@@ -125,6 +125,9 @@ typedef struct OvsForwardingContext {
/* header information */
OVS_PACKET_HDR_INFO layers;
+
+ /* Maximum Recieving Unit */
+ UINT16 mru;
} OvsForwardingContext;
/*
@@ -2032,11 +2035,16 @@ OvsDoExecuteActions(POVS_SWITCH_CONTEXT switchContext,
}
}
- status = OvsExecuteConntrackAction(ovsFwdCtx.curNbl, layers,
- key, (const PNL_ATTR)a);
+ status = OvsExecuteConntrackAction(switchContext, &ovsFwdCtx.curNbl, &(ovsFwdCtx.mru),
+ ovsFwdCtx.completionList,
+ ovsFwdCtx.fwdDetail->SourcePortId,
+ layers, key, (const PNL_ATTR)a);
if (status != NDIS_STATUS_SUCCESS) {
- OVS_LOG_ERROR("CT Action failed");
- dropReason = L"OVS-conntrack action failed";
+ /* Pending NBLs are consumed by Defragmentation. */
+ if (status != NDIS_STATUS_PENDING) {
+ OVS_LOG_ERROR("CT Action failed");
+ dropReason = L"OVS-conntrack action failed";
+ }
goto dropit;
}
break;
@@ -15,6 +15,7 @@
*/
#include "Conntrack.h"
+#include "IpFragment.h"
#include "Jhash.h"
#include "PacketParser.h"
#include "Event.h"
@@ -312,13 +313,25 @@ OvsCtEntryExpired(POVS_CT_ENTRY entry)
}
static __inline NDIS_STATUS
-OvsDetectCtPacket(OvsFlowKey *key)
+OvsDetectCtPacket(POVS_SWITCH_CONTEXT switchContext,
+ PNET_BUFFER_LIST *curNbl,
+ OvsCompletionList *completionList,
+ NDIS_SWITCH_PORT_ID sourcePort,
+ OvsFlowKey *key,
+ UINT16 *mru,
+ PNET_BUFFER_LIST *newNbl)
{
/* Currently we support only Unfragmented TCP packets */
switch (ntohs(key->l2.dlType)) {
case ETH_TYPE_IPV4:
if (key->ipKey.nwFrag != OVS_FRAG_TYPE_NONE) {
- return NDIS_STATUS_NOT_SUPPORTED;
+ return OvsProcessIpv4Fragment(switchContext,
+ curNbl,
+ completionList,
+ sourcePort,
+ mru,
+ key->tunKey.tunnelId,
+ newNbl);
}
if (key->ipKey.nwProto == IPPROTO_TCP
|| key->ipKey.nwProto == IPPROTO_UDP
@@ -684,11 +697,17 @@ OvsCtExecute_(PNET_BUFFER_LIST curNbl,
/*
*---------------------------------------------------------------------------
* OvsExecuteConntrackAction
- * Executes Conntrack actions XXX - Add more
+ * Executes Conntrack actions
+ * For the Ipv4 fragments, consume the orginal fragment NBL
+ * XXX - Add more
*---------------------------------------------------------------------------
*/
NDIS_STATUS
-OvsExecuteConntrackAction(PNET_BUFFER_LIST curNbl,
+OvsExecuteConntrackAction(POVS_SWITCH_CONTEXT switchContext,
+ PNET_BUFFER_LIST *curNbl,
+ UINT16 *mru,
+ OvsCompletionList *completionList,
+ NDIS_SWITCH_PORT_ID sourcePort,
OVS_PACKET_HDR_INFO *layers,
OvsFlowKey *key,
const PNL_ATTR a)
@@ -699,10 +718,11 @@ OvsExecuteConntrackAction(PNET_BUFFER_LIST curNbl,
MD_MARK *mark = NULL;
MD_LABELS *labels = NULL;
PCHAR helper = NULL;
-
+ PNET_BUFFER_LIST newNbl = NULL;
NDIS_STATUS status;
- status = OvsDetectCtPacket(key);
+ status = OvsDetectCtPacket(switchContext, curNbl, completionList,
+ sourcePort, key, mru, &newNbl);
if (status != NDIS_STATUS_SUCCESS) {
return status;
}
@@ -735,7 +755,8 @@ OvsExecuteConntrackAction(PNET_BUFFER_LIST curNbl,
}
}
- status = OvsCtExecute_(curNbl, key, layers,
+ /* If newNbl is not allocated, use the current Nbl*/
+ status = OvsCtExecute_(newNbl != NULL ? newNbl : *curNbl, key, layers,
commit, zone, mark, labels, helper);
return status;
}
@@ -20,6 +20,7 @@
#include "precomp.h"
#include "Flow.h"
#include "Debug.h"
+#include "PacketIO.h"
#include <stddef.h>
#ifdef OVS_DBG_MOD
@@ -155,7 +156,11 @@ OvsGetTcpPayloadLength(PNET_BUFFER_LIST nbl)
VOID OvsCleanupConntrack(VOID);
NTSTATUS OvsInitConntrack(POVS_SWITCH_CONTEXT context);
-NDIS_STATUS OvsExecuteConntrackAction(PNET_BUFFER_LIST curNbl,
+NDIS_STATUS OvsExecuteConntrackAction(POVS_SWITCH_CONTEXT switchContext,
+ PNET_BUFFER_LIST *curNbl,
+ UINT16 *mru,
+ OvsCompletionList *completionList,
+ NDIS_SWITCH_PORT_ID sourcePort,
OVS_PACKET_HDR_INFO *layers,
OvsFlowKey *key,
const PNL_ATTR a);
This patch adds support for tracking Ipv4 fragments in conntrack module. Individual fragments are not tracked and are consumed by the fragmentation/reassembly. Only the reassembled Ipv4 datagram is tracked and treated as a single ct entry. Added MRU field in OvsForwardingContext, to keep track of Maximum recieved unit from all the recieved IPv4 fragments. Signed-off-by: Anand Kumar <kumaranand@vmware.com> --- v4->v3: No Change v2->v3: - Updated log messages and fixed alignment. v1->v2: No change --- datapath-windows/ovsext/Actions.c | 16 ++++++++++++---- datapath-windows/ovsext/Conntrack.c | 35 ++++++++++++++++++++++++++++------- datapath-windows/ovsext/Conntrack.h | 7 ++++++- 3 files changed, 46 insertions(+), 12 deletions(-)