[ovs-git] [openvswitch/ovs] 642071: conntrack: Add option to disable TCP sequence chec...

Ben Pfaff noreply at github.com
Wed Sep 25 21:48:54 UTC 2019


  Branch: refs/heads/master
  Home:   https://github.com/openvswitch/ovs
  Commit: 64207120c8e969e401006ddf65c7859bb0ab8b87
      https://github.com/openvswitch/ovs/commit/64207120c8e969e401006ddf65c7859bb0ab8b87
  Author: Darrell Ball <dlu998 at gmail.com>
  Date:   2019-09-25 (Wed, 25 Sep 2019)

  Changed paths:
    M NEWS
    M lib/conntrack-private.h
    M lib/conntrack-tcp.c
    M lib/conntrack.c
    M lib/conntrack.h
    M lib/ct-dpif.c
    M lib/ct-dpif.h
    M lib/dpctl.c
    M lib/dpctl.man
    M lib/dpif-netdev.c
    M lib/dpif-netlink.c
    M lib/dpif-provider.h
    M tests/ofproto-dpif.at

  Log Message:
  -----------
  conntrack: Add option to disable TCP sequence checking.

This may be needed in some special cases, such as to support some hardware
offload implementations.  Note that disabling TCP sequence number
verification is not an optimization in itself, but supporting some
hardware offload implementations may offer better performance.  TCP
sequence number verification is enabled by default.  This option is only
available for the userspace datapath.  Access to this option is presently
provided via 'dpctl' commands as the need for this option is quite node
specific, by virtue of which nics are in use on a given node.  A test is
added to verify this option.

Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2019-May/359188.html
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>




More information about the git mailing list