Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dp_flow flags rename #435

Merged
merged 3 commits into from
Nov 22, 2023
Merged

dp_flow flags rename #435

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ff0c3cc
Rename flag fields in dp_flow
PlagueCZ Nov 20, 2023
922cb1e
Renamed flow flag functions
PlagueCZ Nov 20, 2023
edafa09
Better packet offload state field name
PlagueCZ Nov 21, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions include/dp_firewall.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,15 @@ extern "C" {
#define DP_FWALL_MATCH_ANY_PROTOCOL 0
#define DP_FWALL_MATCH_ANY_LENGTH 0

enum dp_fwall_action { DP_FWALL_DROP, DP_FWALL_ACCEPT };
enum dp_fwall_direction { DP_FWALL_INGRESS, DP_FWALL_EGRESS };
enum dp_fwall_action {
DP_FWALL_DROP,
DP_FWALL_ACCEPT
};

enum dp_fwall_direction {
DP_FWALL_INGRESS,
DP_FWALL_EGRESS
};

TAILQ_HEAD(dp_fwall_head, dp_fwall_rule);

Expand Down
85 changes: 30 additions & 55 deletions include/dp_flow.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
#include <rte_flow.h>
#include <rte_malloc.h>
#include "dpdk_layer.h"
#include "dp_firewall.h"
#include "dp_mbuf_dyn.h"
#include "dp_refcount.h"
#include "dp_timers.h"
Expand All @@ -16,45 +17,32 @@ extern "C" {
#endif

// arbitrary big number
#define FLOW_MAX 850000
#define DP_FLOW_TABLE_MAX 850000

#define DP_FLOW_VAL_AGE_CTX_CAPACITY 6

#define DP_FLOW_DEFAULT_TIMEOUT 30 /* 30 seconds */
#define DP_FLOW_TCP_EXTENDED_TIMEOUT (60 * 60 * 24) /* 1 day */

#define DP_FLOW_STATUS_FLAG_NONE 0x00
#define DP_FLOW_STATUS_FLAG_SRC_NAT 0x01
#define DP_FLOW_STATUS_FLAG_DST_NAT 0x02
#define DP_FLOW_STATUS_FLAG_DST_LB 0x04
#define DP_FLOW_STATUS_FLAG_FIREWALL 0x08
#define DP_FLOW_STATUS_FLAG_DEFAULT 0x10
#define DP_FLOW_FLAG_NONE 0x00
#define DP_FLOW_FLAG_SRC_NAT 0x01
#define DP_FLOW_FLAG_DST_NAT 0x02
#define DP_FLOW_FLAG_DST_LB 0x04
#define DP_FLOW_FLAG_FIREWALL 0x08
#define DP_FLOW_FLAG_DEFAULT 0x10

#define DP_FLOW_STATUS_FLAG_NF (DP_FLOW_STATUS_FLAG_SRC_NAT | DP_FLOW_STATUS_FLAG_DST_NAT | DP_FLOW_STATUS_FLAG_DST_LB)
#define DP_FLOW_FLAG_NF (DP_FLOW_FLAG_SRC_NAT | DP_FLOW_FLAG_DST_NAT | DP_FLOW_FLAG_DST_LB)

#define DP_IS_FLOW_STATUS_FLAG_NONE(flag) (!(flag))
#define DP_IS_FLOW_STATUS_FLAG_SRC_NAT(flag) ((flag) & DP_FLOW_STATUS_FLAG_SRC_NAT)
#define DP_IS_FLOW_STATUS_FLAG_DST_NAT(flag) ((flag) & DP_FLOW_STATUS_FLAG_DST_NAT)
#define DP_IS_FLOW_STATUS_FLAG_DST_LB(flag) ((flag) & DP_FLOW_STATUS_FLAG_DST_LB)
#define DP_IS_FLOW_STATUS_FLAG_FIREWALL(flag) ((flag) & DP_FLOW_STATUS_FLAG_FIREWALL)
#define DP_IS_FLOW_STATUS_FLAG_DEFAULT(flag) ((flag) & DP_FLOW_STATUS_FLAG_DEFAULT)
#define DP_FLOW_HAS_NO_FLAGS(flag) (!(flag))
#define DP_FLOW_HAS_FLAG_SRC_NAT(flag) ((flag) & DP_FLOW_FLAG_SRC_NAT)
#define DP_FLOW_HAS_FLAG_DST_NAT(flag) ((flag) & DP_FLOW_FLAG_DST_NAT)
#define DP_FLOW_HAS_FLAG_DST_LB(flag) ((flag) & DP_FLOW_FLAG_DST_LB)
#define DP_FLOW_HAS_FLAG_FIREWALL(flag) ((flag) & DP_FLOW_FLAG_FIREWALL)
#define DP_FLOW_HAS_FLAG_DEFAULT(flag) ((flag) & DP_FLOW_FLAG_DEFAULT)

#define DP_IS_FLOW_STATUS_FLAG_NF(flag) ((flag) & DP_FLOW_STATUS_FLAG_NF)
#define DP_FLOW_HAS_FLAG_NF(flag) ((flag) & DP_FLOW_FLAG_NF)
PlagueCZ marked this conversation as resolved.
Show resolved Hide resolved


enum {
DP_FLOW_DIR_ORG,
DP_FLOW_DIR_REPLY,
DP_FLOW_DIR_CAPACITY,
};

enum {
DP_FLOW_STATE_NEW,
DP_FLOW_STATE_ESTABLISHED,
};


enum {
enum dp_flow_nat_type {
DP_FLOW_NAT_TYPE_NONE,
DP_FLOW_NAT_TYPE_VIP,
DP_FLOW_NAT_TYPE_NETWORK_LOCAL,
Expand All @@ -63,12 +51,7 @@ enum {
DP_FLOW_LB_TYPE_LOCAL_NEIGH_TRAFFIC,
DP_FLOW_LB_TYPE_RECIRC,
DP_FLOW_LB_TYPE_FORWARD,
};

enum {
DP_FLOW_ACTION_UNSPECIFIC,
DP_FLOW_ACTION_DROP,
};
} __rte_packed;

enum dp_flow_tcp_state {
DP_FLOW_TCP_STATE_NONE,
Expand All @@ -79,12 +62,6 @@ enum dp_flow_tcp_state {
DP_FLOW_TCP_STATE_RST_FIN,
};

enum dp_flow_offload_state {
DP_FLOW_NON_OFFLOAD,
DP_FLOW_OFFLOAD_INSTALL,
DP_FLOW_OFFLOADED,
};

struct flow_key {
uint32_t ip_dst;
uint32_t ip_src;
Expand All @@ -103,11 +80,12 @@ static_assert(sizeof(((struct flow_key *)0)->vnf_type) == 1,
struct flow_nf_info {
uint32_t vni;
uint16_t icmp_err_ip_cksum;
uint8_t nat_type;
enum dp_flow_nat_type nat_type;
uint8_t underlay_dst[16];
uint8_t l4_type;
} __rte_packed;

static_assert(sizeof(((struct flow_nf_info *)0)->nat_type) == 1,
"enum dp_flow_nat_type is unnecessarily big");

struct flow_value {
struct flow_key flow_key[DP_FLOW_DIR_CAPACITY];
Expand All @@ -116,23 +94,21 @@ struct flow_value {
uint64_t timestamp;
uint32_t timeout_value; //actual timeout in sec = dp-service timer's resolution * timeout_value
uint16_t created_port_id;
uint8_t flow_status; // record if a flow has status associated with it
uint8_t fwall_action[DP_FLOW_DIR_CAPACITY];
uint8_t flow_flags;
enum dp_fwall_action fwall_action[DP_FLOW_DIR_CAPACITY];
struct {
uint8_t orig : 4;
uint8_t reply : 4;
} offload_flags;
enum dp_pkt_offload_state orig;
enum dp_pkt_offload_state reply;
} offload_state;
struct {
uint8_t pf0 : 4;
uint8_t pf1 : 4;
bool pf0;
bool pf1;
} incoming_flow_offloaded_flag;
struct dp_ref ref_count;
union {
enum dp_flow_tcp_state tcp_state;
} l4_state;

uint8_t aged : 2;

bool aged;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed the bit sizes because those usually make the code slower (unaligned access, masking, ...).

Now if this structure needs to be small (I did not find a reason for it to be), then I will put the sizes back, though the structure needs some changes to make them effective (for example merge pf0, pf1 and aged to a byte, etc.

};

struct flow_age_ctx {
Expand All @@ -141,7 +117,6 @@ struct flow_age_ctx {
uint8_t ref_index_in_cntrack;
uint8_t port_id;
struct rte_flow_action_handle *handle;

};

bool dp_are_flows_identical(const struct flow_key *key1, const struct flow_key *key2);
Expand All @@ -156,7 +131,7 @@ void dp_process_aged_flows(int port_id);
void dp_process_aged_flows_non_offload(void);
void dp_free_flow(struct dp_ref *ref);
void dp_free_network_nat_port(const struct flow_value *cntrack);
void dp_remove_nat_flows(uint16_t port_id, int nat_type); // TODO create proper enum!
void dp_remove_nat_flows(uint16_t port_id, enum dp_flow_nat_type nat_type);
void dp_remove_neighnat_flows(uint32_t ipv4, uint32_t vni, uint16_t min_port, uint16_t max_port);
void dp_remove_iface_flows(uint16_t port_id, uint32_t ipv4, uint32_t vni);

Expand Down
53 changes: 38 additions & 15 deletions include/dp_mbuf_dyn.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
#include <rte_common.h>
#include <rte_flow.h>
#include <rte_atomic.h>
#include "dpdk_layer.h"
#include "dp_error.h"
#include "dp_flow.h"
#ifdef ENABLE_VIRTSVC
# include "dp_virtsvc.h"
#endif
Expand All @@ -18,15 +18,39 @@
extern "C" {
#endif

enum dp_flow_type {
DP_FLOW_WEST_EAST,
DP_FLOW_SOUTH_NORTH,
} __rte_packed;

enum dp_pkt_offload_state {
DP_FLOW_NON_OFFLOAD,
DP_FLOW_OFFLOAD_INSTALL,
DP_FLOW_OFFLOADED,
} __rte_packed;

enum dp_flow_dir {
DP_FLOW_DIR_ORG,
DP_FLOW_DIR_REPLY,
} __rte_packed;
#define DP_FLOW_DIR_CAPACITY 2

enum dp_nat_type {
DP_NAT_CHG_NONE,
DP_NAT_CHG_SRC_IP,
DP_NAT_CHG_DST_IP,
DP_CHG_UL_DST_IP,
DP_LB_RECIRC,
} __rte_packed;

struct dp_flow {
struct {
uint16_t public_flow : 1;
uint16_t overlay_type : 1; // supported overlay type
uint16_t nat : 3;
uint16_t offload_ipv6 : 1; // tmp solution to set if we should offload ipv6 pkts
uint16_t dir : 2; // store the direction of each packet
uint16_t offload_decision : 2; // store the offload status of each packet
} flags;
enum dp_flow_type flow_type : 1;
enum dp_nat_type nat_type : 3;
bool offload_ipv6 : 1; // tmp solution to set if we should offload ipv6 pkts
enum dp_flow_dir flow_dir : 1; // store the direction of each packet
enum dp_pkt_offload_state offload_state : 2; // store the offload status of each packet
enum dp_vnf_type vnf_type : 3;

uint16_t l3_type; //layer-3 for inner packets. it can be crafted or extracted from raw frames
union {
rte_be32_t dst_addr;
Expand All @@ -39,6 +63,8 @@ struct dp_flow {
rte_be32_t nat_addr;
uint16_t nat_port;

uint8_t nxt_hop;

uint8_t l4_type;
union {
struct {
Expand All @@ -52,7 +78,7 @@ struct dp_flow {
} icmp_field;
} l4_info;

uint32_t dp_flow_hash; // TODO: could be brought down to 1-bit as it only chooses PF0/PF1 in ipv4_lookup
uint32_t dp_flow_hash; // this can be brought down to 1-bit if needed (only chooses PF0/PF1 in ipv4_lookup)

struct {
uint8_t ul_src_addr6[16];
Expand All @@ -61,8 +87,7 @@ struct dp_flow {
uint8_t proto_id; //proto_id in outer ipv6 header
uint32_t dst_vni;
} tun_info;
enum dp_vnf_type vnf_type;
uint8_t nxt_hop;

struct flow_value *conntrack;
#ifdef ENABLE_VIRTSVC
struct dp_virtsvc *virtsvc;
Expand All @@ -72,7 +97,7 @@ struct dp_flow {
struct dp_pkt_mark {
uint32_t id;
struct {
uint32_t is_recirc : 1;
bool is_recirc : 1;
} flags;
// check the init function if adding more,
// due to this being small, memset has not been used
Expand All @@ -82,8 +107,6 @@ static_assert(sizeof(struct dp_flow) + sizeof(struct dp_pkt_mark) <= DP_MBUF_PRI
"packet private data is too big to fit in packet");
static_assert((1 << (sizeof(((struct dp_flow *)0)->nxt_hop) * 8)) >= DP_MAX_PORTS,
"struct dp_flow::nxt_hop cannot hold all possible port_ids");
static_assert(sizeof(((struct dp_flow *)0)->vnf_type) == 1,
"enum dp_vnf_type is unnecessarily big");

extern rte_atomic32_t dp_pkt_id_counter;

Expand Down
8 changes: 0 additions & 8 deletions include/dp_nat.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,6 @@ extern "C" {
#define DP_NETWORK_NAT_MAX_ENTRY 256
#define DP_NETWORK_NAT_ALL_VNI 0

enum {
DP_NAT_CHG_NONE,
DP_NAT_CHG_SRC_IP,
DP_NAT_CHG_DST_IP,
DP_CHG_UL_DST_IP,
DP_LB_RECIRC,
};

struct nat_key {
uint32_t ip;
uint32_t vni;
Expand Down
6 changes: 1 addition & 5 deletions include/rte_flow/dp_rte_flow.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,9 @@ extern "C"
#include <rte_ethdev.h>
#include <rte_mbuf.h>
#include <rte_flow.h>

#include "dp_flow.h"
#include "dp_log.h"
#include "dp_lpm.h"
#include "dp_mbuf_dyn.h"

#define DP_FLOW_WEST_EAST 0
#define DP_FLOW_SOUTH_NORTH 1

#define DP_L4_PORT_DIR_SRC 1
#define DP_L4_PORT_DIR_DST 2
Expand Down
Loading
Loading