flow-filter update for dst_vpcd lookup fallback with flow table#1264
Draft
qmonnet wants to merge 7 commits intopr/fredi/nat_use_casesfrom
Draft
flow-filter update for dst_vpcd lookup fallback with flow table#1264qmonnet wants to merge 7 commits intopr/fredi/nat_use_casesfrom
qmonnet wants to merge 7 commits intopr/fredi/nat_use_casesfrom
Conversation
Consolidate the duplicated AllPorts/Ranges enum pattern from SrcConnectionData and RemotePortRangesData into a single generic PortRangeMap<T> type. This eliminates ~40 lines of duplicate code for the ValueWithAssociatedRanges trait implementation and the new/get methods. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Quentin Monnet <qmo@qmon.net>
Replace the repeated get-or-insert pattern in the four insert methods with a single get_or_create_table helper using HashMap's entry API. This removes ~40 lines of duplicated boilerplate code. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Quentin Monnet <qmo@qmon.net>
Replace create_default_source and create_default_source_to_default_remote with a single set_default_source helper that handles the guard logic. The update_* methods now construct the data inline and call the helper. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Quentin Monnet <qmo@qmon.net>
Rename default_source_opt to default_source for consistency with default_remote_data. The Option type already indicates optionality. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Quentin Monnet <qmo@qmon.net>
Rewrite the structural comment to clearly explain the lookup flow with an ASCII diagram and logical descriptions of what each level provides, making the nested data structure easier to understand. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Quentin Monnet <qmo@qmon.net>
This will allow us to handle the case when we have multiple matching possible destination VPCs for a packet in the flow-filter lookup, to support some overlap of publicly-exposed prefixes between peerings. The current commit only adds the enum with a single variant, we'll add a new variant in a follow-up commit. This is somewhat of a revert of commit d588e14 ("chore(flow-filter): Remove code for exposed IP overlap support"). Signed-off-by: Quentin Monnet <qmo@qmon.net>
…tch [no ci] WORK IN PROGRESS - We don't actually exercise this code yet, because we never build the case where we have multiple matches in the table. Signed-off-by: Quentin Monnet <qmo@qmon.net>
qmonnet
force-pushed
the
pr/qmonnet/overlap-again
branch
from
f4112e6 to
5fe4b31
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Completing #1257
The first commits are by Claude, to whom I asked to clean-up flow-filter/src/tables.rs. I find we marginally gain in clarity (I hoped I'd get a clearer code organisation) but the clean-ups still simplify some portions of the code, so I took them in, because we're about to make the file more complex so any simplification is welcome.
Then we wrap the lookup result in an enum that supports a
MultipleMatchcase, and we update the packet processing accordingly.In progress: Updating the flow-filter stage to build this
MultipleMatchcase (not in the PR yet).