[ovs-git] [openvswitch/ovs] 17e987: conntrack: Document all-zero IP SNAT behavior and ...

Fri Jul 16 17:12:47 UTC 2021

  Branch: refs/heads/branch-2.13
  Home:   https://github.com/openvswitch/ovs
  Commit: 17e98772cba38da159f6f3a2c8d8ae4010fd4ada
      https://github.com/openvswitch/ovs/commit/17e98772cba38da159f6f3a2c8d8ae4010fd4ada
  Author: Eelco Chaudron <echaudro at redhat.com>
  Date:   2021-07-16 (Fri, 16 Jul 2021)

  Changed paths:
    M NEWS
    M lib/ct-dpif.c
    M lib/ct-dpif.h
    M lib/dpif-netdev.c
    M lib/dpif-netlink.c
    M lib/dpif-provider.h
    M lib/ovs-actions.xml
    M ofproto/ofproto-dpif.c
    M ofproto/ofproto-dpif.h
    M tests/system-kmod-macros.at
    M tests/system-traffic.at
    M tests/system-userspace-macros.at
    M vswitchd/vswitch.xml

  Log Message:
  -----------
  conntrack: Document all-zero IP SNAT behavior and add a test case.

Currently, conntrack in the kernel has an undocumented feature referred
to as all-zero IP address SNAT. Basically, when a source port
collision is detected during the commit, the source port will be
translated to an ephemeral port. If there is no collision, no SNAT is
performed.

This patchset documents this behavior and adds a self-test to verify
it's not changing. In addition, a datapath feature flag is added for
the all-zero IP SNAT case. This will help applications on top of OVS,
like OVN, to determine this feature can be used.

Signed-off-by: Eelco Chaudron <echaudro at redhat.com>
Acked-by: Aaron Conole <aconole at redhat.com>
Acked-by: Dumitru Ceara <dceara at redhat.com>
Acked-by: Alin-Gabriel Serdean <aserdean at ovn.org>
Acked-by: Paolo Valerio <pvalerio at redhat.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>