Ben Pfaff [Fri, 16 Mar 2012 20:12:54 +0000 (13:12 -0700)]
ovs-vsctl: Allow "fake bridges" to be created for VLAN 0.
A fake bridge for VLAN 0 is useful, because it provides a way to create
access ports for VLAN 0. There is no good reason to prevent it.
NIC-464.
Reported-by: Rob Hoes <Rob.Hoes@citrix.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Tue, 20 Mar 2012 01:00:54 +0000 (18:00 -0700)]
xenserver: Verify updates in ovs-xapi-sync.
This prevents potential race conditions when updating database
tables.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Sat, 10 Mar 2012 02:16:20 +0000 (18:16 -0800)]
cfm: Support random VLAN tag for CCM PDUs.
CCM PDUs may take a different path through the network depending on
the VLAN tag they carry. In order to exercise these paths, it
may be advantageous to use a random VLAN tag.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Mon, 19 Mar 2012 20:47:50 +0000 (13:47 -0700)]
netdev-linux: Fix use-after-free when netdev_dump_queues() deletes queues.
iface_configure_qos() passes a callback to netdev_dump_queues() that can
delete queues. The netdev-linux implementation of this function was
unprepared for the callback to delete queues, so this could cause a
use-after-free. This fixes the problem in netdev_linux_dump_queues() and
documents that netdev_dump_queues() implementations must support deletions
in the callback.
Found by valgrind:
==1593== Invalid read of size 8
==1593== at 0x4A8C43: netdev_linux_dump_queues (hmap.h:326)
==1593== by 0x4305F7: bridge_reconfigure (bridge.c:3084)
==1593== by 0x431384: bridge_run (bridge.c:1892)
==1593== by 0x432749: main (ovs-vswitchd.c:96)
==1593== Address 0x632e078 is 8 bytes inside a block of size 32 free'd
==1593== at 0x4C240FD: free (vg_replace_malloc.c:366)
==1593== by 0x4A4D74: hfsc_class_delete (netdev-linux.c:3250)
==1593== by 0x42AA59: iface_delete_queues (bridge.c:3055)
==1593== by 0x4A8C8C: netdev_linux_dump_queues (netdev-linux.c:1881)
==1593== by 0x4305F7: bridge_reconfigure (bridge.c:3084)
==1593== by 0x431384: bridge_run (bridge.c:1892)
Bug #10164.
Reported-by: Ram Jothikumar <ram@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Fri, 16 Mar 2012 00:10:41 +0000 (17:10 -0700)]
idl: Move vswitch-idl to libopenvswitch.
This is cleaner then having multiple programs build the idl
independently.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Mon, 19 Mar 2012 17:07:09 +0000 (10:07 -0700)]
configure: Remove --with-build-number.
From early days, Nicira used the --with-build-number option to configure to
stamp our internal builds. We've since switched to another scheme, so
this option is obsolete.
Good riddance.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 16 Mar 2012 21:18:05 +0000 (14:18 -0700)]
debian: Use a different way to avoid failing install without kernel module.
The dh_installinit --error-handler option makes a lot of sense, but after
playing with it for a while I could not figure out a nice way to use it
only for openvswitch-switch without either duplicating the dh_installinit
fragments in postinst and prerm (the actual bug that was reported) or
omitting them for some package.
Also, we forgot to write the error handler function for the prerm.
This commit switches to a different way to avoid failing the install when
the kernel module is not available, without using --error-handler.
CC: 663051@bugs.debian.org
Reported-by: Thomas Goirand <zigo@debian.org>
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 16 Mar 2012 04:15:38 +0000 (21:15 -0700)]
netlink-socket: Increase Netlink socket receive buffer size.
Open vSwitch userspace can set up flows at a high rate, but it is somewhat
"bursty" in opportunities to set up flows, by which I mean that OVS sets up
a batch of flows, then goes off and does some other work for a while, then
sets up another batch of flows, and so on. The result is that, if a large
number of packets that need flow setups come in all at once, then some of
them can overflow the relatively small kernel-to-user buffers.
This commit increases the kernel-to-user buffers from the default of
approximately 120 kB each to 1 MB each. In one somewhat synthetic test
case that I ran based on an "hping3" that generated a load of about 20,000
new flows per second (including both requests and replies), this reduced
the packets dropped at the kernel-to-user interface from about 30% to none.
I expect that it will similarly improve packet loss in workloads where
flow arrival is not easily predictable.
(This has little effect on workloads generated by "ovs-benchmark rate"
because that benchmark is effectively "self-clocking", that is, a new flow
is triggered only by a reply to a request made earlier, which means that
the number of buffered packets at any given has a known, constant upper
limit.)
Bug #10210.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 15 Mar 2012 21:06:54 +0000 (14:06 -0700)]
meta-flow: Don't dereference NULL sf->field in mf_format_subfield().
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Mon, 12 Mar 2012 22:49:17 +0000 (15:49 -0700)]
ovs-vsctl: Clarify br-exists usage.
Requested-by: Niklas Andersson <nandersson@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 21:27:44 +0000 (14:27 -0700)]
connmgr: Remove now-unused function connmgr_broadcast().
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 21:27:25 +0000 (14:27 -0700)]
fail-open: Use connmgr_send_packet_in() instead of connmgr_broadcast().
Otherwise even controllers that should not receive any packet-ins (via
enable-async-messages=false) still receive the packet-ins that probe for
a controller being up when we're in fail-open.
Bug #9964.
Reported-by: James Schmidt <jschmidt@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 21:35:35 +0000 (14:35 -0700)]
ofproto: connmgr_send_packet_in() doesn't need buffer_id and total_len.
Trying to add a new caller for connmgr_send_packet_in(), I wasn't sure
what to put in these members. Investigating, I saw that the function
didn't really need them, so this commit clears that up.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 21:09:37 +0000 (14:09 -0700)]
connmgr: Drop 'flow' parameter from connmgr_send_packet_in().
Only 'flow->in_port' was used, which was redundant with pin->fmd.in_port.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 21:21:14 +0000 (14:21 -0700)]
ofp-util: Fix typo in comment.
The ofp_packet_in reasons are OFPR_*, not OFPRR_*. (Duh.)
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Tue, 13 Mar 2012 23:21:55 +0000 (16:21 -0700)]
configure: add configure option to disable building brcompat
This adds ability to do:
./configure --disable-brcompat
to disable building userspace and kernel module associated with
providing linux bridge compatibility. Sources should still be
distributed w/ make dist.
While there, update comment referring to long removed veth driver
which is now relevant for brcompat module.
Cc: Jesse Gross <jesse@nicira.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Acked-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Tue, 13 Mar 2012 18:40:58 +0000 (11:40 -0700)]
ofproto: Fix internal port mtu setting.
Update port does not check changed MTU for internal port which allows
administrator assign larger MTU compared to non-internal port.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 16:17:33 +0000 (09:17 -0700)]
ofproto-dpif: Add comments for a few VLAN splinters functions.
CC: Min Chen <ustcer.tonychan@gmail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 17:23:36 +0000 (10:23 -0700)]
Use `pwd` in place of $PWD, treewide.
The Autoconf manual says:
Posix 1003.1-2001 requires that `cd' and `pwd' must update the
`PWD' environment variable to point to the logical name of the
current directory, but traditional shells do not support this.
This can cause confusion if one shell instance maintains `PWD' but
a subsidiary and different shell does not know about `PWD' and
executes `cd'; in this case `PWD' points to the wrong directory.
Use ``pwd`' rather than `$PWD'.
so this commit replaces all uses of $PWD by `pwd`.
Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 21:46:56 +0000 (14:46 -0700)]
tests: Skip "strings at least 2 characters long" test for narrow Python.
Narrow Python can't handle Unicode characters outside the BMP, so skip the
test.
Reported-by: Michael Shigorin <mike@osdn.org.ua>
Tested-by: Michael Shigorin <mike@osdn.org.ua>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 19:59:47 +0000 (12:59 -0700)]
ofproto: Fix code that keeps track of MTU.
ofport_install() should set the MTU that it finds into the ofport
before calling set_internal_devs_mtu(), because the latter function might
change the MTU and update ofport->mtu and the caller should not incorrectly
overwrite its changes.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 17:34:45 +0000 (10:34 -0700)]
openflow: Properly clean out stamp files on "make clean".
Reported-by: Chris Wright <chrisw@sous-sol.org>
Acked-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 17:34:22 +0000 (10:34 -0700)]
python: Fix "make distcheck" error on version.py.
The generated version.py has to go in the srcdir and has to be regenerated
based on config.status, which breaks "make distcheck" because it
write-protects the srcdir. However, the contents of version.py only change
when the version number changes, so we can just "touch" it when it doesn't
really need to change.
The same pattern is used elsewhere in the tree for other files in the same
situation, e.g. the various RPM spec files.
Reported-by: Chris Wright <chrisw@sous-sol.org>
Acked-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 9 Mar 2012 23:10:56 +0000 (15:10 -0800)]
ovsdb-doc: Use minus sign in negative numbers in nroff output.
ovs-vswitchd.conf.db.5 has autogenerated text "at least -1" in one place.
This '-' should be a minus sign, but ovsdb-doc was generating it as a
hyphen.
Found by lintian.
Reported-by: Thomas Goirand <zigo@debian.org>
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 9 Mar 2012 22:50:39 +0000 (14:50 -0800)]
ovsdb-doc: Convert '-' preceding a number as a minus sign, not a hyphen.
ovs-vswitchd.conf.db.5 contains the following sentence:
If the interface cannot be added then Open vSwitch sets this column
to -1.
The '-' in "-1" should be a minus sign, not a hyphen, but the heuristic
in ovsdb-doc wasn't smart enough. This commit improves the heuristic and
fixes the problem.
Found by lintian.
Reported-by: Thomas Goirand <zigo@debian.org>
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 9 Mar 2012 22:37:31 +0000 (14:37 -0800)]
ovsdb-doc: Put NAME section into generated manpage.
This makes the manpage indexable by standard system tools.
Found by lintian.
Reported-by: Thomas Goirand <zigo@debian.org>
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 9 Mar 2012 22:20:54 +0000 (14:20 -0800)]
debian: Avoid unit test failure when doing "unofficial" builds.
The configure option --with-build-number=0 is interpreted differently in
different places. The configure script itself accepts 0 as an actual
build number and puts '#define BUILDNR "+build0"' into config.h. The
code in python/automake.mk treats 0 as "no build number" and puts
'BUILDNR = ""' into version.py.
This commit avoids the problem by not passing 0 as a build number.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 22:44:41 +0000 (14:44 -0800)]
doc: Fix typo in manpage.
Found by lintian.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:53:12 +0000 (13:53 -0800)]
debian: Bump standards-version to 3.9.3.
No other changes necessary.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:49:36 +0000 (13:49 -0800)]
debian: Remove some useless files from the dkms pacakge.
This commit removes useless files from the dkms package that caused
lintian warnings.
(Many of the other files in the dkms package are also useless but do not
cause lintian warnings so they are less important.)
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:46:18 +0000 (13:46 -0800)]
debian: Clean .pyc files in "clean" target.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:45:02 +0000 (13:45 -0800)]
debian: Remove po-debconf build dependency.
Open vSwitch no longer uses Debconf at all, for some time now.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:44:10 +0000 (13:44 -0800)]
debian: Build-depend on python-all to pull in all Python versions.
Open vSwitch should support all Python versions in the distribution. This
is the way to do it.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:41:59 +0000 (13:41 -0800)]
debian: Add missing ${python:Depends} to openvswitch-test package.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:39:59 +0000 (13:39 -0800)]
debian: Improve long descriptions so as to better describe the packages.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:30:26 +0000 (13:30 -0800)]
debian: Bump debhelper compat level to 8 and make build-depends consistent.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Goirand [Fri, 9 Mar 2012 21:26:42 +0000 (13:26 -0800)]
debian: Add long descriptions for init scripts.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Mar 2012 16:48:51 +0000 (09:48 -0700)]
tests: Fix "make check" as non-root.
Without this change, these tests try to write to /var/run, which fails
unless "make check" is run as root.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sat, 10 Mar 2012 00:22:12 +0000 (16:22 -0800)]
ovs-pki: Implement --version option.
Reported-by: Gurucharan Shetty <gshetty@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Sat, 10 Mar 2012 19:04:42 +0000 (11:04 -0800)]
ovs-monitor-ipsec: Use all caps for global constants.
The convention in Python is to use all caps for global constants.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Ethan Jackson [Fri, 9 Mar 2012 21:53:22 +0000 (13:53 -0800)]
netdev: Consistently use 'enum netdev_features'.
Without this patch sparse gives me warnings. At any rate, it's
cleaner to be consistent.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Thu, 8 Mar 2012 22:44:54 +0000 (14:44 -0800)]
nicira-ext: Increase the number of NXM registers to 8.
Requested-by: Amar Padmanabhan <amar@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Sat, 3 Mar 2012 01:50:59 +0000 (17:50 -0800)]
idl: Convert python daemons to utilize SchemaHelper.
The recently added SchemaHelper class significantly simplifies IDL
instantiation in Python. This commit converts all users of the old
method to the new method, and removes support for the old method.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Sat, 3 Mar 2012 02:33:48 +0000 (18:33 -0800)]
ovs-monitor-ipsec: Add unixctl support.
With this patch, users can query a running ovs-monitor-ipsec
daemon's version, or ask it to exit using ovs-appctl.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Tue, 6 Mar 2012 19:12:19 +0000 (11:12 -0800)]
ovs-xapi-sync: Use unixctl to trigger cache flushes.
Typically Open vSwitch communicates with running processes using
unixctl. This patch converts ovs-xapi-sync to the strategy for
consistency.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Sat, 3 Mar 2012 01:18:35 +0000 (17:18 -0800)]
ovs-xapi-sync: Add unixctl support.
With this patch, users can query a running ovs-xapi-sync's version
or ask it to exit using ovs-appctl.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Fri, 2 Mar 2012 23:24:32 +0000 (15:24 -0800)]
ovs-xapi-sync: Cache nicira-bridge-id in ovs-xapi-sync.
Communicating with xapi from Python can be quite expensive so it
makes sense to cache this data if convenient.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Tue, 6 Mar 2012 19:16:38 +0000 (11:16 -0800)]
ovs-xapi-sync: Remove useless root_prefix global.
There's no reason for this variable to be global, or to exist at
all for that matter.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 9 Mar 2012 21:31:41 +0000 (13:31 -0800)]
debian: Fix Debian build of modules via module-assistant.
Fixes an error during module-assistant build step:
install: cannot stat `openvswitch/datapath/linux/*_mod.ko': No such
file or directory
This was (understandably) overlooked as part of commit
9b80f761be
(datapath: omit _mod from module names).
Acked-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Fri, 9 Mar 2012 21:00:29 +0000 (13:00 -0800)]
netdev-linux: Cache error code from do_get_ifindex().
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Fri, 9 Mar 2012 20:59:58 +0000 (12:59 -0800)]
netdev-linux: Cache error code from get-features.
Following patch adds support for caching error code from ETHTOOL_GSET
call. Since internal device is virtual device device feature does not
make much sense, so netdev_get_features op is removed for internal
devices.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Fri, 9 Mar 2012 20:59:27 +0000 (12:59 -0800)]
netdev-linux: Cache error code from set-policing.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Fri, 9 Mar 2012 20:58:10 +0000 (12:58 -0800)]
netdev-linux: Cache error code from ether-addr ioctl.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Fri, 9 Mar 2012 20:57:48 +0000 (12:57 -0800)]
netdev-linux: Cache error code from mtu ioctl.
netdev linux devices uses mtu ioctl to get and set MTU for a device.
By caching error code from ioctl we can reduce number of ioctl calls
for device which is unregistered from system.
netdev notification is used to update mtu which saves get-mtu-ioctl.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Fri, 9 Mar 2012 20:57:13 +0000 (12:57 -0800)]
netdev-linux: Cache drv-info for net device.
Netdev-linux calls ETHTOOL_GDRVINFO on every netdev_linux_get_status()
which is not optimal as drv-info does not change for given device.
So following patch changes netdev_linux_get_status() to read drv-info at
device initialization and cache it.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Chris Wright [Fri, 9 Mar 2012 17:55:45 +0000 (09:55 -0800)]
datapath: omit _mod from module names
This renames the datapath modules:
openvswitch_mod -> openvswitch
brcompat_mod -> brcompat
The first makes the module name consistent with upstream, and the latter
is just for internal consistency. This makes tools, and documentation
refer to a common module name regardless if it's coming from upstream
linux or built from datapath/ as part of a local build.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ansis Atteka [Fri, 9 Mar 2012 02:58:09 +0000 (18:58 -0800)]
ovs-monitor-ipsec: Detect correctly IPSEC configuration changes
If Open vSwitch has IPSEC tunnel (with certificates) and Interface
table was updated, then ovs-monitor-ipsec daemon would incorrectly
remove and readd all existing IPSEC tunnels.
The root cause for this issue was that "peer_cert_file" key was present in
interfaces dictionary, but it was missing in new_interfaces dictionary.
v2: Do not fail buildtests
Issue#10096
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Reported-by: Niklas Andersson <nandersson@nicira.com>
Ansis Atteka [Fri, 9 Mar 2012 02:34:15 +0000 (18:34 -0800)]
Revert "ovs-monitor-ipsec: Detect correctly IPSEC configuration changes"
This reverts commit
e1870e82f5ea35d45d7358c2454e876122a02bfb.
Reverting due to a failing build test.
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Ansis Atteka [Fri, 9 Mar 2012 00:19:59 +0000 (16:19 -0800)]
ovs-monitor-ipsec: Detect correctly IPSEC configuration changes
If Open vSwitch has IPSEC tunnel (with certificates) and Interface
table was updated, then ovs-monitor-ipsec daemon would incorrectly
remove and readd all existing IPSEC tunnels.
The root cause for this issue was that "peer_cert_file" key was present in
interfaces dictionary, but it was not present in new_interfaces dictionary.
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Reported-by: Niklas Andersson <nandersson@nicira.com>
Ethan Jackson [Thu, 8 Mar 2012 23:57:45 +0000 (15:57 -0800)]
authors: Fix text alignment.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 8 Mar 2012 22:27:35 +0000 (14:27 -0800)]
netdev-linux: Use "read", not "recv", for tap devices.
"recv" only works for sockets, but tap devices aren't sockets.
Makes the userspace switch work again.
Reported-by: Ravi Kerur <Ravi.Kerur@telekom.com>
Reported-by: 胡靖飞 <hujingfei914@msn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Wed, 7 Mar 2012 20:19:04 +0000 (12:19 -0800)]
datapath: update linux/.gitignore
Remove a couple stale entries:
brc_sysfs_* was renamed to dp_sysfs_* a few years ago
Add some new entries to ignore:
# Untracked file:
# (use "git add <file>..." to include in what will be committed)
# datapath/linux/exthdrs_core.c
# datapath/linux/genl_exec.c
# datapath/linux/net_namespace.c
# datapath/linux/workqueue.c
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Chris Wright [Wed, 7 Mar 2012 18:28:02 +0000 (10:28 -0800)]
datapath: rename brcompat.c to brcompat_main.c
This just makes it easier to subsequently rename the brcompat_mod module
to brcompat without introducing circular dependencies.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Thu, 8 Mar 2012 18:49:47 +0000 (10:49 -0800)]
ovs-xapi-sync: Rerun processing when a db update arrives during a commit.
The logic in ovs-xapi-sync didn't handle the case where ovsdb-server sends
a database update before it replies to a transaction that ovs-xapi-sync
sent, like this:
ovs-xapi-sync ovsdb-server
------------- ------------
.
.
.
transaction request --->
<--- database contents update
<--- transaction reply
.
.
.
The update was not lost but ovs-xapi-sync would not process it until the
database changed again.
Bug #10082.
Reported-by: Krishna Miriyala <krishna@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Wed, 7 Mar 2012 00:51:44 +0000 (16:51 -0800)]
ofproto-dpif: Log traces when resubmit depth is exceeded.
It can be very difficult to debug xlate_actions() failures due to
excessive resubmit recursion. In an attempt to make it easier,
this patch adds a (severely rate-limited) full ofproto/trace to the
logs.
Suggested-by: Alan Shieh <ashieh@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Thu, 8 Mar 2012 01:12:58 +0000 (17:12 -0800)]
git: Update gitignore to include new hstamp suffix.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 8 Mar 2012 00:38:28 +0000 (16:38 -0800)]
tests: Suppress "role reply" that can appear in async message test.
Another race condition in this test, *sigh*.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Wed, 7 Mar 2012 23:48:32 +0000 (15:48 -0800)]
python: Make build number format consistent with C.
The C code displays the build number as the empty string when 0,
and as +build<num> otherwise. This commit updates version.py to be
consistent and tests that it is in the unit tests.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Mon, 27 Feb 2012 19:13:00 +0000 (11:13 -0800)]
stream-unix: Do not bind a name for client sockets.
There's no reason for a Unix domain client socket to bind a name. I don't
know why we've always done that. Stevens's "Unix Network Programming"
Unix domain socket client example doesn't do a bind.
Removes the 'unlink_path' parameter from new_fd_stream() since it is now
always passed as NULL.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 27 Feb 2012 18:58:45 +0000 (10:58 -0800)]
socket-util: Unlink Unix domain sockets that bind but fail to connect.
The error handling path here failed to clean up bound sockets, by removing
them. This fixes the problem.
It was easy to observe this bug by running "ovs-vsctl" without
"ovsdb-server" running.
Bug #9811.
Bug #9769.
Reported-by: Michael <mhu@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 7 Mar 2012 23:41:30 +0000 (15:41 -0800)]
python socket_util: Use correct fatal_signal function on error path.
The correct function to call here is "remove_file_to_unlink". That is,
since the file has already been unlinked there is no need to keep it on
the list of files to unlink.
However, "unlink_file_now" simplifies the code, so we might as well use
that.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 7 Mar 2012 23:38:27 +0000 (15:38 -0800)]
python socket_util: Don't try to unbind None bind_path.
This bug is not exposed in the current tree, because no existing caller
passes None as bind_path.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 7 Mar 2012 23:27:52 +0000 (15:27 -0800)]
netdev-linux: Fix build failure with old kernel headers.
The "speed_hi" member was only introduced in 2.6.27, so builds against
older kernel headers failed.
speed_hi is fully backward compatible with older kernels, because older
kernels always set it to 0, so we could easily introduce a compatibility
layer here, but in fact I don't know of any OVS users who have interfaces
faster than 65.5 Gb/s, so it's hardly urgent.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Fri, 2 Mar 2012 20:24:55 +0000 (12:24 -0800)]
lacp: Notify LACP module when carrier changes.
Without this patch, when a slave's carrier goes down, the LACP
module (as evidenced by ovs-appctl lacp/show) would consider the
slave current until it hadn't received LACP PDUs for the requisite
amount of time. It should instead, immediately mark the slave
expired. This shouldn't actually affect the behavior of LACP bonds
because the bond module won't choose to send traffic out a slave
whose carrier is down.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Wed, 7 Mar 2012 22:46:14 +0000 (14:46 -0800)]
ovs-ofctl: Make "barrier" output reproducible for testing.
The "ofproto - asynchronous message control" test had a race in which
the "send: OFPT_BARRIER_REQUEST" message could get printed in different
places because there was nothing to ensure that messages from the switch
were printed before messages sent to the switch, even though the actual
ordering of the messages was predictable. This fixes the problem by not
printing a message at all when the barrier request is sent.
Bug #10049.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Tue, 6 Mar 2012 21:09:13 +0000 (13:09 -0800)]
datapath: Fix checksum update for actions on UDP packets.
When modifying IP addresses or ports on a UDP packet we don't
correctly follow the rules for unchecksummed packets. This meant
that packets without a checksum can be given a incorrect new checksum
and packets with a checksum can become marked as being unchecksummed.
This fixes it to handle those requirements.
Bug #8937
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 7 Mar 2012 22:17:45 +0000 (14:17 -0800)]
tests: Convert *_SCHEMA macros to shell functions.
This reduces tests/testsuite by about 70 kB, by collapsing a number of
macro expansions into just one copy in a shell function.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 13 Feb 2012 22:47:53 +0000 (14:47 -0800)]
tests: Convert OVS_WAIT_* macros to shell functions.
This reduces tests/testsuite by about 35 kB, by collapsing a number of
macro expansions into just one copy in a shell function.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 13 Feb 2012 22:30:27 +0000 (14:30 -0800)]
tests: Convert interface-reconfigure macros to shell functions.
This reduces tests/testsuite by about 50 kB, by collapsing a number of
macro expansions into just one copy in a shell function.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 7 Mar 2012 22:11:09 +0000 (14:11 -0800)]
datapath: Honor dp_ifindex, when specified, for vport lookup by name.
When OVS_VPORT_ATTR_NAME is specified and dp_ifindex is nonzero, the
logical behavior would be for the vport name lookup scope to be limited
to the specified datapath, but in fact the dp_ifindex value was ignored.
This commit causes the search scope to be honored.
Bug #9889.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Thu, 16 Feb 2012 00:33:04 +0000 (16:33 -0800)]
Abstract everything that uses ofp_phy_port, add OF1.1 support.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 16 Feb 2012 00:22:18 +0000 (16:22 -0800)]
openflow: Split OFPAT_* into OFPAT10_* and OFPAT11_*.
An upcoming commit will start referring to OpenFlow 1.1 actions, which are
renumbered relative to OpenFlow 1.0 actions, so this commit prepares by
changing all the existing uses of OFPAT_* to instead use OFPAT10_*.
This commit also introduces the OFPAT11_* constants.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 15 Feb 2012 22:23:38 +0000 (14:23 -0800)]
netdev: Abstract "features" interface away from OpenFlow 1.0.
netdev_get_features() and other functions have always used OpenFlow 1.0
"enum ofp_port_features" bits as part of their interface. This commit
switches over to using an internally defined interface that is not tied
directly to any OpenFlow version, making evolution of each side of the
interface easier in the future.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 15 Feb 2012 23:39:41 +0000 (15:39 -0800)]
ofp-util: Don't decode some OF1.1 messages as OF1.0 stats messages.
This bug was not yet visible because none of the messages that would be
misinterpreted were yet implemented.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 15 Feb 2012 00:58:39 +0000 (16:58 -0800)]
Break OFPT_* constants into common value and 1.0- and 1.1-specific values.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 15 Feb 2012 01:08:03 +0000 (17:08 -0800)]
ofp-util: Add functions for working with OpenFlow 1.1 port numbers.
OpenFlow 1.1 extends port numbers to 32 bits. Initially we plan to support
only port numbers in the 16-bit range in Open vSwitch. However the OF1.1
reserved ports have high-valued fixed numbers that require translation to
high fixed values in the 16-bit range for OF1.0. These new functions
provide this translation.
Nothing uses these functions yet.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 15 Feb 2012 23:28:25 +0000 (15:28 -0800)]
ofp-print: Print OpenFlow version number of message, unless it's 1.0.
The version number is an important part of the OpenFlow message's
meaning, so include it. Version 1.0 is grandfathered in so existing output
parsers don't have to change.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 7 Dec 2011 06:33:49 +0000 (22:33 -0800)]
Begin breaking openflow-1.0.h into common and version-specific definitions.
The intention is that, as each OpenFlow 1.1 and 1.2 feature is added to Open
vSwitch, the corresponding protocol definitions will be broken up this way:
- Definitions that are the same in OF1.0 and OF1.1 will retain the "OFP"
or "ofp" prefix and move to openflow-common.h.
- Definitions that are specific to OF1.0 will be renamed with an "OFP10"
or "ofp10" prefix and stay in openflow-1.0.h.
- Definitions that are specific to OF1.1 or to OF1.1 and OF1.2 will be
renamed with an "OFP11" or "ofp11" prefix and move to openflow-1.1.h.
- Definitions that are specific to OF1.2 will be renamed with an "OFP12"
or "ofp12" prefix and move to openflow-1.2.h.
This commit starts this process with some basic OpenFlow definitions.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 24 Oct 2011 01:16:03 +0000 (18:16 -0700)]
Move content of openflow.h into openflow-1.0.h.
This prepares for a gradual introduction of definitions from OpenFlow
1.1 and later, by making it clearer that the current definitions are
specific to OpenFlow 1.0.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 10 Feb 2012 21:30:23 +0000 (13:30 -0800)]
Introduce ofputil_protocol, to abstract the protocol in use on a connection.
Open vSwitch already handles a few different protocol variations, but it
does so in a nonuniform manner:
- OpenFlow 1.0 and NXM flow formats are distinguished using the NXFF_*
constant values from nicira-ext.h.
- The "flow_mod_table_id" feature setting is maintained in ofproto as
part of an OpenFlow connection's (ofconn's) state.
There's no way to easily communicate this state among components. It's
not much of a problem yet, but as more protocol support is added it seems
better to have an abstract, uniform way to represent protocol versions and
variants. This commit implements that by introducing a new type
"enum ofputil_protocol". Each ofputil_protocol value represents a variant
of a protocol version. Each value is a separate bit, so a single enum
can also represent a set of protocols, which is often useful as well.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 15 Feb 2012 23:13:41 +0000 (15:13 -0800)]
ofp-print: Remove unused function ofp_message_type_to_string().
ofputil_msg_type_name() is a better interface.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 7 Mar 2012 21:52:55 +0000 (13:52 -0800)]
ovs-ofctl: Avoid segfault upon receive error for "monitor", "snoop".
Bug #10062.
Reported-by: James Schmidt <jschmidt@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Wed, 7 Mar 2012 00:10:46 +0000 (16:10 -0800)]
unixctl: Timeout unit tests instead of hanging.
We've seen some unixctl tests hang indefinitely which makes them
difficult to debug. ovs-appctl and appctl.py calls to timeout
instead.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Tue, 6 Mar 2012 21:20:06 +0000 (13:20 -0800)]
unixctl: Re-enable unit tests.
The transient failure in the unixctl unit tests likely still
exists, but we've added additional instrumentation to our build
tools to help us debug it.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Gurucharan Shetty [Mon, 5 Mar 2012 18:20:00 +0000 (10:20 -0800)]
xenserver: Add vm-id to the external_ids.
The vm-id external id in the interface table will uniquely identify a VM
that is connected to a bridge through that interface.
In xenserver, this will have the same value as the external id - xs-vm-uuid
and can be overridden by setting the nicira-vm-id key in the other_config
field of VM record of XAPI.
Bug #10020.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Pravin B Shelar [Mon, 5 Mar 2012 23:42:41 +0000 (15:42 -0800)]
netdev-linux: Make netdev_set_policing coverage counter consistent with other counters.
Most of coverage counters in netdev-linux are counting actual system
calls rather than reads from cached data.
Following patch fixes it by incrementing it after cache check.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Ben Pfaff [Mon, 5 Mar 2012 17:52:36 +0000 (09:52 -0800)]
vswitchd: Document behavior of 802.1p priorities with VLAN splinters.
Reported-by: likunyun <kunyunli@hotmail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 2 Mar 2012 21:26:35 +0000 (13:26 -0800)]
bridge: Remove unwanted ports at time of ofproto creation.
The reconfiguration code only deleted unwanted ports for bridges that had
been created in previous (re)configurations. In fact, we should run this
step even for bridges that are newly added, e.g. to delete ports that
were added by a previous run of ovs-vswitchd and deleted from the database
between runs.
Before this commit, the following left "int" in datapath br0. After this
commit, "int" is properly deleted:
1. With ovs-vswitchd running:
# ovs-vsctl add-br br0
# ovs-vsctl add-port br0 int -- set interface int type=internal
2. Kill ovs-vswitchd, then:
# ovs-vsctl --no-wait -- del-port br0 int
3. Restart ovs-vswitchd.
Bug #9957.
Reported-by: Hiroshi Tanaka <htanaka@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Sat, 3 Mar 2012 03:05:29 +0000 (19:05 -0800)]
unixctl: Skip Python unixctl tests.
The Python unixctl tests introduced a transient build failure that
can't be debugged until more information is collected. Skipping
these tests for now until it's possible to debug them.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 2 Mar 2012 22:09:58 +0000 (14:09 -0800)]
connmgr: Make "enable-async-messages" work for primary controllers too.
I only tested this feature with service controllers.
Bug #9964.
Reported-by: James Schmidt <jschmidt@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>