From: Edward Cree <ecree@solarflare.com>
To: Paul Blakey <paulb@mellanox.com>, Jiri Pirko <jiri@resnulli.us>
Cc: Saeed Mahameed <saeedm@mellanox.com>,
Oz Shlomo <ozsh@mellanox.com>,
Jakub Kicinski <jakub.kicinski@netronome.com>,
Vlad Buslov <vladbu@mellanox.com>,
David Miller <davem@davemloft.net>, <netdev@vger.kernel.org>,
Jiri Pirko <jiri@mellanox.com>, Roi Dayan <roid@mellanox.com>
Subject: Re: [PATCH net-next 0/3] net/sched: act_ct: Add support for specifying tuple offload policy
Date: Mon, 18 May 2020 17:48:46 +0100 [thread overview]
Message-ID: <64db5b99-2c67-750c-e5bd-79c7e426aaa2@solarflare.com> (raw)
In-Reply-To: <f7236849-420d-558f-8e66-2501e221ca1b@mellanox.com>
On 18/05/2020 17:17, Paul Blakey wrote:
> But we think, as you pointed out, explicit as here is better, there is just no API to configure the flow table currently so we suggested this.
> Do you have any suggestion for an API that would be better?
I see two possible approaches. We could either say "conntrack is
part of netfilter, so this should be an nftnetlink API", or we
could say "this is about configuring TC offload (of conntracks),
so it belongs in a TC command". I lean towards the latter mainly
so that I don't have to install & learn netfilter commands (the
current conntrack offload can be enabled without touching them).
So it'd be something like "tc ct add zone 1 timeout 120 pkts 10",
and if a 'tc filter add' or 'tc action add' references a ct zone
that hasn't been 'tc ct add'ed, it gets automatically added with
the default policy (and if you come along later and try to 'tc ct
add' it you get an EBUSY or EEXIST or something).
WDYT?
-ed
next prev parent reply other threads:[~2020-05-18 16:49 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-14 13:48 [PATCH net-next 0/3] net/sched: act_ct: Add support for specifying tuple offload policy Paul Blakey
2020-05-14 13:48 ` [PATCH net-next 1/3] netfilter: flowtable: Control flow offload timeout interval Paul Blakey
2020-05-14 13:48 ` [PATCH net-next 2/3] net/sched: act_ct: Add policy_pkts tuple offload control policy Paul Blakey
2020-05-14 13:48 ` [PATCH net-next 3/3] net/sched: act_ct: Add policy_timeout " Paul Blakey
2020-05-14 14:04 ` [PATCH net-next 0/3] net/sched: act_ct: Add support for specifying tuple offload policy Edward Cree
2020-05-14 14:49 ` Jiri Pirko
2020-05-14 15:28 ` Edward Cree
2020-05-18 16:17 ` Paul Blakey
2020-05-18 16:48 ` Edward Cree [this message]
2020-05-18 17:25 ` Jiri Pirko
2020-05-18 18:02 ` Edward Cree
2020-05-26 9:25 ` Paul Blakey
2020-05-26 16:17 ` Edward Cree
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=64db5b99-2c67-750c-e5bd-79c7e426aaa2@solarflare.com \
--to=ecree@solarflare.com \
--cc=davem@davemloft.net \
--cc=jakub.kicinski@netronome.com \
--cc=jiri@mellanox.com \
--cc=jiri@resnulli.us \
--cc=netdev@vger.kernel.org \
--cc=ozsh@mellanox.com \
--cc=paulb@mellanox.com \
--cc=roid@mellanox.com \
--cc=saeedm@mellanox.com \
--cc=vladbu@mellanox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).