[ovs-dev,v5,0/2] Keep track of SNAT status for ICMP need frag

Message ID	20240207163555.213086-1-amusil@redhat.com
Headers	show Return-Path: <ovs-dev-bounces@openvswitch.org> Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.133.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=amusil@redhat.com; receiver=<UNKNOWN> DMARC-Filter: OpenDMARC Filter v1.4.2 smtp3.osuosl.org EC87061427 From: Ales Musil <amusil@redhat.com> To: dev@openvswitch.org Date: Wed, 7 Feb 2024 17:35:53 +0100 Message-ID: <20240207163555.213086-1-amusil@redhat.com> MIME-Version: 1.0 Cc: dceara@redhat.com Subject: [ovs-dev] [PATCH ovn v5 0/2] Keep track of SNAT status for ICMP need frag Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" <ovs-dev-bounces@openvswitch.org>
Series	Keep track of SNAT status for ICMP need frag \| expand [ovs-dev,v5,0/2] Keep track of SNAT status for ICMP need frag [ovs-dev,v5,1/2] actions: Adjust the ct_commit_nat action. [ovs-dev,v5,2/2] northd: Explicitly handle SNAT for ICMP need frag.

Message ID

20240207163555.213086-1-amusil@redhat.com

Headers

Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.133.124;
 helo=us-smtp-delivery-124.mimecast.com; envelope-from=amusil@redhat.com;
 receiver=<UNKNOWN>
DMARC-Filter: OpenDMARC Filter v1.4.2 smtp3.osuosl.org EC87061427
From: Ales Musil <amusil@redhat.com>
To: dev@openvswitch.org
Date: Wed,  7 Feb 2024 17:35:53 +0100
Message-ID: <20240207163555.213086-1-amusil@redhat.com>
MIME-Version: 1.0
Cc: dceara@redhat.com
Subject: [ovs-dev] [PATCH ovn v5 0/2] Keep track of SNAT status for ICMP
	need frag
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev" <ovs-dev-bounces@openvswitch.org>

Series

Keep track of SNAT status for ICMP need frag | expand

Message

Ales Musil Feb. 7, 2024, 4:35 p.m. UTC

The ICMP need frag could be generated after routing
stage when the unSNAT already happened. Add flows
that will ensure that we are keeping track of the CT
state and do appropriate CT nat action later on.

Because the ICMP traffic is related to already existing
one in this case we can use adjusted ct_commit_nat
that will perform this action in SNAT zone.

Ales Musil (2):
  actions: Adjust the ct_commit_nat action.
  northd: Explicitly handle SNAT for ICMP need frag.

 controller/chassis.c         |   8 ++
 include/ovn/actions.h        |  12 ++-
 include/ovn/features.h       |   1 +
 include/ovn/logical-fields.h |   3 +
 lib/actions.c                |  69 ++++++++++---
 lib/logical-fields.c         |   4 +
 northd/en-global-config.c    |  10 ++
 northd/en-global-config.h    |   1 +
 northd/northd.c              | 189 +++++++++++++++++++----------------
 tests/ovn-northd.at          | 118 +++++++++++++++-------
 tests/ovn.at                 |  27 ++++-
 tests/system-ovn-kmod.at     |   3 +-
 utilities/ovn-trace.c        |   2 +-
 13 files changed, 304 insertions(+), 143 deletions(-)

Comments

Dumitru Ceara Feb. 8, 2024, 12:14 p.m. UTC | #1

On 2/7/24 17:35, Ales Musil wrote:
> The ICMP need frag could be generated after routing
> stage when the unSNAT already happened. Add flows
> that will ensure that we are keeping track of the CT
> state and do appropriate CT nat action later on.
> 
> Because the ICMP traffic is related to already existing
> one in this case we can use adjusted ct_commit_nat
> that will perform this action in SNAT zone.
> 
> Ales Musil (2):
>   actions: Adjust the ct_commit_nat action.
>   northd: Explicitly handle SNAT for ICMP need frag.
> 
>  controller/chassis.c         |   8 ++
>  include/ovn/actions.h        |  12 ++-
>  include/ovn/features.h       |   1 +
>  include/ovn/logical-fields.h |   3 +
>  lib/actions.c                |  69 ++++++++++---
>  lib/logical-fields.c         |   4 +
>  northd/en-global-config.c    |  10 ++
>  northd/en-global-config.h    |   1 +
>  northd/northd.c              | 189 +++++++++++++++++++----------------
>  tests/ovn-northd.at          | 118 +++++++++++++++-------
>  tests/ovn.at                 |  27 ++++-
>  tests/system-ovn-kmod.at     |   3 +-
>  utilities/ovn-trace.c        |   2 +-
>  13 files changed, 304 insertions(+), 143 deletions(-)
> 

Applied to main, 24.03 and 23.09, thanks for the fix!

Regards,
Dumitru