On 6/7/23 16:02, Ivan Malov wrote:
On EF100 hardware, match-action engine (MAE) can be equipped
with an assistance table for connection tracking (CT). In it,
an entry key is a set of exact match fields: an EtherType, a
pair of IP addresses, a L4 protocol ID and a pair of L4 port
numbers. An entry response can provide matching packets with
a mark value and additional data to be plumbed to NAT action.
In addition, an update to mark-and-sweep counter can be done.
This table was designed with larger capacity in mind,
so moving the above match criteria out of an action
rule (AR) specification to a CT entry increases the
likelihood of reusing AR entries and improves the
total flow engine capacity. Make use of that.
Changes in v2:
* Found and fixed my own mistake in [15/34]
* Fixed [16/34] as per 0-day robot report
* Added missing release notes to [27/34]
* Added missing release notes to [30/34]
Changes in v3:
* Fixed release notes in [27/34]
* Rebased on dpdk to fix CI
Changes in v4:
* Applied review notes in [05/34], [08/34], [09/34] and [10/34].
My ack from the previous version is lost.
