From: Ahmed Zaki <ahmed.zaki@intel.com>
To: Jakub Kicinski <kuba@kernel.org>
Cc: <netdev@vger.kernel.org>, <davem@davemloft.net>,
<edumazet@google.com>, <pabeni@redhat.com>, <mkubecek@suse.cz>,
"Chittim, Madhu" <madhu.chittim@intel.com>,
"Samudrala, Sridhar" <sridhar.samudrala@intel.com>
Subject: Re: [RFC] ethtool: raw packet filtering
Date: Mon, 11 Dec 2023 16:34:42 -0700 [thread overview]
Message-ID: <bc2cad6a-a456-4aa2-aeaa-157b3cd48b57@intel.com> (raw)
In-Reply-To: <20231206182524.0dc8b680@kernel.org>
On 2023-12-06 19:25, Jakub Kicinski wrote:
> On Wed, 6 Dec 2023 15:47:18 -0700 Ahmed Zaki wrote:
>> Sure. The main use case is to be able to filter on any standard or
>> proprietary protocol headers, tunneled or not, using the ntuple API.
>> ethtool allows this only for the basic TCP/UDP/SCTP/ah/esp and IPv4/6.
>> Filtering on any other protocol or stack of protocols will require
>> ethtool and core changes. Raw filtering on the first 512 bytes of the
>> packet will allow anyone to do such filtering without these changes.
>>
>> To be clear, I am not advocating for bypassing Kernel parsing, but there
>> are so many combinations of protocols and tunneling methods that it is
>> very hard to add them all in ethtool.
>>
>> As an example, if we want to direct flows carrying GTPU traffic
>> originating from <Inner IP> and tunneled on a given VxLan at a given
>> <Outer IP>:
>>
>> <Outer IP> : <Outer UDP> : <VXLAN VID> : <ETH> : <Inner IP> : <GTPU>
>>
>> to a specific RSS queue.
>
> Dunno. I think it's a longer conversation. In principle - I personally
> don't mind someone extending raw matching support, others who care about
> protocol ossification and sensible parsing API might. But if you want
> 512B you would have to redo the uAPI, and adding stuff to ethtool ioctl
> has very high bar as this is a legacy interface. Moving ntuple filters
> to netlink OTOH is a different can of warms - it duplicates parts of TC
> and nft while having a _lot_ less capabilities. And performance
> (everything under rtnl). Which begs the question whether we should
> leave n-tuple filters behind completely and focus on tc / nft APIs.
>
> So I'll be completely honest - feels like this is going to be really
> high effort / benefit ratio for the maintainers. It will be challenging
> to get it merged.
I agree on the n-tuple hurdles, but is there a tc/nft API that you have
in mind? Not sure where are the overlaps/duplication.
I couldn't find anything that can be extended to offload RX packet
filtering/matching. Or did you mean __create__ new APIs?
next prev parent reply other threads:[~2023-12-11 23:36 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-05 18:23 [RFC] ethtool: raw packet filtering Ahmed Zaki
2023-12-06 16:16 ` Jakub Kicinski
2023-12-06 22:47 ` Ahmed Zaki
2023-12-07 2:25 ` Jakub Kicinski
2023-12-11 23:34 ` Ahmed Zaki [this message]
2023-12-12 1:50 ` Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bc2cad6a-a456-4aa2-aeaa-157b3cd48b57@intel.com \
--to=ahmed.zaki@intel.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=madhu.chittim@intel.com \
--cc=mkubecek@suse.cz \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sridhar.samudrala@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).