[PATCH v5 net-next 01/14] netfilter: nf_flow_table_offload: Add nf_flow_encap_push() for xmit direct
Nikolay Aleksandrov
razor at blackwall.org
Thu Feb 6 06:38:17 PST 2025
On 2/4/25 21:49, Eric Woudstra wrote:
> Loosely based on wenxu's patches:
>
> "nf_flow_table_offload: offload the vlan/PPPoE encap in the flowtable".
>
> Fixed double vlan and pppoe packets, almost entirely rewriting the patch.
>
> After this patch, it is possible to transmit packets in the fastpath with
> outgoing encaps, without using vlan- and/or pppoe-devices.
>
> This makes it possible to use more different kinds of network setups.
> For example, when bridge tagging is used to egress vlan tagged
> packets using the forward fastpath. Another example is passing 802.1q
> tagged packets through a bridge using the bridge fastpath.
>
> This also makes the software fastpath process more similar to the
> hardware offloaded fastpath process, where encaps are also pushed.
>
> After applying this patch, always info->outdev = info->hw_outdev,
> so the netfilter code can be further cleaned up by removing:
> * hw_outdev from struct nft_forward_info
> * out.hw_ifindex from struct nf_flow_route
> * out.hw_ifidx from struct flow_offload_tuple
>
> Signed-off-by: Eric Woudstra <ericwouds at gmail.com>
> ---
> net/netfilter/nf_flow_table_ip.c | 96 +++++++++++++++++++++++++++++++-
> net/netfilter/nft_flow_offload.c | 6 +-
> 2 files changed, 96 insertions(+), 6 deletions(-)
>
Too bad the existing vlan push helpers can't be used. :)
Reviewed-by: Nikolay Aleksandrov <razor at blackwall.org>
More information about the linux-arm-kernel
mailing list