diff mbox series

[ovs-dev,v8,2/6] dpctl: Allow the default CT zone limit to de deleted.

Message ID 20231204054913.14249-3-amusil@redhat.com
State Accepted
Delegated to: Ilya Maximets
Headers show
Series Expose CT limit via DB | expand

Checks

Context Check Description
ovsrobot/intel-ovs-compilation fail test: fail
ovsrobot/apply-robot success apply and check: success
ovsrobot/github-robot-_Build_and_Test success github build: passed

Commit Message

Ales Musil Dec. 4, 2023, 5:49 a.m. UTC 
Add optional argument to dpctl ct-del-limits called
"default", which allows to remove the default limit
making it effectively system default.

Signed-off-by: Ales Musil <amusil@redhat.com>
---
v8: Rebase on top of current master.
v7: Rebase on top of current master.
    Address cosmetic comments.
v6: Rebase on top of current master.
    Address comments from Ilya:
    - Adjust the log message so it doesn't report anything for default zone.
v5: Rebase on top of current master.
    Address comments from Ilya:
    - Correct the NEWS entry.
    - Fix style related problems.
---
 NEWS                    |  2 ++
 lib/conntrack.c         | 12 +++++++-----
 lib/dpctl.c             | 21 +++++++++++++++------
 tests/system-traffic.at | 26 ++++++++++++++++++++++++++
 4 files changed, 50 insertions(+), 11 deletions(-)
diff mbox series

Patch

diff --git a/NEWS b/NEWS
index 490e275da..0ad36c563 100644
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,8 @@  Post-v3.2.0
      * Added support for Generic Segmentation Offloading for the cases where
        TSO is enabled but not supported by an egress interface (except for
        tunnel interfaces).
+     * Added support for removal of default CT zone limit, e.g.
+       "ovs-appctl dpctl/ct-del-limits default".
 
 
 v3.2.0 - 17 Aug 2023
diff --git a/lib/conntrack.c b/lib/conntrack.c
index 31f00a127..71c470661 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -404,13 +404,15 @@  zone_limit_delete(struct conntrack *ct, int32_t zone)
     struct zone_limit *zl = zone_limit_lookup_protected(ct, zone);
     if (zl) {
         zone_limit_clean(ct, zl);
-        ovs_mutex_unlock(&ct->ct_lock);
-        VLOG_INFO("Deleted zone limit for zone %d", zone);
-    } else {
-        ovs_mutex_unlock(&ct->ct_lock);
-        VLOG_INFO("Attempted delete of non-existent zone limit: zone %d",
+    }
+
+    if (zone != DEFAULT_ZONE) {
+        VLOG_INFO(zl ? "Deleted zone limit for zone %d"
+                     : "Attempted delete of non-existent zone limit: zone %d",
                   zone);
     }
+
+    ovs_mutex_unlock(&ct->ct_lock);
     return 0;
 }
 
diff --git a/lib/dpctl.c b/lib/dpctl.c
index 76f21a530..a8c654747 100644
--- a/lib/dpctl.c
+++ b/lib/dpctl.c
@@ -2291,14 +2291,23 @@  dpctl_ct_del_limits(int argc, const char *argv[],
     int i =  dp_arg_exists(argc, argv) ? 2 : 1;
     struct ovs_list zone_limits = OVS_LIST_INITIALIZER(&zone_limits);
 
-    error = opt_dpif_open(argc, argv, dpctl_p, 3, &dpif);
+    error = opt_dpif_open(argc, argv, dpctl_p, 4, &dpif);
     if (error) {
         return error;
     }
 
-    error = parse_ct_limit_zones(argv[i], &zone_limits, &ds);
-    if (error) {
-        goto error;
+    /* Parse default limit. */
+    if (!strcmp(argv[i], "default")) {
+        ct_dpif_push_zone_limit(&zone_limits, OVS_ZONE_LIMIT_DEFAULT_ZONE,
+                                0, 0);
+        i++;
+    }
+
+    if (argc > i) {
+        error = parse_ct_limit_zones(argv[i], &zone_limits, &ds);
+        if (error) {
+            goto error;
+        }
     }
 
     error = ct_dpif_del_limits(dpif, &zone_limits);
@@ -3031,8 +3040,8 @@  static const struct dpctl_command all_commands[] = {
     { "ct-get-tcp-seq-chk", "[dp]", 0, 1, dpctl_ct_get_tcp_seq_chk, DP_RO },
     { "ct-set-limits", "[dp] [default=L] [zone=N,limit=L]...", 1, INT_MAX,
         dpctl_ct_set_limits, DP_RO },
-    { "ct-del-limits", "[dp] zone=N1[,N2]...", 1, 2, dpctl_ct_del_limits,
-        DP_RO },
+    { "ct-del-limits", "[dp] [default] [zone=N1[,N2]...]", 1, 3,
+        dpctl_ct_del_limits, DP_RO },
     { "ct-get-limits", "[dp] [zone=N1[,N2]...]", 0, 2, dpctl_ct_get_limits,
         DP_RO },
     { "ct-get-sweep-interval", "[dp]", 0, 1, dpctl_ct_get_sweep, DP_RO },
diff --git a/tests/system-traffic.at b/tests/system-traffic.at
index a37a694c5..3927bb8b1 100644
--- a/tests/system-traffic.at
+++ b/tests/system-traffic.at
@@ -5240,6 +5240,32 @@  udp,orig=(src=10.1.1.3,dst=10.1.1.4,sport=1,dport=3),reply=(src=10.1.1.4,dst=10.
 udp,orig=(src=10.1.1.3,dst=10.1.1.4,sport=1,dport=4),reply=(src=10.1.1.4,dst=10.1.1.3,sport=4,dport=1),zone=3
 ])
 
+dnl Test ct-del-limits for default zone.
+
+AT_CHECK([ovs-appctl dpctl/ct-set-limits default=15 zone=4,limit=4])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=4], [0], [dnl
+default limit=15
+zone=4,limit=4,count=0
+])
+
+AT_CHECK([ovs-appctl dpctl/ct-del-limits default])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=4], [0], [dnl
+default limit=0
+zone=4,limit=4,count=0
+])
+
+AT_CHECK([ovs-appctl dpctl/ct-set-limits default=15])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=4], [0], [dnl
+default limit=15
+zone=4,limit=4,count=0
+])
+
+AT_CHECK([ovs-appctl dpctl/ct-del-limits default zone=4])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=4], [0], [dnl
+default limit=0
+zone=4,limit=0,count=0
+])
+
 OVS_TRAFFIC_VSWITCHD_STOP(["dnl
 /could not create datapath/d
 /(Cannot allocate memory) on packet/d"])