Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp340183lqo; Thu, 16 May 2024 07:50:07 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWqEhGABnh+YgH7v+4V/M2exlonFtoAf62cQVBy2cAXLw8ZC9cEmBdVE3zRAYvSW3yweK6XHBh5Koqq5TpWTDoAaMn4ifvqIUZNPxuoPA== X-Google-Smtp-Source: AGHT+IG5KRw56kPT9bj8j6VWzIaL2bcMd4xbTrikFNv79EfDmAGppbZp0NHtnA1edjrauJ3yLdb2 X-Received: by 2002:a05:6871:522b:b0:22e:b3c6:96cf with SMTP id 586e51a60fabf-24172f61d61mr22557211fac.49.1715871006713; Thu, 16 May 2024 07:50:06 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715871006; cv=pass; d=google.com; s=arc-20160816; b=xTciWRxzd1RFp4gDz1PC5/j2agPuummYZb2WnZMRqyR1BDzAf2h/lDYYA39DsgLhaM SJLsJ6W138siLbxHZENR64hZksA8grHubtyOwbJKFroBmEZ2cAOzStz+XJ43PzsoGprJ esm3eGprjZ3QIuLWWs7Xi2Q/eCAjbsblxBnHI5BtYomabedBlDiBm3ldwMLude+E5OnQ 338eYiSsefJaZ11dxPcfXS+MKfH57jJnd117EP4IelBHuByq3aIHNxxO5Y1VkabfbSVB 5cj7XKiT17NaI9Zhxptrtgz2y6QBVaaNxygZuQJ4JPrbEY8zdhlLLmhY8dFmOGyNdzVL 7ZXg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=AL7s2inOepTg+/a+2RTky/+fXO/Vp/y9m8QnnDWibcs=; fh=GxMZTgcPkyv40zJTTqyKD3P8tgvBI3f9Hxbmivsn7G4=; b=NOrhYJb3g3XWBbkIBUeIfrjhv/CCEKanshE4PpeodWTy8a2czUx49aG7hChhzTnQrj nP6K+sq2ffxEVM4N8L2W+BaFN6Gmp5U5gJhc42bsrKFr31K21Iq0F/Q1ehgqMEISZRtt 1IgJCAyFVOahP1zZEDKQ+URUhSsH9ZsmLzlTuifvlMdHkSgzwtKf2Z3Lkf3pZQYsxDWj JvmTfehHWxi5WBvB7fpIejZMf6vcv3Zpg8m/IvTzA/8gAh2KN0rEYlhhMba5eTntPPYA cyd5u13fQohLSQxJBi49Vg8MDdqk1IOs/fX+2hnFugngo9b/3aPmee7HS+Qc3R15DxLK E2Kw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="MWCFE3h/"; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-180920-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-180920-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id 41be03b00d2f7-63409e83914si15949682a12.126.2024.05.16.07.50.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 May 2024 07:50:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-180920-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="MWCFE3h/"; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-180920-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-180920-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 38F40286F15 for ; Thu, 16 May 2024 10:45:20 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1A777145A00; Thu, 16 May 2024 10:44:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="MWCFE3h/" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 62B9B1459E7; Thu, 16 May 2024 10:44:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.12 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715856292; cv=none; b=GTrfC85OyQgWryIwjB0bz6pz7pejACS490aUH8ltdurB0ePMDp47iMVrWh0mbhhgknBQBs763PlR6v5WSZHe//FqC9Z/KdwIJHaivaCMlQZCx/7i0aZnMT6c+V3psw8JGaO6zi8otTHvyHETafN0gh3jfiCVXtj7iIoQ72yH73Q= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715856292; c=relaxed/simple; bh=qS3BQVM65ikytVxg+vUaAJl6zot53RNMbcABisDLmAo=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=YeLlobXaqiaAIeoxb9X/fc8dhh72b9SLSnrivPovUZXXfCgg6KHaCLb0/D7uivmuHoWeAppPXVtAH9q9kMRPfKFs6z3Xevp+kvySPgRazRGT0By/HMSUgLTJMK2dhtTfGCiBEYbY4AK+0ymlOfTbCa24w54Ki7OzLLFfVroMWig= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=MWCFE3h/; arc=none smtp.client-ip=198.175.65.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1715856290; x=1747392290; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=qS3BQVM65ikytVxg+vUaAJl6zot53RNMbcABisDLmAo=; b=MWCFE3h/HDtechq24Sd3F51aeTUVLTAScDhey8TcWbuu4a/7UxiISxml /VBSpCaJY00wOEyKMmB8dCRnicEZN8c/YTPNmPtP7gkjdeU4OcDmn1Nhr y7blHJrm++KhAFN34nvnD+L5N9WhCeFw3bsIQLegu8QSV59/vfZ+tZqbC 0XGd36gRHBdsK/07Q/wpqxDs/M5VKj3xRvwuE4TKqUR+Vh09/zfACuhBH B1nmaiX+Uv61IbayaIw8IkTmRFDvG2ePK8iJYQz+MndjOsx/UZLYnIsvv HHlh1mfEd5qPL/6A5ima1Tp6DFIRooFjvhskXfz1KUVMBqGZX+vUc1g32 w==; X-CSE-ConnectionGUID: /w7R8K5OTDeDrJqe2XoIdg== X-CSE-MsgGUID: Oz0HWs4cTNawcPedAV57ew== X-IronPort-AV: E=McAfee;i="6600,9927,11074"; a="23359552" X-IronPort-AV: E=Sophos;i="6.08,164,1712646000"; d="scan'208";a="23359552" Received: from fmviesa005.fm.intel.com ([10.60.135.145]) by orvoesa104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2024 03:44:50 -0700 X-CSE-ConnectionGUID: wjKu3xKkQ3yH316fiCEIWA== X-CSE-MsgGUID: cNzrnd0JQN2kqljDpR/TxQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,164,1712646000"; d="scan'208";a="35822114" Received: from unknown (HELO mev-dev) ([10.237.112.144]) by fmviesa005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2024 03:44:48 -0700 Date: Thu, 16 May 2024 12:44:13 +0200 From: Michal Swiatkowski To: Harald Welte Cc: Alexander Lobakin , Wojciech Drewek , netdev@vger.kernel.org, intel-wired-lan@lists.osuosl.org, linux-kernel@vger.kernel.org Subject: Re: [Intel-wired-lan] [PATCH net-next v6 00/21] ice: add PFCP filter support Message-ID: References: <20240327152358.2368467-1-aleksander.lobakin@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Wed, May 15, 2024 at 01:55:42PM +0200, Harald Welte wrote: > Daer Alexander, Wojciech, Hi Harald, > > forgive me for being late to the party, but I just saw the PFCP support > hitting Linus'' git repo in 1b294a1f35616977caddaddf3e9d28e576a1adbc > and was trying to figure out what it is all about. Is there some kind > of article, kernel documentation or other explanation about it? > > I have a prehistoric background in Linux kernel networking, and have > been spending much of the last two decades in creating open source > implemenmtations of 3GPP specifications. > > So I'm very familiar with what PFCP is, and what it does, and how it is > used as a protocol by the 3GPP control plane to control the user/data > plane. > > Conceptually it seems very odd to me to have something like *pfcp > net-devices*. PFCP is just a control plane protocol, not a tunnel > mechanism. > > From the Kconfig: > > > +config PFCP > > + tristate "Packet Forwarding Control Protocol (PFCP)" > > + depends on INET > > + select NET_UDP_TUNNEL > > + help > > + This allows one to create PFCP virtual interfaces that allows to > > + set up software and hardware offload of PFCP packets. > > I'm curious to understand why are *pfcp* packets hardware offloaded? > PFCP is just the control plane, similar to you can consider netlink the > control plane by which userspace programs control the data plane. > > I can fully understand that GTP-U packets are offloaded to kernel space or > hardware, and that then some control plane mechanism like PFCP is needed > to control that data plane. But offloading packets of that control > protocol? It is hard for me to answer your concerns, because oposite to you, I don't have any experience with telco implementations. We had client that want to add offload rule for PFCP in the same way as for GTP. Intel hardware support matching on specific PFCP packet parts. We spent some time looking at possible implementations. As you said, it is a little odd to follow the same scheme for GTP and PFCP, but it look for me like reasonable solution. The main idea is to allow user to match in tc flower on PFCP specific parts. To do that we need PFCP device (which is like dummy device for now, it isn't doing anything related to PFCP specification, only parsing). Do you have better idea for that? > > I also see the following in the patch: > > > +MODULE_DESCRIPTION("Interface driver for PFCP encapsulated traffic"); > > PFCP is not an encapsulation protocol for user plane traffic. It is not > a tunneling protocol. GTP-U is the tunneling protocol, whose > implementations (typically UPFs) are remote-controlled by PFCP. > Agree, it is done like that to simplify implementation and reuse kernel software stack. > > + Note that this module does not support PFCP protocol in the kernel space. > > + There is no support for parsing any PFCP messages. > > If I may be frank, why do we introduce something called "pfcp" to the > kernel, if it doesn't actually implement any of the PFCP specification > 3GPP TS 29.244 (which is specifying a very concrete protocol)? > > Once again, I just try to understand what you're trying to do here. It's > very much within my professional field, but I somehow cannot align what > I see within this patch set with my existing world view of what PFCP is > and how it works. > > If anyone else has a better grasp of the architecture of this kernel > PFCP support, or has any pointers, I'd be very happy to follow up > on that. This is the way to allow user to steer PFCP packet based on specific opts (type and seid) using tc flower. If you have better solution for that I will probably agree with you and will be willing to help you with better implementation. I assume the biggest problem here is with treating PFCP as a tunnel (done for simplification and reuse) and lack of any functionality of PFCP device (moving the PFCP specification implementation into kernel probably isn't good idea and may never be accepted). Offloading doesn't sound like problematic. If there is a user that want to use that (to offload for better performance, or even to steer between VFs based on PFCP specific parts) why not allow to do that? In your opinion there should not be the pfcp device in kernel, or the device should have more functionality (or any functionality, because now it is only parsing)? > > Thanks for your time, > Harald > Thanks, Michal > -- > - Harald Welte https://laforge.gnumonks.org/ > ============================================================================ > "Privacy in residential applications is a desirable marketing option." > (ETSI EN 300 175-7 Ch. A6)