From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id F1A68A00C5; Sun, 5 Jul 2020 15:13:54 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 5A1D81DAE4; Sun, 5 Jul 2020 15:13:54 +0200 (CEST) Received: from dispatch1-us1.ppe-hosted.com (dispatch1-us1.ppe-hosted.com [67.231.154.164]) by dpdk.org (Postfix) with ESMTP id 719261DADC for ; Sun, 5 Jul 2020 15:13:53 +0200 (CEST) Received: from mx1-us1.ppe-hosted.com (unknown [10.110.50.137]) by dispatch1-us1.ppe-hosted.com (PPE Hosted ESMTP Server) with ESMTP id C410C20062; Sun, 5 Jul 2020 13:13:52 +0000 (UTC) Received: from us4-mdac16-61.at1.mdlocal (unknown [10.110.50.154]) by mx1-us1.ppe-hosted.com (PPE Hosted ESMTP Server) with ESMTP id C1BAF6009B; Sun, 5 Jul 2020 13:13:52 +0000 (UTC) X-Virus-Scanned: Proofpoint Essentials engine Received: from mx1-us1.ppe-hosted.com (unknown [10.110.49.108]) by mx1-us1.ppe-hosted.com (PPE Hosted ESMTP Server) with ESMTPS id 51F4C22004D; Sun, 5 Jul 2020 13:13:52 +0000 (UTC) Received: from webmail.solarflare.com (uk.solarflare.com [193.34.186.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1-us1.ppe-hosted.com (PPE Hosted ESMTP Server) with ESMTPS id C027414005A; Sun, 5 Jul 2020 13:13:51 +0000 (UTC) Received: from [192.168.38.17] (10.17.10.39) by ukex01.SolarFlarecom.com (10.17.10.4) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 5 Jul 2020 14:13:42 +0100 To: Adrien Mazarguil , Ori Kam CC: Dekel Peled , "ferruh.yigit@intel.com" , "john.mcnamara@intel.com" , "marko.kovacevic@intel.com" , Asaf Penso , Matan Azrad , Eli Britstein , "dev@dpdk.org" , Ivan Malov References: <5f9b4d30b81fa68ed875106785419a43cc7a6166.1590935677.git.dekelp@mellanox.com> <20200602190410.GU26320@6wind.com> From: Andrew Rybchenko Autocrypt: addr=arybchenko@solarflare.com; keydata= mQINBF2681gBEACbdTxu8eLL3UX2oAelsnK9GkeaJeUYSOHPJQpV7RL/iaIskqTwBRnhjXt7 j9UEwGA+omnOmqQMpeQTb/F9Ma2dYE+Hw4/t/1KVjxr3ehFaASvwR4fWJfO4e2l/Rk4rG6Yi 5r6CWU2y8su2654Fr8KFc+cMGOAgKoZTZHZsRy5lHpMlemeF+VZkv8L5sYJWPnsypgqlCG3h v6lbtfZs+QqYbFH6bqoZwBAl5irmxywGR7ZJr1GLUZZ1lfdazSY8r6Vz0/Ip/KVxGu2uxo81 QCsAj0ZsQtwji9Sds/prTiPrIjx8Fc/tfbnAuVuPcnPbczwCJACzQr4q26XATL3kVuZhSBWh 4XfO/EAUuEq5AemUG5DDTM87g7Lp4eT9gMZB6P+rJwWPNWTiV3L7Cn+fO+l9mTPnOqdzBgDe OaulKiNSft1o0DY4bGzOmM2ad2cZt0jfnbMPMTE9zsr6+RFa+M8Ct20o6U1MUE4vP6veErMK of4kZ8PdoMM+Sq1hxMPNtlcVBSP9xMmdSZPlfDYI5VWosOceEcz7XZdjBJKdwKuz70V7eac4 ITSxgNFCTbeJ03zL2MR5s0IvD9ghISAwZ6ieCjU5UATn5+63qpD0nVNLsAdb/UpfvQcKAmvj 0fKlxu/PMVkjBa7/4cfNogYOhWDKUO+1pMaFwvb6/XTo6uMpfQARAQABtCxBbmRyZXcgUnli Y2hlbmtvIDxhcnliY2hlbmtvQHNvbGFyZmxhcmUuY29tPokCVAQTAQoAPhYhBP6NPgcKRj/Y X0yXQahue0sAy4m+BQJduvNYAhsDBQkB4TOABQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJ EKhue0sAy4m+t3gP/j1MNc63CEozZo1IZ2UpVPAVWTYbLdPjIRdFqhlwvZYIgGIgIBk3ezKL K0/oc4ZeIwL6wQ5+V24ahuXvvcxLlKxfbJ6lo2iQGC7GLGhsDG9Y2k6sW13/sTJB/XuR2yov k5FtIgJ+aHa1PDZnepnGGOt9ka9n/Jzrc9WKYapOIIyLRe9U26ikoVgyqsD37PVeq5tLWHHA NGTUKupe9G6DFWidxx0KzyMoWDTbW2AWYcEmV2eQsgRT094AZwLFN5ErfefYzsGdO8TAUU9X YTiQN2MvP1pBxY/r0/5UfwV4UKBcR0S3ZvzyvrPoYER2Kxdf/qurx0Mn7StiCQ/JlNZb/GWQ TQ7huduuZHNQKWm7ufbqvKSfbPYvfl3akj7Wl8/zXhYdLqb5mmK45HXrgYGEqPN53OnK2Ngx IgYKEWr05KNv09097jLT5ONgYvszflqlLIzC4dV245g7ucuf9fYmsvmM1p/gFnOJBJL18YE5 P1fuGYNfLP+qp4WMiDqXlzaJfB4JcinyU49BXUj3Utd6f6sNBsO8YWcLbKBV9WmA324S3+wj f4NPRp3A5E+6OmTVMLWire2ZvnYp3YvifUj1r8lhoZ2B2vKuWwiTlHOKYBEjnOQJQnqYZEF0 JQQ1xzVDBQKE01BPlA3vy6BGWe6I4psBVqMOB9lAev/H+xa4u6Z3uQINBF269JsBEAC2KB3W 8JES/fh74avN7LOSdK4QA7gFIUQ4egVL81KnxquLzzilABuOhmZf3Rq6rMHSM8xmUAWa7Dkt YtzXStjEBI/uF0mAR3mMz1RcL2Wp+WD/15HjVpA7hPjXSEsWY0K2ymPerK4yrLcfFTHdMonY JfuACCC9NtOZxrWHOJoUS+RT7AWk80q/6D2iwQ47/2dBTznVG+gSeHSes9l91TB09w6f9JX/ sT+Ud0NQfm7HJ7t2pmGI9O6Po/NLZsDogmnIpJp/WwYOZN9JK7u2FyX2UyRzR8jK42aJkRsh DXs16Cc2/eYGakjrdO3x9a+RoxN7EuFtYhGR1PzMXdUiB5i+FyddYXkYUyO43QE/3VPA5l1v TUOagzZq6aONsdNonGJkV3TIG3JmUNtM+D/+r6QKzmgoJ8w576JxEZI09I/ZFN+g7BnUmlMx 6Z3IUOXVX/SWfGFga0YajwajHz03IBhChEbYbbqndVhmshu2GFURxrfUPYWdDXEqkh+08a5U Didia9jm2Opv4oE1e1TXAePyYJl/Zyps4Cv00GObAxibvMBQCUZQ+IBnNldRBOwXXRQV2xpx P+9iO1VYA/QXn0KqRK+SH1JGRXbJYi42YFaW1gE0EU0fiR2Wb9pK+doNEjjOhlzUGuvOEAUS +4m0m3dlfEvpCV9GMr7ERRpZzh9QkQARAQABiQI8BBgBCgAmFiEE/o0+BwpGP9hfTJdBqG57 SwDLib4FAl269JsCGwwFCQlmAYAACgkQqG57SwDLib7x6g//e+eCtNnJz7qFGbjWRJYNLCe5 gQwkhdyEGk4omr3VmjGj3z9kNFy/muh4pmHUngSAnnpwZggx14N4hhKf9y8G4Dwvsqa6b1zB Jq/c4t/SBDtGW4M/E331N04PaQZpcrbTfp1KqHNknk2N7yOk4CcoLVuIZmA5tPguASV8aAfz ZwhWAwn6vUEw9552eXEAnGFGDTCbyryNwzB5jtVQOEEDjTxcCkpcXMB45Tb1QUslRTu/sBAe HhPCQSUcJHR+KOq+P6yKICGAr291PZd6Qc7C3UyE+A3pY/UfdEVWj0STBWx1qvYLaHLrI4O9 KXDgh7luLjZZafcueCaPYmNo4V2lmNb3+7S4TvqhoZS+wN+9ldRQ4gH3wmRZybN6Y/ZCqxol RaZpE3AqdWsGvIgAkD0FpmtZNii9s2pnrhw0K6S4t4tYgXGTossxNSJUltfFQZdXM1xkZhtv dBZuUEectbZWuviGvQXahOMuH2pM64mx2hpdZzPcI2beeJNHkAsGT2KcaMETgvtHUBFRlLVB YxsUYz3UZmi2JSua4tbcGd6iWVN90eb8CxszYtivfpz6o2nPSjNwg0NaVGSHXjAK0tdByZ9t SkwjC3tEPljVycRSDpbauogOiAkvjENfaPd/H26V5hY822kaclaKDAW6ZG9UKiMijcAgb9u5 CJoOyqE8aGS5Ag0EXbr1RwEQAMXZHbafqmZiu6Kudp+Filgdkj2/XJva5Elv3fLfpXvhVt0Y if5Rzds3RpffoLQZk9nPwK8TbZFqNXPu7HSgg9AY7UdCM94WRFTkUCGKzbgiqGdXZ7Vyc8cy teGW+BcdfQycDvjfy50T3fO4kJNVp2LDNdknPaZVe8HJ80Od63+9ksB6Ni+EijMkh6Uk3ulB CSLnT4iFV57KgU2IsxOQVLnm+0bcsWMcCnGfphkY0yKP+aJ6MfmZkEeaDa7kf24N14ktg50m vOGDitcxA/+XXQXOsOIDJx1VeidxYsQ2FfsKu1G8+G6ejuaLf4rV5MI/+B/tfLbbOdikM5PF pxZVgTir9q13qHumMxdme7w5c7hybW412yWAe9TsrlXktFmFjRSFzAAxQhQSQxArS6db4oBk yeYJ59mW52i4occkimPWSm/raSgdSM+0P6zdWUlxxj+r1qiLgCYvruzLNtp5Nts5tR/HRQjE /ohQYaWDSVJEsc/4eGmgwzHzmvHtXeKkasn01381A1Lv3xwtpnfwERMAhxBZ8EGKEkc5gNdk vIPhknnGgPXqKmE1aWu8LcHiY+RHAF8gYPCDMuwyzBYnbiosKcicuIUp0Fj8XIaPao6F+WTi In4UOrqrYhsaCUvhVjsTBbNphGih9xbFJ8E+lkTLL8P3umtTcMPnpsB4xqcDABEBAAGJBHIE GAEKACYWIQT+jT4HCkY/2F9Ml0GobntLAMuJvgUCXbr1RwIbAgUJCWYBgAJACRCobntLAMuJ vsF0IAQZAQoAHRYhBNTYjdjWgdaEN5MrAN+9UR5r/4d3BQJduvVHAAoJEN+9UR5r/4d3EiQP /3lyby6v49HTU94Q2Fn2Xat6uifR7kWE5SO/1pUwYzx6v+z5K2jqPgqUYmuNoejcGl0CTNhg LbsxzUmAuf1OTAdE+ZYvOAjjKQhY4haxHc4enby/ltnHfWJYWJZ9UN5SsIQLvITvYu6rqthO CYjpXJhwkj3ODmC9H1TrvjrBGc6i7CTnR8RCjMEwCs2LI2frHa4R6imViEr9ScMfUnzdABMQ B0T5MOg8NX92/FRjTldU2KovG0ML9mSveSvVHAoEBLy4UIs5nEDdNiO1opJgKb5CXvWQugub 7AR52phNdKVdEB0S4tigJT4NalyTaPiUhFEm+CzZpMQDJ5E+/OowaPRfN4HeJX+c8sB+vUAZ mkAaG75N+IEk5JKFK9Z+bBYgPgaBDFZYdWDB/TMH0ANt+KI5uYg0i12TB4M8pwKG1DEPUmWc F2YpvB3jnbwzsOpSFiJOOlSs6nOB0Sb5GRtPOO3h6XGj+6mzQd6tcL63c9TrrUkjq7LDkxCz SJ2hTYRC8WNX8Uw9skWo5728JNrXdazEYCenUWmYiKLNKLslXCFodUCRDh/sUiyqRwS7PHEA LYC/UIWLMomI0Yvju3KA5v3RQVXhL+Gx2CzSj3GDz9xxGhJB2LfRfjzPbTR/Z27UpjCkd8z0 Ro3Ypmi1FLQwnRgoOKDbetTAIhugEShaLTITzJAP/iRDJCQsrZah5tE8oIl81qKEmBJEGcdt HYikbpQe7ydcXhqTj7+IECa3O7azI5OhCxUH2jNyonJ/phUslHH2G1TTBZK8y4Hrx5RpuRNS esn3P9uKu9DHqBAL7DMsCPwb2p1VNnapD72DBmRhzS/e6zS2R4+r9yNv03Hv7VCxKkmtE63H qpS//qpjfrtsIcHAjnKDaDtL1LYCtHoweI+DOpKKULSAYp/JE6F8LNibPQ0/P3S5ZIJNC4QZ uESjFOalJwFIqGQdkQB7ltRNJENLrHc+2jKGOuyFHm/Sbvp5EMGdaeQ0+u8CY0P+y6oXenwx 7WrJz/GvbNoFhJoJ6RzxCMQrFgxrssVZ7w5HcUj94lbnJ6osdYE/WpSd50B6jet6LKh5revg u9XI9CoqsPQ1V4wKYYdllPuogCye7KNYNKuiiuSNpaF4gHq1ZWGArwZtWHjgc2v3LegOpRQF SwOskMKmWsUyHIRMG1p8RpkBQTqY2rGSeUqPSvaqjT0nq+SUEM6qxEXD/2Wqri/X6bamuPDb S0PkBvFD2+0zr5Bc2YkMGPBYPNGZiTp3UjmZlLfn3TiBKIC92jherY563CULjSsiBEJCOSvv 4VPLn5aAcfbCXJnE3IGCp/hPl50iQqu7BPOYBbWXeb9ptDjGCAThNxSz0WAXkmcjAFE8gdE6 Znk9 Message-ID: <10dbc70e-4cc3-58bc-2a98-8ff48aea6958@solarflare.com> Date: Sun, 5 Jul 2020 16:13:30 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 In-Reply-To: <20200602190410.GU26320@6wind.com> Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [10.17.10.39] X-ClientProxiedBy: ocex03.SolarFlarecom.com (10.20.40.36) To ukex01.SolarFlarecom.com (10.17.10.4) X-TM-AS-Product-Ver: SMEX-12.5.0.1300-8.6.1012-25522.003 X-TM-AS-Result: No-20.334600-8.000000-10 X-TMASE-MatchedRID: yebcs53SkkDmLzc6AOD8DfHkpkyUphL9qeqeEI2dZm0SgmfkOsgfKvr1 9knkSjvrDfLFCF+SnFmA+dANkvG1XuSoohD2GVbP+ACG5oWJ7tKPGXEebjsPOpl8NETW6pKCC+b 8FVRazfsxHeOZQaqjwJOqbAAm8P7IHEsuFokV5zfsu44QBj0GpHIqSD9/oJNAUCgEErrUGFzuQ3 DyeRFpefSOAcmGrnnj6CB6MSpcclxSQAJO4/Vvl07CajSVoNFsguwtqyXlE6HwJYZa/L83HZD2y 7vOr03Qh2NvrSZa5Fuwojg8R+NsFAwoXPTi0zqHFvAJe/W5wA8Hgh3sKJBzP81YMD+2TGH/uRxF /UcyqxaZL/ZMYGYQsQC/b4aTkuDFu7PzMYLlcQdHQFjzAbvJEFdEEmf6TRVBwCTIeJgMBBsk9Qq It4u1P2h1Tejg/mB54YDO5a1ajtjFQqbUkZrXpxwu4QM/6CpyGnGYpZN+xAjmQJUUegCCe4i6yF TH7VfQQP8A41UN6KDItcCyqa/X13Hd1v7OO3lsD3uYMxd01bdE9JRrX2yv6dvgL7Kv8y9Bw9M1T rvkSYfdgm4gOEDta72KdMT7UuIv7igYWrzLr2Mdt2/pSR7zwBlKjo8zguyKabJxhiIFjJmHWy6O TYKZ48+AZJWMCfEWyGTqaVoqfdfpUD+jlob/rEcBrlP0XFuWIiTd2l7lf6ERGC0rW8q1Xfon0k/ OvQV1+4gvAjsNxrtQSUm5CsBM4Q50miWaCEKM4M3l0EeXvQ3NUTeBBPKQKm3D6f6IpbLInHSNDe QYs3absWYknkK3GIp7crTbZpm3FWShJ/8FoNeeAiCmPx4NwFkMvWAuahr8+gD2vYtOFhgqtq5d3 cxkNQP90fJP9eHt X-TM-AS-User-Approved-Sender: Yes X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--20.334600-8.000000 X-TMASE-Version: SMEX-12.5.0.1300-8.6.1012-25522.003 X-MDID: 1593954832-0AWAbSw9W13W Subject: Re: [dpdk-dev] [RFC] ethdev: add fragment attribute to IPv6 item X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On 6/2/20 10:04 PM, Adrien Mazarguil wrote: > Hi Ori, Andrew, Delek, > > (been a while eh?) > > On Tue, Jun 02, 2020 at 06:28:41PM +0000, Ori Kam wrote: >> Hi Andrew, >> >> PSB, > [...] >>>> diff --git a/lib/librte_ethdev/rte_flow.h b/lib/librte_ethdev/rte_flow.h >>>> index b0e4199..3bc8ce1 100644 >>>> --- a/lib/librte_ethdev/rte_flow.h >>>> +++ b/lib/librte_ethdev/rte_flow.h >>>> @@ -787,6 +787,8 @@ struct rte_flow_item_ipv4 { >>>> */ >>>> struct rte_flow_item_ipv6 { >>>> struct rte_ipv6_hdr hdr; /**< IPv6 header definition. */ >>>> + uint32_t is_frag:1; /**< Is IPv6 packet fragmented/non-fragmented. */ >>>> + uint32_t reserved:31; /**< Reserved, must be zero. */ >>> >>> The solution is simple, but hardly generic and adds an >>> example for the future extensions. I doubt that it is a >>> right way to go. >>> >> I agree with you that this is not the most generic way possible, >> but the IPV6 extensions are very unique. So the solution is also unique. >> In general, I'm always in favor of finding the most generic way, but sometimes >> it is better to keep things simple, and see how it goes. > > Same feeling here, it doesn't look right. > >>> May be we should add 256-bit string with one bit for each >>> IP protocol number and apply it to extension headers only? >>> If bit A is set in the mask: >>> - if bit A is set in spec as well, extension header with >>> IP protocol (1 << A) number must present >>> - if bit A is clear in spec, extension header with >>> IP protocol (1 << A) number must absent >>> If bit is clear in the mask, corresponding extension header >>> may present and may absent (i.e. don't care). >>> >> There are only 12 possible extension headers and currently none of them >> are supported in rte_flow. So adding a logic to parse the 256 just to get a max of 12 >> possible values is an overkill. Also, if we disregard the case of the extension, >> the application must select only one next proto. For example, the application >> can't select udp + tcp. There is the option to add a flag for each of the >> possible extensions, does it makes more sense to you? > > Each of these extension headers has its own structure, we first need the > ability to match them properly by adding the necessary pattern items. > >>> The RFC indirectly touches IPv6 proto (next header) matching >>> logic. >>> >>> If logic used in ETH+VLAN is applied on IPv6 as well, it would >>> make pattern specification and handling complicated. E.g.: >>> eth / ipv6 / udp / end >>> should match UDP over IPv6 without any extension headers only. >>> >> The issue with VLAN I agree is different since by definition VLAN is >> layer 2.5. We can add the same logic also to the VLAN case, maybe it will >> be easier. >> In any case, in your example above and according to the RFC we will >> get all ipv6 udp traffic with and without extensions. >> >>> And how to specify UPD over IPv6 regardless extension headers? >> >> Please see above the rule will be eth / ipv6 /udp. >> >>> eth / ipv6 / ipv6_ext / udp / end >>> with a convention that ipv6_ext is optional if spec and mask >>> are NULL (or mask is empty). >>> >> I would guess that this flow should match all ipv6 that has one ext and the next >> proto is udp. > > In my opinion RTE_FLOW_ITEM_TYPE_IPV6_EXT is a bit useless on its own. It's > only for matching packets that contain some kind of extension header, not a > specific one, more about that below. > >>> I'm wondering if any driver treats it this way? >>> >> I'm not sure, we can support only the frag ext by default, but if required we can support other >> ext. >> >>> I agree that the problem really comes when we'd like match >>> IPv6 frags or even worse not fragments. >>> >>> Two patterns for fragments: >>> eth / ipv6 (proto=FRAGMENT) / end >>> eth / ipv6 / ipv6_ext (next_hdr=FRAGMENT) / end >>> >>> Any sensible solution for not-fragments with any other >>> extension headers? >>> >> The one propose in this mail 😊 >> >>> INVERT exists, but hardly useful, since it simply says >>> that patches which do not match pattern without INVERT >>> matches the pattern with INVERT and >>> invert / eth / ipv6 (proto=FRAGMENT) / end >>> will match ARP, IPv4, IPv6 with an extension header before >>> fragment header and so on. >>> >> I agree with you, INVERT in this doesn’t help. >> We were considering adding some kind of not mask / item per item. >> some think around this line: >> user request ipv6 unfragmented udp packets. The flow would look something >> like this: >> Eth / ipv6 / Not (Ipv6.proto = frag_proto) / udp >> But it makes the rules much harder to use, and I don't think that there >> is any HW that support not, and adding such feature to all items is overkill. >> >> >>> Bit string suggested above will allow to match: >>> - UDP over IPv6 with any extension headers: >>> eth / ipv6 (ext_hdrs mask empty) / udp / end >>> - UDP over IPv6 without any extension headers: >>> eth / ipv6 (ext_hdrs mask full, spec empty) / udp / end >>> - UDP over IPv6 without fragment header: >>> eth / ipv6 (ext.spec & ~FRAGMENT, ext.mask | FRAGMENT) / udp / end >>> - UDP over IPv6 with fragment header >>> eth / ipv6 (ext.spec | FRAGMENT, ext.mask | FRAGMENT) / udp / end >>> >>> where FRAGMENT is 1 << IPPROTO_FRAGMENT. >>> >> Please see my response regarding this above. >> >>> Above I intentionally keep 'proto' unspecified in ipv6 >>> since otherwise it would specify the next header after IPv6 >>> header. >>> >>> Extension headers mask should be empty by default. > > This is a deliberate design choice/issue with rte_flow: an empty pattern > matches everything; adding items only narrows the selection. As Andrew said > there is currently no way to provide a specific item to reject, it can only > be done globally on a pattern through INVERT that no PMD implements so far. > > So we have two requirements here: the ability to specifically match IPv6 > fragment headers and the ability to reject them. > I think that one of key requirements here is an ability to say that an extension header may be anywhere (or it must be no extension header anywhere), since specification using a pattern item suggests specified order of items, but it could be other extension headers before frag header and after it before UDP protocol header. > To match IPv6 fragment headers, we need a dedicated pattern item. The > generic RTE_FLOW_ITEM_TYPE_IPV6_EXT is useless for that on its own, it must > be completed with RTE_FLOW_ITEM_TYPE_IPV6_EXT_FRAG and associated object > to match individual fields if needed (like all the others > protocols/headers). > Yes, I agree, but it is strictly required if we want to match on fragment header content or see it in exact place in next protocols chain. > Then to reject a pattern item... My preference goes to a new "NOT" meta item > affecting the meaning of the item coming immediately after in the pattern > list. That would be ultra generic, wouldn't break any ABI/API and like > INVERT, wouldn't even require a new object associated with it. > Yes, that's true, but I'm not sure if it is easy to do in HW. Also, *NOT* scope could be per item field in fact, not whole item. It sounds like it is getting more and more complicated. > To match UDPv6 traffic when there is no fragment header, one could then do > something like: > > eth / ipv6 / not / ipv6_ext_frag / udp > > PMD support would be trivial to implement (I'm sure!) > The problem is an interpretation of the above pattern. Strictly speaking only UDP packets with exactly one not frag extension header match the pattern. What about packets without any extension headers? Or packet with two (more) extension headers when the first one is not frag header? > We may later implement other kinds of "operator" items as Andrew suggested, > for bit-wise stuff and so on. Let's keep adding features on a needed basis > though. > Thanks, Andrew.