From: Jakub Kicinski Date: Thu, 16 Mar 2023 05:16:26 +0000 (-0700) Subject: Merge branch 'nfp-flower-add-support-for-multi-zone-conntrack' X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=6873465c1930e0caeccbe0f9987a7b4f9afbdac8;p=linux.git Merge branch 'nfp-flower-add-support-for-multi-zone-conntrack' Louis Peens says: ==================== nfp: flower: add support for multi-zone conntrack This series add changes to support offload of connection tracking across multiple zones. Previously the driver only supported offloading of a single goto_chain, spanning a single zone. This was implemented by merging a pre_ct rule, post_ct rule and the nft rule. This series provides updates to let the original post_ct rule act as the new pre_ct rule for a next set of merges if it contains another goto and conntrack action. In pseudo-tc rule format this adds support for: ingress chain 0 proto ip flower action ct zone 1 pipe action goto 1 ingress chain 1 proto ip flower ct_state +tr+new ct_zone 1 action ct_clear pipe action ct zone 2 pipe action goto 2 ingress chain 1 proto ip flower ct_state +tr+est ct_zone 1 action ct_clear pipe action ct zone 2 pipe action goto 2 ingress chain 2 proto ip flower ct_state +tr+new ct_zone 2 action mirred egress redirect dev ... ingress chain 2 proto ip flower ct_state +tr+est ct_zone 2 action mirred egress redirect dev ... This can continue for up to a maximum of 4 zone recirculations. The first few patches are some smaller preparation patches while the last one introduces the functionality. ==================== Link: https://lore.kernel.org/r/20230314063610.10544-1-louis.peens@corigine.com Signed-off-by: Jakub Kicinski --- 6873465c1930e0caeccbe0f9987a7b4f9afbdac8