Jesse Gross [Wed, 6 Oct 2010 01:09:00 +0000 (18:09 -0700)]
datapath: Force our include directory to be first.
XenServer puts our header files in the standard system search path
by default. This is normally OK, except when we introduce new things
which aren't in those headers. Since the system picks up the older files
first this leads to undefined sysmbols.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ethan Jackson [Fri, 1 Oct 2010 02:29:27 +0000 (02:29 +0000)]
xenserver: ovs-external-ids log to file instead of syslog
ovs-external-ids was crashing on startup because it was brought up
before /dev/log exists. The simplest solution to this problem is
to have it log to /var/log/openvswitch/ovs-external-ids.log . This
is consistent with vswitchd and ovsdb-server.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Jesse Gross [Sat, 2 Oct 2010 02:21:08 +0000 (19:21 -0700)]
tunnel: Correctly check for internal device.
With header caching we check to see if the next device in the stack
is an OVS device and, if so, cache that flow as well. However, the
test for this called internal_dev_get_vport() assuming that it would
return NULL if the device is not an internal device. It doesn't,
however, it just returns the offset from the device where the vport
data structure would be if it were an internal device. This changes
it to explicitly check for an internal device first to avoid a panic.
Bug #3470
Reported-by: Ram Jothikumar <rjothikumar@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Justin Pettit <jpettit@nicira.com>
Justin Pettit [Sat, 2 Oct 2010 07:27:23 +0000 (00:27 -0700)]
Add Nicira extension for modifying queue without transmitting
The OpenFlow OFPAT_ENQUEUE action sets a queue id and outputs the packet
in one shot. There are times in which the queue should be set, but the
output port is not yet known. This commit adds the NXAST_SET_QUEUE and
NXAST_POP_QUEUE Nicira extension actions to modify the queue
configuration without requiring a port argument.
CC: Jeremy Stribling <strib@nicira.com>
CC: Keith Amidon <keith@nicira.com>
Ben Pfaff [Wed, 1 Sep 2010 19:45:24 +0000 (12:45 -0700)]
netflow: Avoid (theoretically) looping 2**32 times.
If the netflow byte counter is UINT64_MAX, or at any rate much larger than
UINT32_MAX, netflow_expire() could loop for a very long time. This commit
avoids that case.
This is only a theoretical bug fix. I don't know of any actual bug that
would cause a counter to be that high.
Ben Pfaff [Wed, 1 Sep 2010 19:43:11 +0000 (12:43 -0700)]
netflow: Do 64-bit division less often.
64-bit division is expensive. Usually we can avoid it entirely, as done by
this patch.
Ben Pfaff [Thu, 26 Aug 2010 21:53:04 +0000 (14:53 -0700)]
INSTALL.Linux: Describe how to upgrade the Open vSwitch database.
Suggested-by: Parham Kiani <pkiani@essex.ac.uk>
Ben Pfaff [Fri, 1 Oct 2010 20:41:40 +0000 (13:41 -0700)]
ovs-controller: Improve QoS abilities.
This makes it a little easier to test Open vSwitch QoS features using
ovs-controller, by making it possible to assign queues on the basis of
input port, instead of just allowing a single queue for a whole switch.
CC: Michael Mao <mmao@nicira.com>
Ben Pfaff [Thu, 23 Sep 2010 21:12:09 +0000 (14:12 -0700)]
learning-switch: Introduce struct for configuration.
This should make extensions easier.
Ben Pfaff [Thu, 23 Sep 2010 21:08:13 +0000 (14:08 -0700)]
ovs-controller: Make --with-flows read the file only once, at startup.
A couple of people have reported that ovs-controller --with-flows is
confusing. This seems to be because it doesn't read the file with the
flows until the first connection from a switch. Then, if the file has a
syntax error, it exits.
This commit changes the behavior so that it reads the file immediately at
startup instead.
Ben Pfaff [Fri, 1 Oct 2010 20:08:14 +0000 (13:08 -0700)]
ofp-parse: Add test.
Ben Pfaff [Fri, 1 Oct 2010 20:05:59 +0000 (13:05 -0700)]
ofp-print: Make output easier to read.
Ben Pfaff [Thu, 23 Sep 2010 20:19:49 +0000 (13:19 -0700)]
ofp-parse: Factor out duplicated code into new functions.
Ben Pfaff [Fri, 1 Oct 2010 20:05:23 +0000 (13:05 -0700)]
ofp-parse: Properly byteswap in_port.
Ben Pfaff [Thu, 16 Sep 2010 22:41:14 +0000 (15:41 -0700)]
ofproto: Only dump queue statistics if the queue really exists.
Without this commit, "ovs-ofctl queue-stats br0 ALL 1" will print something
like the following if port 3 has queue 1 but none of the other ports do:
stats_reply (xid=0x7b378): flags=none type=5(queue)
4 queues
port 0 queue 1: bytes=?, pkts=?, errors=?
port 1 queue 1: bytes=?, pkts=?, errors=?
port 2 queue 1: bytes=?, pkts=?, errors=?
port 3 queue 1: bytes=0, pkts=0, errors=0
With this commit, it will print the following instead, which seems more
useful:
stats_reply (xid=0x3ada1): flags=none type=5(queue)
1 queues
port 3 queue 1: bytes=0, pkts=0, errors=0
Ben Pfaff [Thu, 16 Sep 2010 22:38:10 +0000 (15:38 -0700)]
netdev-linux: Fix off-by-one error dumping queue stats.
Linux kernel queue numbers are one greater than OpenFlow queue numbers, for
HTB anyhow. The code to dump queues wasn't compensating for this, so this
commit fixes it up.
Ben Pfaff [Thu, 16 Sep 2010 22:36:57 +0000 (15:36 -0700)]
ovs-ofctl: Add "queue-stats" command to print queue stats.
Ben Pfaff [Fri, 17 Sep 2010 17:33:10 +0000 (10:33 -0700)]
Switch many macros from using CONTAINER_OF to using OBJECT_CONTAINING.
These macros require one fewer argument by switching, which makes code
that uses them shorter and more readable.
Ben Pfaff [Mon, 19 Jul 2010 20:46:52 +0000 (13:46 -0700)]
util: New macro OBJECT_CONTAINING.
This macro is a variant on CONTAINER_OF that takes an object pointer
instead of a type name as its second argument. In the following commit
this will simplify many users of CONTAINER_OF.
Ben Pfaff [Mon, 19 Jul 2010 19:57:22 +0000 (12:57 -0700)]
ofproto: Use hash table instead of sparse array for ofports.
The main advantage of a sparse array over a hash table is that it can be
iterated in numerical order. But the OVS implementation of sparse arrays
is quite expensive in terms of memory: on a 32-bit system, a sparse array
with exactly 1 nonnull element has 512 bytes of overhead. In this case,
the sparse array's property of iteration in numerical order is not
important, so this commit converts it to a hash table to save memory.
Ben Pfaff [Mon, 19 Jul 2010 18:43:05 +0000 (11:43 -0700)]
sflow: Use hash table instead of sparse array for sflow ports.
The main advantage of a sparse array over a hash table is that it can be
iterated in numerical order. But the OVS implementation of sparse arrays
is quite expensive in terms of memory: on a 32-bit system, a sparse array
with exactly 1 nonnull element has 512 bytes of overhead. In this case,
the sparse array's property of iteration in numerical order is not
important, so this commit converts it to a hash table to save memory.
Ben Pfaff [Mon, 19 Jul 2010 18:23:05 +0000 (11:23 -0700)]
bridge: Use hash table instead of sparse array for bridge ports.
The main advantage of a sparse array over a hash table is that it can be
iterated in numerical order. But the OVS implementation of sparse arrays
is quite expensive in terms of memory: on a 32-bit system, a sparse array
with exactly 1 nonnull element has 512 bytes of overhead. In this case,
the sparse array's property of iteration in numerical order is not
important, so this commit converts it to a hash table to save memory.
Ben Pfaff [Mon, 19 Jul 2010 18:22:10 +0000 (11:22 -0700)]
hmap: New function hmap_clear().
Ben Pfaff [Mon, 19 Jul 2010 18:21:59 +0000 (11:21 -0700)]
netdev-linux: Use hash table instead of sparse array for QoS classes.
The main advantage of a sparse array over a hash table is that it can be
iterated in numerical order. But the OVS implementation of sparse arrays
is quite expensive in terms of memory: on a 32-bit system, a sparse array
with exactly 1 nonnull element has 512 bytes of overhead. In this case,
the sparse array's property of iteration in numerical order is not
important, so this commit converts it to a hash table to save memory.
Ben Pfaff [Wed, 1 Sep 2010 20:42:33 +0000 (13:42 -0700)]
ovs-vsctl: Reduce log level for "Called as..." for read-only invocations.
When ovs-vsctl is not actually going to modify the database, it is less
interesting in the log, so we might as well only log it at "debug" level.
Suggested-by: Neil McKee <neil.mckee@inmon.com>
Ben Pfaff [Wed, 1 Sep 2010 20:41:09 +0000 (13:41 -0700)]
ovs-vsctl: Factor out and optimize searching for a command by name.
The following commit will introduce a new function that wants to do this
a lot, so we might as well do it efficiently.
Ethan Jackson [Tue, 28 Sep 2010 18:58:00 +0000 (11:58 -0700)]
debian: openvswitch-common ethtool should not be required
The ethtool package is only used to help ovs-bugtool create bug
reports and does not prevent the script from running if it's
missing. Making it a requirement for installation is a bit
draconian.
Justin Pettit [Tue, 28 Sep 2010 01:48:25 +0000 (18:48 -0700)]
debian: Restart ovs-monitor-ipsec when --monitor specified
The OVS Python daemon library will restart a process when started with
"--monitor" that exits with RESTART_EXIT_CODE. Have ovs-monitor-ipsec
exit with this code when an uncaught exception occurs.
Justin Pettit [Tue, 28 Sep 2010 01:33:56 +0000 (18:33 -0700)]
debian: Create ovs-monitor-ipsec rundir if it doesn't exist
Reported-by: Sajjad Lateef <slateef@nicira.com>
Ethan Jackson [Thu, 23 Sep 2010 06:45:58 +0000 (23:45 -0700)]
debian: Added a manpage for ovs-bugtool
Added a manpage for the ovs-bugtool script.
Ethan Jackson [Thu, 23 Sep 2010 04:59:02 +0000 (21:59 -0700)]
tests: Test that children restart with special exit code
Added a test which checks that the python daemon code properly
restarts child processes which exit with RESTART_EXIT_CODE.
Ethan Jackson [Thu, 23 Sep 2010 05:48:42 +0000 (22:48 -0700)]
tests: Remove trailing whitespace from python daemon tests
Removes the trailing whitespace from the testing code related to
daemonizing in Python.
Ethan Jackson [Wed, 22 Sep 2010 19:40:39 +0000 (12:40 -0700)]
xenserver: monitor-external-ids should run with --monitor
The init script starts monitor-external-ids with --monitor when
configured to do so. Also made changes to guarantee that --monitor
actually restarts ovs-external-ids.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Wed, 22 Sep 2010 22:38:17 +0000 (15:38 -0700)]
xenserver: Added additional logging to ovs-external-ids
Added additional logging for debug-ability and migrated to python
logging module.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Justin Pettit [Thu, 23 Sep 2010 23:32:13 +0000 (16:32 -0700)]
vswitch: Consistently use spaces instead of tabs in vswitch.xml
Justin Pettit [Thu, 23 Sep 2010 22:11:39 +0000 (15:11 -0700)]
netdev: Cleanup minor comment formatting issues.
Justin Pettit [Thu, 23 Sep 2010 23:25:25 +0000 (16:25 -0700)]
vswitch: Disable header-caching when IPsec is enabled
Header caching speeds up sending tunneled traffic by bypassing the Linux
IP stack. This also causes it to bypass IPsec processing, which will
break connectivity. This commit disables header caching when IPsec is
enabled.
Justin Pettit [Thu, 23 Sep 2010 20:37:58 +0000 (13:37 -0700)]
debian: Use DODTIME instead of DIETIME in init scripts
Brad pointed out that openvswitch-ipsec init script defined the variable
DIETIME but attempted to use it as DODTIME. This commit uses DODTIME,
since it's the name used by the openvswitch-switch init script. The
openvswitch-controller init script had the same issue.
As suggested by Ben, the "s" suffixes are removed from sleep commands,
since they are a GNU extension.
Reported-by: Brad Hall <brad@nicira.com>
Ethan Jackson [Wed, 22 Sep 2010 01:03:07 +0000 (18:03 -0700)]
xenserver: Rename monitor-external-ids -> ovs-external-ids
Renamed the monitor-external-ids script ovs-external-ids.
Hopefully this will make it clearer who owns it when someone does
ps xa.
Also removed trailing whitespace from ovs-external-ids.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Thu, 23 Sep 2010 00:29:12 +0000 (17:29 -0700)]
debian: Support two locations for ethtool
The ethtool binary recently moved from /usr/sbin to /sbin. This
change falls back to /usr/sbin/ethtool if /sbin/ethtool does not
exist.
Ben Pfaff [Thu, 23 Sep 2010 18:56:36 +0000 (11:56 -0700)]
Add missing file to distribution.
Ben Pfaff [Thu, 23 Sep 2010 17:21:40 +0000 (10:21 -0700)]
vswitchd: Rename IFACE_STATS_INTERVAL, iface_stats_timer.
These are more than interface stats now so the names should be more
generic.
Suggested-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Wed, 22 Sep 2010 23:45:30 +0000 (16:45 -0700)]
ovs-vswitchd: Export system stats through Open_vSwitch table.
This is intended to provide controllers enough information to determine
whether a switch is overloaded or busted, to enable them to spread load
fairly across a group of switches.
Feature #2421.
CC: Peter Balland <peter@nicira.com>
Ben Pfaff [Wed, 22 Sep 2010 23:34:05 +0000 (16:34 -0700)]
ovsdb-doc: Implement new <option>, <ol> tags.
Ben Pfaff [Thu, 23 Sep 2010 16:43:46 +0000 (09:43 -0700)]
ovsdb-data: New function ovsdb_datum_from_shash().
Ben Pfaff [Thu, 23 Sep 2010 16:42:30 +0000 (09:42 -0700)]
shash: New function shash_steal().
Ben Pfaff [Thu, 23 Sep 2010 16:39:47 +0000 (09:39 -0700)]
daemon: Fix behavior of read_pidfile() for our own pidfile.
Opening a file descriptor and then closing it always discards any locks
held on the underlying file, even if the file is still open as another file
descriptor. This meant that calling read_pidfile() on the process's own
pidfile would discard the lock and make other OVS processes think that the
process had died. This commit fixes the problem.
Ben Pfaff [Tue, 21 Sep 2010 21:27:02 +0000 (14:27 -0700)]
daemon: Report number of crashes on monitor process command line.
Ben Pfaff [Mon, 13 Sep 2010 20:29:57 +0000 (13:29 -0700)]
vlog: Add VLOG_WARN_ONCE() and similar macros.
Ben Pfaff [Thu, 23 Sep 2010 18:20:10 +0000 (11:20 -0700)]
debian: additional copyright update for xenserver/
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Thu, 23 Sep 2010 01:55:15 +0000 (10:55 +0900)]
debian: update copyright for xenserver/
Further to the recent work done by Ben Pfaff and Ian Campbell to
clarify the license of all the files in xenserver/ the debian/copyright.in
file seems to need updating.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Wed, 22 Sep 2010 06:57:13 +0000 (23:57 -0700)]
xenserver: Only put the primary XenServer UUID in default bridge-id
This patch defensively guarantees that the first id in
xs-network-uuids will belong to the primary network (as opposed to
a vlan). Given that the primary network id comes first, it parses
xs-network-ids and only copies the primary id to bridge-id when
monitor-external-ids is run.
Feature #3647
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Reviewed-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Thu, 23 Sep 2010 05:52:04 +0000 (22:52 -0700)]
vswitch: Reference ipsec_local_ip and ipsec_psk with underscores
The GRE-over-IPsec the documentation describes "ipsec-local-ip" and
"ipsec-psk" when they actually use underscores.
Justin Pettit [Fri, 17 Sep 2010 02:19:11 +0000 (19:19 -0700)]
debian: Add support for GRE-over-IPsec
The ovs-monitor-ipsec daemon monitors the Interface table for GRE
entries. If an entry specifies other-config parameters "ipsec-local-ip"
and ("ipsec-psk" or "ipsec-cert"), it will create the appropriate
security associations so that all GRE traffic to the remote host will be
encrypted. In order for the two GRE tunnels to communicate, both sides
need to be configured for IPsec with appropriate authentication.
Currently, ovs-monitor-ipsec does not support certificate authentication
or ensure that an interface is actually attached to a bridge. Both of
these issues will be addressed in a forthcoming patch.
NB: While GRE-over-IPsec should work on any system with a relatively
recent racoon and setkey, it has only been tested on Debian. As such,
only Debian packaging has been provided.
Justin Pettit [Thu, 16 Sep 2010 22:37:16 +0000 (15:37 -0700)]
debian: Allow automake versions greater than or equal to 1.10
Jesse Gross [Mon, 30 Aug 2010 22:34:04 +0000 (15:34 -0700)]
tunneling: Allow disabling tunnel header caching.
Tunnel header caching significantly improves performance by bypassing
much of the transmit path. However, in some special cases or for
debugging it may be desirable to traverse the entire IP stack. This
exposes that as an option (default is to enable header caching).
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Fri, 27 Aug 2010 20:55:02 +0000 (13:55 -0700)]
datapath: Add tunnel header caching.
On the transmit path we generate essentially the same tunnel header
for every packet to a given destination. However, each packet must
have the headers assembled in pieces, lookup the destination in the
routing table, and lookup the flow in OVS. This avoids that extra
work by caching all of the header and output path information and
only rebuilding it when something actually changes.
This optimization reduces CPU load on transmit by approximately 13%.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Tue, 31 Aug 2010 22:38:25 +0000 (15:38 -0700)]
datapath: Backport workqueue functions.
An upcoming commit will use some workqueue functions that weren't
available on earlier kernels, so this backports those functions.
The backporting uses timers instead of delayed work queues because
the earlier versions of work queues have some unsafe corner cases.
In addition, this removes some unused work queue backporting code
that is no longer used because it is potentially unsafe.
Note that this commit changes the behavior of work queues: normally
they run in process context but the backported version runs in
softirq context.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sun, 29 Aug 2010 21:28:58 +0000 (14:28 -0700)]
datapath: Move is_frag out of struct ovs_skb_cb.
is_frag is only used for communication between two functions, which
means that it doesn't really need to be in the SKB CB. This wouldn't
necessarily be a problem except that there are also a number of other
paths that lead to this being uninitialized. This isn't a problem
now but uninitialized memory seems dangerous and there isn't much
upside.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sun, 29 Aug 2010 17:49:11 +0000 (10:49 -0700)]
datapath: Enable usage of cached flows.
An upcoming commit will add support for supplying cached flows for
packets entering the datapath. This adds the code in the datapath
itself to recognize these cached flows and use them instead of
extracting the flow fields and doing a lookup.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sun, 29 Aug 2010 16:49:51 +0000 (09:49 -0700)]
datapath: Add ref counting for flows.
Currently flows are only used within the confines of one
rcu_read_lock()/rcu_read_unlock() session. However, with the
addition of header caching we will need to hold references to flows
for longer periods of time. This adds support for that by adding
refcounts to flows. RCU is still used for normal packet handling
to avoid a performance impact from constantly updating the refcount.
However, instead of directly freeing the flow after a grace period
we simply decrement the refcount.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Tue, 27 Jul 2010 01:46:27 +0000 (18:46 -0700)]
datapath: Move flow allocation into a function.
As the process to allocate a flow becomes more involved it becomes
more cumbersome for the code to be mixed in with the general
datapath so split it out into a new function.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 22 Sep 2010 20:16:07 +0000 (13:16 -0700)]
xenserver: Now everything is free.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 22 Sep 2010 17:03:31 +0000 (10:03 -0700)]
xenserver: Add license to uuid.py.
There seemed to be some confusion regarding this file's provenance, so it
is best to clarify.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 22 Sep 2010 17:05:29 +0000 (10:05 -0700)]
xenserver: Add explicit license to refresh-xs-network-uuids.
I had assumed that a trivial one-line shell script didn't need an explicit
license, but it seems that I was wrong.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 22 Sep 2010 16:32:58 +0000 (09:32 -0700)]
xenserver: Change license of xsconsole plugin to GPLv2.
This file was under a proprietary license because it was derived from
proprietary XenServer code. That upstream code is now under GPLv2, so
change the downstream code to GPLv2 also.
Acked-by: Ian Campbell <Ian.Campbell@citrix.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 22 Sep 2010 20:14:37 +0000 (13:14 -0700)]
xenserver: Add GPLv2 license text.
xsconsole is being relicensed under GPLv2 so we need to include the text.
It would be more usual to name this file COPYING and to name the LGPLv2.1
that is already named LICENSE as COPYING.LIB, but some of the files pulled
in from XenServer say that their license is in a file named LICENSE. I
don't expect that Citrix would be willing to change that, so it seems
better to keep LGPLv2.1 named LICENSE.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 22 Sep 2010 16:52:27 +0000 (09:52 -0700)]
xenserver: Remove LICENSE header that is difficult to keep up to date.
I had forgotten that I had added this header. Let's keep all the
information about licensing in individual files instead.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 20 Sep 2010 18:57:13 +0000 (11:57 -0700)]
ovs-vsctl: Add many more usage examples.
Ben Pfaff [Mon, 20 Sep 2010 17:56:15 +0000 (10:56 -0700)]
ovs-vsctl: Allow "get" commands to create @names also.
This is useful for adding records that refer to other records by UUID, e.g.
ovs-vsctl \
-- set bridge br0 mirrors=@m \
-- --id=@eth0 get port eth0 \
-- --id=@eth0 get port eth1 \
-- --id=@m create mirror name=mymirror select-dst-port=@eth0 \
select-src-port=@eth0 output-port=@eth1
Ben Pfaff [Tue, 21 Sep 2010 21:27:51 +0000 (14:27 -0700)]
tests: Add 5-second timeout to ovs-vsctl tests.
Otherwise some of the tests may not terminate if something goes wrong.
(Formerly, ovs-vsctl had a default timeout of 5 seconds, so this was not
necessary before.)
Ethan Jackson [Fri, 17 Sep 2010 23:05:04 +0000 (16:05 -0700)]
xenserver: reload sends SIGHUP to monitor-external-ids
When the init script's reload function is called it will send a
SIGHUP to monitor-external-ids. This will cause
monitor-external-ids to re-generate everything.
Feature #3668.
Ethan Jackson [Fri, 17 Sep 2010 22:07:02 +0000 (15:07 -0700)]
xenserver: monitor-external-ids responds to SIGHUP
When monitor-external-ids receives a SIGHUP it will forget
everything and run as if it was newly started.
Feature #3668.
Justin Pettit [Tue, 21 Sep 2010 18:58:11 +0000 (11:58 -0700)]
Indicate that OVS only works with kernels 2.6.18 and greater
At one time, we tested against 2.6.15. This hasn't been done for a long
time, and it almost certainly no longer works.
Sajjad Lateef [Tue, 21 Sep 2010 18:18:26 +0000 (11:18 -0700)]
debian: Rename openvswitch-python to python-openvswitch
Package name changed to be consistent with
Debian Python policy.
The python files are installed in
/usr/share/python-support/python-openvswitch/ovs and
/usr/share/python-support/python-openvswitch/ovs/db
Changed Section to python, per lintian
Simon Horman [Tue, 21 Sep 2010 03:06:14 +0000 (12:06 +0900)]
debian: The second argument to m-a should be openvswitch-datapath
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Tue, 21 Sep 2010 03:06:13 +0000 (12:06 +0900)]
debian: Dont fail init if module cant be inserted
The problem here is that the daemon is started/restarted on
package installation, but the module may not be present at that
time and (as far as I know) its bad form to fail the package installation
in that circumstance.
In keeping with the way ipvsadm handles a similar problem,
exit with a non-error exit status if the module can't be inserted.
The loud error message is still displayed.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Tue, 21 Sep 2010 03:06:12 +0000 (12:06 +0900)]
debian: Add override of non-standard-dir-perm to corekeeper
Remove code to restart openvswitch-switch from its postinst script
as this is automatically added by dh_installinit
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Fri, 17 Sep 2010 22:06:17 +0000 (15:06 -0700)]
python: timer_wait_until calculated current time incorrectly
The timer_wait_until function in poller.py was using Time.msec to
figure out the current time. Unfortunately, Time.msec does not in
exist. Changed to use ovs.timeval.msec .
Sajjad Lateef [Fri, 17 Sep 2010 21:53:42 +0000 (14:53 -0700)]
debian: Add openvswitch-python package
This installs the Python runtime bindings for
Open vSwitch database into
/usr/share/python-support/openvswitch-python/ovs and
/usr/share/python-support/openvswitch-python/ovs/db
Updated FSF address in copyright file
Minor Whitespace re-formatting
Removed prerm, preinst, postinst files for openvswitch-python
Ben Pfaff [Mon, 20 Sep 2010 17:22:19 +0000 (10:22 -0700)]
vswitchd: Document policing implementation and caveats.
With some text from Dan Wendlandt <dan@nicira.com> adapted from
http://openvswitch.org/?page_id=267
CC: Keith Amidon <keith@nicira.com>
Ben Pfaff [Thu, 2 Sep 2010 17:09:09 +0000 (10:09 -0700)]
Avoid shadowing local variable names.
All of these changes avoid using the same name for two local variables
within a same function. None of them are actual bugs as far as I can tell,
but any of them could be confusing to the casual reader.
The one in lib/ovsdb-idl.c is particularly brilliant: inner and outer
loops both using (different) variables named 'i'.
Found with GCC -Wshadow.
Ben Pfaff [Thu, 2 Sep 2010 17:06:42 +0000 (10:06 -0700)]
ovsdb: Fix bug in "wait" command implementation.
The declaration of "error" that this commit removes shadowed an outer local
declaration of "error", which caused errors detected by this code not to be
propagated up to the outer level.
Found with GCC -Wshadow.
Ethan Jackson [Fri, 17 Sep 2010 15:23:32 +0000 (08:23 -0700)]
xenserver: monitor-external-ids remove redundant ovs-vsctl calls
The number of ovs-vsctl calls required to add a new vif in
monitor-external-ids grew linearly with the number of vifs in the
system. Changed to only do O(1) ovs-vsctl calls per vif addition.
Ben Pfaff [Fri, 17 Sep 2010 21:37:51 +0000 (14:37 -0700)]
ovs-vsctl: Remove default timeout.
On overloaded XenServers the current default timeout of 5 seconds can
occasionally be reached, which causes VM startup to fail. This commit
fixes the problem by removing the default timeout and changing each
invocation of ovs-vsctl within the tree to specify its own timeout,
if appropriate.
Bug #3573.
Jesse Gross [Fri, 17 Sep 2010 18:47:49 +0000 (11:47 -0700)]
AUTHORS: Add Alexey I. Froloff as reporter.
Jesse Gross [Fri, 17 Sep 2010 18:23:19 +0000 (11:23 -0700)]
datapath: Remove backported random32().
Nothing uses it anymore and it causes problems when backported on
some distributions. Kernels we support have net_random(), which
is the same thing so there is no reason to have an entire copy of
the random number generator in our source tree.
Reported-by: Alexey I. Froloff <raorn@altlinux.org>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Wed, 15 Sep 2010 08:51:40 +0000 (01:51 -0700)]
debian: Created a debian equivalent to xen-bugtool
ovs-bugtool creates a tarball of useful information which people
can submit with bug reports. The source is copied from xen-bugtool
with the xen specific removed or changed.
Ethan Jackson [Wed, 15 Sep 2010 08:51:15 +0000 (01:51 -0700)]
debian: Init script should put core dumps in an appropriate place
Before this commit the init script did not change the cwd of
openvswitch processes it started. Thus, core files were created in
root directory. This patch changes the cwd of openvswitch to
a more reasonable location.
Ben Pfaff [Wed, 1 Sep 2010 22:12:23 +0000 (15:12 -0700)]
ovsdb-doc: Be less explicit in ovs-vswitchd.conf.db(5).
The documentation doesn't really need to say that a field may be "between
0 and
4294967295 characters long".
This regression was introduced by commit
991559357 "Implement initial
Python bindings for Open vSwitch database."
Jesse Gross [Thu, 16 Sep 2010 18:02:15 +0000 (11:02 -0700)]
AUTHORS: Add Vivien Bernet-Rollande.
Vivien Bernet-Rollande [Thu, 16 Sep 2010 17:56:55 +0000 (10:56 -0700)]
brcompat_mod: Check if user has CAP_NET_ADMIN in ioctl handler
This patch checks that the user calling ioctl() to create, delete, or
modify bridges has the CAP_NET_ADMIN capability. This prevents
unpriviledged users from modifying the bridge configuration through
brcompatd. The checks are actually the same performed in
net/bridge/br_ioctl.c by the Linux kernel.
Signed-off-by: Vivien Bernet-Rollande <vbr@soprive.net>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Wed, 15 Sep 2010 23:52:48 +0000 (16:52 -0700)]
datapath: Check IS_ERR() in do_execute().
flow_actions_alloc() returns an error code in the form of a pointer
but we checked that the pointer was not NULL, which is always true.
This caused oopses on allocation errors when we would write into
an invalid pointer.
NIC-234
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 15 Sep 2010 22:21:03 +0000 (15:21 -0700)]
ovs-ofctl, ovs-controller: Disable flow idle timeout by default.
Until now, flows set up by ovs-ofctl and by "ovs-controller --with-flows"
by default expired after 60 seconds of inactivity. This was surprising,
especially in the latter case where one is normally trying to set up
permanent flows. Even in the former case, however, we can't think of a
good reason that flows added by ovs-ofctl should expire by default. So
this commit make flows permanent by default.
Reported-by: Michael Mao <mmao@nicira.com>
Ben Pfaff [Wed, 15 Sep 2010 20:26:08 +0000 (13:26 -0700)]
Properly print drop_spoofed_arp actions when decoding OpenFlow and ODP.
Also fix formatting of unknown Nicira actions in OpenFlow.
Ben Pfaff [Wed, 15 Sep 2010 19:47:10 +0000 (12:47 -0700)]
ofp-util: Also accept NXAST_DROP_SPOOFED_ARP.
Reported-by: Bryan Fulton <bryan@nicira.com>
Reported-by: Michael Mao <mmao@nicira.com>
Bug #3655.
Justin Pettit [Wed, 15 Sep 2010 00:57:53 +0000 (17:57 -0700)]
ovsdb-tool: Remove reference to non-implemented "extract-schema" command
While useful sounding, ovsdb-tool does not actually implement a command
called "extract-schema".
Justin Pettit [Tue, 14 Sep 2010 22:10:46 +0000 (15:10 -0700)]
vswitchd: Remove duplicate "external_id" from Interface table
Ben Pfaff [Tue, 14 Sep 2010 20:32:36 +0000 (13:32 -0700)]
datapath: Increase maximum number of actions per flow.
Until now the number of actions in a flow has been limited to what fits in
a page. Each action is 8 bytes, and on 32-bit architectures there is a
12-byte header, so with 4-kB pages that limits flows to 510 actions. We
and Citrix have noticed that OVS stops working properly after about 509
VIFs are added to a bridge. According to log messages this is the reason:
at this point it is no longer possible to flood a packet to all ports.
This commit should help, by increasing the maximum number of actions in a
flow. In the long term, though, we should adopt use of port groups or
otherwise reduce the number of actions needed to flood a packet.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Bug #3573.
NIC-234.
Justin Pettit [Tue, 14 Sep 2010 15:36:55 +0000 (08:36 -0700)]
datapath: Increase default MTU on patch ports
The default MTU on patch ports was 1500, which would cause jumbo frames
to get dropped between the ends of the patch. It also dropped the MTU
of attached bridges to no more that 1500 bytes. This patch increases
the default MTU to 65535. Long term, we should eliminate MTU on patch
ports entirely.
Signed-off-by: Justin Pettit <jpettit@nicira.com>