From: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
To: Vlad Buslov <vladbu@nvidia.com>
Cc: Saeed Mahameed <saeed@kernel.org>,
Jakub Kicinski <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
netdev@vger.kernel.org, Mark Bloch <mbloch@nvidia.com>,
Saeed Mahameed <saeedm@nvidia.com>
Subject: Re: [net-next V2 01/17] net/mlx5: E-Switch, Refactor setting source port
Date: Mon, 8 Feb 2021 10:25:57 -0300 [thread overview]
Message-ID: <20210208132557.GB2959@horizon.localdomain> (raw)
In-Reply-To: <ygnhtuqngebi.fsf@nvidia.com>
On Mon, Feb 08, 2021 at 10:21:21AM +0200, Vlad Buslov wrote:
>
> On Sat 06 Feb 2021 at 20:13, Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote:
> > Hi,
> >
> > I didn't receive the cover letter, so I'm replying on this one. :-)
> >
> > This is nice. One thing is not clear to me yet. From the samples on
> > the cover letter:
> >
> > $ tc -s filter show dev enp8s0f0_1 ingress
> > filter protocol ip pref 4 flower chain 0
> > filter protocol ip pref 4 flower chain 0 handle 0x1
> > dst_mac 0a:40:bd:30:89:99
> > src_mac ca:2e:a7:3f:f5:0f
> > eth_type ipv4
> > ip_tos 0/0x3
> > ip_flags nofrag
> > in_hw in_hw_count 1
> > action order 1: tunnel_key set
> > src_ip 7.7.7.5
> > dst_ip 7.7.7.1
> > ...
> >
> > $ tc -s filter show dev vxlan_sys_4789 ingress
> > filter protocol ip pref 4 flower chain 0
> > filter protocol ip pref 4 flower chain 0 handle 0x1
> > dst_mac ca:2e:a7:3f:f5:0f
> > src_mac 0a:40:bd:30:89:99
> > eth_type ipv4
> > enc_dst_ip 7.7.7.5
> > enc_src_ip 7.7.7.1
> > enc_key_id 98
> > enc_dst_port 4789
> > enc_tos 0
> > ...
> >
> > These operations imply that 7.7.7.5 is configured on some interface on
> > the host. Most likely the VF representor itself, as that aids with ARP
> > resolution. Is that so?
> >
> > Thanks,
> > Marcelo
>
> Hi Marcelo,
>
> The tunnel endpoint IP address is configured on VF that is represented
> by enp8s0f0_0 representor in example rules. The VF is on host.
That's interesting and odd. The VF would be isolated by a netns and
not be visible by whoever is administrating the VF representor. Some
cooperation between the two entities (host and container, say) is
needed then, right? Because the host needs to know the endpoint IP
address that the container will be using, and vice-versa. If so, why
not offload the tunnel actions via the VF itself and avoid this need
for cooperation? Container privileges maybe?
Thx,
Marcelo
next prev parent reply other threads:[~2021-02-08 13:28 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-06 5:02 [pull request][net-next V2 00/17] mlx5 updates 2021-02-04 Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 01/17] net/mlx5: E-Switch, Refactor setting source port Saeed Mahameed
2021-02-06 18:13 ` Marcelo Ricardo Leitner
2021-02-08 8:21 ` Vlad Buslov
2021-02-08 13:25 ` Marcelo Ricardo Leitner [this message]
2021-02-08 13:31 ` Vlad Buslov
2021-02-08 13:42 ` Marcelo Ricardo Leitner
2021-02-08 20:22 ` Jakub Kicinski
2021-02-09 14:22 ` Vlad Buslov
2021-02-09 16:10 ` Or Gerlitz
2021-02-10 13:56 ` Marcelo Ricardo Leitner
2021-02-10 16:44 ` Vlad Buslov
2021-02-09 18:05 ` Jakub Kicinski
2021-02-09 19:17 ` Vlad Buslov
2021-02-09 19:50 ` Jakub Kicinski
2021-02-10 11:25 ` Vlad Buslov
2021-02-10 19:43 ` Jakub Kicinski
2021-02-09 0:20 ` patchwork-bot+netdevbpf
2021-02-06 5:02 ` [net-next V2 02/17] net/mlx5e: E-Switch, Maintain vhca_id to vport_num mapping Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 03/17] net/mlx5e: Always set attr mdev pointer Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 04/17] net/mlx5: E-Switch, Refactor rule offload forward action processing Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 05/17] net/mlx5e: VF tunnel TX traffic offloading Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 06/17] net/mlx5e: Refactor tun routing helpers Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 07/17] net/mlx5: E-Switch, Indirect table infrastructure Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 08/17] net/mlx5e: Remove redundant match on tunnel destination mac Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 09/17] net/mlx5e: VF tunnel RX traffic offloading Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 10/17] net/mlx5e: Refactor reg_c1 usage Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 11/17] net/mlx5e: Match recirculated packet miss in slow table using reg_c1 Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 12/17] net/mlx5e: Extract tc tunnel encap/decap code to dedicated file Saeed Mahameed
2021-02-09 20:35 ` Guenter Roeck
2021-02-06 5:02 ` [net-next V2 13/17] net/mlx5e: Create route entry infrastructure Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 14/17] net/mlx5e: Refactor neigh update infrastructure Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 15/17] net/mlx5e: TC preparation refactoring for routing update event Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 16/17] net/mlx5e: Rename some encap-specific API to generic names Saeed Mahameed
2021-02-06 5:02 ` [net-next V2 17/17] net/mlx5e: Handle FIB events to update tunnel endpoint device Saeed Mahameed
2021-02-08 21:55 ` [pull request][net-next V2 00/17] mlx5 updates 2021-02-04 Or Gerlitz
2021-02-09 8:42 ` Or Gerlitz
2021-02-09 8:43 ` Or Gerlitz
2021-02-10 16:51 ` Vlad Buslov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210208132557.GB2959@horizon.localdomain \
--to=marcelo.leitner@gmail.com \
--cc=davem@davemloft.net \
--cc=kuba@kernel.org \
--cc=mbloch@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=saeed@kernel.org \
--cc=saeedm@nvidia.com \
--cc=vladbu@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).