[ovs-dev] [PATCH] [branch-2.13] conntrack: Document all-zero IP SNAT behavior and add a test case.

Ilya Maximets i.maximets at ovn.org
Fri Jul 16 11:37:59 UTC 2021


On 7/14/21 4:44 PM, Eelco Chaudron wrote:
> Currently, conntrack in the kernel has an undocumented feature referred
> to as all-zero IP address SNAT. Basically, when a source port
> collision is detected during the commit, the source port will be
> translated to an ephemeral port. If there is no collision, no SNAT is
> performed.
> 
> This patchset documents this behavior and adds a self-test to verify
> it's not changing. In addition, a datapath feature flag is added for
> the all-zero IP SNAT case. This will help applications on top of OVS,
> like OVN, to determine this feature can be used.
> 
> Signed-off-by: Eelco Chaudron <echaudro at redhat.com>
> ---
>  NEWS                             |    6 +++++
>  lib/ct-dpif.c                    |    8 +++++++
>  lib/ct-dpif.h                    |    6 +++++
>  lib/dpif-netdev.c                |    1 +
>  lib/dpif-netlink.c               |   15 ++++++++++++
>  lib/dpif-provider.h              |    5 ++++
>  lib/ovs-actions.xml              |   10 ++++++++
>  ofproto/ofproto-dpif.c           |   20 +++++++++++++++++
>  ofproto/ofproto-dpif.h           |    5 +++-
>  tests/system-kmod-macros.at      |   11 +++++++++
>  tests/system-traffic.at          |   46 ++++++++++++++++++++++++++++++++++++++
>  tests/system-userspace-macros.at |   10 ++++++++
>  vswitchd/vswitch.xml             |    9 +++++++
>  13 files changed, 151 insertions(+), 1 deletion(-)
> 
> diff --git a/NEWS b/NEWS
> index fea854d78..5dbde2a63 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -1,3 +1,9 @@
> +Post- v2.13.4
> +---------------------
> +   - OVS now reports the datapath capability 'ct_zero_snat', which reflects
> +     whether the SNAT with all-zero IP address is supported.
> +     See ovs-vswitchd.conf.db(5) for details.
> +

Hmm, this change is prepared on top of the v2.13.4 tag, but not on the tip
of branch-2.13.  Could you, please, rebase?

Best regards, Ilya Maximets.


More information about the dev mailing list