From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3]) by passt.top (Postfix) with ESMTPS id 12C215A004E for ; Sat, 20 Jul 2024 05:37:22 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202312; t=1721446632; bh=YPYOPMaOezGacdDmgR1zsrNwFHjtUNT2CstsOeJCgb0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=rs/J6+WYeBY9ESXadCGsW22UedaXMpoIIhgo065CZ7P3oWWVcvlAwhSYVdAb4p6Mq xwQbv6ZKqFssKhu5HWxMaCn+E4WLr8VmOj2rDtXQzwJvI2bqnYQD3h/KYKZpOdEALx LMlGEaesZ+z/YrfGP2i069+v9aJBgPNGQzrxyMfGo0omg65Sv6nHGGjrM8goVbnXNw f5jXVuM/A/Oh4d4tJNZMHyjsY2G+LOuT+QSUbw/oxqE9E1fLfbmKjIZwYu4XNqqoAp 9xSMCo5Z45Ii2Nao+TpmnoZ2JP1cGNp0qnokecQkMjCw4MlJ7uqPuLoverH4Oymd3g QXyBVVfM/oMHg== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4WQsfw6Fn3z4wxs; Sat, 20 Jul 2024 13:37:12 +1000 (AEST) Date: Sat, 20 Jul 2024 13:37:01 +1000 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH v8 00/27] Unified flow table Message-ID: References: <20240718052653.3241585-1-david@gibson.dropbear.id.au> <20240719212028.1e5bfdcc@elisabeth> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="AjwRDSJ5s017pS3p" Content-Disposition: inline In-Reply-To: <20240719212028.1e5bfdcc@elisabeth> Message-ID-Hash: BZG2EUOLZK364MZN5TF6DFWD27QEDBEX X-Message-ID-Hash: BZG2EUOLZK364MZN5TF6DFWD27QEDBEX X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top, jmaloy@redhat.com X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --AjwRDSJ5s017pS3p Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 19, 2024 at 09:20:27PM +0200, Stefano Brivio wrote: > On Thu, 18 Jul 2024 15:26:26 +1000 > David Gibson wrote: >=20 > > This is the seventh draft of an implementation of more general > > "connection" tracking, as described at: > > https://pad.passt.top/p/NewForwardingModel > >=20 > > This series changes the TCP connection table and hash table into a > > more general flow table that can track other protocols as well. Each > > flow uniformly keeps track of all the relevant addresses and ports, > > which will allow for more robust control of NAT and port forwarding. > >=20 > > ICMP and UDP are converted to use the new flow table. > >=20 > > This is based on the recent series of UDP flow table preliminaries. > >=20 > > Caveats: > > * We roughly double the size of a connection/flow entry > > * We don't yet record the local address of flows initiated from a > > socket, even in cases where it's bound to a specific address. > >=20 > > Changes since v7: > > * Rebase > > * Fix unintended regression in forwarding logic (we weren't applying > > map_gw logic to DNS packets, if they didn't hit explicit DNS > > forwarding rules). > > * Remove return value from pif_sockaddr(), in turned out not to be > > very useful. > > * More robust discarding of datagrams received between bind() and > > connect() on UDP reply sockets. > > * Avoid the name 'fside' for variables which was confusing in some > > contexts > > * Assorted minor changes based on feedback. >=20 > Applied (!) =F0=9F=8E=89 --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --AjwRDSJ5s017pS3p Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmabMM0ACgkQzQJF27ox 2GdjDg/9GTb9af+qa26G7yBAJeofSh7Vya4eprX7h760CX/6yaEm9hRyYBZUFX+y UOPZy8qQDz2z816QEmBelkqjj82tFaQP5KA+A7fFHjpF6F5UsHnY0CSMFXKOWy1K X8rUbN6SWKGOs+87EIoNRLDlWmj2VXk2OyZt3DF6rZ8w6q0mxxyXrRnlHEH2w3Wp qU8zOp3XzWbNvZ/nzVQj0hHlNdLu2CfW8Ow6X974J7cJNNeyYizNJ5/a6tlApZ93 e5M5BshHEWCp2LnKZwmnHF/pHQxvovk7t93mtNL6nEW3FKqs9neJeDkoGE2JKDmp mz1N5C3Tylv6q2zAouEy0QdSV2KNzRPTI9j3ukOdQKarKfHAAnyFrInuY+WsFVvD mVpDIikdp/Ym39qZjyZkTvCS2oMThQqw/Hz0zLw1wAH+fMRhA/gUju5zHBpJrKvy xUZuoMIBqM0/w2UBkzPFHqJEJrExpjbXdyv3+Qth/Y4JUXFK3+3iDcr7QqUoCT6e vCmu1sJ+qf7aoaCi/OcyjL6ebaPPdVw8N/H5aBjdRGtersSs8VoQ3QNPx8t2bn6n nDaJ0Cx9aGfq+9KPpjddx4wVuIggUIdVYdwMnujreH6cN2bPX6kfaXOEt6qu4JdH YWpwaUJkeoBGaw1+/LPHLhFj4VTIiEQm+SFhV3s1dA5RYZpAqbI= =CmxR -----END PGP SIGNATURE----- --AjwRDSJ5s017pS3p--