From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Ahern Subject: Re: [patch net-next v2 0/9] net: sched: introduce chain templates support with offloading to mlxsw Date: Fri, 29 Jun 2018 06:54:36 -0600 Message-ID: <95856cb5-62bc-5b1d-6469-bb72c886891a@gmail.com> References: <20180628130907.951-1-jiri@resnulli.us> <20180629083910.GB2195@nanopsycho.orion> <20180629124846.GD2195@nanopsycho.orion> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Cc: Cong Wang , g@nanopsycho.orion, Linux Kernel Network Developers , David Miller , Jakub Kicinski , Simon Horman , john.hurley@netronome.com, mlxsw@mellanox.com, sridhar.samudrala@intel.com To: Jiri Pirko , Jamal Hadi Salim Return-path: Received: from mail-it0-f68.google.com ([209.85.214.68]:34960 "EHLO mail-it0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965273AbeF2Myj (ORCPT ); Fri, 29 Jun 2018 08:54:39 -0400 Received: by mail-it0-f68.google.com with SMTP id l16-v6so2727588ita.0 for ; Fri, 29 Jun 2018 05:54:39 -0700 (PDT) In-Reply-To: <20180629124846.GD2195@nanopsycho.orion> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: On 6/29/18 6:48 AM, Jiri Pirko wrote: > Fri, Jun 29, 2018 at 02:12:21PM CEST, jhs@mojatatu.com wrote: >> On 29/06/18 04:39 AM, Jiri Pirko wrote: >>> Fri, Jun 29, 2018 at 12:25:53AM CEST, xiyou.wangcong@gmail.com wrote: >>>> On Thu, Jun 28, 2018 at 6:10 AM Jiri Pirko wrote: >>>>> Add a template of type flower allowing to insert rules matching on last >>>>> 2 bytes of destination mac address: >>>>> # tc chaintemplate add dev dummy0 ingress proto ip flower dst_mac 00:00:00:00:00:00/00:00:00:00:FF:FF >>>>> >>>>> The template is now showed in the list: >>>>> # tc chaintemplate show dev dummy0 ingress >>>>> chaintemplate flower chain 0 >>>>> dst_mac 00:00:00:00:00:00/00:00:00:00:ff:ff >>>>> eth_type ipv4 >>>>> >>>>> Add another template, this time for chain number 22: >>>>> # tc chaintemplate add dev dummy0 ingress proto ip chain 22 flower dst_ip 0.0.0.0/16 >>>>> # tc chaintemplate show dev dummy0 ingress >>>>> chaintemplate flower chain 0 >>>>> dst_mac 00:00:00:00:00:00/00:00:00:00:ff:ff >>>>> eth_type ipv4 >>>>> chaintemplate flower chain 22 >>>>> eth_type ipv4 >>>>> dst_ip 0.0.0.0/16 >>>> >>>> So, if I want to check the template of a chain, I have to use >>>> 'tc chaintemplate... chain X'. >>>> >>>> If I want to check the filters in a chain, I have to use >>>> 'tc filter show .... chain X'. >>>> >>>> If you introduce 'tc chain', it would just need one command: >>>> `tc chain show ... X` which could list its template first and >>>> followed by filters in this chain, something like: >>>> >>>> # tc chain show dev eth0 chain X >>>> template: # could be none >>>> .... >>>> filter1 >>>> ... >>>> filter2 >>>> ... >>>> >>>> Isn't it more elegant? >>> >>> Well, that is just another iproute2 command. It would use the same >>> kernel uapi. Filters+templates. Sure, why not. Can be easily introduced. >>> Let's do it in a follow-up iproute2 patch. >>> >> >> Half a dozen or 6 - take your pick, really. >> I would call the template an attribute as opposed to a stand alone >> object i.e A chain of filters may have a template. If you have to >> introduce a new object then Sridhar's suggested syntax seems appealing. > > I think what I have makes sense. Maps nicely to what it really is inside > kernel. What Cong proposes looks like nice extension of userspace app to > do more things in one go. Will address that in followup iproute2 patch. The resolution of the syntax affect the uapi changes proposed. You are wanting to add new RTM commands which suggests new objects. If a template is an attribute of an existing object then the netlink API should indicate that.