On Wed, Mar 25, 2020 at 11:38 PM Joe Stringer <joe@xxxxxxxxxxx> wrote: > > On Wed, Mar 25, 2020 at 11:25 PM Martin KaFai Lau <kafai@xxxxxx> wrote: > > > > On Wed, Mar 25, 2020 at 01:55:59PM -0700, Joe Stringer wrote: > > > On Wed, Mar 25, 2020 at 3:35 AM Lorenz Bauer <lmb@xxxxxxxxxxxxxx> wrote: > > > > > > > > On Wed, 25 Mar 2020 at 05:58, Joe Stringer <joe@xxxxxxxxxxx> wrote: > > > > > > > > > > From: Lorenz Bauer <lmb@xxxxxxxxxxxxxx> > > > > > > > > > > Attach a tc direct-action classifier to lo in a fresh network > > > > > namespace, and rewrite all connection attempts to localhost:4321 > > > > > to localhost:1234 (for port tests) and connections to unreachable > > > > > IPv4/IPv6 IPs to the local socket (for address tests). > > > > > > > > Can you extend this to cover UDP as well? > > > > > > I'm working on a follow-up series for UDP, we need this too. > > Other than selftests, what are the changes for UDP in patch 1 - 4? > > Nothing in those patches, I have refactoring of all of the socket > helpers, skc_lookup_udp() and adding flags to the socket lookup > functions to support only looking for a certain type of sockets - > established or listen. This helps to avoid multiple lookups in these > cases where you really just want to look up established sockets with > the packet tuple first then look up the listener socket with the > unrelated/tproxy tuple. For UDP it makes it easier to find the correct > socket and in general (including TCP) helps to avoid up to two socket > hashtable lookups for this use case. This part is because the current > helpers all look up the established socket first then the listener > socket, so for the first packet that hits these we perform both of > these lookups for the packet tuple (which finds nothing), then look up > an established socket for the target tuple (which finds nothing) then > finally a listen socket for the target tuple. It's about another 300+ > / 250- changes overall, of which a large chunk is one patch that > refactors the code into macros. I haven't narrowed down for sure > whether the lookup flags patch is required for UDP cases yet. FWIW I did some more testing and it was not apparent that skc_lookup_udp is at all necessary, I was able to roll in UDP support in the next revision of this series with no special extra patches. I'll keep working on those other optimizations in the background though.
