Congrats! This has been a while coming:)
On 27 July 2016 at 23:17, Daniele Di Proietto <diproiet...@vmware.com> wrote:
> Thanks for the reviews, I pushed this to master except for the system tests
> part.
>
>
>
> On 26/07/2016 17:58, "Daniele Di Proietto" <diproiet...@vmware.com> wrote:
>
>>This series aims to implement the ct() action for the dpif-netdev datapath.
>>The bulk of the code is in the new conntrack module: it contains some packet
>>parsing code, some lookup tables and the logic to implements all the ct bits.
>>
>>The conntrack module is helped by conntrack-tcp, for TCP window and flags
>>tracking: the bulk of the code of this submodule is from the FreeBSD's pf
>>subsystem, therefore is BSD licensed.
>>
>>The rest of the series integrates the connection tracker with the rest of
>>OVS: the ct() action is implemented in dpif-netdev, and the debugging
>>interfaces required by dpctl/{dump,flush}-conntrack are implemented.
>>
>>Besides adding some unit tests, this series ports the existing conntrack
>>system test to the userspace datapath. Some small modifications are
>>required to pass the testsuite, and some tests still have to be skipped.
>>
>>This can also be downloaded at:
>>
>>https://github.com/ddiproietto/ovs/tree/userconntrack_20160726
>>
>>Any feedback is appreciated, thanks.
>>
>>v4 -> v5:
>>* Rebase: hmap.h is moved, include ct_* field in some unit tests,
>> skip and adapt to the new ct dump format the OVN tests.
>>* Style and typo fixes.
>>* Add coverage counter to detect long cleanup.
>>* Use ovs_barrier instead of pthread_barrier in test (fix compilation
>> on OS X).
>>* Fix dumping tcp state in the reply direction.
>>* Squash together flow_compose improvements (checksum and udp_len).
>>
>>v3 -> v4:
>>* Rebase: use struct dp_packet_batch, add extra ct_ fields in some
>> new tests, use struct hmap_pos, skip some new system NAT tests.
>>* Style and typo fixes.
>>* Add OVS_NOT_REACHED() in switch in process_one().
>>* New commit: use dl_type from flow or matching megaflow.
>>
>>v2 -> v3:
>>* Rebased.
>>* Squashed commits for flushing (in dpif-netdev and conntrack).
>>* Squashed commits for dumping (in dpif-netdev and conntrack).
>>* Use adaptive mutex instead of spinlock: this prevents livelock
>> if the cleanup thread is executed on the same CPU as a forwarding
>> thread. Performance impact in minimal.
>>* Validate L3 and L4 checksum.
>>* Use proper L3 and L4 checksum in hardcoded packets in system and unit
>> tests.
>>* Consider ICMPv6 as well as ICMP in l4_protos and conn_key_to_tuple.
>>* Mention conntrack in NEWS and FAQ.md.
>>* Use uint16_t for ct_state.
>>* Fix possible NULL dereference for conn in process_one().
>>* Add OVS_U128_MIN, OVS_U128_ZERO.
>>* Use HMAP_FOR_EACH_POP.
>>* Check that UDP length is valid.
>>* Style fix: prefer 'sizeof *object' instead of 'sizeof type'
>>* Don't accept packets from/to UDP/TCP port 0.
>>* Use defines for timeouts.
>>* Check expiration inside lookup loop in conn_key_lookup().
>>* Limit the number of connections.
>>* Simplify case if tcp_get_wscale().
>>* Introduce general INT_MOD_* macros for comparisons in modular arithmetic.
>>* Improve comments.
>>* New cleanup mechanism: we keep connections in an ordered list and we have
>> a separate thread to performs the cleanup. This doesn't block the main
>> thread for long intervals anymore.
>>* Correctly fill UDP length and UDP/TCP/ICMP checksums in flow_compose():
>> it's useful to write testcases for the connection tracker.
>>* Added system test with ICMP traffic through the connection tracker.
>>* Track ICMP type and code.
>>
>>v1 -> v2:
>>* Fixed bug in tcp_get_wscale(), related to TCP options parsing.
>>* Changed names of ICMP constants: now they're different from Linux and
>> FreeBSD.
>>* Fixed bug in parse_ipv6_ext_hdrs().
>>* Used ALWAYS_INLINE in parse_vlan and parse_ethertype, to avoid a
>> performance regression in miniflow_extract().
>>* Updated copyright info in COPYING and debian/copyright.in.
>>* Rebased.
>>* Changed batching strategy in conntrack_execute() to allow a newly
>> created connection to be picked up by packets in the same batch.
>>* Added an ovs-test module to throw pcap files at the connection tracker.
>>* Added a workaround for the userspace testsuite on new kernels and a tcp
>> non-conntrack test.
>>
>>
>>
>>Daniele Di Proietto (16):
>> packets: Define ICMP types.
>> flow: Export parse_ipv6_ext_hdrs().
>> flow: Introduce parse_dl_type().
>> conntrack: New userspace connection tracker.
>> conntrack: Periodically delete expired connections.
>> tests: Add very simple conntrack benchmark.
>> tests: Add test-conntrack pcap test.
>> dpif-netdev: Execute conntrack action.
>> dpif-netdev: Implement conntrack dump functions.
>> dpif-netdev: Implement conntrack flush interface.
>> flow: Generate checksum and udp_len in flow_compose().
>> tests: Add conntrack ofproto-dpif tests.
>> system-tests: Run conntrack tests with userspace.
>> system-tests: Add ping through conntrack test.
>> conntrack: Track ICMP type and code.
>> conntrack: Add 'dl_type' parameter to conntrack_execute().
>>
>> COPYING | 1 +
>> FAQ.md | 2 +-
>> NEWS | 2 +
>> debian/copyright.in | 4 +
>> include/openvswitch/types.h | 4 +
>> lib/automake.mk | 6 +
>> lib/conntrack-icmp.c | 105 ++++
>> lib/conntrack-other.c | 86 +++
>> lib/conntrack-private.h | 114 ++++
>> lib/conntrack-tcp.c | 498 +++++++++++++++
>> lib/conntrack.c | 1235
>> ++++++++++++++++++++++++++++++++++++++
>> lib/conntrack.h | 204 +++++++
>> lib/ct-dpif.c | 24 +-
>> lib/ct-dpif.h | 3 +-
>> lib/dpif-netdev.c | 150 ++++-
>> lib/flow.c | 216 ++++---
>> lib/flow.h | 4 +
>> lib/netlink-conntrack.c | 2 +-
>> lib/packets.h | 14 +-
>> lib/util.h | 9 +
>> tests/automake.mk | 1 +
>> tests/dpif-netdev.at | 16 +-
>> tests/ofproto-dpif.at | 900 +++++++++++++++++++++++----
>> tests/pmd.at | 2 +-
>> tests/system-kmod-macros.at | 28 +
>> tests/system-ovn.at | 10 +-
>> tests/system-traffic.at | 146 ++++-
>> tests/system-userspace-macros.at | 45 +-
>> tests/test-conntrack.c | 283 +++++++++
>> 29 files changed, 3856 insertions(+), 258 deletions(-)
>> create mode 100644 lib/conntrack-icmp.c
>> create mode 100644 lib/conntrack-other.c
>> create mode 100644 lib/conntrack-private.h
>> create mode 100644 lib/conntrack-tcp.c
>> create mode 100644 lib/conntrack.c
>> create mode 100644 lib/conntrack.h
>> create mode 100644 tests/test-conntrack.c
>>
>>--
>>2.8.1
>>
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
