the need becomes clear.
> 
> The existing NAT tests are enabled for the dpdk datapath,
> with an added enhancement to the V6 NAT test.
> 
> Some NAT options with limited utility (persistent, random) are
> not supported yet, but will be supported in a later patch.
> 
> One V6 api is exported to facilitate selective editing the V6
> header - packet_set_ipv6_addr().
> 
> alg and fragmentation support are not included here but are
> being worked on.

If you don't mind, I'd appreciate if you could post RFCs of
what you have already.

Thanks!
Flavio

> 
> I realize patch 4 is big. It may be clearer and easier to keep
> as a single patch, so I have done that after some discussion.
> 
> v4->v5: Remove packet sorting in userspace datapath conntrack.
>         Simplify conntrack state code.
>         Fix sparse error.
>         Address code review comments from Daniele.
> 
> v3->v4: Fix rev_key vs key for nat_conn_keys access in a couple
>         places; this would have affected cleanup; at same time
>         rename some variables and change nat_conn_keys APIs to
>         use conn key, rather than conn.
> 
>         Fix conntrack_flush() CT_CONN_TYPE_DEFAULT flag placement;
>         the intention was that it be the same as in sweep_bucket().
> 
>         Fix nat_ipv6_addrs_delta() max boundary checking logic. I
>         also enhanced the conntrack - IPv6 HTTP with NAT test to
>         give it more coverage as partial penance.
> 
>         Rebase
> 
> v2->v3: Fix a theoretical resend for closed connection restart.
>         Parse out a function to help and also limit
>         conn_state_update() to one.
> 
>         I decided to cap V6 address range delta at 4 billion using
>         internal adjustment (user visibility not required).
> 
>         Some cleanup of deprecated code path.
> 
>         Parse out some more changes as separate patches.
> 
> v1->v2: Updates/fixes that were missed in v1 patches.
> 
> Darrell Ball (8):
>   Export packet_set_ipv6_addr() for DPDK.
>   Parse NAT netlink for userspace datapath.
>   Remove batch sorting in userspace conntrack.
>   Userspace Datapath: Introduce NAT Support.
>   Enhance V6 NAT test.
>   Add missing CHECK_CONNTRACK_ALG guards.
>   Enable NAT tests for userspace datapath.
>   Update NEWS for userspace datapath NAT
> 
>  NEWS                             |   2 +
>  lib/conntrack-private.h          |  25 +-
>  lib/conntrack.c                  | 799 +++++++++++++++++++++++++++++++++------
>  lib/conntrack.h                  |  75 +++-
>  lib/dpif-netdev.c                |  82 +++-
>  lib/packets.c                    |   2 +-
>  lib/packets.h                    |   4 +
>  tests/system-traffic.at          |   7 +-
>  tests/system-userspace-macros.at |   7 +-
>  tests/test-conntrack.c           |   8 +-
>  10 files changed, 867 insertions(+), 144 deletions(-)
> 
> -- 
> 1.9.1
> 
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev

-- 
Flavio