diff options
author | Anand Kumar <kumaranand@vmware.com> | 2018-06-22 10:09:26 -0700 |
---|---|---|
committer | Alin Gabriel Serdean <aserdean@ovn.org> | 2018-06-24 23:58:16 +0300 |
commit | 9726a016d9d6b2a8616fb407ce7df632c352cc66 (patch) | |
tree | 37bdfc02813b6ff636be9441d2e22d8f1e5763e8 /datapath-windows/ovsext/Conntrack-tcp.c | |
parent | 9d7c8de9fe557efa9c55bfe4fe8947785f252c3a (diff) | |
download | openvswitch-9726a016d9d6b2a8616fb407ce7df632c352cc66.tar.gz |
datapath-windows: Implement locking in conntrack NAT.
This patch primarily replaces existing ndis RWlock based implementaion
for NAT in conntrack with a spinlock based implementation inside NAT,
module along with some conntrack optimization.
- The 'ovsNatTable' and 'ovsUnNatTable' tables are shared
between cleanup threads and packet processing thread.
In order to protect these two tables use a spinlock.
Also introduce counters to track number of nat entries.
- Introduce a new function OvsGetTcpHeader() to retrieve TCP header
and payload length, to optimize for TCP traffic.
- Optimize conntrack look up.
- Remove 'bucketlockRef' member from conntrack entry structure.
Testing:
Verified loading/unloading the driver with driver verified enabled.
Ran TCP/UDP and ICMP traffic.
Signed-off-by: Anand Kumar <kumaranand@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org>
Diffstat (limited to 'datapath-windows/ovsext/Conntrack-tcp.c')
-rw-r--r-- | datapath-windows/ovsext/Conntrack-tcp.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/datapath-windows/ovsext/Conntrack-tcp.c b/datapath-windows/ovsext/Conntrack-tcp.c index 8cbab241b..eda42ac82 100644 --- a/datapath-windows/ovsext/Conntrack-tcp.c +++ b/datapath-windows/ovsext/Conntrack-tcp.c @@ -194,9 +194,9 @@ OvsCastConntrackEntryToTcpEntry(OVS_CT_ENTRY* conn) enum CT_UPDATE_RES OvsConntrackUpdateTcpEntry(OVS_CT_ENTRY* conn_, const TCPHdr *tcp, - PNET_BUFFER_LIST nbl, BOOLEAN reply, - UINT64 now) + UINT64 now, + UINT32 tcpPayloadLen) { struct conn_tcp *conn = OvsCastConntrackEntryToTcpEntry(conn_); /* The peer that sent 'pkt' */ @@ -207,7 +207,6 @@ OvsConntrackUpdateTcpEntry(OVS_CT_ENTRY* conn_, UINT16 tcp_flags = ntohs(tcp->flags); uint16_t win = ntohs(tcp->window); uint32_t ack, end, seq, orig_seq; - uint32_t p_len = OvsGetTcpPayloadLength(nbl); int ackskew; if (OvsCtInvalidTcpFlags(tcp_flags)) { @@ -248,7 +247,7 @@ OvsConntrackUpdateTcpEntry(OVS_CT_ENTRY* conn_, ack = ntohl(tcp->ack_seq); - end = seq + p_len; + end = seq + tcpPayloadLen; if (tcp_flags & TCP_SYN) { end++; if (dst->wscale & CT_WSCALE_FLAG) { @@ -287,7 +286,7 @@ OvsConntrackUpdateTcpEntry(OVS_CT_ENTRY* conn_, } else { ack = ntohl(tcp->ack_seq); - end = seq + p_len; + end = seq + tcpPayloadLen; if (tcp_flags & TCP_SYN) { end++; } @@ -469,8 +468,8 @@ OvsConntrackValidateTcpPacket(const TCPHdr *tcp) OVS_CT_ENTRY * OvsConntrackCreateTcpEntry(const TCPHdr *tcp, - PNET_BUFFER_LIST nbl, - UINT64 now) + UINT64 now, + UINT32 tcpPayloadLen) { struct conn_tcp* newconn; struct tcp_peer *src, *dst; @@ -486,7 +485,7 @@ OvsConntrackCreateTcpEntry(const TCPHdr *tcp, dst = &newconn->peer[1]; src->seqlo = ntohl(tcp->seq); - src->seqhi = src->seqlo + OvsGetTcpPayloadLength(nbl) + 1; + src->seqhi = src->seqlo + tcpPayloadLen + 1; if (tcp->flags & TCP_SYN) { src->seqhi++; |