Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp4368281ybx; Sat, 9 Nov 2019 14:17:03 -0800 (PST) X-Google-Smtp-Source: APXvYqzEgl9dnVQE9X92gLMoxd6s66KO+3fwku4xBTAbRjS43qJjA1Un8uat9jS1z+eEsFkk3qHk X-Received: by 2002:a17:906:1da1:: with SMTP id u1mr15808937ejh.275.1573337823296; Sat, 09 Nov 2019 14:17:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573337823; cv=none; d=google.com; s=arc-20160816; b=CV7YiQe3ZkC9RrUVFLfoWDgBRLTVs+M31p00+WxyEptjWqb+bAesjKJ8+te8B14+3b wSYpfzMA2s5MPdg0U82R8xOjxqQsNTYwXRe/7ijJy7KFjX2AAJ03l4a//Rb3Q27YJiBG IRb4oG4JqNPC6yrtlKvdHDInd/gvgkVpPX/9GgV2G2EBP909QnkcMe3ppa+gp+JOvv1f +D+RXIVWmbk1UNr2pyMYPy0C6vRz3dhmFA5wGT72kJkJTSe0KO6rX/+IbyGWch7D4AiU l76wqr6yRp5YdXDsig44dy39H0ajggSUE7Lsr4euHHO37QgEQ4ijZAr2TJSk/yvT9FOU E0FQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version; bh=Bp19LNAKug129Y7GTNh3XE9q3s1Zh+qm6fJneYc+vmc=; b=bpOP8NuA7GXYMFjn9rND+kfIzxlu415aO1qTeUCMxZzFRFOO5eextXpOu2/xC1U8GP BW9EbdUDt7Kup9McWNZwLX28FjTi6oSnSThURYmefk4Fbg9MCcQxPI6isqx7ejVsfztH /uO00vfYizCNE6oozkcNTNVUovuA3LL7RioevVDHLtUPFYoIxXPymW+HMrt2x2nfe2o8 s/rmOZbDJ8Dys/GjMfzUKcj6WrQbgLEcG3Oq4Lg3KPqQjB8aR6TD107McrsaE0SyVijM LBSI6ZFbQnfGv4ViTDlpGgkXQlaEqplJlFv4PbWkMeDWRjnJq2CZzNwYcLmk3QDHlLb+ OtNA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e25si7190166edr.117.2019.11.09.14.16.26; Sat, 09 Nov 2019 14:17:03 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726587AbfKIWPp (ORCPT + 99 others); Sat, 9 Nov 2019 17:15:45 -0500 Received: from relay12.mail.gandi.net ([217.70.178.232]:40337 "EHLO relay12.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726470AbfKIWPp (ORCPT ); Sat, 9 Nov 2019 17:15:45 -0500 Received: from mail-vs1-f52.google.com (mail-vs1-f52.google.com [209.85.217.52]) (Authenticated sender: pshelar@ovn.org) by relay12.mail.gandi.net (Postfix) with ESMTPSA id D8183200004; Sat, 9 Nov 2019 22:15:41 +0000 (UTC) Received: by mail-vs1-f52.google.com with SMTP id a143so6279671vsd.9; Sat, 09 Nov 2019 14:15:41 -0800 (PST) X-Gm-Message-State: APjAAAXKbZpuq3e2j0IJQN7Wu1WwvATCCTTPHL0z7D5PRsxSpAppJYwo gh6s5H8Sr9jV5PLgwQqCs5kiIQWAsHagww5k4Ds= X-Received: by 2002:a05:6102:2417:: with SMTP id j23mr13329005vsi.93.1573337740380; Sat, 09 Nov 2019 14:15:40 -0800 (PST) MIME-Version: 1.0 References: <20191108210714.12426-1-aconole@redhat.com> In-Reply-To: <20191108210714.12426-1-aconole@redhat.com> From: Pravin Shelar Date: Sat, 9 Nov 2019 14:15:31 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH net 1/2] openvswitch: support asymmetric conntrack To: Aaron Conole Cc: Linux Kernel Network Developers , "David S . Miller" , Jamal Hadi Salim , Cong Wang , Jiri Pirko , ovs dev , linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Nov 8, 2019 at 1:07 PM Aaron Conole wrote: > > The openvswitch module shares a common conntrack and NAT infrastructure > exposed via netfilter. It's possible that a packet needs both SNAT and > DNAT manipulation, due to e.g. tuple collision. Netfilter can support > this because it runs through the NAT table twice - once on ingress and > again after egress. The openvswitch module doesn't have such capability. > > Like netfilter hook infrastructure, we should run through NAT twice to > keep the symmetry. > > Fixes: 05752523e565 ("openvswitch: Interface with NAT.") > Signed-off-by: Aaron Conole The patch looks ok. But I am not able apply it. can you fix the encoding.