Re: [PATCH net] bnxt_en: ethtool: Fix ip[6] ntuple rule verification

From: Michael Chan
Date: Mon Nov 04 2024 - 12:22:36 EST


On Fri, Nov 1, 2024 at 3:42 PM Daniel Xu <dxu@xxxxxxxxx> wrote:
> On Fri, Nov 01, 2024 at 12:20:44PM GMT, Michael Chan wrote:
> > Thanks for the patch. I think the original author Vikas intended the
> > user to do this for ip only filters:
> >
> > ethtool -N eth0 flow-type ip6 dst-ip $IP6 l4_proto 0xff context 1
> >
> > But your patch makes sense and simplifies the usage for the user. I
> > just need to check that FW can accept 0 for the ip_protocol field to
> > mean wildcard when it receives the FW message to create the filter.
> >
> > I will reply when I get the answer from the FW team. If FW requires
> > 0xff, then we just need to make a small change to your patch.
>
> FWIW at least my HW/FW seems to behave correctly with my patch. I did
> some quick tracing last night w/ a UDP traffic generator running to
> confirm redirection occurs.
>
The FW team has confirmed that ip_protocol 0 will work as a wild card
on all FW supporting this feature. So the patch will work.

But I think I want to eliminate the l4_proto 0xff usage. It is
non-standard and non-intuitive. So we should only support l4_proto to
be TCP, UDP, ICMP, or unspecified for any protocol. Thanks.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature