Ben Pfaff [Mon, 23 Jul 2012 06:36:41 +0000 (23:36 -0700)]
meta-flow: Rename MFF_VLAN_VID->MFF_DL_VLAN, MFF_VLAN_PCP->MFF_DL_VLAN_PCP.
Giving these fields names that are the same as the OpenFlow 1.0 struct
member names should help make it clear what they are for.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au>
Simon Horman [Mon, 23 Jul 2012 04:14:41 +0000 (21:14 -0700)]
ofp-util: Add OFPUTIL_P_OF12 and NXFF_OPENFLOW12
Add OFPUTIL_P_OF12 and NXFF_OPENFLOW12 for Open Flow 1.2
OFPUTIL_P_OF12_TID and in turn OFPUTIL_P_OF12_ANY is not provided as
OFPUTIL_P_OF12 supports the use of table ids in modify flow messages.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 20 Jul 2012 20:15:36 +0000 (13:15 -0700)]
debian: Remove controller keys on openvswitch-controller package purge.
A Debian package is expected to remove all its configuration files (which
includes all files in /etc) when it is purged, but the
openvswitch-controller package wasn't doing that. This fixes the problem.
Debian bug #682187.
CC: 682187@bugs.debian.org
Reported-by: Andreas Beckmann <debian@abeckmann.de>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 20 Jul 2012 17:49:06 +0000 (10:49 -0700)]
tests: Remove bit-rotted support for "lcov".
At one point I got the "lcov" utilities to work well with OVS. Then I
didn't try to use them again for a year or so, and when I did I found that
it didn't work at all. I wasn't able to fix the problem easily, so it
seems better to remove the feature than to leave around broken code.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 20 Jul 2012 17:38:50 +0000 (10:38 -0700)]
tests: Remove daemon tests that have been skipped forever.
The daemon code works fine, these tests didn't. No one has debugged them
over a period of years so we might as well remove them.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 23 May 2012 16:33:22 +0000 (09:33 -0700)]
ofp-print: Print the type of truncated messages, when available.
The function ofputil_decode_msg_type_partial() can figure out the type of
a truncated OpenFlow message, if the message is long enough that its type
can be determined, so we should print this information. This is
especially valuable for printing OFPT_ERROR messages, in which the inner
OpenFlow message is often truncated to 64 bytes.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Fri, 20 Jul 2012 20:07:49 +0000 (13:07 -0700)]
cfm: Clear RDI on new CFM configurations.
When CFM is first configured, it detects no remote endpoints, and
thus sets RDI on its CCMs. This can cause the receiver of these
CCMs to think there is a problem when really things are simply
initializing. This patch fixes the issue by not setting the RDI
bit in CCMs until at least one fault interval has passed.
Bug #12610.
Reported-by: Paul Ingram <paul@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Thu, 19 Jul 2012 03:39:54 +0000 (20:39 -0700)]
cfm: Improve logging.
This patch makes a two improvements to CFM logging which should
make debugging connectivity problems a bit more intuitive. First,
when a remote_mp disappears, the length of time since its last CCM
reception is logged. Second, the "CFM fault status changed"
message is reformatted in a more intuitive way. Instead of
prefixing additions and deletions with pluses and minuses, the full
old fault status and new fault status are logged.
Requested-by: Ben Basler <bbasler@nicira.com>,
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 20 Jul 2012 17:24:50 +0000 (10:24 -0700)]
netdev-vport: Warn about invalid TOS.
Otherwise the kernel will reject it later and the result is no tunnel,
whereas a tunnel with an unexpected TOS seems like a better result.
Bug #12566.
Reported-by: Luca Giraudo <lgiraudo@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 20 Jul 2012 05:17:10 +0000 (22:17 -0700)]
tests: Add more tests for VLAN match encoding and decoding.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au
Arun Sharma [Thu, 19 Jul 2012 06:50:03 +0000 (23:50 -0700)]
ovs-bugtool: Added --ovs option to get only ovs related information
Option --ovs is added for ovs-bugtool command to collect
only OpenvSwitch relevant information. To perform
filtering in plugins, a new xml attribute filters="ovs" (optional)
would be required in element 'command','files','directory' in
openvswitch.xml. Value of 'filters' attribute will be compared
with filtering option in load_plugins to get all relevant operation
to collect information. If no "--ovs" option is passed then it will
behave as earlier.
Fixed an issue which occurs in scenario where option '--yestoall'
is not passed and user keeps entering "y" or "n" on prompt.
Plus, trailing whitespaces are fixed. White space before '=' and
after in function def and call is also fixed.
Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Thu, 19 Jul 2012 16:21:49 +0000 (09:21 -0700)]
OXM: Allow masking of ARP SHA and THA
Signed-off-by: Simon Horman <horms@verge.net.au>
[blp@nicira.com added NEWS, updated a few overlooked meta-flow bits]
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 19 Jul 2012 16:20:49 +0000 (09:20 -0700)]
meta-flow: Fix mf_get_mask() bug for IPv6 flow label.
Commit
32455024 (OXM: Allow masking of IPv6 Flow Label) made the flow label
maskable but did not update mf_get_mask() accordingly.
CC: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Wed, 18 Jul 2012 03:02:20 +0000 (12:02 +0900)]
classifier: Add helpers for setting ethernet addresses
Add helpers for setting ethernet addresses.
This patch makes use of them for setting the dl_src and dl_dst
addresses. A subsequent patch will also use them for arp_sha and arp_tpa.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Wed, 18 Jul 2012 03:02:19 +0000 (12:02 +0900)]
OXM: Allow masking of IPv6 Flow Label
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 19 Jul 2012 15:42:21 +0000 (08:42 -0700)]
tests: Avoid hash order sensitivity in "ofproto - flow monitoring" test.
The order in which flows appear in an NXST_FLOW_MONITOR reply depends on
the hash order, which makes it depend on the details of the hash and on
system endianness. This avoids sensitivity to the order by sorting the
results.
Reported-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 19 Jul 2012 07:15:35 +0000 (00:15 -0700)]
nx-match: Improve log message in nx_entry_ok().
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 19 Jul 2012 07:15:19 +0000 (00:15 -0700)]
nx-match: Succeed pulling 0-byte nx-match from NULL buffer.
I don't think this corner case can come up in a real OpenFlow message,
because the presence of the OpenFlow header guarantees that the ofpbuf's
data is nonnull, but it did in a simple test that is coming up in a few
commits.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Wed, 18 Jul 2012 17:56:21 +0000 (10:56 -0700)]
bridge: Segfault when missing Open vSwitch table.
The enable_system_stats() function calls smap_get_bool() on the
ovsrec_open_vswitch passed to it. This was segmentation faulting
when 'null_cfg' defined in bridge_reconfigure() was used because
there was no Open vSwitch table.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Wed, 18 Jul 2012 17:59:52 +0000 (10:59 -0700)]
system-stats: Run as part of worker process.
The stats gathering can be time-consuming in some cases, so it's better to
do it in the worker process.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 18 Jul 2012 17:51:02 +0000 (10:51 -0700)]
system-stats: Use "smap" instead of "shash".
"smap" is now the appropriate data structure for a string-to-string map.
Also changes ovsdb_datum_from_shash() into ovsdb_datum_from_smap() since
system-stats related code was the only client.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 27 Jun 2012 18:06:10 +0000 (11:06 -0700)]
smap: New function smap_steal().
An upcoming commit will add a caller.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 23 May 2012 00:12:22 +0000 (17:12 -0700)]
smap: New functions smap_from_json(), smap_to_json().
These will acquire a caller in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 27 Jun 2012 17:42:34 +0000 (10:42 -0700)]
vlog: Use worker process to write to log file.
Writes to regular files under Unix-like kernels, including Linux, typically
block until the write is complete, regardless of O_NONBLOCK. When the I/O
subsystem is busy, this can cause indefinite delays. We have actually
observed "write" calls sleep for 5 seconds or more for this reason.
Delegating to a subprocess through the worker mechanism should solve the
problem.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 21 May 2012 17:44:20 +0000 (10:44 -0700)]
vlog: Use system calls instead of stdio to write log files.
This will be easier to deal with in an upcoming commit that will use a
subprocess to do asynchronous log I/O.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 27 Jun 2012 17:40:50 +0000 (10:40 -0700)]
worker: New library for breaking a daemon into multiple processes.
ovs-vswitchd is effectively a "soft real-time" process, because flows that
do not get set up quickly lead to packet loss or retransmission. We've
done our best to keep it from blocking unnecessarily, but some operations
unavoidably block. This new library allows a daemon to break itself up
into a main process and a worker process, connected by an RPC channel,
with the idea being that the main process will delegate any possibly
blocking operations to the worker.
This commit also modifies ovs-vswitchd to start a worker process, but it
does not actually introduce any uses for the worker process. Upcoming
commits will add those.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 22 May 2012 18:36:50 +0000 (11:36 -0700)]
vlog: Add VLOG_ABORT() to log and call abort().
Whereas VLOG_FATAL() eventually calls exit(1), VLOG_ABORT()
eventually calls abort(). The key difference is that abort()
will cause a "monitor" process to restart, where exit(1) will
cause it to exit along with the monitored process.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 21 May 2012 18:08:59 +0000 (11:08 -0700)]
daemon: Factor out code into new function daemonize_post_detach().
This code will have another user in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 21 May 2012 18:08:13 +0000 (11:08 -0700)]
daemon: Factor out code into new function fork_and_wait_for_startup().
This function will be useful in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 18 Jul 2012 17:30:47 +0000 (10:30 -0700)]
util: Introduce "subprogram_name" to identify subprocesses and threads.
This will be more useful later when we introduces "worker" subprocesses.
I don't have any current plans to introduce threading, but I can't
think of a disadvantage to wording this in a general manner.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 14 Jun 2012 16:46:18 +0000 (09:46 -0700)]
socket-util: Add functions for sending fds over Unix domain sockets.
These will be used in upcoming commits.
This commit also adds corresponding definitions to the "sparse" header,
so that sparse still works.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 14 May 2012 21:40:06 +0000 (14:40 -0700)]
socket-util: New function xset_nonblocking().
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 14 May 2012 21:32:14 +0000 (14:32 -0700)]
socket-util: Remove 'passcred' parameter from make_unix_socket().
Nothing in the tree ever tries to send or receive credentials over a Unix
domain socket so there's no point in configuring them to be received.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 13 Jul 2012 06:08:45 +0000 (23:08 -0700)]
debian: Do not change iptables rules by default.
Debian kernel maintainer Bastian Blank writes, at
http://bugs.debian.org/680537:
The netfilter rules are a shared resource. There is no synchronization,
so the admin have the last word. As kernel maintainer, I see it similar
to a configuration file, so ยง10.7 policy applies.
The purpose of openvswitch is to provide support for switching, not to
setup filter rules. This means it violates the principle of least
surprise.
I believe that the argument by analogy to configuration files is weak,
given that the Debian policy section in question is very specifically about
files, not about general principles. On the other hand, Debian does not
install any firewall by default, so the presence of a rule that blocks GRE
traffic is a sign that the administrator has taken an explicit action to
install a firewall that blocks GRE, and therefore it is rather rude to
override this. Therefore, this patch simply turns off this behavior on
Debian, given that in ordinary Debian installations it will have no
adverse effect on Open vSwitch.
Debian bug #680537.
CC: 680537@bugs.debian.org
Reported-by: Bastian Blank <waldi@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au>
Ben Pfaff [Wed, 18 Jul 2012 17:10:20 +0000 (10:10 -0700)]
ofproto-dpif: Make OFPP_TABLE always resubmit to table 0.
Commit
299016266ed1 (New action NXAST_RESUBMIT_TABLE.) changed OFPP_TABLE
from resubmitting to table 0 to resubmitting to the current table. This
wasn't mentioned in the change log and I believe it was a typo. This
commit changes the behavior back.
This isn't a very serious bug because OpenFlow 1.0 says that OFPP_TABLE is
supposed to be used only in packet-out messages, in which case the current
table is 0 anyhow.
OpenFlow 1.3 is explicit:
The action list of an OFPT_PACKET_OUT message can also specify the
OFPP_TABLE reserved port as an output action to process the packet
through the existing flow entries, starting at the first flow table.
Reported-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Isaku Yamahata [Wed, 18 Jul 2012 11:41:15 +0000 (20:41 +0900)]
ofp-actions: simplify ofpacts_from_openflow1[01]
Those logic is same, so simplify it. This will be also use for OF12.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 16 Jul 2012 22:13:22 +0000 (15:13 -0700)]
INSTALL.userspace: Explain how and why to use iptables to drop packets.
Reported-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Wed, 18 Jul 2012 01:47:56 +0000 (10:47 +0900)]
ofproto: More vlan tests
I'm not sure if this is the best place for this, but exercising
adding flows with dl_vlan and dl_vlan_pcp in this matter helped
my to find some bugs in changes that I am working on in relation
to the OpenFlow VLAN match.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 17 Jul 2012 16:39:23 +0000 (09:39 -0700)]
tests: Add detailed test for OF1.0 match decoding and encoding.
This follows the form of the OF1.1 match decoding and encoding test that I
wrote a while back, which seems to be a good form to use.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Tested-by: Simon Horman <horms@verge.net.au>
Ben Pfaff [Tue, 10 Jul 2012 06:45:25 +0000 (23:45 -0700)]
ofp-util: Wildcard VLAN PCP in OF1.0 matches when 802.1Q not present.
When an output OF1.0 match uses OFP_VLAN_NONE to match only when the 802.1Q
header is not present, it is somewhat contradictory to specify any value
for the VLAN PCP, since none can be present without an 802.1Q header, but
the match output by Open vSwitch did so. This fixes it.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Tested-by: Simon Horman <horms@verge.net.au>
Ben Pfaff [Thu, 12 Jul 2012 19:29:40 +0000 (12:29 -0700)]
ofp-actions: Improve action error logging a bit more.
Commit
0c449c5683a improved action error logging for one case, but we might
as well do it for the other case too.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Tue, 17 Jul 2012 17:07:36 +0000 (10:07 -0700)]
tests: Fix unit test failures related to additional logging.
Commit
a890678229 (userspace: Log version on startup.) added
additional logging to ovsdb-server and ovs-vswitchd, but failed to
make certain the unit tests still passed.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
[blp@nicira.com changed the strategy for fixing ovsdb-server.at]
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Tue, 17 Jul 2012 16:28:08 +0000 (09:28 -0700)]
ovsdb-server, ovs-vswitchd: Log version after daemonize_complete().
This fixes unit tests, and generally seems more correct.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
[blp@nicira.com added the change to ovs-vswitchd]
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Tue, 17 Jul 2012 16:28:06 +0000 (09:28 -0700)]
ofproto: Fix compiler warnings.
This patch fixes the following warnings on my system:
lib/ofp-actions.c:458:13: error: format '%x' expects argument of
type 'unsigned int', but argument 4 has type 'long unsigned int'
[-Werror=format]
ofproto/ofproto.c:3940:13: error: comparison between 'enum
ofoperation_type' and 'enum nx_flow_update_event'
[-Werror=enum-compare]
ofproto/ofproto.c:3941:13: error: comparison between 'enum
ofoperation_type' and 'enum nx_flow_update_event'
[-Werror=enum-compare]
ofproto/ofproto.c:3942:13: error: comparison between 'enum
ofoperation_type' and 'enum nx_flow_update_event'
[-Werror=enum-compare]
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Tue, 17 Jul 2012 08:27:06 +0000 (17:27 +0900)]
OXM, NXM: Add tests for all zero and all one masks
The motivation for this is that I was looking into some
bugs relating to masking of match code that I was developing
and it seemed that having these tests would be worthwhile.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Fri, 13 Jul 2012 20:10:01 +0000 (13:10 -0700)]
userspace: Log version on startup.
It's convenient to have the OVS version directly in the logs so one
doesn't have to go digging through ovs-bugtool output to find it.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Leo Alterman [Tue, 17 Jul 2012 00:26:10 +0000 (17:26 -0700)]
datapath: fix typo in README
Signed-off-by: Leo Alterman <lalterman@nicira.com>
Justin Pettit [Mon, 16 Jul 2012 23:49:00 +0000 (16:49 -0700)]
Prepare for post-1.8.0 (1.8.90).
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Justin Pettit [Mon, 16 Jul 2012 23:47:08 +0000 (16:47 -0700)]
Prepare for 1.8.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Mon, 16 Jul 2012 16:37:22 +0000 (09:37 -0700)]
ofp-actions: Improve comments.
Reported-by: Joe Stringer <joe@wand.net.nz>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 16 Jul 2012 17:23:58 +0000 (10:23 -0700)]
ovs-ofctl: Fix use-after-free error.
Commit
4ce9c31573 (ovs-ofctl: Factor code out of read_flows_from_switch().)
introduced a use-after-free error, fixed by this change.
Also adds a unit test for "ovs-ofctl diff-flows" that would have found the
problem. (The bug report cited "diff-flows" but this bug was present in
dump-flows as well because they share common code.)
Bug #12461.
Reported-by: James Schmidt <jschmidt@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Gurucharan Shetty [Mon, 16 Jul 2012 16:37:40 +0000 (09:37 -0700)]
ofproto: fix typo in documentation.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Ben Pfaff [Fri, 13 Jul 2012 17:25:27 +0000 (10:25 -0700)]
memory: Document the memory/show unixctl command.
Suggested-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Zoltan Kiss [Thu, 12 Jul 2012 17:24:17 +0000 (18:24 +0100)]
lib: Define OVSP_NONE in a more clear way
The value represented by the macro would stay exactly the same, just become obvious.
Signed-off-by: Zoltan Kiss <zoltan.kiss@citrix.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 23:32:56 +0000 (16:32 -0700)]
ovs-ofctl: Avoid use-after-free upon "ofctl/unblock" when connection dies.
The implementation of "ofctl/block" used a nested poll loop, with an inner
call to unixctl_server_run(). This poll loop always ran inside an outer
call to unixctl_server_run(), since that's the context within which unixctl
command implementations run. That means that, if a unixctl connection got
closed within the inner poll loop, and the outer poll loop happened to be
processing the same unixctl connection, then the outer poll loop would
dereference data in the freed connection.
The simplest solution is to avoid a nested poll loop, so that's what this
commit does.
This didn't cause a failure in the unit tests on i386 (which is why I
didn't catch it before pushing) but it did, reliably, on x86-64, and it
showed up in valgrind everywhere.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Thu, 12 Jul 2012 23:27:31 +0000 (16:27 -0700)]
Add Tadaaki Nagao to AUTHORS.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Tadaaki Nagao [Thu, 12 Jul 2012 07:25:29 +0000 (16:25 +0900)]
datapath: Check for backported skb_frag_page().
Recently released CentOS 6.3 (and probably also RHEL 6.3, I assume)
backported skb_frag_page() and others to their 2.6.32-based kernel,
which caused build failure of Open vSwitch kernel modules.
Signed-off-by: Tadaaki Nagao <nagao@stratosphere.co.jp>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 21:18:05 +0000 (14:18 -0700)]
ofproto: New feature to notify controllers of flow table changes.
OpenFlow switching monitoring and controller coordination can be made more
efficient if the switch can notify a controller of flow table changes as
they occur, rather than periodically polling for changes. This commit
implements such a feature.
Feature #6633.
CC: Natasha Gude <natasha@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 3 Jul 2012 21:00:38 +0000 (14:00 -0700)]
ofproto: Add extra comments and checking for expiring a pending rule.
A given rule may only have one pending operation at a time, so when an
operation is pending we must not allow a flow expiration to be started on
that rule.
This doesn't fix a user-visible bug in ofproto-dpif because ofproto-dpif
always completes operations immediately, that is, no operations will be
pending when expiration runs. (Technically there is a bug if the user
runs "ovs-appctl ofproto/clog", but that feature is for debugging only and
there is no reason for a user to ever run it.)
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 17:17:10 +0000 (10:17 -0700)]
ofproto: Represent flow cookie changes as operations too.
An upcoming commit will add support for monitoring changes to the flow
table. This feature wants to be able to report changes to flow cookies,
as well as to other properties of a flow. Until now, however, a flow_mod
that modifies only the flow's cookie is treated as a special case that does
not go through the ofoperation mechanism. That makes it harder to report
flow cookie-only changes (it would require an additional special case in
the reporting mechanism) so this commit changes cookie-only changes to
go through ofoperations.
The bulk of this change is to change the meaning of ofoperation's 'ofpacts'
member so that a NULL value indicates that the flow's actions are not
changing. Otherwise a flow-cookie only change would still require copying
and then freeing all the actions, which seems like a waste.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 6 Jul 2012 17:36:00 +0000 (10:36 -0700)]
ofproto: Revert change in flow cookie when an ofoperation fails.
The flow_cookie member of struct ofoperation has always been there, but it
seems that it's never been used. This fixes the code so that if a modify
operation fails the rule's original flow cookie is restored.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 17:15:35 +0000 (10:15 -0700)]
rconn: Add byte counting feature to rconn_packet_counter.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 3 Jul 2012 21:23:10 +0000 (14:23 -0700)]
Add OFPRR_EVICTION to enum ofp_flow_removed_reason.
This is likely to be part of OpenFlow 1.3.1 or 1.4 and we have use for it
beforehand to report evicted flows.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 29 Jun 2012 23:35:17 +0000 (16:35 -0700)]
ofp-util: Make put_stats__() public as ofputil_put_stats_header().
An upcoming commit will introduce a user outside of ofp-util.c.
The change to put_stats_reply__() is larger than strictly necessary to
avoid making really ugly line breaks.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 29 Jun 2012 23:23:43 +0000 (16:23 -0700)]
ofp-print: Slightly extend ofp_print_bit_names().
In an upcoming commit I want to print comma-separated, not space-separated,
names for a set of bits.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 17:13:10 +0000 (10:13 -0700)]
classifier: New function cls_rule_is_loose_match().
This function will be useful in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sat, 30 Jun 2012 05:33:56 +0000 (22:33 -0700)]
ofproto: Finalize all ofoperations in a given ofgroup at the same time.
An upcoming commit will add support for flow table monitoring by
controllers. One feature of this upcoming support is that a controller's
own changes to the flow table can be abbreviated to a summary, since the
controller presumably knows what it has already sent to the switch.
However, the summary only makes sense if a set of flow table changes
completely succeeds or completely fails. If it partially fails, the
switch must not attempt to summarize it, because the controller needs
to know the details. Given that, we have to wait for all of the
operations in an ofgroup to either succeed or fail before the switch
can send its flow table update report to the controllers. This
commit makes that change.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 6 Jul 2012 17:02:09 +0000 (10:02 -0700)]
ofproto: Mark some function parameters const.
This allows FOR_EACH_MATCHING_TABLE to be used with const TABLE and
OFPROTO arguments.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 6 Jul 2012 20:05:38 +0000 (13:05 -0700)]
ofp-print: Print out_port field in "flow_mod"s.
Somehow we've overlooked this for a long time. I guess that feature
doesn't get used very much.
Also updates the test output for OFPT_FLOW_MOD to include the out_port
output and adds out_port to the NXT_FLOW_MOD tests.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 20:32:47 +0000 (13:32 -0700)]
ovs-ofctl: Add --sort and --rsort options for "dump-flows" command.
Feature #8754.
Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com>
[blp@nicira.com rewrote most of the code]
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 3 Jul 2012 18:31:03 +0000 (11:31 -0700)]
ovs-ofctl: Factor code out of read_flows_from_switch().
I want to use this code in another function in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 3 Jul 2012 17:25:35 +0000 (10:25 -0700)]
ovs-ofctl: Use the prepared connection to dump flows in do_dump_flows__().
The logic in do_dump_flows__() went to some trouble to open an OpenFlow
connection and set the correct protocol, but then it allowed
dump_stats_transaction() to create and use a completely different OpenFlow
connection that hadn't been prepared that way. This commit fixes the
problem.
I don't think that there is a real bug here because currently the set of
protocols doesn't influence flow stats replies. But that could change in
the future.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 18:31:13 +0000 (11:31 -0700)]
ofp-util: Reload ofpbuf pointers after nx_put_match().
Fixes a wild pointer write when nx_put_match() expands the ofpbuf.
The change to the OFPST_FLOW case isn't strictly a bug fix, it just makes
the code for that case more closely resemble the NXST_FLOW case.
Bug #12403.
Bug #12460.
Bug #12461.
Bug #12481.
Reported-by: Timothy Chen <tchen@nicira.com>
Reported-by: Natasha Gude <natasha@nicira.com>
Reported-by: James Schmidt <jschmidt@nicira.com>
Reported-by: Alan Shieh <ashieh@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Thu, 5 Jul 2012 08:15:17 +0000 (17:15 +0900)]
meta-flow: Remove mf_set_subfield and mf_set_subfield
These functions do not appear to be used any more.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 15:43:29 +0000 (08:43 -0700)]
ovs-vsctl: Correct example for removing a mirror.
Reported-by: Kris zhang <zhang.kris@gmail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 12 Jul 2012 15:08:15 +0000 (08:08 -0700)]
FAQ: Patch ports are not targeted for upstream.
The previous text was ambiguous.
Reported-by: Konstantin Khorenko <khorenko@openvz.org>
CC: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Wed, 11 Jul 2012 23:07:15 +0000 (11:07 +1200)]
meta-flow: Reduce redundant transport set/get code
Signed-off-by: Joe Stringer <joe@wand.net.nz>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 10 Jul 2012 21:51:29 +0000 (14:51 -0700)]
cfm: Always initialize CCM "internal_ms_x" extension field.
Found by valgrind:
Syscall param socketcall.sendmsg(msg.msg_iov[i]) points to uninitialised
byte(s)
at 0x42D3021: sendmsg (in /lib/libc-2.5.so)
by 0x80E4D23: nl_sock_transact (netlink-socket.c:670)
by 0x80D9086: dpif_linux_execute__ (dpif-linux.c:872)
by 0x807D6AE: dpif_execute__ (dpif.c:957)
by 0x807D6FE: dpif_execute (dpif.c:987)
by 0x805DED9: send_packet (ofproto-dpif.c:4727)
by 0x805F8E1: port_run_fast (ofproto-dpif.c:2441)
by 0x8065CF6: run_fast (ofproto-dpif.c:926)
by 0x805674F: ofproto_run_fast (ofproto.c:1148)
by 0x804C957: bridge_run_fast (bridge.c:1980)
by 0x8053F49: main (ovs-vswitchd.c:123)
Address 0xbea0895c is on thread 1's stack
Bug #11797.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Wed, 11 Jul 2012 12:01:11 +0000 (00:01 +1200)]
tests: Improve test coverage of OXM metadata field
Signed-off-by: Joe Stringer <joe@wand.net.nz>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Mon, 9 Jul 2012 09:03:54 +0000 (18:03 +0900)]
NXM, OXM: Add Flow Label Tests
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ed Maste [Wed, 11 Jul 2012 13:16:00 +0000 (09:16 -0400)]
Add forgotten header
Signed-off-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 11 Jul 2012 07:58:53 +0000 (00:58 -0700)]
FAQ: Add FAQ entry for determining OpenFlow port numbers.
I don't understand why, but I've had this question from multiple people
recently.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 9 Jul 2012 21:21:00 +0000 (14:21 -0700)]
ofp-actions: Add hex dump of bad actions to log message on error.
This should make debugging easier in such cases.
Bug #12460.
Reported-by: Natasha Gude <natasha@nicira.com>
Reported-by: James Schmidt <jschmidt@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 11 Jul 2012 07:54:53 +0000 (00:54 -0700)]
FAQ: Add FAQ entry about flow normalization.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 10 Jul 2012 21:11:59 +0000 (14:11 -0700)]
datapath: Check gso_type for correct sk_buff in queue_gso_packets().
At the point where it was used, skb_shinfo(skb)->gso_type referred to a
post-GSO sk_buff. Thus, it would always be 0. We want to know the pre-GSO
gso_type, so we need to obtain it before segmenting.
Before this change, the kernel would pass inconsistent data to userspace:
packets for UDP fragments with nonzero offset would be passed along with
flow keys that indicate a zero offset (that is, the flow key for "later"
fragments claimed to be "first" fragments). This inconsistency tended
to confuse Open vSwitch userspace, causing it to log messages about
"failed to flow_del" the flows with "later" fragments.
Bug #12394.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ethan Jackson [Mon, 9 Jul 2012 22:59:44 +0000 (15:59 -0700)]
cfm: Remove sequence fault reason.
Commit
2b540ecb (Added handling of previously ignored cfm faults.)
made the CFM code trigger a fault when a packet is received with an
out of order sequence number. This means that if even one CFM
probe is dropped, a fault will be triggered because the next
received probe's sequence would be two greater than the last. This
is in conflict with the 802.1ag requirement that 3.5 dropped probes
triggers fault.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Arun Sharma [Sun, 8 Jul 2012 11:38:36 +0000 (04:38 -0700)]
Rename static functions to increase uniqueness.
Rename do_* in ovs-dpctl and ovs-ofctl command with "dpctl_" or "ofctl_"
prefix.
Rename add_flow with dp_netdev_flow_add in lib/dpif-netdev.c.
Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 6 Jul 2012 22:13:25 +0000 (15:13 -0700)]
debian: Remove obsolete advice to edit /etc/default/openvswitch-switch.
This hasn't been necessary for a long time.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 6 Jul 2012 22:08:10 +0000 (15:08 -0700)]
debian: Add "netbase" dependency for /etc/protocols.
ovs-ctl.in uses /etc/protocols, which is in the "netbase" package, so a
dependency is required.
Debian bug #680537.
CC: 680537@bugs.debian.org
Reported-by: Bastian Blank <waldi@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Sun, 8 Jul 2012 20:04:27 +0000 (13:04 -0700)]
ipsec gre: Don't cache bad ovs-monitor-ipsec pid values.
Commit
2a586a5 (ipsec gre: Do not reread ovs monitor ipsec pidfile in
netdev vport so much) attempts to cache the pid of ovs-monitor-ipsec so
that it's not re-checked so often. Unfortunately, it also cached error
returns, so errors never recover. This commit continues to check for
the process's existence after an error.
Issue #12399
Reported-by: Paul Ingram <paul@nicira.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Wed, 27 Jun 2012 23:00:08 +0000 (16:00 -0700)]
ofproto: Make ofoperation_create() return the new operation.
This seems like sensible return value semantics to me, even though the new
operation is also available through rule->pending.
This is a code cleanup only that should not affect behavior.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 29 Jun 2012 23:22:41 +0000 (16:22 -0700)]
nicira-ext: Fix wrong information in comment.
The priority of exact-match flows is ignored only for the OF1.0 flow match
format, never for NXM.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 29 Jun 2012 23:20:23 +0000 (16:20 -0700)]
ovs-ofctl: Fix typos in manpage.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 29 Jun 2012 17:36:48 +0000 (10:36 -0700)]
ofproto: Fix typos in comments.
This corrects the spelling of the OFOPERATION_* constants.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Thu, 28 Jun 2012 21:55:55 +0000 (14:55 -0700)]
ovs-lib: Support old versions of strace.
The ovs-lib strace wrapper requires the -D (run tracer process as a
detached grandchild, not as parent) option which does not exist in
older versions. This patch falls back to attaching to the running
process when the -D option does not exists.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Tue, 26 Jun 2012 21:43:08 +0000 (14:43 -0700)]
ovs-vswitchd: Log datapath ID in a more user-friendly way.
The layering between ofproto and ovs-vswitchd caused the datapath ID to be
logged in a needlessly confusing way. First, ofproto would log its
default datapath ID:
using datapath ID
0000505400000004
then the bridge code would immediately determine the datapath ID that it
wanted and call ofproto_set_datapath_id(), which would log the change
datapath ID changed to
0000111122223333
This commit stops logging the default datapath ID, which is never actually
visible in OpenFlow. This should make the log files easier to understand.
Bug #12164.
Reported-by: Jacob Cherkas <jcherkas@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 26 Jun 2012 19:40:27 +0000 (12:40 -0700)]
ofproto: Always include ofproto name in log messages.
Otherwise the log messages can be confusing when there's more than one
bridge.
Reported-by: Jacob Cherkas <jcherkas@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Mon, 25 Jun 2012 22:46:44 +0000 (15:46 -0700)]
bond: Sending learning packets on active-backup.
Suppose we have an active bond with two ports, eth1 and eth2,
attached to a standard L2 learning switch which does not know it's
participating in a bond (i.e. isn't running LACP). Suppose eth1 is
active and therefore the L2 learning switch is forwarding traffic
to eth1 as instructed by its learning table. Now suppose, for some
reason, OVS fails over from eth1 to eth2. For each destination
MAC, the L2 learning switch will continue sending traffic to eth1,
which will be dropped, until either traffic from that MAC appears
on eth2, or the learning table entries expire.
To alleviate this issue, this patch sends learning packets on newly
active interfaces in active-backup bonds in order to educate the
upstream network of the change.
Requested-by: Frido Roose <fr.roose@gmail.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Mon, 25 Jun 2012 22:48:10 +0000 (15:48 -0700)]
bond: Don't send learning packets on STABLE bonds.
Stable bonds require upstream switch support to avoid confusing
learning tables. Therefore, sending learning packets on these
bonds doesn't make a lot of sense.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 5 Jul 2012 19:57:16 +0000 (12:57 -0700)]
ovs-check-dead-ifs: Tolerate processes that disappear during run.
os.listdir("/proc/%d/fd" % pid) throws OSError if 'pid' died since the
list of pids was obtained.
Bug #12375.
Reported-by: Amey Bhide <abhide@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>