ebddb14049
There are two nat functions are nearly the same in both OVS and TC code, (ovs_)ct_nat_execute() and ovs_ct_nat/tcf_ct_act_nat(). This patch creates nf_nat_ovs.c under netfilter and moves them there then exports nf_ct_nat() so that it can be shared by both OVS and TC, and keeps the nat (type) check and nat flag update in OVS and TC's own place, as these parts are different between OVS and TC. Note that in OVS nat function it was using skb->protocol to get the proto as it already skips vlans in key_extract(), while it doesn't in TC, and TC has to call skb_protocol() to get proto. So in nf_ct_nat_execute(), we keep using skb_protocol() which works for both OVS and TC contrack. Signed-off-by: Xin Long <lucien.xin@gmail.com> Acked-by: Aaron Conole <aconole@redhat.com> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
76 lines
2.3 KiB
Plaintext
76 lines
2.3 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
#
|
|
# Open vSwitch
|
|
#
|
|
|
|
config OPENVSWITCH
|
|
tristate "Open vSwitch"
|
|
depends on INET
|
|
depends on !NF_CONNTRACK || \
|
|
(NF_CONNTRACK && ((!NF_DEFRAG_IPV6 || NF_DEFRAG_IPV6) && \
|
|
(!NF_NAT || NF_NAT) && \
|
|
(!NETFILTER_CONNCOUNT || NETFILTER_CONNCOUNT)))
|
|
select LIBCRC32C
|
|
select MPLS
|
|
select NET_MPLS_GSO
|
|
select DST_CACHE
|
|
select NET_NSH
|
|
select NF_NAT_OVS if NF_NAT
|
|
help
|
|
Open vSwitch is a multilayer Ethernet switch targeted at virtualized
|
|
environments. In addition to supporting a variety of features
|
|
expected in a traditional hardware switch, it enables fine-grained
|
|
programmatic extension and flow-based control of the network. This
|
|
control is useful in a wide variety of applications but is
|
|
particularly important in multi-server virtualization deployments,
|
|
which are often characterized by highly dynamic endpoints and the
|
|
need to maintain logical abstractions for multiple tenants.
|
|
|
|
The Open vSwitch datapath provides an in-kernel fast path for packet
|
|
forwarding. It is complemented by a userspace daemon, ovs-vswitchd,
|
|
which is able to accept configuration from a variety of sources and
|
|
translate it into packet processing rules.
|
|
|
|
See http://openvswitch.org for more information and userspace
|
|
utilities.
|
|
|
|
To compile this code as a module, choose M here: the module will be
|
|
called openvswitch.
|
|
|
|
If unsure, say N.
|
|
|
|
config OPENVSWITCH_GRE
|
|
tristate "Open vSwitch GRE tunneling support"
|
|
depends on OPENVSWITCH
|
|
depends on NET_IPGRE
|
|
default OPENVSWITCH
|
|
help
|
|
If you say Y here, then the Open vSwitch will be able create GRE
|
|
vport.
|
|
|
|
Say N to exclude this support and reduce the binary size.
|
|
|
|
If unsure, say Y.
|
|
|
|
config OPENVSWITCH_VXLAN
|
|
tristate "Open vSwitch VXLAN tunneling support"
|
|
depends on OPENVSWITCH
|
|
depends on VXLAN
|
|
default OPENVSWITCH
|
|
help
|
|
If you say Y here, then the Open vSwitch will be able create vxlan vport.
|
|
|
|
Say N to exclude this support and reduce the binary size.
|
|
|
|
If unsure, say Y.
|
|
|
|
config OPENVSWITCH_GENEVE
|
|
tristate "Open vSwitch Geneve tunneling support"
|
|
depends on OPENVSWITCH
|
|
depends on GENEVE
|
|
default OPENVSWITCH
|
|
help
|
|
If you say Y here, then the Open vSwitch will be able create geneve vport.
|
|
|
|
Say N to exclude this support and reduce the binary size.
|