Skip to content

Commit

Permalink
conntrack: Remove nat_conn introducing key directionality.
Browse files Browse the repository at this point in the history
The patch avoids the extra allocation for nat_conn.
Currently, when doing NAT, the userspace conntrack will use an extra
conn for the two directions in a flow. However, each conn has actually
the two keys for both orig and rev directions. This patch introduces a
key_node[CT_DIRS] member as per Aaron's suggestion in the conn which
consists of a key, direction, and a cmap_node for hash lookup so
addressing the feedback received by the original patch [0].

With this adjustment, we also remove the assertion that connections in
the table are DEFAULT while updating connection state and/or removing
connections.

[0] https://patchwork.ozlabs.org/project/openvswitch/patch/[email protected]/

[Aaron resolved numerous conflicts due to lack of multiple commits]

Reported-by: Michael Plato <[email protected]>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2022-September/052065.html
Signed-off-by: Peng He <[email protected]>
Co-authored-by: Paolo Valerio <[email protected]>
Signed-off-by: Paolo Valerio <[email protected]>
Tested-by: Frode Nordahl <[email protected]>
Acked-by: Ilya Maximets <[email protected]>
Acked-by: Aaron Conole <[email protected]>
Signed-off-by: Aaron Conole <[email protected]>
Signed-off-by: 0-day Robot <[email protected]>
  • Loading branch information
2 people authored and ovsrobot committed Sep 27, 2023
1 parent 445aeec commit 7be68d1
Show file tree
Hide file tree
Showing 3 changed files with 180 additions and 223 deletions.
19 changes: 11 additions & 8 deletions lib/conntrack-private.h
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,12 @@ struct ct_endpoint {
* hashing in ct_endpoint_hash_add(). */
BUILD_ASSERT_DECL(sizeof(struct ct_endpoint) == sizeof(union ct_addr) + 4);

enum key_dir {
CT_DIR_FWD = 0,
CT_DIR_REV,
CT_DIRS,
};

/* Changes to this structure need to be reflected in conn_key_hash()
* and conn_key_cmp(). */
struct conn_key {
Expand Down Expand Up @@ -86,21 +92,19 @@ struct alg_exp_node {
bool nat_rpl_dst;
};

enum OVS_PACKED_ENUM ct_conn_type {
CT_CONN_TYPE_DEFAULT,
CT_CONN_TYPE_UN_NAT,
struct conn_key_node {
enum key_dir dir;
struct conn_key key;
struct cmap_node cm_node;
};

struct conn {
/* Immutable data. */
struct conn_key key;
struct conn_key rev_key;
struct conn_key_node key_node[CT_DIRS];
struct conn_key parent_key; /* Only used for orig_tuple support. */
struct ovs_list exp_node;
struct cmap_node cm_node;
uint16_t nat_action;
char *alg;
struct conn *nat_conn; /* The NAT 'conn' context, if there is one. */

/* Mutable data. */
struct ovs_mutex lock; /* Guards all mutable fields. */
Expand All @@ -120,7 +124,6 @@ struct conn {

/* Immutable data. */
bool alg_related; /* True if alg data connection. */
enum ct_conn_type conn_type;

uint32_t tp_id; /* Timeout policy ID. */
};
Expand Down
6 changes: 4 additions & 2 deletions lib/conntrack-tp.c
Original file line number Diff line number Diff line change
Expand Up @@ -276,7 +276,8 @@ conn_update_expiration(struct conntrack *ct, struct conn *conn,
ovs_mutex_lock(&conn->lock);
VLOG_DBG_RL(&rl, "Update timeout %s zone=%u with policy id=%d "
"val=%u sec.",
ct_timeout_str[tm], conn->key.zone, conn->tp_id, val);
ct_timeout_str[tm], conn->key_node[CT_DIR_FWD].key.zone,
conn->tp_id, val);

conn_update_expiration__(ct, conn, tm, now, val);
}
Expand Down Expand Up @@ -307,7 +308,8 @@ conn_init_expiration(struct conntrack *ct, struct conn *conn,
}

VLOG_DBG_RL(&rl, "Init timeout %s zone=%u with policy id=%d val=%u sec.",
ct_timeout_str[tm], conn->key.zone, conn->tp_id, val);
ct_timeout_str[tm], conn->key_node[CT_DIR_FWD].key.zone,
conn->tp_id, val);

conn_init_expiration__(ct, conn, tm, now, val);
}
Loading

0 comments on commit 7be68d1

Please sign in to comment.