tc and ip fragments
play

tc and IP fragments Once defragmented, how to output them? Marcelo - PowerPoint PPT Presentation

Feb 03, 2024 •144 likes •201 views

tc and IP fragments Once defragmented, how to output them? Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> The issue act_ct can do IP defrag But once that big packet is returned by it, tc (mirred) cant output it

  1. tc and IP fragments Once defragmented, how to output them? Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>

  2. The issue ● act_ct can do IP defrag ● But once that big packet is returned by it, tc (mirred) can’t output it ○ act_mirred has no knowledge today about IP fragments ■ The net device will reject it ○ No other action can output packets (not considering act_bpf) ● Issue noticed and patch proposed by wenxu: ○ https://lore.kernel.org/netdev/1593485646-14989-1-git-send-email-wenxu%40ucloud.cn/T/ ○ [PATCH net] net/sched: act_mirred: fix fragment the packet after defrag in act_ct ■ Rejected by Cong Wang

  3. Current state ● wenxu sent a new patch ○ https://lore.kernel.org/netdev/1596163501-7113-1-git-send-email-wenxu%40ucloud.cn/T/ ○ [PATCH net v2] net/sched: act_ct: fix miss set mru for ovs after defrag in act_ct ○ It is enough for OVS, but only for it ■ Relies on a chain miss so that the packet is picked up by OVS and output using its kernel datapath ○ Still needs a tc-only fix

  4. Sample of usage tc filter add dev ens1f0_0 ingress prio 1 chain 0 proto ip flower ip_proto tcp ct_state -trk action ct nat pipe action goto chain 2 tc filter add dev ens1f0_0 ingress prio 1 chain 2 proto ip flower ct_state +trk+new action ct nat dst addr 3.3.3.42 commit pipe action mirred egress redirect dev ens1f0_1 tc filter add dev ens1f0_0 ingress prio 1 chain 2 proto ip flower ct_state +trk+est action mirred egress redirect dev ens1f0_1

  5. Brainstorm: how tc can output it on its own? ● tc pipeline works with a single packet at a time: ○ act_ct can’t just return a list of packets ■ Multiple return codes in tcf_action_exec... ○ act_ct needs the reassembled packet in a second moment (nat on new entries) ● Similar to wenxu’s original approach: fix it in act_mirred, but only enable the feature if a flag says so ○ act_l3mirred ? ● (Ab)use interface backlog ○ Similar to reclassify, but doesn’t need to hold context ○ Adds latency (and reordering), but it’s IP frags anyway ● To be considered: ICMPs FragNeeded ● ?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lab 8 Fragments KUAN-TING LAI 2020/10/8 Fragments: Make It Modular Fragments:

Lab 8 Fragments KUAN-TING LAI 2020/10/8 Fragments: Make It Modular Fragments:

Lab 8 Fragments KUAN-TING LAI 2020/10/8 Fragments: Make It Modular Fragments: Reusable Components Develop a workout APP Griffiths et al. Head First Android Development: A Brain- Friendly Guide , O'Reilly Media, Chapter 9.

599 views • 35 slides
Chemspace Modifiable Fragments Acid fragments and Amine fragments Description Presence of

Chemspace Modifiable Fragments Acid fragments and Amine fragments Description Presence of

Chemspace Modifiable Fragments Acid fragments and Amine fragments Description Presence of modification points in the FBDD hits enables their further developability and/or combining of the different hits in one larger molecule. We created two

503 views • 6 slides
Presenting Fragments as Quotations or Quotations as Fragments A Digital Edition of the Fragments

Presenting Fragments as Quotations or Quotations as Fragments A Digital Edition of the Fragments

Presenting Fragments as Quotations or Quotations as Fragments A Digital Edition of the Fragments of Demetrios of Scepsis Dr Alexandra Trachsel 19th February 2013 Digital Classicist Seminars Berlin Context Demetrios of Scepsis: 2nd

471 views • 20 slides
CS 403X Mobile and Ubiquitous Computing Lecture 8: Fragments Camera Emmanuel Agu Fragments

CS 403X Mobile and Ubiquitous Computing Lecture 8: Fragments Camera Emmanuel Agu Fragments

CS 403X Mobile and Ubiquitous Computing Lecture 8: Fragments Camera Emmanuel Agu Fragments Recall: Fragments Sub components of an Activity (screen) An activity can contain multiple fragments, organized differently on different devices

565 views • 31 slides
CS 4518 Mobile and Ubiquitous Computing Lecture 7: Fragments, Camera Emmanuel Agu Fragments

CS 4518 Mobile and Ubiquitous Computing Lecture 7: Fragments, Camera Emmanuel Agu Fragments

CS 4518 Mobile and Ubiquitous Computing Lecture 7: Fragments, Camera Emmanuel Agu Fragments Recall: Fragments Sub-components of an Activity (screen) An activity can contain multiple fragments, organized differently on different

552 views • 34 slides
CS 528 Mobile and Ubiquitous Computing Lecture 4a: Fragments, Database and Firebase Cloud API

CS 528 Mobile and Ubiquitous Computing Lecture 4a: Fragments, Database and Firebase Cloud API

CS 528 Mobile and Ubiquitous Computing Lecture 4a: Fragments, Database and Firebase Cloud API Emmanuel Agu Fragments Recall: Fragments Sub-components of an Activity (screen) An activity can contain multiple fragments, organized

861 views • 37 slides
CS378 - Mobile Computing What's Next? Fragments Added in Android 3.0, a release aimed at

CS378 - Mobile Computing What's Next? Fragments Added in Android 3.0, a release aimed at

CS378 - Mobile Computing What's Next? Fragments Added in Android 3.0, a release aimed at tablets A fragment is a portion of the UI in an Activity multiple fragments can be combined into multi-paned UI fragments can be used in

557 views • 26 slides
Admissible Rules of (Fragments of) R-Mingle Admissible Rules of (Fragments of) R-Mingle Laura

Admissible Rules of (Fragments of) R-Mingle Admissible Rules of (Fragments of) R-Mingle Laura

The logic R-Mingle RM t Finding the bases Further Work References Admissible Rules of (Fragments of) R-Mingle Admissible Rules of (Fragments of) R-Mingle Laura Janina Schn uriger Admissible Rules of (Fragments of) R-Mingle joint work

757 views • 38 slides
Chemspace Heavy Fragments Description Aside of NMR, X ray crystallography is a technique that

Chemspace Heavy Fragments Description Aside of NMR, X ray crystallography is a technique that

Chemspace Heavy Fragments Description Aside of NMR, X ray crystallography is a technique that is often used to determine/prove the interaction of the molecule with target protein. Fragments for this type of screening are brominated small

455 views • 6 slides
Finite Model Reasoning in Expressive Fragments of First-Order Logic Lidia Tendera Institute of

Finite Model Reasoning in Expressive Fragments of First-Order Logic Lidia Tendera Institute of

Introduction/Motivation Base Fragments Extensions of Base Fragments Deciding (Fin)Sat Conclusion Finite Model Reasoning in Expressive Fragments of First-Order Logic Lidia Tendera Institute of Mathematics and Informatics Opole University,

595 views • 43 slides
From Small Carbon Fragments to Self- From Small Carbon Fragments to Self- Assembled Fullerenes in

From Small Carbon Fragments to Self- From Small Carbon Fragments to Self- Assembled Fullerenes in

From Small Carbon Fragments to Self- From Small Carbon Fragments to Self- Assembled Fullerenes in Quantum Assembled Fullerenes in Quantum Chemical Molecular Dynamics Chemical Molecular Dynamics Guishan Zheng, Keiji Morokuma, and Stephan Irle

931 views • 30 slides
Identify potential adjacent fragments and computer their alignments based on color/texture

Identify potential adjacent fragments and computer their alignments based on color/texture

Identify potential adjacent fragments and computer their alignments based on color/texture consistency and geometry of boundary contours Select and extract the correct alignments among fragments by considering all the matches in the

533 views • 9 slides
Bootstrapping Dependency Grammars from Sentence Fragments via Austere Models Valentin I.

Bootstrapping Dependency Grammars from Sentence Fragments via Austere Models Valentin I.

Bootstrapping Dependency Grammars from Sentence Fragments via Austere Models Valentin I. Spitkovsky with Daniel Jurafsky (Stanford University) and Hiyan Alshawi (Google Inc.) Spitkovsky et al. (Stanford &amp; Google) Incomplete Fragments /

1.26k views • 85 slides
Chemspace Pre-Plated Compounds Description Discover our sets of Pre-Plated compounds! Fragments

Chemspace Pre-Plated Compounds Description Discover our sets of Pre-Plated compounds! Fragments

Chemspace Pre-Plated Compounds Description Discover our sets of Pre-Plated compounds! Fragments LeadLike The large Hit Discovery set is assembled of 5 focused subsets: Representative, Unique, DrugLike, LeadLike, DrugLike and Fragments.

101 views • 6 slides
Propositional Fragments for Knowledge Compilation and Quantified Boolean Formulae Sylvie

Propositional Fragments for Knowledge Compilation and Quantified Boolean Formulae Sylvie

Propositional Fragments for Knowledge Compilation and Quantified Boolean Formulae Propositional Fragments for Knowledge Compilation and Quantified Boolean Formulae Sylvie Coste-Marquis Daniel Le Berre Florian Letombe Pierre Marquis CRIL, CNRS

563 views • 32 slides
Fragments of peptoid 1: Synthesis of N -subs8tuted glycine

Fragments of peptoid 1: Synthesis of N -subs8tuted glycine

Fragments of peptoid 1: Synthesis of N -subs8tuted glycine monomers Franziska Kohl and Michael Gtschow* Pharmaceu*cal Ins*tute, Pharmaceu*cal Chemistry

301 views • 14 slides
Superfetch : everything you need to know about privacy Mathilde Venault &amp; Baptiste David

Superfetch : everything you need to know about privacy Mathilde Venault &amp; Baptiste David

Superfetch : everything you need to know about privacy Mathilde Venault &amp; Baptiste David c0c0n India 2020 About t us Laval, France Mathilde VENAULT venault@et.esiea.fr Baptiste DAVID bdavid@et.esiea.fr What is is it it ? Resource

709 views • 56 slides
Project Heapbleed Thoughts on heap exploitation abstraction (WIP) ZeroNights 2014 PATROKLOS

Project Heapbleed Thoughts on heap exploitation abstraction (WIP) ZeroNights 2014 PATROKLOS

Project Heapbleed Thoughts on heap exploitation abstraction (WIP) ZeroNights 2014 PATROKLOS ARGYROUDIS CENSUS S.A. argp@census-labs.com www.census-labs.com Who am I Researcher at CENSUS S.A. Vulnerability research, reverse

572 views • 44 slides
Reconfigurable and Adaptive Systems (RAS) Lars Bauer, Jrg Henkel - 1 - Institut fr

Reconfigurable and Adaptive Systems (RAS) Lars Bauer, Jrg Henkel - 1 - Institut fr

Institut fr Technische Informatik Chair for Embedded Systems - Prof. Dr. J. Henkel Vorlesung im SS 2014 Reconfigurable and Adaptive Systems (RAS) Lars Bauer, Jrg Henkel - 1 - Institut fr Technische Informatik Chair for Embedded Systems

882 views • 28 slides
Performance Visualizations Brendan Gregg Software Engineer USENIX/LISA10 November, 2010

Performance Visualizations Brendan Gregg Software Engineer USENIX/LISA10 November, 2010

Performance Visualizations Brendan Gregg Software Engineer USENIX/LISA10 November, 2010 brendan.gregg@joyent.com GDay, Im Brendan ... also known as shouting guy 2 3 I do performance

1.78k views • 135 slides
Memory Management Techniques for Large-Scale Persistent-Main-Memory Systems [VLDB 2017] Ismail

Memory Management Techniques for Large-Scale Persistent-Main-Memory Systems [VLDB 2017] Ismail

Memory Management Techniques for Large-Scale Persistent-Main-Memory Systems [VLDB 2017] Ismail Oukid, Daniel Booss, Adrien Lespinasse, Wolfgang Lehner, Thomas Willhalm, Grgoire Gomes Non-Volatile Memories Workshop March 12, 2018 PUBLIC

714 views • 21 slides
Slab allocators in the Linux Kernel: SLAB, SLOB, SLUB Christoph Lameter, LCA 2015 Auckland/New

Slab allocators in the Linux Kernel: SLAB, SLOB, SLUB Christoph Lameter, LCA 2015 Auckland/New

Slab allocators in the Linux Kernel: SLAB, SLOB, SLUB Christoph Lameter, LCA 2015 Auckland/New Zealand (Revision Jan 15, 2015) The Role of the Slab allocator in Linux PAGE_SIZE (4k) basic allocation unit via page allocator. Allows

1.26k views • 39 slides
Module 7: Creating and Maintaining Indexes Overview Creating Indexes Creating Index

Module 7: Creating and Maintaining Indexes Overview Creating Indexes Creating Index

Module 7: Creating and Maintaining Indexes Overview Creating Indexes Creating Index Options Maintaining Indexes Introduction to Statistics Querying the sysindexes Table Setting Up Indexes Using the Index Tuning Wizard

554 views • 27 slides
CS 241 Data Organization Linked Lists March 27, 2018 Linked List A B C D E NULL A

CS 241 Data Organization Linked Lists March 27, 2018 Linked List A B C D E NULL A

CS 241 Data Organization Linked Lists March 27, 2018 Linked List A B C D E NULL A linked list is a data structure that consists of a sequence of data records such that in each record there is a field that contains a reference (a

474 views • 13 slides

More recommend