Ethan Jackson [Wed, 21 Dec 2011 19:19:28 +0000 (11:19 -0800)]
dpif-netdev: Fix UDP checksum calculation.
dpif-netdev incorrectly calculated the UDP checksum when modifying
source and destination ports.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Wed, 21 Dec 2011 19:01:45 +0000 (11:01 -0800)]
NEWS: Fix typo in entry for 1.3.0.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ansis Atteka [Wed, 21 Dec 2011 17:59:16 +0000 (09:59 -0800)]
vswitchd: fix "implicit declaration of function" build warning.
Included stream.h header file for connmgr.c and bridge.c files.
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Reported-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 21 Dec 2011 00:50:17 +0000 (16:50 -0800)]
vswitchd: Document what changes to the database flush the flow table.
Requested-by: Hao Zheng <hzheng@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 21 Dec 2011 00:48:40 +0000 (16:48 -0800)]
Add release date for 1.3.0.
This made it into branch-1.3 but not master.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ansis Atteka [Mon, 19 Dec 2011 20:43:34 +0000 (12:43 -0800)]
vswitchd: In-band rules for Controller are missing after executing force-reload-kmod command
In current implementation vswitchd adds Controller in-band rules only if
there is a route in kernel routing table that might route traffic to the
Controller. But, when executing force-reload-kmod command, network
configuration (e.g. assigned IP addresses, routes) are flushed away,
hence Controller in-band rules are not added.
This commit fixes this limitation and allows vswitchd to add Controller
in-band rules even if there are no routes in the kernel routing table.
Issue: #8625
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Ethan Jackson [Mon, 19 Dec 2011 23:44:57 +0000 (15:44 -0800)]
tests: Update gitignore to include test-netflow.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Mon, 19 Dec 2011 22:46:16 +0000 (14:46 -0800)]
netflow: Add basic unit tests.
These tests would have caught the flow statistics bug introduced by commit
501f8d1fd75 (ofproto-dpif: Batch interacting with the dpif on flow miss
operations.)
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 19 Dec 2011 22:18:00 +0000 (14:18 -0800)]
netflow: Move packet definitions to header file.
An upcoming commit will introduce code outside of ofproto/netflow.c that
works with NetFlow packets, so we need the protocol definitions in a common
location.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 8 Dec 2011 21:22:50 +0000 (13:22 -0800)]
tests: Add expected output parameter to OVS_VSWITCHD_START.
It's convenient to pass commands for ovs-vsctl directly to
OVS_VSWITCHD_START, but until now those commands could have no output
because that would cause a test failure. This commit adds an optional
argument to supply ovs-vsctl expected output, and adjusts some test
cases to use it instead of calling ovs-vsctl a second time.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 8 Dec 2011 20:45:18 +0000 (12:45 -0800)]
tests: Update ovs-vswitchd log messages to ignore.
Commit
579a77e024 (tests: Allow unit tests to run as root.) means that
ovs-vswitchd doesn't output either of these log messages anymore when
the unit tests run, so there's no need to ignore them anymore.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 19 Dec 2011 22:45:23 +0000 (14:45 -0800)]
flow: Make flow_compose() fake packets slightly more realistic.
This makes flow_extract() happier with TCP packets that this function
produces.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 7 Dec 2011 21:15:54 +0000 (13:15 -0800)]
timeval: Add ability to fast-forward time, for unit testing.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 19 Dec 2011 22:28:42 +0000 (14:28 -0800)]
poll-loop: Track the poll timeout as an absolute, not a relative time.
This is a necessary prerequisite for allowing time to be "fast forwarded"
in unit tests, to keep tests that depend on the passage of time from
running in real time. Without this change, a code sequence like this:
poll_timer_wait(1000);
...fast forward time 5 seconds...
poll_block();
would still sleep for a second, because the poll_loop module would still
have a relative timeout of 1000 ms.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 6 Dec 2011 22:22:27 +0000 (14:22 -0800)]
netdev-dummy: Allow injecting traffic.
This paves the way to allow unit tests to test the whole switch
on an end-to-end basis.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 6 Dec 2011 22:09:10 +0000 (14:09 -0800)]
packets: New function eth_from_hex().
An upcoming commit will add another user.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 2 Dec 2011 23:29:19 +0000 (15:29 -0800)]
unixctl: Implement quoting.
The protocol used by ovs-appctl has a long-standing bug that there
is no way to distinguish "ovs-appctl a b c" from "ovs-appctl 'a b c'".
This isn't a big deal because none of the current commands really
want to accept arguments that include spaces, but it's kind of a silly
limitation.
At the same time, the internal API is awkward because every user is
stuck doing its own argument parsing, which is no fun.
This commit fixes both problems, by adding shell-like quoting to the
protocol and modifying the internal API from one that passes a string
to one that passes in an array of pre-parsed strings. Command
implementations may now specify how many arguments they expect. This
simplifies some command implementations significantly.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 6 Dec 2011 23:57:15 +0000 (15:57 -0800)]
socket-util: Don't try to listen to a UDP socket.
The "listen" system call doesn't work and isn't necessary for UDP, but
inet_open_passive() would still try to call it (and fail).
This doesn't fix a real bug because the two existing callers both use
inet_open_passive() to listen for TCP connections.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 2 Dec 2011 23:22:20 +0000 (15:22 -0800)]
netdev-linux: Report error for truncated packets on receive.
Found by inspection.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 6 Dec 2011 22:22:00 +0000 (14:22 -0800)]
netdev-linux: Translate errno value to name in log message.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 8 Dec 2011 20:40:01 +0000 (12:40 -0800)]
ofproto-dpif: Include datapath flow misses in flow statistics.
Commit
501f8d1fd75 (ofproto-dpif: Batch interacting with the dpif on flow
miss operations.) caused packets handled manually in userspace not to be
counted in flow statistics. This patch fixes the problem.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Bug #8494.
Ethan Jackson [Thu, 15 Dec 2011 21:39:38 +0000 (13:39 -0800)]
bond: Warn of imminent default bond_mode change.
Post version 1.4.*, we are planning to change the default bond_mode
from balance-slb to active-backup. This commit warns users of the
change so that they can prepare.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 16 Dec 2011 18:09:30 +0000 (10:09 -0800)]
ofproto-dpif: Fix use-after-free for OFPP_CONTROLLER flows.
When a flow consists solely of an output to OFPP_CONTROLLER, we avoid a
round trip to the kernel and back by calling execute_controller_action()
from handle_flow_miss(). However, execute_controller_action() frees the
packet passed in. This is dangerous, because the packet and the upcall
key are in the same block of malloc()'d memory, as the comment on struct
dpif_upcall says:
/* A packet passed up from the datapath to userspace.
*
* If 'key' or 'actions' is nonnull, then it points into data owned by
* 'packet', so their memory cannot be freed separately. (This is hardly a
* great way to do things but it works out OK for the dpif providers and
* clients that exist so far.)
*/
Thus, we get a use-after-free later on in handle_flow_miss() and eventually
a double free.
This fixes the problem by making execute_controller_action() clone the
packet in this case.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 16 Dec 2011 18:02:51 +0000 (10:02 -0800)]
ofproto-dpif: Flush MACs for deleted ports from every bridge.
Consider this scenario: two hypervisors HV-1 and HV-2, connected to a
common physical network over SLB bonds. Two virtual machines VM-1 and VM-2
are both running on HV-1. Patch ports are in use, so that each VM is not
connected to a bridge with a physical Ethernet port but is actually one
virtual "hop" away across a patch port to a second OVS bridge. VM-2 is
running a "ping" process directed at VM-1.
Now migrate VM-1 to HV-2. Suppose that VM-1 fails to send out a gratuitous
ARP following migration, or that the gratuitous ARPs are lost, e.g. because
they are sent before the OpenFlow controller manages to populate the flow
table with rules to allow the VM's traffic
Now we are in a situation where HV-1 has learned that VM-1 is local and
HV-2 has learned that VM-1 is on its bond; both are wrong. One would
expect the problem to resolve itself as soon the VM-1 sends out its first
packet. However, SLB bonds (for important reasons documented in
vswitchd/INTERNALS) are very reluctant to learn that a currently local MAC
is actually on the bond: the only ways to learn that the MAC is on the bond
are to receive a gratuitous ARP (which we won't, since they were dropped)
or for the MAC learning entry to expire after 60 seconds. This means that
VM-1 can send out as much ordinary traffic as it wants (even ARP requests
and other broadcasts) but HV-1 will drop all of it at the physical Ethernet
since it believes that VM-1 is local.
(In an ordinary setup with a single bridge, HV-1 would have unlearned the
address for VM-1 when VM-1's port was deleted, but that didn't happen
because HV-1 only learned that VM-1 was on the patch port that leads to the
integration bridge. The patch port didn't get deleted.)
HV-2 does quickly learn that VM-1 is now local. SLB bonds are only
reluctant to learn that something they think is local is actually on the
bond, not the reverse.
This commit attempts to work around the problem by flushing the MAC
associated with a port from *every* bridge when a port is deleted.
This commit demonstrates yet another good reason not to use SLB bonds.
Build and unit tested only.
Bug #7978.
Bug #7687.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 16 Dec 2011 18:03:08 +0000 (10:03 -0800)]
dpif-netdev: Correctly report types of dummy netdevs.
When dpif-netdev is in use as a "dummy" datapath, the devices that are
added to it have type "dummy", but the dpif methods that report the types
of ports reported that they had type "system". This meant that every time
the bridge code reconfigured, it would see that the ports had the wrong
types and delete and re-add them, which had other undesirable effects such
as flushing the entire MAC learning table whenever ovs-vsctl changed the
configuration.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 13 Dec 2011 22:42:11 +0000 (14:42 -0800)]
ofproto-dpif: Avoid segfault for ports with bundles in add_mirror_actions().
Not every port has an associated bundle, so we must not unconditionally
dereference ofport->bundle without first checking that it is nonnull.
(One example of a port without a bundle is a VLAN splinter port.)
Bug #8671.
Reported-by: Michael Mao <mmao@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 13 Dec 2011 22:20:54 +0000 (14:20 -0800)]
SubmittingPatches: Suggest parentheses for commit subjects.
Suggested-by: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 9 Dec 2011 23:54:43 +0000 (15:54 -0800)]
dpif-linux: Avoid valgrind warning in epoll_ctl() call.
Valgrind points out correctly that there are uninitialized bytes in the
'event' structure. That's OK, but it doesn't hurt to suppress the warning
by zeroing all of the bytes.
This doesn't fix a real bug.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Dec 2011 22:44:23 +0000 (14:44 -0800)]
bridge: Enable support for access and native VLAN ports on bonds.
Since Open vSwitch's inception we've disabled the use of bonds as access
ports, for no particularly good reason. This also unintentionally
prevented bonds from being used as native VLAN ports.
This commit removes the code that prevented using bonds these ways
Reported-and-tested-by: "Michael A. Collins" <mike.a.collins@ark-net.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Dec 2011 18:32:44 +0000 (10:32 -0800)]
debian: Consistently use American spelling of "license" in copyright.in.
Consistent spelling may make searches easier.
Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Dec 2011 17:42:09 +0000 (09:42 -0800)]
debian: Add sFlow license information and text to copyright.in.
sFlow licensing information was omitted from debian/copyright due to an
oversight. This commit adds it.
Reported-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 12 Dec 2011 17:37:34 +0000 (09:37 -0800)]
debian: Correct licensing information for user/kernel shared header files.
The intent is to license all shared user/kernel header files under both
GPLv2 and Apache v2. The license statement here said GPLv3 instead of
GPLv2, so this commit fixes that problem.
Also, include/openvswitch used to be where all the shared user/kernel
header files were located, but this is no longer true, and now there is a
userspace-only header file also in include/openvswitch, so this commit now
lists all of the user/kernel header files explicitly.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Neil McKee [Sat, 10 Dec 2011 00:56:32 +0000 (16:56 -0800)]
sFlow: add Sun Industry Standards Source License 1.1 as licensing option
The sFlow License was not on the list for the Fedora Project, but the
Sun Industry Standards Source License 1.1 was (and it has the right
properties). So this patch includes it as a licensing option in the
relevant places (COPYING and the lib/sflow* sources). Let me know
if this looks OK or not.
Signed-off-by: Neil McKee <neil.mckee@inmon.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Chris Wright <chrisw@sous-sol.org>
Ben Pfaff [Fri, 9 Dec 2011 23:57:55 +0000 (15:57 -0800)]
bridge: Avoid use-after-free with VLAN splinters and multiple bridges.
The VLAN splinters feature uses a "pool" to track and free allocated
blocks. There's only one pool, but the implementation was freeing all of
the blocks in it for every bridge during reconfiguration, not just once for
each reconfiguration, so caused a use-after-free when there was more than
one bridge and a bridge other than the last one in the list of bridges had
a VLAN splinter port.
Bug #8671.
Reported-by: Michael Mao <mmao@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Fri, 9 Dec 2011 23:03:18 +0000 (15:03 -0800)]
SubmittingPatches: document the use of DCO
This adds the Developer's Certificate of Origin to SubmittingPatches
to document the requirement to add Signed-off-by to patches.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 9 Dec 2011 21:09:23 +0000 (13:09 -0800)]
lacp: Avoid valgrind warning in lacp_configure() if custom timing not used.
The caller currently doesn't fill in s->custom_time unless it actually
wants a custom LACP time, but lacp_configure() still does a calculation
with it, provoking a warning from valgrind. This eliminates the warning.
The calculated value was not actually used in this case, so this commit
does not fix a real bug.
Ben Pfaff [Fri, 9 Dec 2011 17:58:16 +0000 (09:58 -0800)]
ovs-ofctl: Fix misspelling in manpage.
Reported-by: Paul Ingram <paul@nicira.com>
Ben Pfaff [Fri, 9 Dec 2011 17:38:19 +0000 (09:38 -0800)]
AUTHORS: Add Chris Wright.
Chris Wright [Fri, 9 Dec 2011 07:36:06 +0000 (23:36 -0800)]
bugtool: move plugins data from /etc/openvswitch to /usr/share/openvswitch
This is in repsonse to the following rpmlint warnings:
W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/system-configuration/openvswitch.xml
W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/system-logs/openvswitch.xml
W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/system-configuration.xml
W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/network-status/openvswitch.xml
W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/kernel-info/openvswitch.xml
The xenserver specfile still places them in /etc/xensource/bugtool since
that's a distro policy. Of course, the rpmlint warnings are as well,
however, this seems like a more logical place for the bugtool plugins.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Fri, 9 Dec 2011 07:36:05 +0000 (23:36 -0800)]
utilites: rename ovs-lib.sh to ovs-lib
Rename this helper script to simply ovs-lib, since it's primarily
a library of helper functions.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Fri, 9 Dec 2011 07:36:04 +0000 (23:36 -0800)]
utilities: install ovs-lib.sh as data not a script
Currently, ovs-lib.sh is installed as an executable. It's meant to be
sourced by external scripts, so install as data. Fixes rpmlint error:
E: script-without-shebang /usr/share/openvswitch/scripts/ovs-lib.sh
Could drop the .sh suffix in another commit.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Fri, 9 Dec 2011 07:36:03 +0000 (23:36 -0800)]
man: fix pic issue at the source
The commit
0993b66 (man: pic failed to run during manpage-check) worked
around the manpage-check warning generated by groff. Using "-T ascii"
rather "-T utf8" was enough to silence the warning because the man page
has this condition in it:
.if !'\*[.T]'ascii'
However, rpmlint generates the same warning as manpage-check was (it
uses -Tutf8), and manpages are generated using -Tutf8 (leading to an
fairly unreadable drawing). So let's change the logic a bit and allow
pdf generation w/ nice drawing and kill it for tty's.
Cc: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Fri, 9 Dec 2011 07:36:02 +0000 (23:36 -0800)]
rhel: openvswitch.spec.in: fix perms on logrotate and sysconfig.template
Fixes rpmlint warning:
W: spurious-executable-perm /etc/logrotate.d/openvswitch
W: non-conffile-in-etc /etc/logrotate.d/openvswitch
E: script-without-shebang /usr/share/openvswitch/scripts/sysconfig.template
Define rhel_cp() shell func and include file mode on install.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Fri, 9 Dec 2011 07:36:01 +0000 (23:36 -0800)]
rhel: openvswitch.spec.in installs README as executable
Fix this rpmlint warning:
W: spurious-executable-perm /usr/share/doc/openvswitch-1.4.0/README.RHEL
by specifying mode on install.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Chris Wright [Fri, 9 Dec 2011 07:36:00 +0000 (23:36 -0800)]
Update FSF address in LGPL notices in bugtool plugins.
This quiets the rpmlint errors:
E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/system-configuration/openvswitch.xml
E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/system-logs/openvswitch.xml
E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/system-configuration.xml
E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/network-status/openvswitch.xml
E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/kernel-info/openvswitch.xml
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Thu, 8 Dec 2011 21:26:05 +0000 (13:26 -0800)]
sflow: Use ofproto_port_get_stats().
Bug #7551
Pravin B Shelar [Thu, 8 Dec 2011 21:25:06 +0000 (13:25 -0800)]
ofproto: Device stats should include packets generated by userspace/controller
Following patch account packets consumed and composed in userspace
as received on and transmitted from local port.
Bug #7551
Jesse Gross [Thu, 8 Dec 2011 21:17:24 +0000 (13:17 -0800)]
datapath: Alphabetize include/net/ipv6.h compat header.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Thu, 8 Dec 2011 17:52:40 +0000 (09:52 -0800)]
datapath: Fix build on RHEL 5.5
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 6 Dec 2011 23:55:22 +0000 (15:55 -0800)]
socket-util: Correctly return negative values for errors.
The comment on this function says that negative values indicate errors, and
the callers assume that too, but in fact it was returning positive errno
values, which are indistinguishable from valid fd numbers.
It really seems to me that this should have been found pretty quickly in
the field, since stream-tcp and stream-ssl both use inet_open_passive to
implement their passive listeners. I'm surprised that no one has reported
it.
Ben Pfaff [Wed, 7 Dec 2011 06:15:14 +0000 (22:15 -0800)]
nicira-ext: Improve comment.
Luca Giraudo [Tue, 6 Dec 2011 21:01:25 +0000 (13:01 -0800)]
ofproto-dpif-sflow: allow sFlow to infer the agent device.
Bug #2407.
Jesse Gross [Tue, 6 Dec 2011 19:10:15 +0000 (11:10 -0800)]
AUTHORS: Add Dan Carpenter.
Dan Carpenter [Tue, 6 Dec 2011 19:08:25 +0000 (11:08 -0800)]
datapath: small potential memory leak in ovs_vport_alloc()
We're unlikely to hit this leak, but the static checkers complain if we
don't take care of it.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Rob Hoes [Mon, 5 Dec 2011 14:43:12 +0000 (14:43 +0000)]
xenserver: Reduce number of xapi DB calls in plugin
When there are lots of PIFs in a XenServer/XCP pool, for example when
there are many VLANs configured on the pool, operations such as
PIF.get_all and loops over all PIFs which include database operations,
are very inefficient when executed on a pool slave, and should be
avoided as much as possible. This patch reduces the number of database
calls in the update function of the openvswitch-cfg-update xapi plugin.
Signed-off-by: Rob Hoes <rob.hoes@citrix.com>
Acked-by: Dominic Curran <Dominic.curran@citrix.com>
Justin Pettit [Mon, 5 Dec 2011 00:33:54 +0000 (16:33 -0800)]
netdev-linux: Don't restrict policing to IPv4 and don't call "tc".
Mike Bursell pointed out that our policer only works on IPv4
traffic--and specifically not IPv6. By using the "basic" filter, we can
enforce policing on all traffic for a particular interface.
Jamal Hadi Salim pointed out that calling "tc" directly with system() is
pretty ugly. This commit switches our remaining "tc" calls to directly
sending the appropriate netlink messages.
Suggested-by: Mike Bursell <mike.bursell@citrix.com>
Suggested-by: Jamal Hadi Salim <hadi@cyberus.ca>
Jesse Gross [Mon, 5 Dec 2011 17:30:19 +0000 (09:30 -0800)]
AUTHORS: Add Zhi Yong Wu.
Zhi Yong Wu [Mon, 5 Dec 2011 02:33:14 +0000 (10:33 +0800)]
datapath: Fix build breakage on kernel 2.6.40
Today i played with openvswitch on my workstation with kernel 2.6.40 and found that it break when i built. The
+issue is introduced by commit
ceb176fdb72bb7ce90debc66e1eeb1d25823d30a
Below is the error log:
from /home/zwu/work/virt/openvswitch/datapath/linux/genetlink-brcompat.c:10:
/home/zwu/work/virt/openvswitch/datapath/linux/compat/include/linux/skbuff.h:243:20: error: redefinition of
+‘skb_reset_mac_len’
include/linux/skbuff.h:1259:20: note: previous definition of ‘skb_reset_mac_len’ was here
make[5]: *** [/home/zwu/work/virt/openvswitch/datapath/linux/genetlink-brcompat.o] Error 1
make[4]: *** [_module_/home/zwu/work/virt/openvswitch/datapath/linux] Error 2
make[4]: Leaving directory `/usr/src/kernels/2.6.40.6-0.fc15.x86_64'
make[3]: *** [default] Error 2
make[3]: Leaving directory `/home/zwu/work/virt/openvswitch/datapath/linux'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/home/zwu/work/virt/openvswitch/datapath'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/zwu/work/virt/openvswitch'
make: *** [all] Error 2
Signed-off-by: Zhi Yong Wu <zwu.kernel@gmail.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Fri, 2 Dec 2011 00:09:05 +0000 (16:09 -0800)]
datapath: Remove custom version of ipv6_skip_exthdr().
We currently have a version of ipv6_skip_exthdr() which is
identical to the main one with the addition of fragment reporting.
We can propose our version for upstream and then use it directly
without duplication.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 30 Nov 2011 18:59:12 +0000 (10:59 -0800)]
netdev-linux: Ref and unref the netdev_linux_cache_notifier for taps too.
netdev-linux uses netdev_linux_cache_notifier to flush its cache when the
kernel notifies userspace that a particular network device's configuration
or status has changed. This is as applicable to tap devices as to system
and internal devices, so we should create and destroy the notifier for
tap devices also.
I doubt that in practice it's possible to run ovs-vswitchd without having
a non-tap device open, at least with the kernel datapath, because the
local port for a bridge is not a tap device, so there should be no need to
backport this to older versions.
Reported-by: Gaetano Catalli <gaetano.catalli@gmail.com>
Jesse Gross [Fri, 2 Dec 2011 02:42:20 +0000 (18:42 -0800)]
datapath: Fix outdated comment.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ethan Jackson [Thu, 1 Dec 2011 02:08:01 +0000 (18:08 -0800)]
vswitch.xml: Fix bond-hash-basis documentation placement.
The bond-hash-basis other_config column was documented under "LACP
Configuration". Instead it should be documented as general bonding
configuration.
Ethan Jackson [Thu, 1 Dec 2011 02:01:32 +0000 (18:01 -0800)]
lacp: Update header file comments.
Justin Pettit [Thu, 1 Dec 2011 07:41:19 +0000 (23:41 -0800)]
Prepare for post-1.4.0 (1.4.90).
Ben Pfaff [Mon, 28 Nov 2011 21:49:12 +0000 (13:49 -0800)]
ovs-vlan-bugs: Document driver bug with priority tagged packets.
Reported-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Wed, 30 Nov 2011 20:54:03 +0000 (12:54 -0800)]
INSTALL.XenServer: Update instructions.
The instructions hadn't been properly updated to match current XenServer
releases.
Reported-by: Ramana Reddy <gtvrreddy@gmail.com>
Ben Pfaff [Thu, 1 Dec 2011 16:33:55 +0000 (08:33 -0800)]
learn: Avoid 1-byte buffer underrun in learn_format().
Reported-and-tested-by: Jari Sundell <sundell.software@gmail.com>
Justin Pettit [Thu, 1 Dec 2011 06:20:09 +0000 (22:20 -0800)]
Declare the version as "1.4.0".
Ethan Jackson [Tue, 29 Nov 2011 02:08:49 +0000 (18:08 -0800)]
tests: Perform basic LACP unit tests.
This patch adds tests which check that configuration settings in
the database are reflected in the LACP module's appctl output.
Ethan Jackson [Tue, 29 Nov 2011 22:21:26 +0000 (14:21 -0800)]
lacp: Sort slaves in appctl output.
This will simplify unit tests added in a future patch.
Ethan Jackson [Tue, 29 Nov 2011 22:27:12 +0000 (14:27 -0800)]
lacp: Remove trailing whitespace from appctl output.
This will marginally simplify some unit tests in a future patch.
Ethan Jackson [Tue, 29 Nov 2011 21:22:18 +0000 (13:22 -0800)]
lacp: Require non-zero system ID.
It's a bug if LACP is configured with a system ID of zero. This
patch assert fails in this case.
Pravin B Shelar [Wed, 30 Nov 2011 22:18:21 +0000 (14:18 -0800)]
ofproto-dpif: Delete un-fit flow from datapath.
Pravin B Shelar [Wed, 30 Nov 2011 22:17:15 +0000 (14:17 -0800)]
ofproto-dpif: Fix memory leak.
Following patch fixes memory leak in case there is ODP_FIT_ERROR
on flow key.
Ethan Jackson [Wed, 30 Nov 2011 03:03:52 +0000 (19:03 -0800)]
bridge: Honor lacp-system-id other_config setting.
The bridge code was completely ignoring the lacp-system-id setting.
Future patches will add tests which would have caught this issue.
Bug #8516.
Ben Pfaff [Wed, 30 Nov 2011 21:07:38 +0000 (13:07 -0800)]
ovs-ofctl: Improve usage message.
TARGET and SWITCH are different because TARGET can refer to a switch or a
controller whereas SWITCH must be a switch, but TARGET wasn't defined
before.
Also, TARGET seems a little more user-friendly than the VCONN that was used
here before.
Reported-by: Reid Price <reid@nicira.com>
Bug #7736.
Ben Pfaff [Wed, 30 Nov 2011 20:09:35 +0000 (12:09 -0800)]
bridge: Configure datapath ID earlier.
The design intent is for LACP ports to use the datapath ID as the default
system ID when none is specifically configured. However, the datapath ID
is not available that early. This commit makes it available earlier.
This commit does not fix another bug that prevents the LACP system ID from
being set properly (nothing sets it at all, in fact, so it always uses 0).
Build and unit tested only.
Ethan Jackson [Tue, 29 Nov 2011 21:24:57 +0000 (13:24 -0800)]
bridge: Remove redundant newline.
Jesse Gross [Wed, 30 Nov 2011 18:46:54 +0000 (10:46 -0800)]
datapath: Don't use ipv6_addr_copy().
It was dropped upstream in favor of direct structure assignment.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Mon, 28 Nov 2011 22:14:23 +0000 (14:14 -0800)]
odp-util: Move commit_odp_actions() from ofproto-dpif.
In an effort to simplify ofproto-dpif, this commit moves the
definition of commit_odp_actions() to odp-util.
Ethan Jackson [Mon, 28 Nov 2011 22:08:11 +0000 (14:08 -0800)]
ofproto-dpif: Remove redundant commit_odp_actions() call.
Ben Pfaff [Wed, 16 Nov 2011 22:38:52 +0000 (14:38 -0800)]
ovsdb: Correctly implement conditions that include multiple clauses.
Multiple-clause conditions in OVSDB operations with "where" clauses are
supposed to be conjunctions, that is, the condition is true only if every
clause is true. In fact, the implementation only checked a single clause
(not necessarily the first one) and ignored the rest. This fixes the
problem and adds test coverage for multiple-clause conditions.
Reported-by: Shih-Hao Li <shli@nicira.com>
Ben Pfaff [Wed, 23 Nov 2011 20:15:42 +0000 (12:15 -0800)]
daemon: Better log when fork child dies early from signals.
On one machine, "/etc/init.d/openvswitch-switch start" failed to start
with:
ovs-vswitchd: fork child failed to signal startup (Success)
Starting ovs-vswitchd ... failed!
"strace" revealed that the fork child was actually segfaulting, but the
message output didn't indicate that in any way. This commit fixes the
log message (but not the segfault itself).
Reported-by: Michael Hu <mhu@nicira.com>
Bug #8457.
Ben Pfaff [Mon, 14 Nov 2011 18:10:58 +0000 (10:10 -0800)]
netlink-socket: Let the kernel choose Netlink pids for us.
The Netlink code in the Linux kernel has been willing to choose unique
Netlink pids for userspace sockets since at least 2.4.36 and probably
earlier. There's no value in choosing them ourselves.
This simplifies the code and eliminates the possibility of exhausting our
supply of Netlink PIDs.
Ben Pfaff [Mon, 28 Nov 2011 18:35:15 +0000 (10:35 -0800)]
ofproto: Add "fast path".
The key to getting good performance on the netperf CRR test seems to be to
handle the first packet of each new flow as quickly as possible. Until
now, we've only had one opportunity to do that on each trip through the
main poll loop. One way to improve would be to make that poll loop
circulate more quickly. My experiments show, however, that even just
commenting out the slower parts of the poll loop yield minimal improvement.
This commit takes another approach. Instead of making the poll loop
overall faster, it invokes the performance-critical parts of it more than
once during each poll loop.
My measurements show that this commit improves netperf CRR performance by
24% versus the previous commit, for an overall improvement of 87% versus
the baseline just before the commit that removed the poll_fd_woke(). With
this commit, ovs-benchmark performance has also improved by 13% overall
since that baseline.
Ben Pfaff [Fri, 11 Nov 2011 00:42:51 +0000 (16:42 -0800)]
ofproto-dpif: Process multiple batches of upcalls in a single poll loop.
This yields a 27% improvement in netperf CRR results in my tests
versus the previous commit, which is a 52% improvement versus
the baseline from just before the poll_fd_woke() optimization was
removed.
Ben Pfaff [Tue, 22 Nov 2011 17:25:32 +0000 (09:25 -0800)]
dpif-linux: Use "epoll" instead of poll().
epoll appears to be much more efficient than poll() at least for
static file descriptor sets. I can't otherwise explain why this
patch increases netperf CRR performance by 20% above the previous
commit, which is also about a 19% overall improvement versus
the baseline from before the poll_fd_woke() optimization was
removed.
Ben Pfaff [Mon, 28 Nov 2011 17:29:18 +0000 (09:29 -0800)]
dpif-linux: Use poll() internally in dpif_linux_recv().
Using poll() internally in dpif_linux_recv(), instead of relying
on the results of the main loop poll() call, brings netperf CRR
performance back within 1% of par versus the code base before the
poll_fd_woke() optimizations were introduced. It also increases
the ovs-benchmark results by about 5% versus that baseline, too.
My theory is that this is because the main loop takes long enough
that a significant number of packets can arrive during the main
loop itself, so this reduces the time before OVS gets to those
packets.
Ben Pfaff [Tue, 22 Nov 2011 19:05:53 +0000 (11:05 -0800)]
Revert "poll-loop: Enable checking whether a FD caused a wakeup."
This reverts commit
1e276d1a10539a8cd97d2ad63c073a9a43f0f1ef.
The poll_fd_woke() and nl_sock_woke() function added in that commit are
no longer used, so there is no reason to keep them in the tree.
Ben Pfaff [Thu, 10 Nov 2011 23:39:39 +0000 (15:39 -0800)]
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv().
This optimization on its own provided about 37% benefit against a
load of a single netperf CRR test, but at the same time it penalized
ovs-benchmark by about 11%. We can get back the CRR performance
loss, and more, other ways, so the first step is to revert this
patch, temporarily accepting the performance loss.
Justin Pettit [Wed, 23 Nov 2011 08:04:58 +0000 (00:04 -0800)]
mirroring: Don't require the "normal" action to perform mirroring.
Previously, mirrors only worked when using the "normal" action. This
commit performs mirroring even when mirroring is not used. It also adds
some unit tests.
Justin Pettit [Sun, 20 Nov 2011 23:12:36 +0000 (15:12 -0800)]
ovs-vswitchd: Track packet and byte statistics sent on mirrors.
This commit adds support for tracking the number of packets and bytes
sent through a mirror. The numbers are kept in the new "statistics"
column on the mirror table in the "tx_packets" and "tx_bytes" keys.
Justin Pettit [Wed, 23 Nov 2011 07:50:59 +0000 (23:50 -0800)]
mirroring: Use more generic terms for mirroring.
Simon Horman [Thu, 24 Nov 2011 01:22:22 +0000 (10:22 +0900)]
stream: Make classes const
The classes are never modified and may be declared constant.
Ben Pfaff [Thu, 24 Nov 2011 01:03:31 +0000 (17:03 -0800)]
Implement new "VLAN splinters" feature.
The "VLAN splinters" feature works around buggy device drivers in old Linux
versions.
This feature is deprecated. When broken device drivers are no longer in
widespread use, we will delete this feature.
I tested earlier versions of this commit, but I have not tested this
version.
See ovs-vswitchd.conf.db(5) for more information.
Ben Pfaff [Wed, 23 Nov 2011 21:22:30 +0000 (13:22 -0800)]
ofproto-dpif: Separately track the initial VLAN TCI of arriving packets.
In an upcoming commit, VLAN splinters can cause the VLAN TCI of a packet
received on an interface to differ from the logical VLAN TCI. That is,
a packet that is received on a Linux VLAN network device has no VLAN (so
its initial VLAN TCI is 0) but we logically treat it as if it has the VLAN
associated with the VLAN device.
This is only desirable for use with VLAN splinters and should be reverted
when this feature is no longer needed. I'm breaking it out here only to
make the series easier to review.
Ben Pfaff [Wed, 16 Nov 2011 01:06:41 +0000 (17:06 -0800)]
ofproto-dpif: Move ODP actions from facets to subfacets.
This is a prerequisite for the upcoming VLAN splinter patch, because
splinters and non-splintered subfacets might need slightly different
actions due to the VLAN tag being initially different (present vs. absent).
This is only desirable for use with VLAN splinters and should be reverted
when this feature is no longer needed. I'm breaking it out here only to
make the series easier to review.
Ben Pfaff [Wed, 16 Nov 2011 00:55:28 +0000 (16:55 -0800)]
ofproto-dpif: Simplify invocation of send_packet().
All the callers already have the ofport handy, so they might as well just
pass it in directly.
Ben Pfaff [Tue, 15 Nov 2011 21:59:41 +0000 (13:59 -0800)]
ovsdb-idl: Add assertion for synthetic records in ovsdb_idl_read().
This function doesn't support synthetic records but it probably isn't
obvious from looking at it, so add an actual assertion.
Ben Pfaff [Mon, 14 Nov 2011 22:02:43 +0000 (14:02 -0800)]
packets: New function eth_pop_vlan(), formerly dp_netdev_pop_vlan().
An upcoming commit will add a new user.