From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Jakub Kicinski <jakub.kicinski@netronome.com>
Cc: netdev@vger.kernel.org, davem@davemloft.net,
thomas.lendacky@amd.com, f.fainelli@gmail.com,
ariel.elior@cavium.com, michael.chan@broadcom.com,
santosh@chelsio.com, madalin.bucur@nxp.com,
yisen.zhuang@huawei.com, salil.mehta@huawei.com,
jeffrey.t.kirsher@intel.com, tariqt@mellanox.com,
saeedm@mellanox.com, jiri@mellanox.com, idosch@mellanox.com,
peppe.cavallaro@st.com, grygorii.strashko@ti.com, andrew@lunn.ch,
vivien.didelot@savoirfairelinux.com, alexandre.torgue@st.com,
joabreu@synopsys.com, linux-net-drivers@solarflare.com,
ganeshgr@chelsio.com, ogerlitz@mellanox.com,
Manish.Chopra@cavium.com, marcelo.leitner@gmail.com,
mkubecek@suse.cz, venkatkumar.duvvuru@broadcom.com,
julia.lawall@lip6.fr, john.fastabend@gmail.com, jhs@mojatatu.com,
gerlitz.or@gmail.com
Subject: Re: [PATCH net-next,v6 00/12] add flow_rule infrastructure
Date: Thu, 20 Dec 2018 13:35:23 +0100 [thread overview]
Message-ID: <20181220123523.bacj7juww2fraqcj@salvia> (raw)
In-Reply-To: <20181219162653.2aeeb15a@cakuba.netronome.com>
On Wed, Dec 19, 2018 at 04:26:53PM -0800, Jakub Kicinski wrote:
> On Thu, 20 Dec 2018 01:03:13 +0100, Pablo Neira Ayuso wrote:
> > On Wed, Dec 19, 2018 at 11:57:03AM -0800, Jakub Kicinski wrote:
> > > > Anyway, the problem that this patchset addresses _already exists_ with
> > > > ethtool_rxnfc and cls_flower in place, it would be good to fix it now.
> > >
> > > That's not the point of contention.
> >
> > What is your alternative plan to unify driver codebase for
> > ethtool_rx_flow_spec and tc/cls_flower to offload ACL from the ingress
> > path?
>
> The point of contention for me is the "reuse of ndo_setup_tc" :)
OK, this patchset is not updating ndo_setup_tc.
> I haven't played with your IR, but it looks fairly close to the flower
> dissector based thing, so it's probably fine
OK.
[...]
> > From what I'm reading, you assume we can use nf_flow_table everywhere,
> > which is probably true if you assume people use your NICs. However,
> > there is a class of hardware where CPU is extremely smallish to cope
> > with flows in software, where dataplane is almost entirely offloaded
> > to hardware. In that scenario, nf_flow_table cannot be used.
>
> I'm confused, could you rephrase? How does you work help such devices?
> How is tc not suitable for them?
There are two HW offload usecases:
#1 Policy resides in software, CPU host sees initial packets, based on
policy, you place flows into hardware via nf_flow_table infrastructure.
This usecase is fine in your NIC since you assume host CPU can cope
with policy in software for these few initial packets of the flow.
However, switches usually have a small CPU to run control plane
software only. There we _cannot_ use this approach.
#2 Policy resides in hardware. For the usecase of switches with small
CPU, the ACL is deployed in hardware. We use the host CPU to run
control plane configurations only.
This patchset _is not_ related to #1, this patchset _is_ related to #2.
So far, there is infrastructure in Netfilter to do #1, it should be
possible to use it from TC too. In TC, there is infrastructure for #2
which can be reused from Netfilter.
next prev parent reply other threads:[~2018-12-20 12:35 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-14 18:11 [PATCH net-next,v6 00/12] add flow_rule infrastructure Pablo Neira Ayuso
2018-12-14 18:11 ` [PATCH net-next,v6 01/12] flow_offload: add flow_rule and flow_match structures and use them Pablo Neira Ayuso
2018-12-14 18:35 ` Jiri Pirko
2018-12-14 18:11 ` [PATCH net-next,v6 02/12] net/mlx5e: support for two independent packet edit actions Pablo Neira Ayuso
2018-12-14 22:41 ` Saeed Mahameed
2018-12-14 18:11 ` [PATCH net-next,v6 03/12] flow_offload: add flow action infrastructure Pablo Neira Ayuso
2018-12-14 18:11 ` [PATCH net-next,v6 04/12] cls_api: add translator to flow_action representation Pablo Neira Ayuso
2018-12-14 18:11 ` [PATCH net-next,v6 05/12] flow_offload: add statistics retrieval infrastructure and use it Pablo Neira Ayuso
2018-12-14 18:11 ` [PATCH net-next,v6 06/12] drivers: net: use flow action infrastructure Pablo Neira Ayuso
2018-12-14 19:16 ` Jiri Pirko
2018-12-14 18:12 ` [PATCH net-next,v6 07/12] cls_flower: don't expose TC actions to drivers anymore Pablo Neira Ayuso
2018-12-14 18:12 ` [PATCH net-next,v6 08/12] flow_offload: add wake-up-on-lan and queue to flow_action Pablo Neira Ayuso
2018-12-14 19:17 ` Jiri Pirko
2018-12-15 18:55 ` Florian Fainelli
2018-12-14 18:12 ` [PATCH net-next,v6 09/12] ethtool: add ethtool_rx_flow_spec to flow_rule structure translator Pablo Neira Ayuso
2018-12-14 19:21 ` Jiri Pirko
2018-12-14 18:12 ` [PATCH net-next,v6 10/12] dsa: bcm_sf2: use flow_rule infrastructure Pablo Neira Ayuso
2018-12-15 18:54 ` Florian Fainelli
2018-12-14 18:12 ` [PATCH net-next,v6 11/12] qede: place ethtool_rx_flow_spec after code after TC flower codebase Pablo Neira Ayuso
2018-12-14 18:12 ` [PATCH net-next,v6 12/12] qede: use ethtool_rx_flow_rule() to remove duplicated parser code Pablo Neira Ayuso
2018-12-18 1:39 ` [PATCH net-next,v6 00/12] add flow_rule infrastructure Jakub Kicinski
2018-12-18 19:57 ` Pablo Neira Ayuso
2018-12-19 19:57 ` Jakub Kicinski
2018-12-20 0:03 ` Pablo Neira Ayuso
2018-12-20 0:26 ` Jakub Kicinski
2018-12-20 12:35 ` Pablo Neira Ayuso [this message]
2018-12-20 13:51 ` Or Gerlitz
2018-12-20 15:39 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181220123523.bacj7juww2fraqcj@salvia \
--to=pablo@netfilter.org \
--cc=Manish.Chopra@cavium.com \
--cc=alexandre.torgue@st.com \
--cc=andrew@lunn.ch \
--cc=ariel.elior@cavium.com \
--cc=davem@davemloft.net \
--cc=f.fainelli@gmail.com \
--cc=ganeshgr@chelsio.com \
--cc=gerlitz.or@gmail.com \
--cc=grygorii.strashko@ti.com \
--cc=idosch@mellanox.com \
--cc=jakub.kicinski@netronome.com \
--cc=jeffrey.t.kirsher@intel.com \
--cc=jhs@mojatatu.com \
--cc=jiri@mellanox.com \
--cc=joabreu@synopsys.com \
--cc=john.fastabend@gmail.com \
--cc=julia.lawall@lip6.fr \
--cc=linux-net-drivers@solarflare.com \
--cc=madalin.bucur@nxp.com \
--cc=marcelo.leitner@gmail.com \
--cc=michael.chan@broadcom.com \
--cc=mkubecek@suse.cz \
--cc=netdev@vger.kernel.org \
--cc=ogerlitz@mellanox.com \
--cc=peppe.cavallaro@st.com \
--cc=saeedm@mellanox.com \
--cc=salil.mehta@huawei.com \
--cc=santosh@chelsio.com \
--cc=tariqt@mellanox.com \
--cc=thomas.lendacky@amd.com \
--cc=venkatkumar.duvvuru@broadcom.com \
--cc=vivien.didelot@savoirfairelinux.com \
--cc=yisen.zhuang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).