@@ -19,6 +19,8 @@ Post-v3.2.0
* Added support for Generic Segmentation Offloading for the cases where
TSO is enabled but not supported by an egress interface (except for
tunnel interfaces).
+ * Added support for removal of default CT zone limit, e.g.
+ "ovs-appctl dpctl/ct-del-limits default".
v3.2.0 - 17 Aug 2023
@@ -404,13 +404,15 @@ zone_limit_delete(struct conntrack *ct, int32_t zone)
struct zone_limit *zl = zone_limit_lookup_protected(ct, zone);
if (zl) {
zone_limit_clean(ct, zl);
- ovs_mutex_unlock(&ct->ct_lock);
- VLOG_INFO("Deleted zone limit for zone %d", zone);
- } else {
- ovs_mutex_unlock(&ct->ct_lock);
- VLOG_INFO("Attempted delete of non-existent zone limit: zone %d",
+ }
+
+ if (zone != DEFAULT_ZONE) {
+ VLOG_INFO(zl ? "Deleted zone limit for zone %d"
+ : "Attempted delete of non-existent zone limit: zone %d",
zone);
}
+
+ ovs_mutex_unlock(&ct->ct_lock);
return 0;
}
@@ -2291,14 +2291,23 @@ dpctl_ct_del_limits(int argc, const char *argv[],
int i = dp_arg_exists(argc, argv) ? 2 : 1;
struct ovs_list zone_limits = OVS_LIST_INITIALIZER(&zone_limits);
- error = opt_dpif_open(argc, argv, dpctl_p, 3, &dpif);
+ error = opt_dpif_open(argc, argv, dpctl_p, 4, &dpif);
if (error) {
return error;
}
- error = parse_ct_limit_zones(argv[i], &zone_limits, &ds);
- if (error) {
- goto error;
+ /* Parse default limit. */
+ if (!strcmp(argv[i], "default")) {
+ ct_dpif_push_zone_limit(&zone_limits, OVS_ZONE_LIMIT_DEFAULT_ZONE,
+ 0, 0);
+ i++;
+ }
+
+ if (argc > i) {
+ error = parse_ct_limit_zones(argv[i], &zone_limits, &ds);
+ if (error) {
+ goto error;
+ }
}
error = ct_dpif_del_limits(dpif, &zone_limits);
@@ -3031,8 +3040,8 @@ static const struct dpctl_command all_commands[] = {
{ "ct-get-tcp-seq-chk", "[dp]", 0, 1, dpctl_ct_get_tcp_seq_chk, DP_RO },
{ "ct-set-limits", "[dp] [default=L] [zone=N,limit=L]...", 1, INT_MAX,
dpctl_ct_set_limits, DP_RO },
- { "ct-del-limits", "[dp] zone=N1[,N2]...", 1, 2, dpctl_ct_del_limits,
- DP_RO },
+ { "ct-del-limits", "[dp] [default] [zone=N1[,N2]...]", 1, 3,
+ dpctl_ct_del_limits, DP_RO },
{ "ct-get-limits", "[dp] [zone=N1[,N2]...]", 0, 2, dpctl_ct_get_limits,
DP_RO },
{ "ct-get-sweep-interval", "[dp]", 0, 1, dpctl_ct_get_sweep, DP_RO },
@@ -5240,6 +5240,32 @@ udp,orig=(src=10.1.1.3,dst=10.1.1.4,sport=1,dport=3),reply=(src=10.1.1.4,dst=10.
udp,orig=(src=10.1.1.3,dst=10.1.1.4,sport=1,dport=4),reply=(src=10.1.1.4,dst=10.1.1.3,sport=4,dport=1),zone=3
])
+dnl Test ct-del-limits for default zone.
+
+AT_CHECK([ovs-appctl dpctl/ct-set-limits default=15 zone=4,limit=4])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=4], [0], [dnl
+default limit=15
+zone=4,limit=4,count=0
+])
+
+AT_CHECK([ovs-appctl dpctl/ct-del-limits default])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=4], [0], [dnl
+default limit=0
+zone=4,limit=4,count=0
+])
+
+AT_CHECK([ovs-appctl dpctl/ct-set-limits default=15])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=4], [0], [dnl
+default limit=15
+zone=4,limit=4,count=0
+])
+
+AT_CHECK([ovs-appctl dpctl/ct-del-limits default zone=4])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=4], [0], [dnl
+default limit=0
+zone=4,limit=0,count=0
+])
+
OVS_TRAFFIC_VSWITCHD_STOP(["dnl
/could not create datapath/d
/(Cannot allocate memory) on packet/d"])
Add optional argument to dpctl ct-del-limits called "default", which allows to remove the default limit making it effectively system default. Signed-off-by: Ales Musil <amusil@redhat.com> --- v8: Rebase on top of current master. v7: Rebase on top of current master. Address cosmetic comments. v6: Rebase on top of current master. Address comments from Ilya: - Adjust the log message so it doesn't report anything for default zone. v5: Rebase on top of current master. Address comments from Ilya: - Correct the NEWS entry. - Fix style related problems. --- NEWS | 2 ++ lib/conntrack.c | 12 +++++++----- lib/dpctl.c | 21 +++++++++++++++------ tests/system-traffic.at | 26 ++++++++++++++++++++++++++ 4 files changed, 50 insertions(+), 11 deletions(-)