openvswitch
12 years agodpif-netdev: Fix UDP checksum calculation.
Ethan Jackson [Wed, 21 Dec 2011 19:19:28 +0000 (11:19 -0800)]
dpif-netdev: Fix UDP checksum calculation.

dpif-netdev incorrectly calculated the UDP checksum when modifying
source and destination ports.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agoNEWS: Fix typo in entry for 1.3.0.
Ben Pfaff [Wed, 21 Dec 2011 19:01:45 +0000 (11:01 -0800)]
NEWS: Fix typo in entry for 1.3.0.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agovswitchd: fix "implicit declaration of function" build warning.
Ansis Atteka [Wed, 21 Dec 2011 17:59:16 +0000 (09:59 -0800)]
vswitchd: fix "implicit declaration of function" build warning.

Included stream.h header file for connmgr.c and bridge.c files.

Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Reported-by: Ben Pfaff <blp@nicira.com>
12 years agovswitchd: Document what changes to the database flush the flow table.
Ben Pfaff [Wed, 21 Dec 2011 00:50:17 +0000 (16:50 -0800)]
vswitchd: Document what changes to the database flush the flow table.

Requested-by: Hao Zheng <hzheng@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoAdd release date for 1.3.0.
Ben Pfaff [Wed, 21 Dec 2011 00:48:40 +0000 (16:48 -0800)]
Add release date for 1.3.0.

This made it into branch-1.3 but not master.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agovswitchd: In-band rules for Controller are missing after executing force-reload-kmod...
Ansis Atteka [Mon, 19 Dec 2011 20:43:34 +0000 (12:43 -0800)]
vswitchd: In-band rules for Controller are missing after executing force-reload-kmod command

In current implementation vswitchd adds Controller in-band rules only if
there is a route in kernel routing table that might route traffic to the
Controller. But, when executing force-reload-kmod command, network
configuration (e.g. assigned IP addresses, routes) are flushed away,
hence Controller in-band rules are not added.

This commit fixes this limitation and allows vswitchd to add Controller
in-band rules even if there are no routes in the kernel routing table.

Issue: #8625

Signed-off-by: Ansis Atteka <aatteka@nicira.com>
12 years agotests: Update gitignore to include test-netflow.
Ethan Jackson [Mon, 19 Dec 2011 23:44:57 +0000 (15:44 -0800)]
tests: Update gitignore to include test-netflow.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agonetflow: Add basic unit tests.
Ben Pfaff [Mon, 19 Dec 2011 22:46:16 +0000 (14:46 -0800)]
netflow: Add basic unit tests.

These tests would have caught the flow statistics bug introduced by commit
501f8d1fd75 (ofproto-dpif: Batch interacting with the dpif on flow miss
operations.)

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agonetflow: Move packet definitions to header file.
Ben Pfaff [Mon, 19 Dec 2011 22:18:00 +0000 (14:18 -0800)]
netflow: Move packet definitions to header file.

An upcoming commit will introduce code outside of ofproto/netflow.c that
works with NetFlow packets, so we need the protocol definitions in a common
location.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agotests: Add expected output parameter to OVS_VSWITCHD_START.
Ben Pfaff [Thu, 8 Dec 2011 21:22:50 +0000 (13:22 -0800)]
tests: Add expected output parameter to OVS_VSWITCHD_START.

It's convenient to pass commands for ovs-vsctl directly to
OVS_VSWITCHD_START, but until now those commands could have no output
because that would cause a test failure.  This commit adds an optional
argument to supply ovs-vsctl expected output, and adjusts some test
cases to use it instead of calling ovs-vsctl a second time.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agotests: Update ovs-vswitchd log messages to ignore.
Ben Pfaff [Thu, 8 Dec 2011 20:45:18 +0000 (12:45 -0800)]
tests: Update ovs-vswitchd log messages to ignore.

Commit 579a77e024 (tests: Allow unit tests to run as root.) means that
ovs-vswitchd doesn't output either of these log messages anymore when
the unit tests run, so there's no need to ignore them anymore.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoflow: Make flow_compose() fake packets slightly more realistic.
Ben Pfaff [Mon, 19 Dec 2011 22:45:23 +0000 (14:45 -0800)]
flow: Make flow_compose() fake packets slightly more realistic.

This makes flow_extract() happier with TCP packets that this function
produces.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agotimeval: Add ability to fast-forward time, for unit testing.
Ben Pfaff [Wed, 7 Dec 2011 21:15:54 +0000 (13:15 -0800)]
timeval: Add ability to fast-forward time, for unit testing.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agopoll-loop: Track the poll timeout as an absolute, not a relative time.
Ben Pfaff [Mon, 19 Dec 2011 22:28:42 +0000 (14:28 -0800)]
poll-loop: Track the poll timeout as an absolute, not a relative time.

This is a necessary prerequisite for allowing time to be "fast forwarded"
in unit tests, to keep tests that depend on the passage of time from
running in real time.  Without this change, a code sequence like this:

poll_timer_wait(1000);
...fast forward time 5 seconds...
poll_block();

would still sleep for a second, because the poll_loop module would still
have a relative timeout of 1000 ms.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agonetdev-dummy: Allow injecting traffic.
Ben Pfaff [Tue, 6 Dec 2011 22:22:27 +0000 (14:22 -0800)]
netdev-dummy: Allow injecting traffic.

This paves the way to allow unit tests to test the whole switch
on an end-to-end basis.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agopackets: New function eth_from_hex().
Ben Pfaff [Tue, 6 Dec 2011 22:09:10 +0000 (14:09 -0800)]
packets: New function eth_from_hex().

An upcoming commit will add another user.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agounixctl: Implement quoting.
Ben Pfaff [Fri, 2 Dec 2011 23:29:19 +0000 (15:29 -0800)]
unixctl: Implement quoting.

The protocol used by ovs-appctl has a long-standing bug that there
is no way to distinguish "ovs-appctl a b c" from "ovs-appctl 'a b c'".
This isn't a big deal because none of the current commands really
want to accept arguments that include spaces, but it's kind of a silly
limitation.

At the same time, the internal API is awkward because every user is
stuck doing its own argument parsing, which is no fun.

This commit fixes both problems, by adding shell-like quoting to the
protocol and modifying the internal API from one that passes a string
to one that passes in an array of pre-parsed strings.  Command
implementations may now specify how many arguments they expect.  This
simplifies some command implementations significantly.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agosocket-util: Don't try to listen to a UDP socket.
Ben Pfaff [Tue, 6 Dec 2011 23:57:15 +0000 (15:57 -0800)]
socket-util: Don't try to listen to a UDP socket.

The "listen" system call doesn't work and isn't necessary for UDP, but
inet_open_passive() would still try to call it (and fail).

This doesn't fix a real bug because the two existing callers both use
inet_open_passive() to listen for TCP connections.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agonetdev-linux: Report error for truncated packets on receive.
Ben Pfaff [Fri, 2 Dec 2011 23:22:20 +0000 (15:22 -0800)]
netdev-linux: Report error for truncated packets on receive.

Found by inspection.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agonetdev-linux: Translate errno value to name in log message.
Ben Pfaff [Tue, 6 Dec 2011 22:22:00 +0000 (14:22 -0800)]
netdev-linux: Translate errno value to name in log message.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto-dpif: Include datapath flow misses in flow statistics.
Ben Pfaff [Thu, 8 Dec 2011 20:40:01 +0000 (12:40 -0800)]
ofproto-dpif: Include datapath flow misses in flow statistics.

Commit 501f8d1fd75 (ofproto-dpif: Batch interacting with the dpif on flow
miss operations.) caused packets handled manually in userspace not to be
counted in flow statistics.  This patch fixes the problem.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Bug #8494.

12 years agobond: Warn of imminent default bond_mode change.
Ethan Jackson [Thu, 15 Dec 2011 21:39:38 +0000 (13:39 -0800)]
bond: Warn of imminent default bond_mode change.

Post version 1.4.*, we are planning to change the default bond_mode
from balance-slb to active-backup.  This commit warns users of the
change so that they can prepare.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
12 years agoofproto-dpif: Fix use-after-free for OFPP_CONTROLLER flows.
Ben Pfaff [Fri, 16 Dec 2011 18:09:30 +0000 (10:09 -0800)]
ofproto-dpif: Fix use-after-free for OFPP_CONTROLLER flows.

When a flow consists solely of an output to OFPP_CONTROLLER, we avoid a
round trip to the kernel and back by calling execute_controller_action()
from handle_flow_miss().  However, execute_controller_action() frees the
packet passed in.  This is dangerous, because the packet and the upcall
key are in the same block of malloc()'d memory, as the comment on struct
dpif_upcall says:

/* A packet passed up from the datapath to userspace.
 *
 * If 'key' or 'actions' is nonnull, then it points into data owned by
 * 'packet', so their memory cannot be freed separately.  (This is hardly a
 * great way to do things but it works out OK for the dpif providers and
 * clients that exist so far.)
 */

Thus, we get a use-after-free later on in handle_flow_miss() and eventually
a double free.

This fixes the problem by making execute_controller_action() clone the
packet in this case.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto-dpif: Flush MACs for deleted ports from every bridge.
Ben Pfaff [Fri, 16 Dec 2011 18:02:51 +0000 (10:02 -0800)]
ofproto-dpif: Flush MACs for deleted ports from every bridge.

Consider this scenario: two hypervisors HV-1 and HV-2, connected to a
common physical network over SLB bonds.  Two virtual machines VM-1 and VM-2
are both running on HV-1.  Patch ports are in use, so that each VM is not
connected to a bridge with a physical Ethernet port but is actually one
virtual "hop" away across a patch port to a second OVS bridge.  VM-2 is
running a "ping" process directed at VM-1.

Now migrate VM-1 to HV-2.  Suppose that VM-1 fails to send out a gratuitous
ARP following migration, or that the gratuitous ARPs are lost, e.g. because
they are sent before the OpenFlow controller manages to populate the flow
table with rules to allow the VM's traffic

Now we are in a situation where HV-1 has learned that VM-1 is local and
HV-2 has learned that VM-1 is on its bond; both are wrong.  One would
expect the problem to resolve itself as soon the VM-1 sends out its first
packet.  However, SLB bonds (for important reasons documented in
vswitchd/INTERNALS) are very reluctant to learn that a currently local MAC
is actually on the bond: the only ways to learn that the MAC is on the bond
are to receive a gratuitous ARP (which we won't, since they were dropped)
or for the MAC learning entry to expire after 60 seconds. This means that
VM-1 can send out as much ordinary traffic as it wants (even ARP requests
and other broadcasts) but HV-1 will drop all of it at the physical Ethernet
since it believes that VM-1 is local.

(In an ordinary setup with a single bridge, HV-1 would have unlearned the
address for VM-1 when VM-1's port was deleted, but that didn't happen
because HV-1 only learned that VM-1 was on the patch port that leads to the
integration bridge.  The patch port didn't get deleted.)

HV-2 does quickly learn that VM-1 is now local.  SLB bonds are only
reluctant to learn that something they think is local is actually on the
bond, not the reverse.

This commit attempts to work around the problem by flushing the MAC
associated with a port from *every* bridge when a port is deleted.

This commit demonstrates yet another good reason not to use SLB bonds.

Build and unit tested only.
Bug #7978.
Bug #7687.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodpif-netdev: Correctly report types of dummy netdevs.
Ben Pfaff [Fri, 16 Dec 2011 18:03:08 +0000 (10:03 -0800)]
dpif-netdev: Correctly report types of dummy netdevs.

When dpif-netdev is in use as a "dummy" datapath, the devices that are
added to it have type "dummy", but the dpif methods that report the types
of ports reported that they had type "system".  This meant that every time
the bridge code reconfigured, it would see that the ports had the wrong
types and delete and re-add them, which had other undesirable effects such
as flushing the entire MAC learning table whenever ovs-vsctl changed the
configuration.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoofproto-dpif: Avoid segfault for ports with bundles in add_mirror_actions().
Ben Pfaff [Tue, 13 Dec 2011 22:42:11 +0000 (14:42 -0800)]
ofproto-dpif: Avoid segfault for ports with bundles in add_mirror_actions().

Not every port has an associated bundle, so we must not unconditionally
dereference ofport->bundle without first checking that it is nonnull.

(One example of a port without a bundle is a VLAN splinter port.)

Bug #8671.
Reported-by: Michael Mao <mmao@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoSubmittingPatches: Suggest parentheses for commit subjects.
Ben Pfaff [Tue, 13 Dec 2011 22:20:54 +0000 (14:20 -0800)]
SubmittingPatches: Suggest parentheses for commit subjects.

Suggested-by: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodpif-linux: Avoid valgrind warning in epoll_ctl() call.
Ben Pfaff [Fri, 9 Dec 2011 23:54:43 +0000 (15:54 -0800)]
dpif-linux: Avoid valgrind warning in epoll_ctl() call.

Valgrind points out correctly that there are uninitialized bytes in the
'event' structure.  That's OK, but it doesn't hurt to suppress the warning
by zeroing all of the bytes.

This doesn't fix a real bug.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agobridge: Enable support for access and native VLAN ports on bonds.
Ben Pfaff [Mon, 12 Dec 2011 22:44:23 +0000 (14:44 -0800)]
bridge: Enable support for access and native VLAN ports on bonds.

Since Open vSwitch's inception we've disabled the use of bonds as access
ports, for no particularly good reason.  This also unintentionally
prevented bonds from being used as native VLAN ports.

This commit removes the code that prevented using bonds these ways

Reported-and-tested-by: "Michael A. Collins" <mike.a.collins@ark-net.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodebian: Consistently use American spelling of "license" in copyright.in.
Ben Pfaff [Mon, 12 Dec 2011 18:32:44 +0000 (10:32 -0800)]
debian: Consistently use American spelling of "license" in copyright.in.

Consistent spelling may make searches easier.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodebian: Add sFlow license information and text to copyright.in.
Ben Pfaff [Mon, 12 Dec 2011 17:42:09 +0000 (09:42 -0800)]
debian: Add sFlow license information and text to copyright.in.

sFlow licensing information was omitted from debian/copyright due to an
oversight.  This commit adds it.

Reported-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agodebian: Correct licensing information for user/kernel shared header files.
Ben Pfaff [Mon, 12 Dec 2011 17:37:34 +0000 (09:37 -0800)]
debian: Correct licensing information for user/kernel shared header files.

The intent is to license all shared user/kernel header files under both
GPLv2 and Apache v2.  The license statement here said GPLv3 instead of
GPLv2, so this commit fixes that problem.

Also, include/openvswitch used to be where all the shared user/kernel
header files were located, but this is no longer true, and now there is a
userspace-only header file also in include/openvswitch, so this commit now
lists all of the user/kernel header files explicitly.

Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agosFlow: add Sun Industry Standards Source License 1.1 as licensing option
Neil McKee [Sat, 10 Dec 2011 00:56:32 +0000 (16:56 -0800)]
sFlow: add Sun Industry Standards Source License 1.1 as licensing option

The sFlow License was not on the list for the Fedora Project,  but the
Sun Industry Standards Source License 1.1 was (and it has the right
properties).  So this patch includes it as a licensing option in the
relevant places (COPYING and the lib/sflow* sources).   Let me know
if this looks OK or not.

Signed-off-by: Neil McKee <neil.mckee@inmon.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Chris Wright <chrisw@sous-sol.org>
12 years agobridge: Avoid use-after-free with VLAN splinters and multiple bridges.
Ben Pfaff [Fri, 9 Dec 2011 23:57:55 +0000 (15:57 -0800)]
bridge: Avoid use-after-free with VLAN splinters and multiple bridges.

The VLAN splinters feature uses a "pool" to track and free allocated
blocks.  There's only one pool, but the implementation was freeing all of
the blocks in it for every bridge during reconfiguration, not just once for
each reconfiguration, so caused a use-after-free when there was more than
one bridge and a bridge other than the last one in the list of bridges had
a VLAN splinter port.

Bug #8671.
Reported-by: Michael Mao <mmao@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoSubmittingPatches: document the use of DCO
Chris Wright [Fri, 9 Dec 2011 23:03:18 +0000 (15:03 -0800)]
SubmittingPatches: document the use of DCO

This adds the Developer's Certificate of Origin to SubmittingPatches
to document the requirement to add Signed-off-by to patches.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agolacp: Avoid valgrind warning in lacp_configure() if custom timing not used.
Ben Pfaff [Fri, 9 Dec 2011 21:09:23 +0000 (13:09 -0800)]
lacp: Avoid valgrind warning in lacp_configure() if custom timing not used.

The caller currently doesn't fill in s->custom_time unless it actually
wants a custom LACP time, but lacp_configure() still does a calculation
with it, provoking a warning from valgrind.  This eliminates the warning.

The calculated value was not actually used in this case, so this commit
does not fix a real bug.

12 years agoovs-ofctl: Fix misspelling in manpage.
Ben Pfaff [Fri, 9 Dec 2011 17:58:16 +0000 (09:58 -0800)]
ovs-ofctl: Fix misspelling in manpage.

Reported-by: Paul Ingram <paul@nicira.com>
12 years agoAUTHORS: Add Chris Wright.
Ben Pfaff [Fri, 9 Dec 2011 17:38:19 +0000 (09:38 -0800)]
AUTHORS: Add Chris Wright.

12 years agobugtool: move plugins data from /etc/openvswitch to /usr/share/openvswitch
Chris Wright [Fri, 9 Dec 2011 07:36:06 +0000 (23:36 -0800)]
bugtool: move plugins data from /etc/openvswitch to /usr/share/openvswitch

This is in repsonse to the following rpmlint warnings:

 W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/system-configuration/openvswitch.xml
 W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/system-logs/openvswitch.xml
 W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/system-configuration.xml
 W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/network-status/openvswitch.xml
 W: non-conffile-in-etc /etc/openvswitch/bugtool-plugins/kernel-info/openvswitch.xml

The xenserver specfile still places them in /etc/xensource/bugtool since
that's a distro policy.  Of course, the rpmlint warnings are as well,
however, this seems like a more logical place for the bugtool plugins.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoutilites: rename ovs-lib.sh to ovs-lib
Chris Wright [Fri, 9 Dec 2011 07:36:05 +0000 (23:36 -0800)]
utilites: rename ovs-lib.sh to ovs-lib

Rename this helper script to simply ovs-lib, since it's primarily
a library of helper functions.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoutilities: install ovs-lib.sh as data not a script
Chris Wright [Fri, 9 Dec 2011 07:36:04 +0000 (23:36 -0800)]
utilities: install ovs-lib.sh as data not a script

Currently, ovs-lib.sh is installed as an executable.  It's meant to be
sourced by external scripts, so install as data.  Fixes rpmlint error:

 E: script-without-shebang /usr/share/openvswitch/scripts/ovs-lib.sh

Could drop the .sh suffix in another commit.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoman: fix pic issue at the source
Chris Wright [Fri, 9 Dec 2011 07:36:03 +0000 (23:36 -0800)]
man: fix pic issue at the source

The commit 0993b66 (man: pic failed to run during manpage-check) worked
around the manpage-check warning generated by groff.  Using "-T ascii"
rather "-T utf8" was enough to silence the warning because the man page
has this condition in it:

  .if !'\*[.T]'ascii'

However, rpmlint generates the same warning as manpage-check was (it
uses -Tutf8), and manpages are generated using -Tutf8 (leading to an
fairly unreadable drawing).  So let's change the logic a bit and allow
pdf generation w/ nice drawing and kill it for tty's.

Cc: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agorhel: openvswitch.spec.in: fix perms on logrotate and sysconfig.template
Chris Wright [Fri, 9 Dec 2011 07:36:02 +0000 (23:36 -0800)]
rhel: openvswitch.spec.in: fix perms on logrotate and sysconfig.template

Fixes rpmlint warning:

 W: spurious-executable-perm /etc/logrotate.d/openvswitch
 W: non-conffile-in-etc /etc/logrotate.d/openvswitch
 E: script-without-shebang /usr/share/openvswitch/scripts/sysconfig.template

Define rhel_cp() shell func and include file mode on install.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agorhel: openvswitch.spec.in installs README as executable
Chris Wright [Fri, 9 Dec 2011 07:36:01 +0000 (23:36 -0800)]
rhel: openvswitch.spec.in installs README as executable

Fix this rpmlint warning:

 W: spurious-executable-perm /usr/share/doc/openvswitch-1.4.0/README.RHEL

by specifying mode on install.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agoUpdate FSF address in LGPL notices in bugtool plugins.
Chris Wright [Fri, 9 Dec 2011 07:36:00 +0000 (23:36 -0800)]
Update FSF address in LGPL notices in bugtool plugins.

This quiets the rpmlint errors:
 E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/system-configuration/openvswitch.xml
 E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/system-logs/openvswitch.xml
 E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/system-configuration.xml
 E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/network-status/openvswitch.xml
 E: incorrect-fsf-address /etc/openvswitch/bugtool-plugins/kernel-info/openvswitch.xml

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
12 years agosflow: Use ofproto_port_get_stats().
Pravin B Shelar [Thu, 8 Dec 2011 21:26:05 +0000 (13:26 -0800)]
sflow: Use ofproto_port_get_stats().

Bug #7551

12 years agoofproto: Device stats should include packets generated by userspace/controller
Pravin B Shelar [Thu, 8 Dec 2011 21:25:06 +0000 (13:25 -0800)]
ofproto: Device stats should include packets generated by userspace/controller

Following patch account packets consumed and composed in userspace
as received on and transmitted from local port.

Bug #7551

12 years agodatapath: Alphabetize include/net/ipv6.h compat header.
Jesse Gross [Thu, 8 Dec 2011 21:17:24 +0000 (13:17 -0800)]
datapath: Alphabetize include/net/ipv6.h compat header.

Signed-off-by: Jesse Gross <jesse@nicira.com>
12 years agodatapath: Fix build on RHEL 5.5
Pravin B Shelar [Thu, 8 Dec 2011 17:52:40 +0000 (09:52 -0800)]
datapath: Fix build on RHEL 5.5

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
12 years agosocket-util: Correctly return negative values for errors.
Ben Pfaff [Tue, 6 Dec 2011 23:55:22 +0000 (15:55 -0800)]
socket-util: Correctly return negative values for errors.

The comment on this function says that negative values indicate errors, and
the callers assume that too, but in fact it was returning positive errno
values, which are indistinguishable from valid fd numbers.

It really seems to me that this should have been found pretty quickly in
the field, since stream-tcp and stream-ssl both use inet_open_passive to
implement their passive listeners.  I'm surprised that no one has reported
it.

12 years agonicira-ext: Improve comment.
Ben Pfaff [Wed, 7 Dec 2011 06:15:14 +0000 (22:15 -0800)]
nicira-ext: Improve comment.

12 years agoofproto-dpif-sflow: allow sFlow to infer the agent device.
Luca Giraudo [Tue, 6 Dec 2011 21:01:25 +0000 (13:01 -0800)]
ofproto-dpif-sflow: allow sFlow to infer the agent device.

Bug #2407.

12 years agoAUTHORS: Add Dan Carpenter.
Jesse Gross [Tue, 6 Dec 2011 19:10:15 +0000 (11:10 -0800)]
AUTHORS: Add Dan Carpenter.

12 years agodatapath: small potential memory leak in ovs_vport_alloc()
Dan Carpenter [Tue, 6 Dec 2011 19:08:25 +0000 (11:08 -0800)]
datapath: small potential memory leak in ovs_vport_alloc()

We're unlikely to hit this leak, but the static checkers complain if we
don't take care of it.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
12 years agoxenserver: Reduce number of xapi DB calls in plugin
Rob Hoes [Mon, 5 Dec 2011 14:43:12 +0000 (14:43 +0000)]
xenserver: Reduce number of xapi DB calls in plugin

When there are lots of PIFs in a XenServer/XCP pool, for example when
there are many VLANs configured on the pool, operations such as
PIF.get_all and loops over all PIFs which include database operations,
are very inefficient when executed on a pool slave, and should be
avoided as much as possible. This patch reduces the number of database
calls in the update function of the openvswitch-cfg-update xapi plugin.

Signed-off-by: Rob Hoes <rob.hoes@citrix.com>
Acked-by: Dominic Curran <Dominic.curran@citrix.com>
12 years agonetdev-linux: Don't restrict policing to IPv4 and don't call "tc".
Justin Pettit [Mon, 5 Dec 2011 00:33:54 +0000 (16:33 -0800)]
netdev-linux: Don't restrict policing to IPv4 and don't call "tc".

Mike Bursell pointed out that our policer only works on IPv4
traffic--and specifically not IPv6.  By using the "basic" filter, we can
enforce policing on all traffic for a particular interface.

Jamal Hadi Salim pointed out that calling "tc" directly with system() is
pretty ugly.  This commit switches our remaining "tc" calls to directly
sending the appropriate netlink messages.

Suggested-by: Mike Bursell <mike.bursell@citrix.com>
Suggested-by: Jamal Hadi Salim <hadi@cyberus.ca>
12 years agoAUTHORS: Add Zhi Yong Wu.
Jesse Gross [Mon, 5 Dec 2011 17:30:19 +0000 (09:30 -0800)]
AUTHORS: Add Zhi Yong Wu.

12 years agodatapath: Fix build breakage on kernel 2.6.40
Zhi Yong Wu [Mon, 5 Dec 2011 02:33:14 +0000 (10:33 +0800)]
datapath: Fix build breakage on kernel 2.6.40

Today i played with openvswitch on my workstation with kernel 2.6.40 and found that it break when i built. The
+issue is introduced by commit ceb176fdb72bb7ce90debc66e1eeb1d25823d30a

Below is the error log:

from /home/zwu/work/virt/openvswitch/datapath/linux/genetlink-brcompat.c:10:
/home/zwu/work/virt/openvswitch/datapath/linux/compat/include/linux/skbuff.h:243:20: error: redefinition of
+‘skb_reset_mac_len’
include/linux/skbuff.h:1259:20: note: previous definition of â€˜skb_reset_mac_len’ was here
make[5]: *** [/home/zwu/work/virt/openvswitch/datapath/linux/genetlink-brcompat.o] Error 1
make[4]: *** [_module_/home/zwu/work/virt/openvswitch/datapath/linux] Error 2
make[4]: Leaving directory `/usr/src/kernels/2.6.40.6-0.fc15.x86_64'
make[3]: *** [default] Error 2
make[3]: Leaving directory `/home/zwu/work/virt/openvswitch/datapath/linux'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/home/zwu/work/virt/openvswitch/datapath'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/zwu/work/virt/openvswitch'
make: *** [all] Error 2

Signed-off-by: Zhi Yong Wu <zwu.kernel@gmail.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
12 years agodatapath: Remove custom version of ipv6_skip_exthdr().
Jesse Gross [Fri, 2 Dec 2011 00:09:05 +0000 (16:09 -0800)]
datapath: Remove custom version of ipv6_skip_exthdr().

We currently have a version of ipv6_skip_exthdr() which is
identical to the main one with the addition of fragment reporting.
We can propose our version for upstream and then use it directly
without duplication.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
12 years agonetdev-linux: Ref and unref the netdev_linux_cache_notifier for taps too.
Ben Pfaff [Wed, 30 Nov 2011 18:59:12 +0000 (10:59 -0800)]
netdev-linux: Ref and unref the netdev_linux_cache_notifier for taps too.

netdev-linux uses netdev_linux_cache_notifier to flush its cache when the
kernel notifies userspace that a particular network device's configuration
or status has changed.  This is as applicable to tap devices as to system
and internal devices, so we should create and destroy the notifier for
tap devices also.

I doubt that in practice it's possible to run ovs-vswitchd without having
a non-tap device open, at least with the kernel datapath, because the
local port for a bridge is not a tap device, so there should be no need to
backport this to older versions.

Reported-by: Gaetano Catalli <gaetano.catalli@gmail.com>
12 years agodatapath: Fix outdated comment.
Jesse Gross [Fri, 2 Dec 2011 02:42:20 +0000 (18:42 -0800)]
datapath: Fix outdated comment.

Signed-off-by: Jesse Gross <jesse@nicira.com>
12 years agovswitch.xml: Fix bond-hash-basis documentation placement.
Ethan Jackson [Thu, 1 Dec 2011 02:08:01 +0000 (18:08 -0800)]
vswitch.xml: Fix bond-hash-basis documentation placement.

The bond-hash-basis other_config column was documented under "LACP
Configuration".  Instead it should be documented as general bonding
configuration.

12 years agolacp: Update header file comments.
Ethan Jackson [Thu, 1 Dec 2011 02:01:32 +0000 (18:01 -0800)]
lacp: Update header file comments.

12 years agoPrepare for post-1.4.0 (1.4.90).
Justin Pettit [Thu, 1 Dec 2011 07:41:19 +0000 (23:41 -0800)]
Prepare for post-1.4.0 (1.4.90).

12 years agoovs-vlan-bugs: Document driver bug with priority tagged packets.
Ben Pfaff [Mon, 28 Nov 2011 21:49:12 +0000 (13:49 -0800)]
ovs-vlan-bugs: Document driver bug with priority tagged packets.

Reported-by: Jesse Gross <jesse@nicira.com>
12 years agoINSTALL.XenServer: Update instructions.
Ben Pfaff [Wed, 30 Nov 2011 20:54:03 +0000 (12:54 -0800)]
INSTALL.XenServer: Update instructions.

The instructions hadn't been properly updated to match current XenServer
releases.

Reported-by: Ramana Reddy <gtvrreddy@gmail.com>
12 years agolearn: Avoid 1-byte buffer underrun in learn_format().
Ben Pfaff [Thu, 1 Dec 2011 16:33:55 +0000 (08:33 -0800)]
learn: Avoid 1-byte buffer underrun in learn_format().

Reported-and-tested-by: Jari Sundell <sundell.software@gmail.com>
12 years agoDeclare the version as "1.4.0".
Justin Pettit [Thu, 1 Dec 2011 06:20:09 +0000 (22:20 -0800)]
Declare the version as "1.4.0".

12 years agotests: Perform basic LACP unit tests.
Ethan Jackson [Tue, 29 Nov 2011 02:08:49 +0000 (18:08 -0800)]
tests: Perform basic LACP unit tests.

This patch adds tests which check that configuration settings in
the database are reflected in the LACP module's appctl output.

12 years agolacp: Sort slaves in appctl output.
Ethan Jackson [Tue, 29 Nov 2011 22:21:26 +0000 (14:21 -0800)]
lacp: Sort slaves in appctl output.

This will simplify unit tests added in a future patch.

12 years agolacp: Remove trailing whitespace from appctl output.
Ethan Jackson [Tue, 29 Nov 2011 22:27:12 +0000 (14:27 -0800)]
lacp: Remove trailing whitespace from appctl output.

This will marginally simplify some unit tests in a future patch.

12 years agolacp: Require non-zero system ID.
Ethan Jackson [Tue, 29 Nov 2011 21:22:18 +0000 (13:22 -0800)]
lacp: Require non-zero system ID.

It's a bug if LACP is configured with a system ID of zero.  This
patch assert fails in this case.

12 years agoofproto-dpif: Delete un-fit flow from datapath.
Pravin B Shelar [Wed, 30 Nov 2011 22:18:21 +0000 (14:18 -0800)]
ofproto-dpif: Delete un-fit flow from datapath.

12 years agoofproto-dpif: Fix memory leak.
Pravin B Shelar [Wed, 30 Nov 2011 22:17:15 +0000 (14:17 -0800)]
ofproto-dpif: Fix memory leak.

Following patch fixes memory leak in case there is ODP_FIT_ERROR
on flow key.

12 years agobridge: Honor lacp-system-id other_config setting.
Ethan Jackson [Wed, 30 Nov 2011 03:03:52 +0000 (19:03 -0800)]
bridge: Honor lacp-system-id other_config setting.

The bridge code was completely ignoring the lacp-system-id setting.

Future patches will add tests which would have caught this issue.

Bug #8516.

12 years agoovs-ofctl: Improve usage message.
Ben Pfaff [Wed, 30 Nov 2011 21:07:38 +0000 (13:07 -0800)]
ovs-ofctl: Improve usage message.

TARGET and SWITCH are different because TARGET can refer to a switch or a
controller whereas SWITCH must be a switch, but TARGET wasn't defined
before.

Also, TARGET seems a little more user-friendly than the VCONN that was used
here before.

Reported-by: Reid Price <reid@nicira.com>
Bug #7736.

12 years agobridge: Configure datapath ID earlier.
Ben Pfaff [Wed, 30 Nov 2011 20:09:35 +0000 (12:09 -0800)]
bridge: Configure datapath ID earlier.

The design intent is for LACP ports to use the datapath ID as the default
system ID when none is specifically configured.  However, the datapath ID
is not available that early.  This commit makes it available earlier.

This commit does not fix another bug that prevents the LACP system ID from
being set properly (nothing sets it at all, in fact, so it always uses 0).

Build and unit tested only.

12 years agobridge: Remove redundant newline.
Ethan Jackson [Tue, 29 Nov 2011 21:24:57 +0000 (13:24 -0800)]
bridge: Remove redundant newline.

12 years agodatapath: Don't use ipv6_addr_copy().
Jesse Gross [Wed, 30 Nov 2011 18:46:54 +0000 (10:46 -0800)]
datapath: Don't use ipv6_addr_copy().

It was dropped upstream in favor of direct structure assignment.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
12 years agoodp-util: Move commit_odp_actions() from ofproto-dpif.
Ethan Jackson [Mon, 28 Nov 2011 22:14:23 +0000 (14:14 -0800)]
odp-util: Move commit_odp_actions() from ofproto-dpif.

In an effort to simplify ofproto-dpif, this commit moves the
definition of commit_odp_actions() to odp-util.

12 years agoofproto-dpif: Remove redundant commit_odp_actions() call.
Ethan Jackson [Mon, 28 Nov 2011 22:08:11 +0000 (14:08 -0800)]
ofproto-dpif: Remove redundant commit_odp_actions() call.

12 years agoovsdb: Correctly implement conditions that include multiple clauses.
Ben Pfaff [Wed, 16 Nov 2011 22:38:52 +0000 (14:38 -0800)]
ovsdb: Correctly implement conditions that include multiple clauses.

Multiple-clause conditions in OVSDB operations with "where" clauses are
supposed to be conjunctions, that is, the condition is true only if every
clause is true.  In fact, the implementation only checked a single clause
(not necessarily the first one) and ignored the rest.  This fixes the
problem and adds test coverage for multiple-clause conditions.

Reported-by: Shih-Hao Li <shli@nicira.com>
12 years agodaemon: Better log when fork child dies early from signals.
Ben Pfaff [Wed, 23 Nov 2011 20:15:42 +0000 (12:15 -0800)]
daemon: Better log when fork child dies early from signals.

On one machine, "/etc/init.d/openvswitch-switch start" failed to start
with:

   ovs-vswitchd: fork child failed to signal startup (Success)
   Starting ovs-vswitchd ... failed!

"strace" revealed that the fork child was actually segfaulting, but the
message output didn't indicate that in any way.  This commit fixes the
log message (but not the segfault itself).

Reported-by: Michael Hu <mhu@nicira.com>
Bug #8457.

12 years agonetlink-socket: Let the kernel choose Netlink pids for us.
Ben Pfaff [Mon, 14 Nov 2011 18:10:58 +0000 (10:10 -0800)]
netlink-socket: Let the kernel choose Netlink pids for us.

The Netlink code in the Linux kernel has been willing to choose unique
Netlink pids for userspace sockets since at least 2.4.36 and probably
earlier.  There's no value in choosing them ourselves.

This simplifies the code and eliminates the possibility of exhausting our
supply of Netlink PIDs.

12 years agoofproto: Add "fast path".
Ben Pfaff [Mon, 28 Nov 2011 18:35:15 +0000 (10:35 -0800)]
ofproto: Add "fast path".

The key to getting good performance on the netperf CRR test seems to be to
handle the first packet of each new flow as quickly as possible.  Until
now, we've only had one opportunity to do that on each trip through the
main poll loop.  One way to improve would be to make that poll loop
circulate more quickly.  My experiments show, however, that even just
commenting out the slower parts of the poll loop yield minimal improvement.

This commit takes another approach.  Instead of making the poll loop
overall faster, it invokes the performance-critical parts of it more than
once during each poll loop.

My measurements show that this commit improves netperf CRR performance by
24% versus the previous commit, for an overall improvement of 87% versus
the baseline just before the commit that removed the poll_fd_woke().  With
this commit, ovs-benchmark performance has also improved by 13% overall
since that baseline.

12 years agoofproto-dpif: Process multiple batches of upcalls in a single poll loop.
Ben Pfaff [Fri, 11 Nov 2011 00:42:51 +0000 (16:42 -0800)]
ofproto-dpif: Process multiple batches of upcalls in a single poll loop.

This yields a 27% improvement in netperf CRR results in my tests
versus the previous commit, which is a 52% improvement versus
the baseline from just before the poll_fd_woke() optimization was
removed.

12 years agodpif-linux: Use "epoll" instead of poll().
Ben Pfaff [Tue, 22 Nov 2011 17:25:32 +0000 (09:25 -0800)]
dpif-linux: Use "epoll" instead of poll().

epoll appears to be much more efficient than poll() at least for
static file descriptor sets.  I can't otherwise explain why this
patch increases netperf CRR performance by 20% above the previous
commit, which is also about a 19% overall improvement versus
the baseline from before the poll_fd_woke() optimization was
removed.

12 years agodpif-linux: Use poll() internally in dpif_linux_recv().
Ben Pfaff [Mon, 28 Nov 2011 17:29:18 +0000 (09:29 -0800)]
dpif-linux: Use poll() internally in dpif_linux_recv().

Using poll() internally in dpif_linux_recv(), instead of relying
on the results of the main loop poll() call, brings netperf CRR
performance back within 1% of par versus the code base before the
poll_fd_woke() optimizations were introduced.  It also increases
the ovs-benchmark results by about 5% versus that baseline, too.

My theory is that this is because the main loop takes long enough
that a significant number of packets can arrive during the main
loop itself, so this reduces the time before OVS gets to those
packets.

12 years agoRevert "poll-loop: Enable checking whether a FD caused a wakeup."
Ben Pfaff [Tue, 22 Nov 2011 19:05:53 +0000 (11:05 -0800)]
Revert "poll-loop: Enable checking whether a FD caused a wakeup."

This reverts commit 1e276d1a10539a8cd97d2ad63c073a9a43f0f1ef.
The poll_fd_woke() and nl_sock_woke() function added in that commit are
no longer used, so there is no reason to keep them in the tree.

12 years agodpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv().
Ben Pfaff [Thu, 10 Nov 2011 23:39:39 +0000 (15:39 -0800)]
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv().

This optimization on its own provided about 37% benefit against a
load of a single netperf CRR test, but at the same time it penalized
ovs-benchmark by about 11%.  We can get back the CRR performance
loss, and more, other ways, so the first step is to revert this
patch, temporarily accepting the performance loss.

12 years agomirroring: Don't require the "normal" action to perform mirroring.
Justin Pettit [Wed, 23 Nov 2011 08:04:58 +0000 (00:04 -0800)]
mirroring: Don't require the "normal" action to perform mirroring.

Previously, mirrors only worked when using the "normal" action.  This
commit performs mirroring even when mirroring is not used.  It also adds
some unit tests.

12 years agoovs-vswitchd: Track packet and byte statistics sent on mirrors.
Justin Pettit [Sun, 20 Nov 2011 23:12:36 +0000 (15:12 -0800)]
ovs-vswitchd: Track packet and byte statistics sent on mirrors.

This commit adds support for tracking the number of packets and bytes
sent through a mirror.  The numbers are kept in the new "statistics"
column on the mirror table in the "tx_packets" and "tx_bytes" keys.

12 years agomirroring: Use more generic terms for mirroring.
Justin Pettit [Wed, 23 Nov 2011 07:50:59 +0000 (23:50 -0800)]
mirroring: Use more generic terms for mirroring.

12 years agostream: Make classes const
Simon Horman [Thu, 24 Nov 2011 01:22:22 +0000 (10:22 +0900)]
stream: Make classes const

The classes are never modified and may be declared constant.

12 years agoImplement new "VLAN splinters" feature.
Ben Pfaff [Thu, 24 Nov 2011 01:03:31 +0000 (17:03 -0800)]
Implement new "VLAN splinters" feature.

The "VLAN splinters" feature works around buggy device drivers in old Linux
versions.

This feature is deprecated.  When broken device drivers are no longer in
widespread use, we will delete this feature.

I tested earlier versions of this commit, but I have not tested this
version.

See ovs-vswitchd.conf.db(5) for more information.

12 years agoofproto-dpif: Separately track the initial VLAN TCI of arriving packets.
Ben Pfaff [Wed, 23 Nov 2011 21:22:30 +0000 (13:22 -0800)]
ofproto-dpif: Separately track the initial VLAN TCI of arriving packets.

In an upcoming commit, VLAN splinters can cause the VLAN TCI of a packet
received on an interface to differ from the logical VLAN TCI.  That is,
a packet that is received on a Linux VLAN network device has no VLAN (so
its initial VLAN TCI is 0) but we logically treat it as if it has the VLAN
associated with the VLAN device.

This is only desirable for use with VLAN splinters and should be reverted
when this feature is no longer needed.  I'm breaking it out here only to
make the series easier to review.

12 years agoofproto-dpif: Move ODP actions from facets to subfacets.
Ben Pfaff [Wed, 16 Nov 2011 01:06:41 +0000 (17:06 -0800)]
ofproto-dpif: Move ODP actions from facets to subfacets.

This is a prerequisite for the upcoming VLAN splinter patch, because
splinters and non-splintered subfacets might need slightly different
actions due to the VLAN tag being initially different (present vs. absent).

This is only desirable for use with VLAN splinters and should be reverted
when this feature is no longer needed.  I'm breaking it out here only to
make the series easier to review.

12 years agoofproto-dpif: Simplify invocation of send_packet().
Ben Pfaff [Wed, 16 Nov 2011 00:55:28 +0000 (16:55 -0800)]
ofproto-dpif: Simplify invocation of send_packet().

All the callers already have the ofport handy, so they might as well just
pass it in directly.

12 years agoovsdb-idl: Add assertion for synthetic records in ovsdb_idl_read().
Ben Pfaff [Tue, 15 Nov 2011 21:59:41 +0000 (13:59 -0800)]
ovsdb-idl: Add assertion for synthetic records in ovsdb_idl_read().

This function doesn't support synthetic records but it probably isn't
obvious from looking at it, so add an actual assertion.

12 years agopackets: New function eth_pop_vlan(), formerly dp_netdev_pop_vlan().
Ben Pfaff [Mon, 14 Nov 2011 22:02:43 +0000 (14:02 -0800)]
packets: New function eth_pop_vlan(), formerly dp_netdev_pop_vlan().

An upcoming commit will add a new user.