From patchwork Wed May 22 03:53:30 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?b?5aec56uL5Lic?= <jianglidong3@jd.com>
X-Patchwork-Id: 1103109
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=openvswitch.org
	(client-ip=140.211.169.12; helo=mail.linuxfoundation.org;
	envelope-from=ovs-dev-bounces@openvswitch.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=jd.com
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 457zJS3cDLz9s9N
	for <incoming@patchwork.ozlabs.org>;
	Wed, 22 May 2019 13:53:43 +1000 (AEST)
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id 2F073AA5;
	Wed, 22 May 2019 03:53:39 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id AC94B86D
	for <dev@openvswitch.org>; Wed, 22 May 2019 03:53:37 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from smtp3.jd.com (smtp3.jd.com [59.151.64.88])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 54C865D0
	for <dev@openvswitch.org>; Wed, 22 May 2019 03:53:35 +0000 (UTC)
Received: from BJMAILD1MBX91.360buyAD.local (172.31.0.91) by
	BJMAILD1MBX48.360buyAD.local (172.31.0.48) with Microsoft SMTP Server
	(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id
	15.1.1415.2; Wed, 22 May 2019 11:53:31 +0800
Received: from BJMAILD1MBX70.360buyAD.local (172.31.0.70) by
	BJMAILD1MBX91.360buyAD.local (172.31.0.91) with Microsoft SMTP Server
	(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id
	15.1.1415.2; Wed, 22 May 2019 11:53:30 +0800
Received: from BJMAILD1MBX70.360buyAD.local ([fe80::e137:8c01:c5ea:adea]) by
	BJMAILD1MBX70.360buyAD.local ([fe80::e137:8c01:c5ea:adea%18]) with
	mapi id 15.01.1415.002; Wed, 22 May 2019 11:53:30 +0800
From: =?gb2312?b?varBorar?= <jianglidong3@jd.com>
To: "dev@openvswitch.org" <dev@openvswitch.org>
Thread-Topic: [PATCH] conntrack: add tcp_in_liberal option in userspace
	conntrack
Thread-Index: AdUQUYwDyRpr0wdcTK+oOQzsS2j16A==
Date: Wed, 22 May 2019 03:53:30 +0000
Message-ID: <52f59b3d7ed6405e89a4970e912569c4@jd.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator: 
x-originating-ip: [10.31.14.12]
MIME-Version: 1.0
X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00, FROM_EXCESS_BASE64,
	HTML_MESSAGE autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.12
Cc: =?gb2312?b?zfXWvr/L?= <wangzhike@jd.com>
Subject: [ovs-dev] [PATCH] conntrack: add tcp_in_liberal option in userspace
	conntrack
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

From 3ce112684921bca74839e109fda91848aa024a54 Mon Sep 17 00:00:00 2001
From: Jiang Lidong <jianglidong3@jd.com>
Date: Wed, 22 May 2019 11:21:34 +0800
Subject: [PATCH] conntrack: add tcp_in_liberal option in userspace conntrack

Adding similar cp_in_liberal option in userspace conntrack as
kernel conntrack does to skip seq check on tcp connection.
It prevents packet is marked as INVALID by stable seq
info in conntrack connection.

This option can help to make traffic survive in hardware
offloading cases, especially when traffic is being moved
back to software path from hardware forwarding engine.

Signed-off-by: Lidong Jiang <jianglidong3@jd.com>
Signed-off-by: Zhike Wang <wangzhike@jd.com>
---
lib/conntrack-private.h | 2 ++
lib/conntrack-tcp.c     | 5 +++--
lib/conntrack.c         | 6 ++++++
lib/conntrack.h         | 4 +++-
lib/dpif-netdev.c       | 6 ++++++
5 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/lib/conntrack-private.h b/lib/conntrack-private.h
index 51b7d7f..9bc99cd 100644
--- a/lib/conntrack-private.h
+++ b/lib/conntrack-private.h
@@ -172,6 +172,8 @@ struct conntrack {
     /* Fragmentation handling context. */
     struct ipf *ipf;
+
+    bool tcp_be_liberal;
};
 /* Lock acquisition order:
diff --git a/lib/conntrack-tcp.c b/lib/conntrack-tcp.c
index 397aca1..61abafb 100644
--- a/lib/conntrack-tcp.c
+++ b/lib/conntrack-tcp.c
@@ -272,7 +272,7 @@ tcp_conn_update(struct conntrack *ct, struct conn *conn_,
     int ackskew = check_ackskew ? dst->seqlo - ack : 0;
#define MAXACKWINDOW (0xffff + 1500)    /* 1500 is an arbitrary fudge factor */
-    if (SEQ_GEQ(src->seqhi, end)
+    if ((SEQ_GEQ(src->seqhi, end)
         /* Last octet inside other's window space */
         && SEQ_GEQ(seq, src->seqlo - (dst->max_win << dws))
         /* Retrans: not more than one window back */
@@ -281,7 +281,8 @@ tcp_conn_update(struct conntrack *ct, struct conn *conn_,
         && (ackskew <= (MAXACKWINDOW << sws))
         /* Acking not more than one window forward */
         && ((tcp_flags & TCP_RST) == 0 || orig_seq == src->seqlo
-            || (orig_seq == src->seqlo + 1) || (orig_seq + 1 == src->seqlo))) {
+            || (orig_seq == src->seqlo + 1) || (orig_seq + 1 == src->seqlo)))
+            || (ct->tcp_be_liberal)) {
         /* Require an exact/+1 sequence match on resets when possible */
         /* update max window */
diff --git a/lib/conntrack.c b/lib/conntrack.c
index 6711f5e..bd92710 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -2282,6 +2282,12 @@ conntrack_ipf_ctx(struct conntrack *ct)
     return ct->ipf;
}
+void
+conntrack_set_tcp_be_liberal(struct conntrack *ct, bool enabled)
+{
+    ct->tcp_be_liberal = enabled;
+}
+
int
conntrack_dump_start(struct conntrack *ct, struct conntrack_dump *dump,
                      const uint16_t *pzone, int *ptot_bkts)
diff --git a/lib/conntrack.h b/lib/conntrack.h
index 2012150..b8d799d 100644
--- a/lib/conntrack.h
+++ b/lib/conntrack.h
@@ -119,5 +119,7 @@ int conntrack_set_maxconns(struct conntrack *ct, uint32_t maxconns);
int conntrack_get_maxconns(struct conntrack *ct, uint32_t *maxconns);
int conntrack_get_nconns(struct conntrack *ct, uint32_t *nconns);
struct ipf *conntrack_ipf_ctx(struct conntrack *ct);
-
+
+void conntrack_set_tcp_be_liberal(struct conntrack *ct, bool enabled);
+
#endif /* conntrack.h */
diff --git a/lib/dpif-netdev.c b/lib/dpif-netdev.c
index 5a6f2ab..ae6a18e 100644
--- a/lib/dpif-netdev.c
+++ b/lib/dpif-netdev.c
@@ -3823,6 +3823,12 @@ dpif_netdev_set_config(struct dpif *dpif, const struct smap *other_config)
     uint32_t tx_flush_interval, cur_tx_flush_interval;
     uint64_t rebalance_intvl;
+    bool tcp_be_liberal = smap_get_bool(other_config,
+                                        "conntrack_tcp_be_liberal",
+                                        false);
+
+    conntrack_set_tcp_be_liberal(&dp->conntrack, tcp_be_liberal);
+
     tx_flush_interval = smap_get_int(other_config, "tx-flush-interval",
                                      DEFAULT_TX_FLUSH_INTERVAL);
     atomic_read_relaxed(&dp->tx_flush_interval, &cur_tx_flush_interval);
--
1.8.3.1