From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTP id 44BCA5A004E for ; Fri, 19 Jul 2024 21:21:09 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721416868; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7HvS05o1kM6hN6GUi6CYLdua189zbB0e2XUIAxqkRnw=; b=JMMAMtxYsn1p7iqtm3Y4nWejrXx18ULw6W1SRrrfz1LUgssD9frbngHTH3dv9w2FEOIYrY d1vQ583/bHOnclifsp1hXoazoyxNe7xWg0S4XSI/up911jpSqAacXItfvbEcdTmllX1Vb4 9rq/x0E0AeO+gVkzp7iLuXkzjrVemyk= Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-149-c4x7A-AzMrOVGkwf9Pfwvw-1; Fri, 19 Jul 2024 15:21:04 -0400 X-MC-Unique: c4x7A-AzMrOVGkwf9Pfwvw-1 Received: by mail-qt1-f198.google.com with SMTP id d75a77b69052e-4466e46a93cso23119671cf.0 for ; Fri, 19 Jul 2024 12:21:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721416863; x=1722021663; h=content-transfer-encoding:mime-version:organization:references :in-reply-to:message-id:subject:cc:to:from:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=7HvS05o1kM6hN6GUi6CYLdua189zbB0e2XUIAxqkRnw=; b=tLViVed67fDS4dOddLcvkLNFWXuew46VMoclGo6LwTitEpMJ4dMTevgwdp57vH62yk OfoDdTnvZem7Qw2uhQWlQxKMGvLAzxuo7SqKtNZvEt0dy0qQEu+9Ujdq6l3AQAgFdKOP 6L3cQAKWtXLUW5HugQjkzvIeR75tJTB1O0d7uwaSc1aFf/PHJDB54edtIvtu+/nCiwES vvCJl6s28sTmLCLxTddJPK8Ar/S0gh1vWDVS40ApLToyPBD0VzNsx2oyiz4ChBHvBSbk G5GiGvHReOgrYg/oImLQwSK2IWQj02LS5bo1DBxBihRk8uD9sRgz0xaOYyu/89FUjJAL JlfA== X-Gm-Message-State: AOJu0YyuLMNSXQy3h66FjfQZ1pmBNS59H98lPAaUMJXg21T3waOvV6QG 8dphUIKybjKCVdCd2a7J/CWoP1xim6Rd/4VLFutdrPlrtndhchrdgHkJiLTci8hi7GS+oqXCwVn n08FRLbN+C5Dn+a9ms1Hzwx34XD2B8iM69zEjR/1ZAd5q+SKBRA== X-Received: by 2002:a05:622a:c9:b0:44e:3784:7d77 with SMTP id d75a77b69052e-44fa525bb4dmr10437511cf.4.1721416863449; Fri, 19 Jul 2024 12:21:03 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEXzZfv9UnB1+SxRCdK6g0pBA4MvthLMYOQ2+cYt8J5AgAz8eEzX2UR/lWfXNsoFEBNc6prSg== X-Received: by 2002:a05:622a:c9:b0:44e:3784:7d77 with SMTP id d75a77b69052e-44fa525bb4dmr10437241cf.4.1721416862993; Fri, 19 Jul 2024 12:21:02 -0700 (PDT) Received: from maya.cloud.tilaa.com (maya.cloud.tilaa.com. [164.138.29.33]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-44f9cbedf9csm10995411cf.11.2024.07.19.12.21.02 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Jul 2024 12:21:02 -0700 (PDT) Date: Fri, 19 Jul 2024 21:20:27 +0200 From: Stefano Brivio To: David Gibson Subject: Re: [PATCH v8 00/27] Unified flow table Message-ID: <20240719212028.1e5bfdcc@elisabeth> In-Reply-To: <20240718052653.3241585-1-david@gibson.dropbear.id.au> References: <20240718052653.3241585-1-david@gibson.dropbear.id.au> Organization: Red Hat X-Mailer: Claws Mail 4.2.0 (GTK 3.24.41; x86_64-pc-linux-gnu) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-ID-Hash: YMZ6DIO6RMQWBMDIPH4CDPCMHTD3LSCC X-Message-ID-Hash: YMZ6DIO6RMQWBMDIPH4CDPCMHTD3LSCC X-MailFrom: sbrivio@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top, jmaloy@redhat.com X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Thu, 18 Jul 2024 15:26:26 +1000 David Gibson wrote: > This is the seventh draft of an implementation of more general > "connection" tracking, as described at: > https://pad.passt.top/p/NewForwardingModel > > This series changes the TCP connection table and hash table into a > more general flow table that can track other protocols as well. Each > flow uniformly keeps track of all the relevant addresses and ports, > which will allow for more robust control of NAT and port forwarding. > > ICMP and UDP are converted to use the new flow table. > > This is based on the recent series of UDP flow table preliminaries. > > Caveats: > * We roughly double the size of a connection/flow entry > * We don't yet record the local address of flows initiated from a > socket, even in cases where it's bound to a specific address. > > Changes since v7: > * Rebase > * Fix unintended regression in forwarding logic (we weren't applying > map_gw logic to DNS packets, if they didn't hit explicit DNS > forwarding rules). > * Remove return value from pif_sockaddr(), in turned out not to be > very useful. > * More robust discarding of datagrams received between bind() and > connect() on UDP reply sockets. > * Avoid the name 'fside' for variables which was confusing in some > contexts > * Assorted minor changes based on feedback. Applied (!) -- Stefano