openvswitch
12 years agoofproto-dpif: Cleanup STP on ports when disabled on their bridge.
Ethan Jackson [Sun, 19 Feb 2012 08:34:28 +0000 (00:34 -0800)]
ofproto-dpif: Cleanup STP on ports when disabled on their bridge.

When STP is enabled on a bridge, the STP module puts its ports in
an STP_LISTENING state until STP converges.  This causes all
traffic destined for these ports to be dropped.  If STP is disabled
on the bridge, but not explicitly disabled on its ports, the bridge
fails to remove the STP state from these ports.  Therefore, if a
port is in an STP_LISTENING state, it will remain in that state and
continue to drop all traffic indefinitely.  This patch fixes the
issue.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
Bug #9157.

12 years agoovs-vsctl.at: Use full name for referring to the "NetFlow" table.
Justin Pettit [Sat, 18 Feb 2012 12:11:53 +0000 (04:11 -0800)]
ovs-vsctl.at: Use full name for referring to the "NetFlow" table.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
12 years agodatapath: Increase maximum number of datapath ports.
Pravin B Shelar [Fri, 17 Feb 2012 01:12:36 +0000 (17:12 -0800)]
datapath: Increase maximum number of datapath ports.

Use hash table to store ports of datapath. Allow 64K ports per switch.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #2462

12 years agoconfigure: Try to extract kernel source directory from build Makefile.
Ben Pfaff [Thu, 16 Feb 2012 18:34:55 +0000 (10:34 -0800)]
configure: Try to extract kernel source directory from build Makefile.

OVS needs to inspect the headers in the kernel source directory at build
time.  Debian keeps moving the source directory relative to the build
directory and doesn't provide an obvious way to find the source directory,
so in the past we've used some name-based heuristics to essentially guess
where it is.

This commit introduces a new heuristic that I hope will be more reliable:
extracting the source directory from the Makefile in the build directory.
In Debian's case, it looks like the Makefile generally contains a line of
the form "MAKEARGS := -C <srcdir> O=<outdir>".  This commit extracts the
source directory from that line.

To avoid regressions this commit retains the older heuristics as fallbacks.

CC: 659685@bugs.debian.org
Reported-by: Thomas Goirand <zigo@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agovswitchd: Always configure a default queue for QoS.
Ben Pfaff [Fri, 17 Feb 2012 00:33:14 +0000 (16:33 -0800)]
vswitchd: Always configure a default queue for QoS.

When an interface has QoS configured but no default queue (queue 0), OVS
has until now installed that QoS configuration literally, which causes all
packets destined for this default queue to be dropped.  This behavior is
usually both unexpected and undesirable.

This commit changes behavior so that, when no default queue is configured,
OVS uses a default "empty" configuration for the default queue.  This
behavior should be more acceptable when QoS is slightly misconfigured.

I tested that, without this patch, configuring only queue 1 causes "tc
class show" to show only queue 1 (handle 1:2) for linux-htb and linux-hfsc,
and that with this patch it shows configurations for both queue 0 (handle
1:1) and queue 1.

Bug #5583.
Feature #7413.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agovswitchd: Remove never-implemented table and column for capabilities.
Ben Pfaff [Tue, 14 Feb 2012 23:18:32 +0000 (15:18 -0800)]
vswitchd: Remove never-implemented table and column for capabilities.

Not only have we never implemented this, no one has ever asked for it to
the best of my knowledge.

This increments the middle part of the schema version number instead of the
first part on the grounds that removing something that is unused is
unlikely to break anything.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodatapath: use eth_hw_addr_random() and reset addr_assign_type
Danny Kukawka [Wed, 15 Feb 2012 23:13:19 +0000 (15:13 -0800)]
datapath: use eth_hw_addr_random() and reset addr_assign_type

Use eth_hw_addr_random() instead of calling random_ether_addr()
to set addr_assign_type correctly to NET_ADDR_RANDOM.

Reset the state to NET_ADDR_PERM as soon as the MAC get
changed via .ndo_set_mac_address.

Signed-off-by: Danny Kukawka <danny.kukawka@bisect.de>
[jesse: add backporting to older kernels]
Signed-off-by: Jesse Gross <jesse@nicira.com>
12 years agoImplement new "fin_timeout" action and "learn" feature.
Ben Pfaff [Wed, 15 Feb 2012 18:37:03 +0000 (10:37 -0800)]
Implement new "fin_timeout" action and "learn" feature.

The "learn" action can create matching return flows.  If those have a long
timeout then it's a good idea to have a way to notice when in fact the
flows have terminated.  This new action and matching "learn" feature
provides that way.

Feature #8603.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agopackets: New function packet_get_tcp_flags(), factored out of dpif.
Ben Pfaff [Fri, 20 Jan 2012 00:55:50 +0000 (16:55 -0800)]
packets: New function packet_get_tcp_flags(), factored out of dpif.

This will acquire a new user in an upcoming commit.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoxenserver: Fix iteration of dictionary.
Dominic Curran [Wed, 15 Feb 2012 17:17:25 +0000 (17:17 +0000)]
xenserver: Fix iteration of dictionary.

Fix bug in commit 3249bb907a1dab9b0, which incorrectly assumed that
get_all_records_where() returned a list.  It in fact returns a
dictionary and the list iteratory needs to change to account for this.

Thanks to Nicira for pointing this out.

NIC-454.

Reported-by: David Tsai <dtsai@nicira.com>
Acked-by: Rob Hoes <rob.hoes@citrix.com>
Signed-off-by: Dominic Curran <dominic.curran@citrix.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodebian: Update changelog for 1.4.0-2 upload
Simon Horman [Wed, 15 Feb 2012 02:15:22 +0000 (11:15 +0900)]
debian: Update changelog for 1.4.0-2 upload

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agonetdev-linux: Factor out duplicate ifi_flags update code.
Ben Pfaff [Tue, 14 Feb 2012 21:45:28 +0000 (13:45 -0800)]
netdev-linux: Factor out duplicate ifi_flags update code.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agonetdev-linux: Use 'unsigned int's to track device flags.
Ethan Jackson [Wed, 15 Feb 2012 00:44:21 +0000 (16:44 -0800)]
netdev-linux: Use 'unsigned int's to track device flags.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agonetdev-linux: Cache flags using netlink.
Ethan Jackson [Tue, 14 Feb 2012 02:07:44 +0000 (18:07 -0800)]
netdev-linux: Cache flags using netlink.

Before this patch, every request for a 'netdev_dev''s flags
required an ioctl call.  This occurred every time
netdev_get_carrier() was called, which theoretically was very often
if there were a large number of devices.  We were already using
netlink to keep track of the IFF_RUNNING flag. This patch
generalizes the code to keep track of all flags using the same
netlink code.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agonetdev-linux: Get carrier from ioctl instead of sysfs.
Ethan Jackson [Tue, 14 Feb 2012 02:07:39 +0000 (18:07 -0800)]
netdev-linux: Get carrier from ioctl instead of sysfs.

When a netdev Linux device is created or its netlink cache is
invalidate, it needs an alternative method to update the its
carrier status.  Previous patches retrieved this information from a
sysfs file.  This patch switches to ioctl which is significantly
simpler, and likely quite a bit faster as well.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agodebian: Use provided kernel source dir instead of host kernel version.
Ben Pfaff [Tue, 14 Feb 2012 17:17:13 +0000 (09:17 -0800)]
debian: Use provided kernel source dir instead of host kernel version.

DKMS passes in an explicit variable for the kernel source directory, so we
should use that instead of `uname -r`.

CC: 659685@bugs.debian.org
Reported-by: Thomas Goirand <thomas@goirand.fr>
Tested-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agobond: Remove stale documentation.
Ethan Jackson [Mon, 13 Feb 2012 22:20:25 +0000 (14:20 -0800)]
bond: Remove stale documentation.

The process_flow() function no longer exists.  It seems safest to
remove reference to the function altogether as it's likely to
become stale again.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agodebian: Do not run "make" if "configure" fails during DKMS build.
Ben Pfaff [Mon, 13 Feb 2012 18:09:09 +0000 (10:09 -0800)]
debian: Do not run "make" if "configure" fails during DKMS build.

There is no point in trying to run "make" if "configure" failed.  The
"make" will fail too and the log will be harder to read.

CC: Thomas Goirand <zigo@debian.org>
CC: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: Clarify that tun_id will not be nonzero unless the key is nonzero
Simon Horman [Mon, 13 Feb 2012 03:31:43 +0000 (12:31 +0900)]
ovs-ofctl: Clarify that tun_id will not be nonzero unless the key is nonzero

The Open vSwtich datapath's GRE implementation does not appear to make a
distinction between no key present and a zero key present, which appears to
be consistent with the (other) Linux implementation of GRE. Make this a
little clearer in the documentation.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Jesse Gross <jesse@nicira.com>
12 years agoovs-ofctl: Remove documentation that ovs-ofctl uses TUN_ID_FROM_COOKIE
Simon Horman [Mon, 13 Feb 2012 06:15:33 +0000 (15:15 +0900)]
ovs-ofctl: Remove documentation that ovs-ofctl uses TUN_ID_FROM_COOKIE

My reading of commit b78f6b77 ("Remove support for obsolete
"tun_id_from_cookie" extension.") is that no part of Open vSwitch,
including ovs-ofctl, uses the TUN_ID_FROM_COOKIE extension any more.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodebian: Fix dependencies for openvswitch-datapath-dkms package.
Ben Pfaff [Fri, 10 Feb 2012 19:00:54 +0000 (11:00 -0800)]
debian: Fix dependencies for openvswitch-datapath-dkms package.

The OVS kernel module, like other kernel modules, does not need a working
userspace build environment, but the OVS "configure" script and makefiles
don't support a kernel-only build, so "configure" fails if libc6-dev is
not installed.

It would be better to change the "configure" script and makefiles to handle
this special case, but that was more work than I initially expected it to
be.

Bug #8606.
Reported-by: Edwin Chiu <echiu@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofp-print: Fix compiler warning.
Ethan Jackson [Thu, 9 Feb 2012 09:39:49 +0000 (01:39 -0800)]
ofp-print: Fix compiler warning.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agoxenserver: Remove openvswitch-xen.spec file.
Ethan Jackson [Thu, 9 Feb 2012 09:38:57 +0000 (01:38 -0800)]
xenserver: Remove openvswitch-xen.spec file.

This file is automatically generated by the openvswitch-xen.spec.in
file.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agovswitchd: Add "enable-async-messages" setting for controllers.
Ben Pfaff [Thu, 26 Jan 2012 22:50:41 +0000 (14:50 -0800)]
vswitchd: Add "enable-async-messages" setting for controllers.

An OpenFlow connection can start receiving asynchronous messages such as
"packet-ins" immediately at connect time.  If there is a lot of traffic on
the network then this can swamp the controller before it gets a chance to
set up an initial flow table.  This setting overrides this OpenFlow
behavior, changing it so that the connection initially enables no
asynchronous messages at all.  The controller can enable any messages that
it actually wants when it is ready for them.

Feature #7086.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto: Implement OpenFlow extension to allow control over async messages.
Ben Pfaff [Thu, 9 Feb 2012 22:06:35 +0000 (14:06 -0800)]
ofproto: Implement OpenFlow extension to allow control over async messages.

Until now, the rules that cover the asynchronous messages that Open vSwitch
sends to a controller have been ad hoc.  The new NXT_SET_ASYNC_CONFIG
message provides systematic, precise control.

Feature #7086.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: New "ofctl/barrier" unixctl command.
Ben Pfaff [Thu, 26 Jan 2012 21:41:48 +0000 (13:41 -0800)]
ovs-ofctl: New "ofctl/barrier" unixctl command.

This will be useful in upcoming unit tests for ensuring that all
asynchronous messages due to previous actions have arrived.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofp-util: New function ofputil_encode_barrier_request().
Ben Pfaff [Thu, 26 Jan 2012 21:17:12 +0000 (13:17 -0800)]
ofp-util: New function ofputil_encode_barrier_request().

This new function will acquire a new user in an upcoming commit.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: New "ofctl/set-output-file" unixctl command.
Ben Pfaff [Thu, 26 Jan 2012 23:45:34 +0000 (15:45 -0800)]
ovs-ofctl: New "ofctl/set-output-file" unixctl command.

This will be useful in unit tests, to allow switching output to a new file
during "ovs-ofctl monitor" runtime.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: New "ofctl/send" unixctl command.
Ben Pfaff [Thu, 9 Feb 2012 21:30:53 +0000 (13:30 -0800)]
ovs-ofctl: New "ofctl/send" unixctl command.

I intend to use this in upcoming unit tests.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: Add "packet-out" command.
Ben Pfaff [Thu, 26 Jan 2012 00:30:28 +0000 (16:30 -0800)]
ovs-ofctl: Add "packet-out" command.

I don't expect this to be widely useful.  An upcoming commit will add a
use in unit tests.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoAdd support for parsing and printing OFPFF_* flags.
Ben Pfaff [Wed, 25 Jan 2012 21:54:15 +0000 (13:54 -0800)]
Add support for parsing and printing OFPFF_* flags.

I intend to use OFPFF_SEND_FLOW_REM in upcoming unit tests.  I threw in
OFPFF_CHECK_OVERLAP also because it didn't cost me anything.  I omitted
parsing support for OFPFF_EMERG because we opposed its inclusion from the
start and it was removed from OpenFlow 1.2.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofp-util: Add struct ofputil_packet_out, helper functions, and use it all.
Ben Pfaff [Mon, 6 Feb 2012 22:17:49 +0000 (14:17 -0800)]
ofp-util: Add struct ofputil_packet_out, helper functions, and use it all.

This makes the ofp-util support for packet_out better match the support
that ofp-util has for other OpenFlow messages.  It also prepares for an
upcoming patch that adds a new piece of code that generates packet_out
messages.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoconnmgr: Do not persist OpenFlow settings from one session to another.
Ben Pfaff [Wed, 25 Jan 2012 23:54:22 +0000 (15:54 -0800)]
connmgr: Do not persist OpenFlow settings from one session to another.

Each OpenFlow session should begin fresh, with settings that are the
default for OpenFlow, but the connection manager was mistakenly persisting
them from one session to the next for "primary" controllers.

This is a bug, but it is a long-standing one.  I found the problem by
inspection, not through a bug report, so I do not think that it causes much
harm in practice.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: Allow priority and timeout to be specified on mod-flows.
Ben Pfaff [Mon, 6 Feb 2012 18:43:50 +0000 (10:43 -0800)]
ovs-ofctl: Allow priority and timeout to be specified on mod-flows.

These options do have an effect if the mod-flows command creates a new
flow.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoDESIGN: Document the properties of flow_mods.
Ben Pfaff [Mon, 6 Feb 2012 18:40:10 +0000 (10:40 -0800)]
DESIGN: Document the properties of flow_mods.

I'm tired of trying to figure these out all over again each time I think
about it.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto: Allow service controllers to become masters and slaves.
Ben Pfaff [Thu, 26 Jan 2012 21:19:39 +0000 (13:19 -0800)]
ofproto: Allow service controllers to become masters and slaves.

I don't remember why we disallow this.  It seems reasonable to me to enable
it.  A test in a upcoming commit relies upon the ability.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agocfm: Expose detailed fault status in the database.
Ethan Jackson [Tue, 7 Feb 2012 22:35:09 +0000 (14:35 -0800)]
cfm: Expose detailed fault status in the database.

The cfm_fault column of the database is the logical OR of a number
of reasons that CFM can be in a faulted state.  A controller may
want to have more specific information in which case it can look at
the cfm_fault_status column which this patch adds.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agoovsdb-doc: Support per-element documentation of string sets.
Ethan Jackson [Thu, 9 Feb 2012 00:26:57 +0000 (16:26 -0800)]
ovsdb-doc: Support per-element documentation of string sets.

A future patch will need to document individual elements in a set
of strings.  Without this patch the documentation generation code
fails trying to figure out what type the value of the map is.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agoidl: Generalize special case boolean exception.
Ethan Jackson [Wed, 8 Feb 2012 22:42:03 +0000 (14:42 -0800)]
idl: Generalize special case boolean exception.

Sparse doesn't like taking sizeof boolean values.  The idl had
worked around this limitation with a special case in the case of
optional booleans.  A future patch needs an array with boolean
values which the existing special case did not handle.  This patch
generalizes the special case to handle this situation as well.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agovswitch.xml: Remove trailing whitespace.
Ethan Jackson [Wed, 8 Feb 2012 02:12:01 +0000 (18:12 -0800)]
vswitch.xml: Remove trailing whitespace.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agoovsdb-client: Fix typo in manpage.
Ben Pfaff [Tue, 7 Feb 2012 23:47:23 +0000 (15:47 -0800)]
ovsdb-client: Fix typo in manpage.

"monitor" is a command, not an option.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofp-print: Fix up doubled "break;".
Ben Pfaff [Wed, 8 Feb 2012 19:23:37 +0000 (11:23 -0800)]
ofp-print: Fix up doubled "break;".

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto-dpif: Don't output to in_port even if in_port is OFPP_LOCAL.
Aaron Rosen [Wed, 8 Feb 2012 18:59:41 +0000 (10:59 -0800)]
ofproto-dpif: Don't output to in_port even if in_port is OFPP_LOCAL.

Signed-off-by: Aaron Rosen <arosen@clemson.edu>
[Ben Pfaff added the test.]
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoAdd information about time left before timeouts to flow dumps.
Ben Pfaff [Tue, 7 Feb 2012 18:13:52 +0000 (10:13 -0800)]
Add information about time left before timeouts to flow dumps.

The "learn" action is useful for MAC learning, but until now there has been
no way to find out through OpenFlow how much time remains before a MAC
learning entry (a learned flow) expires.  This commit adds that ability.

Feature #7193.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agotests: Use ofctl_strip consistently.
Ben Pfaff [Wed, 1 Feb 2012 20:45:32 +0000 (12:45 -0800)]
tests: Use ofctl_strip consistently.

The ofctl_strip shell function was introduced a little while ago.  It makes
test results easier to read, in my opinion, by removing uninteresting
bits.  This commit adopts ofctl_strip throughout the tests.

This is useful in an upcoming commit that adds additional fields that
should also be stripped to ovs-ofctl output.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto-dpif: Update last-used time of initial rule in handle_flow_miss().
Ben Pfaff [Wed, 1 Feb 2012 19:42:39 +0000 (11:42 -0800)]
ofproto-dpif: Update last-used time of initial rule in handle_flow_miss().

When handle_flow_miss() handled a packet, it failed to update the rule's
last-used time.  The change to flow_push_stats() fixes the problem.

The change to rule_execute() deletes code that becomes redundant after the
change to flow_push_stats().

A test case introduced in an upcoming commit fails without this fix.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofp-print: Merge two cases in ofp_to_string__().
Ben Pfaff [Tue, 7 Feb 2012 22:47:27 +0000 (14:47 -0800)]
ofp-print: Merge two cases in ofp_to_string__().

It looks like other cases are merged this way, so make this one consistent.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agocoverage: Time out the coverage hash suppression once a day.
Ben Pfaff [Mon, 6 Feb 2012 18:21:59 +0000 (10:21 -0800)]
coverage: Time out the coverage hash suppression once a day.

Otherwise coverage log messages will eventually get rotated out of the
system logs and never reappear (before restarting a given daemon).

Bug #1452.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoxenserver: Remove dead code from ovs-xapi-sync.
Ben Pfaff [Fri, 3 Feb 2012 23:39:59 +0000 (15:39 -0800)]
xenserver: Remove dead code from ovs-xapi-sync.

Nothing actually uses call_vsctl(), so remove it and its dependencies.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agorhel: Space separated list of DHCP interfaces in network scripts.
Gurucharan Shetty [Fri, 3 Feb 2012 20:21:30 +0000 (12:21 -0800)]
rhel: Space separated list of DHCP interfaces in network scripts.

Use space separated list of DHCP interfaces for OVSDHCPINTERFACES
instead of comma separated list. This is done to maintain
consistency with BOND_IFACES.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
12 years agodebian: Don't install Python modules for obsolete Python versions.
Ben Pfaff [Fri, 3 Feb 2012 21:30:50 +0000 (13:30 -0800)]
debian: Don't install Python modules for obsolete Python versions.

Python 2.4 is obsolete, not present in Debian squeeze or sid, so don't
install Python modules for it.

It would be better to just put the files directly into
/usr/share/pyshared/ovs/, instead of in site-packages for some specific
Python version, but this causes problems for builds on squeeze, as
documented in commit bc3aa0bf5 (debian: Make python-openvswitch packaging
work with squeeze dh_python2.):

    The dh_python2 helper in Debian squeeze has a limitation that is not
    mentioned anywhere, as far as I can tell: Python files must be in
    /usr/lib/python#.#/site-packages to be installed.  The version in Debian
    wheezy does not have the same limitation.

    This meant that building the Debian packages on squeeze silently produced
    a broken python-openvswitch package, whereas building the same thing on
    wheezy built a working package.

    This fixes the problem by putting the .py files where squeeze expects them.
    It works on wheezy too.

A before-and-after "debdiff" shows that the only significant effect of this
commit is to drop python2.4 symlinks.

CC: horms@debian.org
Reported-by: Luca Falavigna <ftpmaster@debian.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoxenserver: Simplify RPM build instructions.
Ben Pfaff [Fri, 3 Feb 2012 21:34:45 +0000 (13:34 -0800)]
xenserver: Simplify RPM build instructions.

I got tired of trying to follow them properly myself.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: Fix minor memory leaks.
Ben Pfaff [Fri, 3 Feb 2012 20:33:06 +0000 (12:33 -0800)]
ovs-ofctl: Fix minor memory leaks.

Found by valgrind.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoflow: Rename 'tp_addr' field in flow_hash_symmetric_l4().
Ethan Jackson [Fri, 3 Feb 2012 05:57:54 +0000 (21:57 -0800)]
flow: Rename 'tp_addr' field in flow_hash_symmetric_l4().

The 'tp_addr' field name is inappropriate because its not an
address, it's the transport port. Therefore tp is sufficient.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agorhel: Simplify ifup-ovs script use of "case".
Ben Pfaff [Fri, 3 Feb 2012 17:33:47 +0000 (09:33 -0800)]
rhel: Simplify ifup-ovs script use of "case".

Suggested-by: "Alexey I. Froloff" <raorn@altlinux.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: Fix typos in manpage.
Ben Pfaff [Fri, 3 Feb 2012 17:23:44 +0000 (09:23 -0800)]
ovs-ofctl: Fix typos in manpage.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodebian: Add dependency on ${misc:Depends} to openvswitch-test
Simon Horman [Fri, 3 Feb 2012 08:34:17 +0000 (17:34 +0900)]
debian: Add dependency on ${misc:Depends} to openvswitch-test

This is necessary as openvswitch-test makes use of debhelper.

As reported by lintian.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agocfm: Support high priority CCM broadcasts.
Ethan Jackson [Thu, 2 Feb 2012 23:48:13 +0000 (15:48 -0800)]
cfm: Support high priority CCM broadcasts.

Bug #9015.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agostp: Log topology change events.
Ethan Jackson [Wed, 25 Jan 2012 21:14:05 +0000 (13:14 -0800)]
stp: Log topology change events.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agocfm: Allow manual override of CFM fault status.
Ethan Jackson [Fri, 27 Jan 2012 02:58:51 +0000 (18:58 -0800)]
cfm: Allow manual override of CFM fault status.

This can be useful when testing.

Suggested-by: Reid Price <reid@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agoAdd support for bitwise matching on TCP and UDP ports.
Ben Pfaff [Sat, 28 Jan 2012 01:16:05 +0000 (17:16 -0800)]
Add support for bitwise matching on TCP and UDP ports.

Bug #8827.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agonx-match: Factor redundant code out of nx_put_match().
Ben Pfaff [Fri, 3 Feb 2012 00:44:44 +0000 (16:44 -0800)]
nx-match: Factor redundant code out of nx_put_match().

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoflow: Add a couple of missing build assertions on FLOW_WC_SEQ.
Ben Pfaff [Fri, 27 Jan 2012 23:38:53 +0000 (15:38 -0800)]
flow: Add a couple of missing build assertions on FLOW_WC_SEQ.

Every piece of code that may need to change whenever struct flow or struct
flow_wildcards changes, but might easily get overlooked, should have a
build assertion on the value of FLOW_WC_SEQ, but these functions did not.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agotests: Reduce risk of port collision and remove bash dependency.
Ben Pfaff [Fri, 3 Feb 2012 00:37:31 +0000 (16:37 -0800)]
tests: Reduce risk of port collision and remove bash dependency.

A few tests need a random TCP port on which to listen for connections.
Until now, the tests have used the $RANDOM bash extension to do this, but
this runs the risk of occasionally colliding with an in-use port.  This
commit removes the bash dependency by switching to using a small Perl
program to pick random ports and reduces the risk of collision by
attempting to bind the port that it chooses.

Reported-by: Timothy Chen <tchen@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodaemon: New function daemon_save_fd() to preserve fds across detach.
Ben Pfaff [Fri, 27 Jan 2012 17:53:17 +0000 (09:53 -0800)]
daemon: New function daemon_save_fd() to preserve fds across detach.

This eliminates a kluge that was duplicated in three different daemons.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovsdb-client: Add optional timestamps to "monitor" command output.
Ben Pfaff [Fri, 27 Jan 2012 20:48:21 +0000 (12:48 -0800)]
ovsdb-client: Add optional timestamps to "monitor" command output.

Suggestion #9347.
Suggested-by: Alan Shieh <ashieh@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovsdb-client: Improve manpage.
Ben Pfaff [Fri, 27 Jan 2012 20:46:06 +0000 (12:46 -0800)]
ovsdb-client: Improve manpage.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-xapi-sync: Always set iface-id, not just when xs-vif-uuid changes.
Ben Pfaff [Thu, 2 Feb 2012 01:18:52 +0000 (17:18 -0800)]
ovs-xapi-sync: Always set iface-id, not just when xs-vif-uuid changes.

When XAPI moves an interface from one bridge to another, the vif script
removes the vif from one bridge and adds it to (possibly) a different
bridge in a single transaction.  The new record does not have an iface-id
initially (because the vif script never adds the iface-id initially) but
it has the same name and xs-vif-uuid as the old one, so the caching logic
in ovs-xapi-sync failed to add a new iface-id.  This commit fixes the
caching logic.

Observed on XenServer 5.6.100.  It's possible that XAPI behavior changed in
later versions so the bug cannot be triggered there, but we have not
checked.

Bug #9414.
Reported-by: Duffie Cooley <dcooley@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agonicira-ext: Add size check for struct nx_role_request.
Ben Pfaff [Thu, 26 Jan 2012 20:50:45 +0000 (12:50 -0800)]
nicira-ext: Add size check for struct nx_role_request.

We try to have such a size check every protocol structure.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agotests: Run ovs-ofctl under valgrind too, with the "check-valgrind" target.
Ben Pfaff [Thu, 26 Jan 2012 22:51:19 +0000 (14:51 -0800)]
tests: Run ovs-ofctl under valgrind too, with the "check-valgrind" target.

I think that this was just an oversight.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: Update usage message.
Ben Pfaff [Wed, 25 Jan 2012 22:41:22 +0000 (14:41 -0800)]
ovs-ofctl: Update usage message.

Some commands weren't mentioned.  The "invalid_ttl" option to "monitor"
was missing.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agovswitch.xml: More readably indent one section.
Ben Pfaff [Wed, 25 Jan 2012 00:35:09 +0000 (16:35 -0800)]
vswitch.xml: More readably indent one section.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agohash: Convert macros to inline functions.
Ben Pfaff [Wed, 18 Jan 2012 19:29:57 +0000 (11:29 -0800)]
hash: Convert macros to inline functions.

I always assumed that macros would generate better code.  I was wrong.  The
generated code was identical with inline functions, with GCC version 4.4.5.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agovswitchd: Make the MAC entry aging time configurable.
Ben Pfaff [Wed, 1 Feb 2012 23:04:51 +0000 (15:04 -0800)]
vswitchd: Make the MAC entry aging time configurable.

NICS-11.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agomac-learning: Increase MAC learning timeout to 300 seconds.
Ben Pfaff [Tue, 24 Jan 2012 18:38:04 +0000 (10:38 -0800)]
mac-learning: Increase MAC learning timeout to 300 seconds.

When Cisco (and other?) routers are configured in high-availability modes,
they use two different MAC addresses.  The router uses MAC 1 only for ARP
replies.  The router uses MAC 2 for forwarding IP packets to end hosts.
When a MAC learning switch is attached to the router, therefore, it will
only learn the location of MAC 1 from ARP replies.  If the end host's ARP
cache refresh timer is longer than the switch's MAC learning timeout, then
packets to the router will be flooded from the MAC learning timeout until
the next ARP reply.

This commit fixes the problem by increasing the MAC learning timeout from
60 seconds to 300 seconds.  According to research by Sanjay Sane, this is
always sufficient, even with operating systems that use ARP timeouts
longer than 300 seconds (such as FreeBSD and Mac OS, which have 1200
seconds ARP timeouts)  because the routers that cause this problem send
unsolicited ARP replies every 180 seconds.

This issue arises in any situation where traffic between two hosts flows
only in one direction.  The explanation above describes only one special
case.

NICS-11.
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoovs-ofctl: Fix typo in manpage.
Ben Pfaff [Wed, 1 Feb 2012 21:35:23 +0000 (13:35 -0800)]
ovs-ofctl: Fix typo in manpage.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoAdd support for limiting the number of flows in an OpenFlow flow table.
Ben Pfaff [Wed, 1 Feb 2012 18:27:30 +0000 (10:27 -0800)]
Add support for limiting the number of flows in an OpenFlow flow table.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto-dpif: Track the rule being translated during flow translation.
Ben Pfaff [Thu, 19 Jan 2012 21:03:53 +0000 (13:03 -0800)]
ofproto-dpif: Track the rule being translated during flow translation.

An upcoming commit will need access to the rule being translated during
xlate_actions(), so this commit adds that feature.  The existing 'cookie'
member of struct action_xlate_ctx can be accessed through this rule, so
this commit also removes that member.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoheap: New library that implements a binary heap-based priority queue.
Ben Pfaff [Tue, 24 Jan 2012 23:07:41 +0000 (15:07 -0800)]
heap: New library that implements a binary heap-based priority queue.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto: Move 'used' from ofproto_dpif into ofproto.
Ben Pfaff [Sat, 14 Jan 2012 00:40:59 +0000 (16:40 -0800)]
ofproto: Move 'used' from ofproto_dpif into ofproto.

This will allow the upcoming flow table eviction policy code to determine
which flows will expire soon.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto: Make ofproto_rule_destroy__() do nothing for a null argument.
Ben Pfaff [Tue, 3 Jan 2012 18:16:15 +0000 (10:16 -0800)]
ofproto: Make ofproto_rule_destroy__() do nothing for a null argument.

This is our customary way to implement a "destroy" function.  It allows
a minor simplification in ofoperation_complete().

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto: Remove unnecessary assignment from ofoperation_complete().
Ben Pfaff [Tue, 3 Jan 2012 18:15:28 +0000 (10:15 -0800)]
ofproto: Remove unnecessary assignment from ofoperation_complete().

Nothing uses op->victim following this assignment, so it is not
needed.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto: Implement "hidden" and "readonly" OpenFlow tables.
Ben Pfaff [Fri, 13 Jan 2012 23:18:30 +0000 (15:18 -0800)]
ofproto: Implement "hidden" and "readonly" OpenFlow tables.

A "hidden" table is one that OpenFlow operations affect only if the
table_id is explicitly specified, that is, operations that affect
all tables ignore it.

A "read-only" table is one that OpenFlow operations are not allowed
to modify.

I intend to use these flags in an upcoming commit for implementing
tables internal to the Open vSwitch implementation.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto: Make ofproto ->construct() function initialize tables.
Ben Pfaff [Wed, 19 Oct 2011 23:40:36 +0000 (16:40 -0700)]
ofproto: Make ofproto ->construct() function initialize tables.

If the ->construct() function initializes the OpenFlow tables itself,
then it can conveniently do implementation-specific configuration of
those tables afterward.  There isn't any such configuration to do yet;
an upcoming commit will add some.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto: Encapsulate classifier tables in new "struct oftable".
Ben Pfaff [Tue, 24 Jan 2012 23:18:58 +0000 (15:18 -0800)]
ofproto: Encapsulate classifier tables in new "struct oftable".

So far, each OpenFlow table has just been a classifier.  Upcoming
commits will add more data for each OpenFlow table, so this commit
encapsulates the struct classifier in a higher-level structure
to provide a good place to keep that data.

Some of the new functions introduced in this commit are trivial, but they
will become more elaborate in upcoming commits.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agotimeval: New function time_boot_msec(), factored out of vlog.
Ben Pfaff [Thu, 12 Jan 2012 01:12:17 +0000 (17:12 -0800)]
timeval: New function time_boot_msec(), factored out of vlog.

An upcoming commit has a new use for the time at which OVS started up, so
this moves this functionality to a common location.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agometa-flow: New "subfield" data structure.
Ben Pfaff [Wed, 28 Dec 2011 20:42:14 +0000 (12:42 -0800)]
meta-flow: New "subfield" data structure.

Until now, parts of a field have been dealt with in a fairly ad-hoc way.
struct mf_subfield and the supporting functions added by this commit make
their use more systematic.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoutil: New function bitwise_zero().
Ben Pfaff [Wed, 18 Jan 2012 00:53:29 +0000 (16:53 -0800)]
util: New function bitwise_zero().

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoutil: Move bitwise_copy() here, add new bitwise functions, add a test.
Ben Pfaff [Wed, 18 Jan 2012 00:38:23 +0000 (16:38 -0800)]
util: Move bitwise_copy() here, add new bitwise functions, add a test.

bitwise_copy() is generally useful so make it a general utility function.
Also add a comment.

Upcoming commits will introduce users for the new functions.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoAdd a few 'const's.
Ben Pfaff [Tue, 31 Jan 2012 20:56:49 +0000 (12:56 -0800)]
Add a few 'const's.

These are useful hints, in these cases, that the caller retains ownership
of the passed-in packets.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodatapath: Don't dereference potentially NULL vport in patch ports.
Jesse Gross [Tue, 31 Jan 2012 22:22:25 +0000 (14:22 -0800)]
datapath: Don't dereference potentially NULL vport in patch ports.

When changing patch ports we need to update any peers pointing to us.
When destroying the port, this means pointing them to a NULL port.
However, the new namespaces code attempted to dereference this port
in order to get the namespace.  The net is already passed in, so we
can just use that instead.

Bug #9477

Reported-by: Michael Hu <mhu@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
12 years agorhel: Enable DHCP in redhat network scripts.
Gurucharan Shetty [Tue, 31 Jan 2012 04:17:53 +0000 (20:17 -0800)]
rhel: Enable DHCP in redhat network scripts.

The current network-script, ifup-ovs  does not work well if you
enable DHCP on the OVS. It will work if we name the bridge
alphabetically greater than the underlying physical interfaces.
Even then, it will do multiple DHCP attempts slowing down the boot
up process.

This patch allows DHCP on an OVS bridge.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
12 years agosflow_agent: Use snprintf() in place of sprintf().
Ben Pfaff [Tue, 31 Jan 2012 17:39:28 +0000 (09:39 -0800)]
sflow_agent: Use snprintf() in place of sprintf().

These functions use sprintf() into a 1000-byte buffer.  It appears to me
that the strings they format are either short, fixed-length strings or the
output of strerror(), neither of which should ordinarily overflow.
However, using snprintf() cannot hurt.

Launchpad bug #914160.
Reported-by: Matthias Klose <doko@ubuntu.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoSet dates for 1.4.0 release.
Justin Pettit [Tue, 31 Jan 2012 03:47:33 +0000 (19:47 -0800)]
Set dates for 1.4.0 release.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
12 years agoNEWS: Point out userspace is compatible with Linux 3.3 OVS kernel module.
Justin Pettit [Tue, 31 Jan 2012 07:07:19 +0000 (23:07 -0800)]
NEWS: Point out userspace is compatible with Linux 3.3 OVS kernel module.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
12 years agoofproto-dpif: Fix use-after-free error in handle_miss_upcalls().
Ben Pfaff [Mon, 30 Jan 2012 21:09:04 +0000 (13:09 -0800)]
ofproto-dpif: Fix use-after-free error in handle_miss_upcalls().

When handle_flow_miss() saw that subfacet did not have any actions, then
the associated packet would get freed early, in the loop that constructs
the set of batched operations.  However, there would still be a "flow_put"
operation that referenced the key that shares the same memory block as the
packet.  The memory allocator would overwrite the first few bytes of this
block, causing bizarre errors in the flow_put.

This commit changes the memory release strategy to be less error-prone, by
deferring all freeing of packets to the end of the function.  With this
change, every packet gets freed in the same place, instead of having some
packets freed in one place and other packets freed in another.

Here is the valgrind report that pinpoints the problem:

Invalid read of size 4
   at 0x4026838: memcpy (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
   by 0x80E9B52: dpif_linux_flow_to_ofpbuf (dpif-linux.c:1714)
   by 0x80E9C77: dpif_linux_operate (dpif-linux.c:883)
   by 0x80AFB5A: dpif_operate (dpif.c:994)
   by 0x809A03B: handle_upcalls (ofproto-dpif.c:2758)
   by 0x809A23A: run_fast (ofproto-dpif.c:757)
   by 0x808C04E: ofproto_run_fast (ofproto.c:963)
   by 0x806DFB6: bridge_run_fast (bridge.c:1811)
   by 0x8074B59: main (ovs-vswitchd.c:98)
 Address 0x4427948 is 80 bytes inside a block of size 2,048 free'd
   at 0x402421C: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
   by 0x80CD865: ofpbuf_delete (ofpbuf.c:187)
   by 0x80CD8AA: ofpbuf_list_delete (ofpbuf.c:531)
   by 0x8099F06: handle_upcalls (ofproto-dpif.c:2747)
   by 0x809A23A: run_fast (ofproto-dpif.c:757)
   by 0x808C04E: ofproto_run_fast (ofproto.c:963)
   by 0x806DFB6: bridge_run_fast (bridge.c:1811)
   by 0x8074B59: main (ovs-vswitchd.c:98)

Bug #9346.
Reported-by: Alan Shieh <ashieh@nicira.com>
Reported-by: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agobond: Allow users to disable rebalancing.
Ethan Jackson [Thu, 26 Jan 2012 01:41:44 +0000 (17:41 -0800)]
bond: Allow users to disable rebalancing.

Bond rebalances come with a risk of packet reordering which some
users may find unacceptable.

Requested-by: Ben Basler <bbasler@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agotable: Avoid segmentation fault when printing an empty cell in JSON format.
Ben Pfaff [Fri, 27 Jan 2012 20:37:45 +0000 (12:37 -0800)]
table: Avoid segmentation fault when printing an empty cell in JSON format.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodatapath: Add support for namespace.
Pravin B Shelar [Mon, 30 Jan 2012 14:56:54 +0000 (06:56 -0800)]
datapath: Add support for namespace.

Following patch adds support for Linux net-namespace. Now we can
have independent OVS instance in each net-ns.
Namespace support requires 2.6.32 or newer kernel as per-net-ns
genl-sock is not available in earlier kernel.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7821

12 years agovlog: Change the default timestamp structure.
Gurucharan Shetty [Fri, 27 Jan 2012 18:54:02 +0000 (10:54 -0800)]
vlog: Change the default timestamp structure.

Change the default timestamp for console and file logs to
UTC in a format that satisfies timestamp requirements in RFC 5424.

Also, add the ability for ovs-appctl to log timestamps in UTC.

Bug #9052.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>