From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=gT++dTp2; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTP id 42D055A0275 for ; Fri, 16 Aug 2024 16:45:21 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1723819520; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vUEwuOzA59+yGjR/6wyBEpbacXr8MatuUTuRWHL3jaA=; b=gT++dTp27XOHb8z2hYC19Rz24RWnYRfPXvihaD3cwYpqDa4Qxy4/+6cA/YspHV1J85UES2 D4wORysZrGmqgVYo/q+qEH0fLytPpPa1oc2vKnU6/BgedFmpZIfoDO+CoIDe8oZLN+8Co3 XV8PCnjCz++6y1BEf5+fsKzdZbl9lo4= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-533-xBar266-MSi7VX1l68B-7A-1; Fri, 16 Aug 2024 10:45:17 -0400 X-MC-Unique: xBar266-MSi7VX1l68B-7A-1 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-36875698d0dso1205209f8f.3 for ; Fri, 16 Aug 2024 07:45:17 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723819516; x=1724424316; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vUEwuOzA59+yGjR/6wyBEpbacXr8MatuUTuRWHL3jaA=; b=pytomc1ZDIKl1Bpj71oQOdewDQlYimS96XuHveB2et/nqYDvANf7r+3fm+Pkb0BOWg /fhzIw3FGEWvBSRLSAGtpMxLVGD/PMV+zfa9rg4Ys8Ir/gQ/mRx2Fvu3zMUu8aNss5Mt IJEGU1OkuffS1gc/mPb6qjg1yHeuAqdaVk98C/4h71nzphaeQOBVzNxnhpp9f80YyYuK dcAPWVQowWgzwxu14Ov7ABWQr7HmMcTauCGsX3B3lQEumGRikPYdlrNyw9p0fjvn38QJ ZV0iUMyXz2qFYDOiWtmaQZ/0EOufV6fN14ESijBAaYmbIeVV5O9O3Y47awqDkyRcyQUT LAtQ== X-Forwarded-Encrypted: i=1; AJvYcCUwP23SjQKROSfpqZ91BRN6t2VmCwxIBQ7JC4PjhTNKKtObg/1aM76VZonyED0PjnyIodyOVPJErT/pvqSjY5GVzy6l X-Gm-Message-State: AOJu0Yw6e4lxvEzlk0gM3gokmfnByl90tdWPT0ekN9sY6p0Ee1YKYRd3 sw21hhw75JudnrqGKQe/5f+RjzZTVRtkpTWvv1EWYpvovacOJvNWX3XNYOxuNqQ6lGdUO8tyCLQ kPkkv12nO/Od6zZiltvmUwhK6Mw9xlzG2QDHNwNdpwLDehI3M6g== X-Received: by 2002:a05:6000:1052:b0:371:882d:ce9d with SMTP id ffacd0b85a97d-371946726d8mr1926274f8f.36.1723819516184; Fri, 16 Aug 2024 07:45:16 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHRYZrPNeLmQCQf/Ykfad3KX2GuQaSnoneZRqDLEgfHYF3/L602+h5hELm9SKp+l8Mg/1TmnA== X-Received: by 2002:a05:6000:1052:b0:371:882d:ce9d with SMTP id ffacd0b85a97d-371946726d8mr1926259f8f.36.1723819515588; Fri, 16 Aug 2024 07:45:15 -0700 (PDT) Received: from [192.168.188.25] ([80.243.52.134]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3718983a306sm3784447f8f.15.2024.08.16.07.45.14 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 16 Aug 2024 07:45:15 -0700 (PDT) Message-ID: Date: Fri, 16 Aug 2024 16:45:14 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 00/22] RFC: Allow configuration of special case NATs To: David Gibson , Stefano Brivio , passt-dev@passt.top References: <20240816054004.1335006-1-david@gibson.dropbear.id.au> From: Paul Holzinger In-Reply-To: <20240816054004.1335006-1-david@gibson.dropbear.id.au> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Message-ID-Hash: TGSKEBALWKJDOI2IDQDPDVKIU6IAVE7H X-Message-ID-Hash: TGSKEBALWKJDOI2IDQDPDVKIU6IAVE7H X-MailFrom: pholzing@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Hi, On 16/08/2024 07:39, David Gibson wrote: > Based on Stefano's recent patch for faster tests. > > Allow the user to specify which addresses are translated when used by > the guest, rather than always being the gateway address or nothing. > We also allow this remapping to go to the host's global address (more > precisely the address assigned to the guest) rather than just host > loopback. > > Suggestions for better names for the new options in patches 20 & 22 > are most welcome. > > Along the way to implementing that make many changes to clarify what > various addresses we track mean, fixing a number of small bugs as > well. > > NOTE: there is a bug in 21/22 which breaks some of the passt_tcp perf > tests. I haven't managed to figure out why it's causing the problem, > or even what the exact triggering conditions are (running the single > stalling iperf alone doesn't do it). Have to wrap up for today, so I > thought I'd get this out for review anyway. > > Paul, amongst other things, I think this will allow podman to > (finally) nicely address #19213, picking an address to remap to the > host's external address with --nat-guest-addr, much like it already > uses --dns-forward. Thanks this looks promising. I will try to test it out next week. No strong feelings about the naming but how about s/--nat/--map/ for the options? > > David Gibson (22): > treewide: Use "our address" instead of "forwarding address" > util: Helper for formatting MAC addresses > treewide: Rename MAC address fields for clarity > treewide: Use struct assignment instead of memcpy() for IP addresses > conf: Use array indices rather than pointers for DNS array slots > conf: More accurately count entries added in get_dns() > conf: Move DNS array bounds checks into add_dns[46] > conf: Move adding of a nameserver from resolv.conf into subfunction > conf: Correct setting of dns_match address in add_dns6() > conf: Treat --dns addresses as guest visible addresses > conf: Remove incorrect initialisation of addr_ll_seen > util: Correct sock_l4() binding for link local addresses > treewide: Change misleading 'addr_ll' name > Clarify which addresses in ip[46]_ctx are meaningful where > Initialise our_tap_ll to ip6.gw when suitable > fwd: Helpers to clarify what host addresses aren't guest accessible > fwd: Split notion of "our tap address" from gateway for IPv4 > Don't take "our" MAC address from the host > conf, fwd: Split notion of gateway/router from guest-visible host > address > conf: Allow address remapped to host to be configured > fwd: Distinguish translatable from untranslatable addresses on inbound > fwd, conf: Allow NAT of the guest's assigned address > > arp.c | 4 +- > conf.c | 328 +++++++++++++++++++++++++----------------- > dhcp.c | 19 +-- > dhcpv6.c | 21 +-- > flow.c | 72 +++++----- > flow.h | 18 +-- > fwd.c | 170 +++++++++++++++++----- > icmp.c | 4 +- > ndp.c | 9 +- > passt.1 | 45 +++++- > passt.c | 2 +- > passt.h | 53 +++++-- > pasta.c | 14 +- > tap.c | 12 +- > tcp.c | 33 ++--- > tcp_internal.h | 2 +- > test/lib/setup | 11 +- > test/passt_in_ns/dhcp | 73 ++++++++++ > test/passt_in_ns/tcp | 38 +++-- > test/passt_in_ns/udp | 22 +-- > test/perf/passt_tcp | 33 ++--- > test/perf/passt_udp | 31 ++-- > test/perf/pasta_tcp | 29 ++-- > test/perf/pasta_udp | 25 ++-- > test/run | 4 +- > udp.c | 12 +- > util.c | 22 ++- > util.h | 4 +- > 28 files changed, 719 insertions(+), 391 deletions(-) > create mode 100644 test/passt_in_ns/dhcp > -- Paul Holzinger