Justin Pettit [Tue, 26 Oct 2010 00:26:44 +0000 (17:26 -0700)]
ovs-external-ids: Better handle VIFs from recently resumed VMs
XAPI doesn't provide a way to look up a VIF entry based on the name, so
we have to locate it by other methods. Previously, we were breaking up
the name into the domid and device number. Unfortunately, it can take
XAPI a few seconds to update the domid of the VM, when resuming from a
suspend. Since we have the VIF UUID, we can just look up the needed
information directly based on that.
Bug #3930
Jesse Gross [Mon, 18 Oct 2010 22:30:20 +0000 (15:30 -0700)]
datapath: Add loop detection for RT kernels.
Our normal loop detection requires disabling preemption while
packet processing takes place. On RT kernels this isn't acceptable
and interacts badly with spinlocks, so we can't use it. This
takes advantage of some extra space that is added to struct
task_struct on RT kernels (and the knowledge that we will always
have a valid task_struct) to store the loop counter for a given
thread. Since we can't make these assumptions on non-RT kernels,
we continue to use the previous method of loop detection there.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Mon, 18 Oct 2010 22:36:59 +0000 (15:36 -0700)]
datapath: #define local_bh_disable to preempt_disable on RT.
We use local_bh_disable() to mean that we don't want to get
preempted or interrupted and normally it covers both situations.
However, on RT kernels local_bh_disable() becomes a no-op because
bottom halves aren't interrupts any more. We still want the
behavior of disabling preemption so #define them to be the same
on these kernels.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Sat, 23 Oct 2010 00:25:02 +0000 (17:25 -0700)]
ovs-vsctl: Prevent double-free when retrying a transaction
Ben Pfaff [Fri, 22 Oct 2010 20:42:40 +0000 (13:42 -0700)]
vswitchd: Reset ofport columns of invalid interfaces to -1.
Until now, when ovs-vswitchd dropped interfaces because of duplicate names,
it would not write -1 to the ofport column in the OVSDB record for the
interface, which made it appear that the interface was still active (if
it had been before). This commit fixes the problem.
This commit also sets ofport to -1 for interfaces that cannot be created
for other reasons.
Ben Pfaff [Fri, 22 Oct 2010 20:29:06 +0000 (13:29 -0700)]
netdev-linux: Always check tc_make_request() for NULL return value.
Bug #3912.
Ben Pfaff [Fri, 22 Oct 2010 20:12:27 +0000 (13:12 -0700)]
netdev-linux: Remove unused data in htb_tc_load().
Ben Pfaff [Fri, 22 Oct 2010 19:52:44 +0000 (12:52 -0700)]
ovsdb-idl: Test prerequisite checking.
Ben Pfaff [Fri, 22 Oct 2010 21:46:30 +0000 (14:46 -0700)]
ovs-vsctl: Check for dirty reads within transactions.
OVSDB is transactional but it does not implement any form of locking. This
means that read-modify-write operations must verify that the values that
they read are still in place before writing. This commit adds such
checking.
Bug #2387.
Bug #3856.
Bug #3906.
Ben Pfaff [Fri, 22 Oct 2010 18:22:38 +0000 (11:22 -0700)]
ovs-vsctl: Add context pointer to struct vsctl_info.
This will be needed in upcoming commits.
Ben Pfaff [Fri, 22 Oct 2010 17:19:13 +0000 (10:19 -0700)]
vswitch: Make unique "name" columns immutable, to simplify transactions.
OVSDB has transactions but not locking, so a transaction that must
maintain an invariant must check that the starting state is what it
expects. For example, to add a bridge a client must verify that the new
bridge's name does not conflict with any existing bridge's name, given
that the set of bridges might have changed. One way to do that is for
the client to verify that that the set of bridges is the same and that none
of the bridges has been renamed to the new bridge's name. By making
bridge names immutable, the latter part of the check can be omitted.
Mirror names are not required to be unique so this commit does not make
them immutable.
CC: Jeremy Stribling <strib@nicira.com>
Ben Pfaff [Fri, 22 Oct 2010 16:58:12 +0000 (09:58 -0700)]
ovsdb: Document the "mutable" feature for columns.
This feature has been implemented in OVSDB since the beginning, but until
now it was undocumented.
Ethan Jackson [Thu, 21 Oct 2010 22:28:36 +0000 (22:28 +0000)]
netdev-linux: Make queue 0 the default QOS policy
This patch defines, by convention, queue 0 as the default queue in
a particular QOS. Thus, if queue 0 is defined, all traffic going
through the relevant interface will be enqueued in it. If queue 0
is not defined then ovs will send the traffic directly through the
interface without applying any policy to it.
Justin Pettit [Thu, 21 Oct 2010 22:37:57 +0000 (15:37 -0700)]
bridge: Log port destruction
We log when we create a port, so let's log when we destroy one for
parity.
Ben Pfaff [Thu, 21 Oct 2010 18:28:00 +0000 (11:28 -0700)]
tests: Update expected test result to match "ovsdb-client dump" changes.
Commit
06036898849 "ovsdb-client: Make "dump" print table names in default
output format too" changed the output format of "ovsdb-client dump" without
updating the tests that depended on that output format. This commit
updates the expected test results to match.
Ben Pfaff [Thu, 21 Oct 2010 17:48:56 +0000 (10:48 -0700)]
ovsdb-client: Make "dump" print table names in default output format too.
The "dump" command printed table names in CSV and HTML output formats but
they were omitted in the default tabular form. This commit corrects the
discrepancy.
Reported-by: Brad Hall <brad@nicira.com>
Ben Pfaff [Thu, 21 Oct 2010 17:40:05 +0000 (10:40 -0700)]
Fix bug in parsing large datapath IDs.
Datapath IDs are unsigned, but dpid_from_string() was parsing them as
signed integers, which caused high values to be capped at INT64_MAX.
Also, document that datapath IDs may not be all-zero.
Reported-by: Pankaj Thakkar <thakkar@nicira.com>
Reported-by: Teemu Koponen <koponen@nicira.com>
Ben Pfaff [Thu, 21 Oct 2010 16:49:12 +0000 (09:49 -0700)]
ovs-ofctl: Better document the meaning of "priority" in flow descriptions.
Reported-by: Reid Price <reid@nicira.com>
Bug #3905.
Ethan Jackson [Wed, 20 Oct 2010 19:49:12 +0000 (12:49 -0700)]
xenserver debian: Add additional tc output to bugtools
Added tc commands which show what qos policies are running on each
interface.
Justin Pettit [Tue, 19 Oct 2010 22:58:35 +0000 (15:58 -0700)]
ovs-vswitchd: Add ability to disable in-band on a bridge
In-band control is always enabled when a manager is configured. Some
applications wish to control all the flows within a bridge, and in-band
control can override that wish. Depending on how the network is
configured, this can lead to loops as the in-band control rules try to
learn where to send traffic.
This commit adds a "disable-in-band" key to the "other_config" column of
bridge tables. If set to "true", in-band will be disabled regardless of
manager or controller configuration.
Ben Pfaff [Mon, 18 Oct 2010 18:18:10 +0000 (11:18 -0700)]
datapath: Simplify ODPAT_SET_DL_TCI action.
There's no need to have a mask in this action, because both parts of the
TCI are part of the flow structure.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Justin Pettit [Mon, 18 Oct 2010 05:43:14 +0000 (22:43 -0700)]
ovs-monitor-ipsec: Add ability to traverse NATs
Stable versions of ipsec-tools have a bug that prevents our using
transport mode through a NAT box. Even though the bug has been fixed
for years, it is only available in the 0.8 alpha release of ipsec-tools.
This commit modifies our configuration to allow NAT traversal with that
version of ipsec-tools.
NB: An official package for this version of ipsec-tools is not yet
available on Debian, so we're requiring a custom version number.
Sajjad Lateef [Fri, 15 Oct 2010 20:41:46 +0000 (13:41 -0700)]
Create /etc/openvswitch dir when package is installed.
Earlier, the /etc/openvswitch directory would get installed as part of
the init script's start sequence. However, as newer packages are added,
including some that create files in this directory during their init
script sequences, a race condition may occur.
This change ensures that the directory /etc/openvswitch is created even
before the init scripts execute. Thus, the race condition is avoided.
Ethan Jackson [Thu, 14 Oct 2010 22:59:11 +0000 (22:59 +0000)]
lib: Remove warnings in daemon.c
On some platforms compilation of daemon.c results in implicit
declaration of function fstat and stat warnings.
Ben Pfaff [Thu, 14 Oct 2010 22:13:33 +0000 (15:13 -0700)]
stream-ssl: Avoid warning with recent OpenSSL.
Reported-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Wed, 13 Oct 2010 22:12:12 +0000 (22:12 +0000)]
vswitchd: Bubble no-flood configuration up to bridge
When bridge.c decides to flood a packet as the result of a "normal"
flow action, it now checks whether each port is configured to
receive flood packets.
Bug #3741
Ben Pfaff [Thu, 14 Oct 2010 16:44:26 +0000 (09:44 -0700)]
docs: Make it clear that ovs-openflowd is an alternative to ovs-vswitchd.
Suggested-by: Vishal Swarankar <vishal.swarnkar@gmail.com>
Ben Pfaff [Thu, 14 Oct 2010 00:11:56 +0000 (17:11 -0700)]
ofproto: Fix implementation of OFPP_FLOOD.
Commit
f1588b1fa1 "datapath: Remove implementation of port groups" removed
a "break" statement accidentally, which caused OFPP_FLOOD to send duplicate
packets and to ignore OFPPC_NO_FLOOD.
Simon Horman [Wed, 13 Oct 2010 22:18:20 +0000 (07:18 +0900)]
debian: Make the init script's start command idempotent
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Wed, 13 Oct 2010 07:14:31 +0000 (00:14 -0700)]
netdev-vport: Actually destroy the vport when "destroy" is called
Commit 2b9d65 (netdev-vport: Merge in netdev-patch and netdev-tunnel.)
refactored the common parts of the netdev-patch and netdev-tunnel
sources into netdev-vport. During the refactoring, the "destroy" method
didn't inherit the netdev_vport_do_ioctl(ODP_VPORT_DEL, ...) call, which
is needed to actually destroy the device in the kernel. This commit
fixes that.
Bug #3267
Justin Pettit [Tue, 12 Oct 2010 18:24:04 +0000 (11:24 -0700)]
netflow: Back-out optimization that could lead to infinite loop
Commit 924282 (netflow: Do 64-bit division less often.) attempted to
remove the 64-bit division used to break flow records with large byte
counts into multiple NetFlow records. The calculation to determine the
number of records was incorrect and should have shifted "byte_delta" by
31 instead of 32. This commit reverts the change (while keeping commit
f22a24 (netflow: Avoid (theoretically) looping 2**32 times.) ), since
the logic is more straight-forward than the optimized version.
Bug #3813
Justin Pettit [Tue, 12 Oct 2010 07:01:37 +0000 (00:01 -0700)]
ofproto: Update flow context for resubmit on VLAN actions
Any modifications that happen to the packet are supposed to be reflected
in the flow context for a resubmitted lookup. Commit 26233b (datapath:
Combine dl_vlan and dl_vlan_pcp.) broke this for OFPAT_SET_VLAN_VID and
OFPAT_SET_VLAN_PCP. This corrects that behavior.
Bug #3808 (2/2)
Justin Pettit [Tue, 12 Oct 2010 06:50:36 +0000 (23:50 -0700)]
odp-util: Remove extraneous "set_tci(" from format_odp_action()
The function format_odp_action(), which is used to format the output of
"ovs-dpctl dump-flows", printed "set_tci(" before printing a correct
"set_tci" with actual parameters.
Bug #3808 (1/2)
Ethan Jackson [Fri, 8 Oct 2010 22:15:26 +0000 (22:15 +0000)]
lib: ofp-parse segfaults if required argument isn't specified
Running ovs-ofctl add-flow br0 "in_port=3 actions=resubmit" would
segfault instead of reporting an error.
Ben Pfaff [Mon, 11 Oct 2010 21:05:37 +0000 (14:05 -0700)]
datapath: Fix build break in compat_query_flows().
Commit
a01ef04ce "datapath: Drop padding from struct odp_flow_key" removed
the "reserved" member from struct odp_flow_key but overlooked uses of that
member from 64-bit compatibility code. This commit fixes up the problem.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 11 Oct 2010 21:04:10 +0000 (14:04 -0700)]
datapath: Fix typo in 64-bit compat header.
Commit
f1588b1f "datapath: Remove implementation of port groups" added a
spurious "V" in the odp-compat.h header. I failed to test-build that
commit on a 64-bit system and thus this broke the build on x86-64 and other
64-bit systems.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Hao Zheng [Fri, 8 Oct 2010 23:26:15 +0000 (16:26 -0700)]
datapath: fix flow used time stats
This commit fixes a problem where datapath flow used stats can report
incorrent value, thus may result in flow expirations being incorrect.
This happens when a kernel jiffies rollover occurs between the last time
a flow is hit and the flow stats is queried.
Acked-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Hao Zheng <hzheng@nicira.com>
Ben Pfaff [Fri, 10 Sep 2010 18:16:31 +0000 (11:16 -0700)]
datapath: Always use GFP_ATOMIC to execute actions.
These functions run 99% of the time in atomic context and the benefit of
passing along the 'gfp' argument for the other 1% doesn't seem to outweigh
the cost.
Suggested-by: Stephen Hemminger <shemminger@vyatta.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 10 Sep 2010 18:18:53 +0000 (11:18 -0700)]
datapath: Drop padding from struct odp_flow_key.
Breaking this out as a separate commit should make it easier to see what
needs to change later, if we need to reintroduce padding at some point.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Fri, 8 Oct 2010 23:26:21 +0000 (16:26 -0700)]
datapath: Combine dl_vlan and dl_vlan_pcp.
This allows eliminating padding from odp_flow_key, although actually doing
that is postponed until the next commit.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Fri, 3 Sep 2010 18:30:02 +0000 (11:30 -0700)]
flow: Get rid of flow_t typedef.
When userspace and the kernel were using the same structure for flows,
flow_t was a useful way to indicate that a structure was really a userspace
flow instead of a kernel one, but now it's better to just write "struct
flow" for consistency, since OVS doesn't use typedefs for structs
elsewhere.
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 11 Oct 2010 20:31:35 +0000 (13:31 -0700)]
flow: Separate "flow_t" from "struct odp_flow_key".
The "struct odp_flow_key" used in the kernel datapath is conceptually
separate from the "flow_t" used in userspace, but until now we have
used the latter as a typedef for the former for convenience. This commit
separates them. This makes it possible in upcoming commits to change
them independently.
This is cross-ported from the "wdp" branch, which has had it for months.
Ben Pfaff [Fri, 8 Oct 2010 23:36:13 +0000 (16:36 -0700)]
datapath: Remove implementation of port groups.
The "port group" concept seems like a good one, but it has not been
used very much in userspace so far, so before we commit ourselves to
a frozen API that we must maintain forever, remove it. We can always
add it back in later as a new kind of vport.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 6 Oct 2010 22:35:53 +0000 (15:35 -0700)]
netdev-vport: Merge in netdev-patch and netdev-tunnel.
The only real difference between netdev-patch and netdev-tunnel is in their
parse_config() implementation. That's a lot of extra code to maintain, for
questionable benefit. This commit merges them into the netdev-vport code,
which was heretofore merely a collection of helper functions.
Ben Pfaff [Fri, 1 Oct 2010 22:59:56 +0000 (15:59 -0700)]
ofproto: Get rid of port_changed_cb.
Jesse pointed out that port_changed_cb isn't a great interface. It's only
around because, earlier, we had a lousy interface for monitoring netdev
status, so that we needed to pass along information obtained by ofproto
into the bridge. But netdev_monitor is now sufficiently sophisticated that
the bridge can set up an independent netdev_monitor without any important
loss of efficiency. Since this makes the code cleaner, this commit does
so.
Ben Pfaff [Tue, 28 Sep 2010 18:57:40 +0000 (11:57 -0700)]
vswitchd: Better tolerate changes in datapath ports.
Until now, a command that removed and added ports in a single change to
the database, e.g.:
ovs-vsctl del-port br0 vif1.0 -- add-port br0 vif2.0
typically failed, because of this sequence of events:
1. Bridge code removes vif1.0 from br0.
2. Bridge code adds vif2.0 to br0.
3. ofproto_run() receives kernel notification that vif1.0 was deleted, so
it notifies the bridge by calling back to bridge_port_changed_ofhook_cb,
which sees that it has an interface with the specified port number, and
deletes it. Oops--this is where the problem occurs. For completeness:
4. ofproto_run() receives kernel notification that vif2.0 was added, so
it notifies the bridge by calling back to ,
which sees that it has no interface with the specified port number, and
does nothing.
This commit fixes the problem by making bridge_port_changed_ofhook_cb() not
care about ports being dropped. This is a corner case that we shouldn't
work too hard to care about, since it can only happen if an administrator
is meddling with datapaths using ovs-dpctl, and the consequences are simply
that packets directed to that device will take longer to be rerouted to
another device (it will take a while for the MAC learning table to time out
the entry). Basically, the admin gets what he deserves.
Thanks to Jesse Gross for identifying the problem.
Bug #3671.
Ben Pfaff [Tue, 28 Sep 2010 18:25:47 +0000 (11:25 -0700)]
vswitchd: Only try to open netdev once.
The previous commit arranged to always open the netdev for bridge ports
within the loop that adds new ports to datapaths. So now the additional
attempt to open them within the following loop is superfluous and
presumably will always fail. This commit drops it and merges two
iterations through bridge ports into a single one, since the first is now
trivial.
Ben Pfaff [Mon, 11 Oct 2010 17:28:28 +0000 (10:28 -0700)]
vswitchd: Support changing the type of a bridge port.
Until now, if the type of a bridge port changed in the database, then
ovs-vswitchd would report an error and keep it the same type. This commit
changes the behavior to something more reasonable: the old datapath port is
deleted and replaced by a new datapath port of the correct type.
Ben Pfaff [Mon, 11 Oct 2010 17:13:33 +0000 (10:13 -0700)]
vswitchd: Make type of interface easier to determine.
Suggested-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 27 Sep 2010 18:39:41 +0000 (11:39 -0700)]
vswitchd: Create all interfaces at the same time.
It seems inconsistent to create some early, some late. I hope that
this helps to clarify what is happening.
Ben Pfaff [Mon, 27 Sep 2010 20:15:19 +0000 (13:15 -0700)]
vswitchd: Break set_up_iface() into two different functions.
set_up_iface() had two only loosely related purposes. It's cleaner to use
two separate functions.
Ben Pfaff [Mon, 27 Sep 2010 18:09:19 +0000 (11:09 -0700)]
vswitchd: Drop redundant 'iface_cfg' parameter to set_up_iface().
iface_cfg is also available as iface->cfg, so there's no benefit in also
passing it as a separate parameter.
Also, get rid of the one-liner reconfigure_iface() function that wasn't
helping with anything.
Jesse Gross [Wed, 6 Oct 2010 02:14:21 +0000 (19:14 -0700)]
tunneling: Internal dev vport can be NULL.
Commit 4bee42 "tunnel: Correctly check for internal device." fixed
the call to internal_dev_get_vport() by first checking that the
device is in fact an internal device. However, it also accidentally
removed the check ensuring that the vport itself was not NULL. This
adds that check back by redoing the previous change in a more robust
manner.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Fri, 8 Oct 2010 21:18:28 +0000 (14:18 -0700)]
netdev: Enforce a floor "linux-htb" min-rate
Justin Pettit [Fri, 8 Oct 2010 20:50:16 +0000 (13:50 -0700)]
netdev: Don't divide by zero when "linux-htb" zero min-rate is used
A "min-rate" of zero for the "linux-htb" QoS type would cause a divide
by zero exception. This patch prevents that by just returning zero. A
later patch will try to enforce reasonable values for "min-rate".
Bug #3745
Justin Pettit [Fri, 8 Oct 2010 06:30:06 +0000 (23:30 -0700)]
classifier: Add missing argument in CLASSIFIER_FOR_EACH_EXACT_RULE_SAFE
The CLASSIFIER_FOR_EACH_EXACT_RULE_SAFE macro was missing its "MEMBER"
argument. It doesn't currently cause any problems because no one uses
the macro.
Justin Pettit [Fri, 8 Oct 2010 06:51:02 +0000 (23:51 -0700)]
ovs-openflowd: Don't segfault when no controllers specified
If no controllers are specified on the command-line, ovs-openflowd adds
a couple of its own. The code that accounts for the controllers
correctly allocated space for them, but used the command-line count to
determine how many to set. This led to a segfault when later code tried
to dereference them.
Reported-by: Derek Cormier <derek.cormier@lab.ntt.co.jp>
Ben Pfaff [Thu, 7 Oct 2010 23:44:32 +0000 (16:44 -0700)]
ofproto: Drop flows from datapath more quickly under heavy load.
In normal operation it makes sense to keep track of all of the flows that
have been seen recently and to cache all of them in the kernel. Under
unusual conditions, such as those caused by network scanning tools or by an
actual targeted DoS attack against the vswitch, the number of flows can
explode to extremely high numbers (hundreds of thousands or more). In such
a situation the vswitch needs to guard against memory exhaustion by
expiring flows more quickly and more often. This commit implements an
inexpensive technique for determining which flows should be dropped in such
a situation.
Ben Pfaff [Thu, 7 Oct 2010 17:36:02 +0000 (10:36 -0700)]
classifier: Introduce macros for iterating exact-match flows.
This special case of iterating through flows is easier and presumably
faster to implement using a macro.
Ben Pfaff [Wed, 29 Sep 2010 20:04:03 +0000 (13:04 -0700)]
ofproto: Iterate through exact-match rules first during expiration.
A wildcarded flow is idle only if all of its subrules have expired because
they were idle, so unless we expire exact-match rules first it is possible
that a wildcarded flow fails to expire as soon as it should.
(The current implementation of classifier_for_each() iterates through
exact-match rules before wildcarded rules, but nothing in the interface
guarantees that.)
Ben Pfaff [Wed, 29 Sep 2010 19:54:05 +0000 (12:54 -0700)]
ofproto: Drop unneeded poll_immediate_wake().
This poll_immediate_wake() is unnecessary because netflow_run() is always
called afterward within the same poll loop. It's better to delete it, to
avoid wasting CPU.
Ben Pfaff [Thu, 30 Sep 2010 17:13:47 +0000 (10:13 -0700)]
ofproto: Fix effective memory leak for uninstallable flows.
In one or two corner cases, flows cannot be installed because every packet
in the flow must be processed by userspace. The code to expire rules was
ignoring these uninstallable rules, and thus they would never get freed,
even after they became idle. This commit fixes the problem.
Ben Pfaff [Thu, 7 Oct 2010 17:08:21 +0000 (10:08 -0700)]
ofproto: Factor conditional out of loop in send_flow_removed().
Ben Pfaff [Wed, 6 Oct 2010 21:39:56 +0000 (14:39 -0700)]
ofproto: Group functions related to flow expiration together.
This should be a purely stylistic change, with no effect on behavior.
This commit changes the callback pointer passed to the
classifier_for_each() from a pointer to an ofproto to a pointer to a
structure that includes an ofproto. Future commits planned will add
more members to this new structure.
Ben Pfaff [Wed, 6 Oct 2010 21:21:47 +0000 (14:21 -0700)]
ofproto: Avoid wasting memory malloc()'ing empty action sets for subrules.
GNU libc treats malloc(0) as malloc(1). Subrules always have an n_actions
of 0, so this code was wasting time and memory for subrules. This commit
stops doing that.
Also audits and fixes some very pedantic potential problems with null
pointers; e.g. the C standard says that NULL may not be compared with the
< operator, even if both arguments are null, and it also says that a null
pointer may not be passed to memcpy() or memcmp(), even if the length is
zero.
Ben Pfaff [Fri, 24 Sep 2010 17:54:42 +0000 (10:54 -0700)]
netdev: Pass class structure, instead of type, to "create" function.
This opens up the possibility of storing private data at a relative offset
to the class structure, instead of having to keep a separate table.
Ben Pfaff [Fri, 24 Sep 2010 17:55:57 +0000 (10:55 -0700)]
netdev-vport: Fix typo in comment.
Must have been a stray s/gre/patch/ in this file's history.
Jesse Gross [Wed, 6 Oct 2010 01:09:00 +0000 (18:09 -0700)]
datapath: Force our include directory to be first.
XenServer puts our header files in the standard system search path
by default. This is normally OK, except when we introduce new things
which aren't in those headers. Since the system picks up the older files
first this leads to undefined sysmbols.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ethan Jackson [Fri, 1 Oct 2010 02:29:27 +0000 (02:29 +0000)]
xenserver: ovs-external-ids log to file instead of syslog
ovs-external-ids was crashing on startup because it was brought up
before /dev/log exists. The simplest solution to this problem is
to have it log to /var/log/openvswitch/ovs-external-ids.log . This
is consistent with vswitchd and ovsdb-server.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Jesse Gross [Sat, 2 Oct 2010 02:21:08 +0000 (19:21 -0700)]
tunnel: Correctly check for internal device.
With header caching we check to see if the next device in the stack
is an OVS device and, if so, cache that flow as well. However, the
test for this called internal_dev_get_vport() assuming that it would
return NULL if the device is not an internal device. It doesn't,
however, it just returns the offset from the device where the vport
data structure would be if it were an internal device. This changes
it to explicitly check for an internal device first to avoid a panic.
Bug #3470
Reported-by: Ram Jothikumar <rjothikumar@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Justin Pettit <jpettit@nicira.com>
Justin Pettit [Sat, 2 Oct 2010 07:27:23 +0000 (00:27 -0700)]
Add Nicira extension for modifying queue without transmitting
The OpenFlow OFPAT_ENQUEUE action sets a queue id and outputs the packet
in one shot. There are times in which the queue should be set, but the
output port is not yet known. This commit adds the NXAST_SET_QUEUE and
NXAST_POP_QUEUE Nicira extension actions to modify the queue
configuration without requiring a port argument.
CC: Jeremy Stribling <strib@nicira.com>
CC: Keith Amidon <keith@nicira.com>
Ben Pfaff [Wed, 1 Sep 2010 19:45:24 +0000 (12:45 -0700)]
netflow: Avoid (theoretically) looping 2**32 times.
If the netflow byte counter is UINT64_MAX, or at any rate much larger than
UINT32_MAX, netflow_expire() could loop for a very long time. This commit
avoids that case.
This is only a theoretical bug fix. I don't know of any actual bug that
would cause a counter to be that high.
Ben Pfaff [Wed, 1 Sep 2010 19:43:11 +0000 (12:43 -0700)]
netflow: Do 64-bit division less often.
64-bit division is expensive. Usually we can avoid it entirely, as done by
this patch.
Ben Pfaff [Thu, 26 Aug 2010 21:53:04 +0000 (14:53 -0700)]
INSTALL.Linux: Describe how to upgrade the Open vSwitch database.
Suggested-by: Parham Kiani <pkiani@essex.ac.uk>
Ben Pfaff [Fri, 1 Oct 2010 20:41:40 +0000 (13:41 -0700)]
ovs-controller: Improve QoS abilities.
This makes it a little easier to test Open vSwitch QoS features using
ovs-controller, by making it possible to assign queues on the basis of
input port, instead of just allowing a single queue for a whole switch.
CC: Michael Mao <mmao@nicira.com>
Ben Pfaff [Thu, 23 Sep 2010 21:12:09 +0000 (14:12 -0700)]
learning-switch: Introduce struct for configuration.
This should make extensions easier.
Ben Pfaff [Thu, 23 Sep 2010 21:08:13 +0000 (14:08 -0700)]
ovs-controller: Make --with-flows read the file only once, at startup.
A couple of people have reported that ovs-controller --with-flows is
confusing. This seems to be because it doesn't read the file with the
flows until the first connection from a switch. Then, if the file has a
syntax error, it exits.
This commit changes the behavior so that it reads the file immediately at
startup instead.
Ben Pfaff [Fri, 1 Oct 2010 20:08:14 +0000 (13:08 -0700)]
ofp-parse: Add test.
Ben Pfaff [Fri, 1 Oct 2010 20:05:59 +0000 (13:05 -0700)]
ofp-print: Make output easier to read.
Ben Pfaff [Thu, 23 Sep 2010 20:19:49 +0000 (13:19 -0700)]
ofp-parse: Factor out duplicated code into new functions.
Ben Pfaff [Fri, 1 Oct 2010 20:05:23 +0000 (13:05 -0700)]
ofp-parse: Properly byteswap in_port.
Ben Pfaff [Thu, 16 Sep 2010 22:41:14 +0000 (15:41 -0700)]
ofproto: Only dump queue statistics if the queue really exists.
Without this commit, "ovs-ofctl queue-stats br0 ALL 1" will print something
like the following if port 3 has queue 1 but none of the other ports do:
stats_reply (xid=0x7b378): flags=none type=5(queue)
4 queues
port 0 queue 1: bytes=?, pkts=?, errors=?
port 1 queue 1: bytes=?, pkts=?, errors=?
port 2 queue 1: bytes=?, pkts=?, errors=?
port 3 queue 1: bytes=0, pkts=0, errors=0
With this commit, it will print the following instead, which seems more
useful:
stats_reply (xid=0x3ada1): flags=none type=5(queue)
1 queues
port 3 queue 1: bytes=0, pkts=0, errors=0
Ben Pfaff [Thu, 16 Sep 2010 22:38:10 +0000 (15:38 -0700)]
netdev-linux: Fix off-by-one error dumping queue stats.
Linux kernel queue numbers are one greater than OpenFlow queue numbers, for
HTB anyhow. The code to dump queues wasn't compensating for this, so this
commit fixes it up.
Ben Pfaff [Thu, 16 Sep 2010 22:36:57 +0000 (15:36 -0700)]
ovs-ofctl: Add "queue-stats" command to print queue stats.
Ben Pfaff [Fri, 17 Sep 2010 17:33:10 +0000 (10:33 -0700)]
Switch many macros from using CONTAINER_OF to using OBJECT_CONTAINING.
These macros require one fewer argument by switching, which makes code
that uses them shorter and more readable.
Ben Pfaff [Mon, 19 Jul 2010 20:46:52 +0000 (13:46 -0700)]
util: New macro OBJECT_CONTAINING.
This macro is a variant on CONTAINER_OF that takes an object pointer
instead of a type name as its second argument. In the following commit
this will simplify many users of CONTAINER_OF.
Ben Pfaff [Mon, 19 Jul 2010 19:57:22 +0000 (12:57 -0700)]
ofproto: Use hash table instead of sparse array for ofports.
The main advantage of a sparse array over a hash table is that it can be
iterated in numerical order. But the OVS implementation of sparse arrays
is quite expensive in terms of memory: on a 32-bit system, a sparse array
with exactly 1 nonnull element has 512 bytes of overhead. In this case,
the sparse array's property of iteration in numerical order is not
important, so this commit converts it to a hash table to save memory.
Ben Pfaff [Mon, 19 Jul 2010 18:43:05 +0000 (11:43 -0700)]
sflow: Use hash table instead of sparse array for sflow ports.
The main advantage of a sparse array over a hash table is that it can be
iterated in numerical order. But the OVS implementation of sparse arrays
is quite expensive in terms of memory: on a 32-bit system, a sparse array
with exactly 1 nonnull element has 512 bytes of overhead. In this case,
the sparse array's property of iteration in numerical order is not
important, so this commit converts it to a hash table to save memory.
Ben Pfaff [Mon, 19 Jul 2010 18:23:05 +0000 (11:23 -0700)]
bridge: Use hash table instead of sparse array for bridge ports.
The main advantage of a sparse array over a hash table is that it can be
iterated in numerical order. But the OVS implementation of sparse arrays
is quite expensive in terms of memory: on a 32-bit system, a sparse array
with exactly 1 nonnull element has 512 bytes of overhead. In this case,
the sparse array's property of iteration in numerical order is not
important, so this commit converts it to a hash table to save memory.
Ben Pfaff [Mon, 19 Jul 2010 18:22:10 +0000 (11:22 -0700)]
hmap: New function hmap_clear().
Ben Pfaff [Mon, 19 Jul 2010 18:21:59 +0000 (11:21 -0700)]
netdev-linux: Use hash table instead of sparse array for QoS classes.
The main advantage of a sparse array over a hash table is that it can be
iterated in numerical order. But the OVS implementation of sparse arrays
is quite expensive in terms of memory: on a 32-bit system, a sparse array
with exactly 1 nonnull element has 512 bytes of overhead. In this case,
the sparse array's property of iteration in numerical order is not
important, so this commit converts it to a hash table to save memory.
Ben Pfaff [Wed, 1 Sep 2010 20:42:33 +0000 (13:42 -0700)]
ovs-vsctl: Reduce log level for "Called as..." for read-only invocations.
When ovs-vsctl is not actually going to modify the database, it is less
interesting in the log, so we might as well only log it at "debug" level.
Suggested-by: Neil McKee <neil.mckee@inmon.com>
Ben Pfaff [Wed, 1 Sep 2010 20:41:09 +0000 (13:41 -0700)]
ovs-vsctl: Factor out and optimize searching for a command by name.
The following commit will introduce a new function that wants to do this
a lot, so we might as well do it efficiently.
Ethan Jackson [Tue, 28 Sep 2010 18:58:00 +0000 (11:58 -0700)]
debian: openvswitch-common ethtool should not be required
The ethtool package is only used to help ovs-bugtool create bug
reports and does not prevent the script from running if it's
missing. Making it a requirement for installation is a bit
draconian.
Justin Pettit [Tue, 28 Sep 2010 01:48:25 +0000 (18:48 -0700)]
debian: Restart ovs-monitor-ipsec when --monitor specified
The OVS Python daemon library will restart a process when started with
"--monitor" that exits with RESTART_EXIT_CODE. Have ovs-monitor-ipsec
exit with this code when an uncaught exception occurs.
Justin Pettit [Tue, 28 Sep 2010 01:33:56 +0000 (18:33 -0700)]
debian: Create ovs-monitor-ipsec rundir if it doesn't exist
Reported-by: Sajjad Lateef <slateef@nicira.com>
Ethan Jackson [Thu, 23 Sep 2010 06:45:58 +0000 (23:45 -0700)]
debian: Added a manpage for ovs-bugtool
Added a manpage for the ovs-bugtool script.
Ethan Jackson [Thu, 23 Sep 2010 04:59:02 +0000 (21:59 -0700)]
tests: Test that children restart with special exit code
Added a test which checks that the python daemon code properly
restarts child processes which exit with RESTART_EXIT_CODE.
Ethan Jackson [Thu, 23 Sep 2010 05:48:42 +0000 (22:48 -0700)]
tests: Remove trailing whitespace from python daemon tests
Removes the trailing whitespace from the testing code related to
daemonizing in Python.
Ethan Jackson [Wed, 22 Sep 2010 19:40:39 +0000 (12:40 -0700)]
xenserver: monitor-external-ids should run with --monitor
The init script starts monitor-external-ids with --monitor when
configured to do so. Also made changes to guarantee that --monitor
actually restarts ovs-external-ids.
Signed-off-by: Ethan Jackson <ethan@nicira.com>