Ben Pfaff [Wed, 26 Jan 2011 00:50:44 +0000 (16:50 -0800)]
ovsdb: Synchronize comments and code in ovsdb_file_commit().
The comments and the code didn't match, so make them agree.
Simon Horman [Thu, 23 Jun 2011 19:50:09 +0000 (12:50 -0700)]
Debian: set source format to 3.0 (quilt)
This is my preferred package format as it allows changes
to be added as patches when the Debian package needs to
be updated between upstream releases.
I have been making this change in the Debian packages
so it seems as well to include it upstream.
[Update to debian/automake.mk by Ben Pfaff.]
Jesse Gross [Thu, 23 Jun 2011 19:54:48 +0000 (12:54 -0700)]
datapath: Add missing header.
The internal dev vport really needs hardirq.h but doesn't depend
directly on it and has relied on it being included from other sources.
Recent kernels broke this, so explicitly add the header.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 22 Jun 2011 17:37:18 +0000 (10:37 -0700)]
ovs-ofctl: Accept only valid flow_mod and flow_stats_request fields.
OpenFlow commands have several idiosyncratic fields that are used in some
cases and ignored in others. Until now, ovs-ofctl has been lax about
allowing some of them in places where they are ignored. This commit
tightens the checks to exactly what is allowed.
Bug #5979.
Reported-by: Reid Price <reid@nicira.com>
Ben Pfaff [Thu, 23 Jun 2011 16:59:49 +0000 (09:59 -0700)]
ovs-ctl: Use iptables -n -L instead of -S for compatibility.
The -S command isn't present in old versions of iptables, including the
version installed on Citrix XenServer. We have to use -n -L instead.
Bug #6071.
Ben Pfaff [Thu, 23 Jun 2011 16:46:50 +0000 (09:46 -0700)]
ovs-ctl: Fix incorrect error message.
The sense of the test was wrong.
Bug #6071.
Ethan Jackson [Wed, 22 Jun 2011 20:42:52 +0000 (13:42 -0700)]
xenserver: Update all external_ids in tap interfaces.
Commit 400430 "xenserver: Give tap devices iface-ids." copies the
iface-id from vifs to their related tap device. It turns out this
is not sufficient, so this commit copies all relevant external_ids
over.
Requested-by: Pankaj Thakkar <thakkar@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Bug #5954.
Ben Pfaff [Wed, 22 Jun 2011 22:09:50 +0000 (15:09 -0700)]
configure: Fix typo in user message.
Ben Pfaff [Wed, 22 Jun 2011 22:09:35 +0000 (15:09 -0700)]
configure: Fix --with-linux when environment contains KSRC.
When "configure"'s environment contains KSRC, "configure" would use it in
preference to the value specified on --with-linux. This caused a problem
for module-assistant builds in particular.
Ben Pfaff [Wed, 22 Jun 2011 17:15:23 +0000 (10:15 -0700)]
configure: Do not reject Linux 3.0 at configure time.
Until now, the configure script has rejected any version of Linux other
than 2.6. In preparation for Linux 3.0, this allows newer versions also.
Ben Pfaff [Wed, 22 Jun 2011 18:07:33 +0000 (11:07 -0700)]
configure: Change --with-l26 to --with-linux.
Linux 3.0 will be out soon, so it seems like a good idea to reflect that
in our "configure" script options.
Ben Pfaff [Wed, 22 Jun 2011 16:26:31 +0000 (09:26 -0700)]
configure: Remove "26" from Linux variable names.
OVS used to support Linux 2.4 and Linux 2.6, but now it only supports
Linux 2.6. Linux 3.0 is coming up, and it's just an evolution of 2.6, so
OVS should stop referring to it as "2.6".
This takes a first step by removing "26" from internal variable names.
There should be no user-visible changes.
Ben Pfaff [Wed, 22 Jun 2011 17:16:15 +0000 (10:16 -0700)]
configure: Fix typo in variable name.
Ben Pfaff [Wed, 22 Jun 2011 16:57:31 +0000 (09:57 -0700)]
debian: Avoid implying that Linux 2.6.9 is supported.
Ben Pfaff [Wed, 22 Jun 2011 20:50:18 +0000 (13:50 -0700)]
ovsdb: Fix memory leak in transaction.
Andrew Evans [Wed, 22 Jun 2011 17:13:57 +0000 (10:13 -0700)]
vswitch.xml: Use new <ref key> attribute where appropriate.
I've looked at all the <code> tags and changed them to use
<ref column=".." key=".."/> where appropriate (I hope).
Ben Pfaff [Tue, 21 Jun 2011 23:40:44 +0000 (16:40 -0700)]
Avoid inserting duplicate iptables rules when restarting vswitch.
On startup, some OVS initscripts insert an iptables rule to allow GRE
traffic (because GRE support is an important OVS feature). I noticed that,
each time I restarted OVS, this added another GRE-related rule to the
iptables chain. This is wasteful, because each additional rule increases
the time it takes to process a packet in the IP stack.
This commit avoids the problem by inserting an iptables rule when there
isn't already an appropriate rule. It also avoids inserting an iptables
rule if the iptables policy is ACCEPT, meaning that packets are accepted
by default; in such a case, if the GRE packet would be dropped, it is
because the system administrator made that decision explicitly.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 21 Jun 2011 17:13:04 +0000 (10:13 -0700)]
ovs-ctl: Clean up temporary file used for force-reload-kmod.
Suggested-by: Andrew Evans <aevans@nicira.com>
Ben Pfaff [Tue, 21 Jun 2011 22:12:49 +0000 (15:12 -0700)]
ovs-ctl: Use "action" to print success or failure directly.
This displays errors in whatever fashion the distro prefers, which seems
like a good idea. We have to use a shell function so that the redirection
to a temporary file doesn't write the messages for the admin to the file
instead of the console.
Ben Pfaff [Tue, 21 Jun 2011 17:10:44 +0000 (10:10 -0700)]
debian: Install ovs-save script into openvswitch-switch package.
The force-reload-kmod command needs this.
Ben Pfaff [Mon, 20 Jun 2011 23:17:44 +0000 (16:17 -0700)]
ovsdb-idl: Plug hole in state machine.
The state machine didn't have a proper state for "not yet committed or
aborted", which meant that destroying an ovsdb_idl_txn without committing
or aborting it caused a segfault. This fixes the problem by adding a new
state TXN_UNCOMMITTED to the state machine.
This is related to commit
79554078d "ovsdb-idl: Fix bad logic in
ovsdb_idl_txn_commit() state transitions", which fixed a related bug.
Bug #2438.
Ben Pfaff [Mon, 20 Jun 2011 22:06:33 +0000 (15:06 -0700)]
vlog: Add a little more detail to ratelimit messages
When a message is suppressed by vlog ratelimiting, and then that message
occurs again much later, sometimes we get messages like this:
Dropped 4 log messages in last 8695 seconds due to excessive rate
It seems pretty clear in this case that in fact we just didn't get that
kind of message for most of that 8695 seconds. This commit improves the
message by adding a little more detail, e.g.:
Dropped 4 log messages in last 8695 seconds (most recently, 6697 seconds
ago) due to excessive rate.
Bug #2144.
Ben Pfaff [Mon, 20 Jun 2011 21:21:06 +0000 (14:21 -0700)]
bridge: Enable system stats only if turned on in the database.
Most hypervisors have no use for this column, so populating it just wastes
CPU time. It can still be enabled explicitly via other-config.
CC: Peter Balland <peter@nicira.com>
CC: David Tsai <dtsai@nicira.com>
Bug #5961.
NIC-397.
Ben Pfaff [Mon, 20 Jun 2011 21:14:27 +0000 (14:14 -0700)]
ovsdb-doc: Add support for references to specific keys.
Now a specific key can be referenced with syntax like
<ref table="Bridge" column="other-config" key="datapath-id"/>.
Also fixes up an existing place that needed this feature already (and had
a typo, too).
Ben Pfaff [Mon, 20 Jun 2011 21:11:14 +0000 (14:11 -0700)]
ovsdb-idl: Improve comment.
Ben Pfaff [Tue, 21 Jun 2011 20:00:22 +0000 (13:00 -0700)]
Add RHEL 5/6 spec files and instructions.
Ethan Jackson [Tue, 21 Jun 2011 18:24:52 +0000 (11:24 -0700)]
schema: Update schema version due to xenserver changes.
Commit
32abfca0 "xenserver: New iface-status external id." and
Commit
40043044 "xenserver: Give tap devices iface-ids.", changed
the way a controller interprets the external_ids column of the
Interface table. This patch increments the schema version number
to reflect that change.
Requested-by: Pankaj Thakkar <thakkar@nicira.com>
Ben Pfaff [Fri, 17 Jun 2011 23:24:54 +0000 (16:24 -0700)]
Fix force-reload-kmod initscript command implementations.
I screwed this up in the recent conversion.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 17 Jun 2011 19:51:18 +0000 (12:51 -0700)]
vswitchd: Install vswitch.ovsschema to $(pkgdatadir).
This way, the xenserver spec file and the upcoming RHEL 5.6 spec file don't
have to install it by hand.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 17 Jun 2011 20:50:28 +0000 (13:50 -0700)]
Fix typo in "--force-corefiles" and "force-reload-kmod".
Reported-by: Andrew Evans <aevans@nicira.com>
Ben Pfaff [Thu, 16 Jun 2011 21:05:17 +0000 (14:05 -0700)]
bridge: Avoid duplicate logging when netdev_get_etheraddr() fails.
get_etheraddr() in netdev-linux.c logs when the Ethernet address cannot be
obtained so there is no need to log again in the caller.
Bug #5844.
Ben Pfaff [Thu, 16 Jun 2011 21:02:10 +0000 (14:02 -0700)]
Reduce log level for ENODEV errors getting Ethernet address.
Bug #5844 reports several log messages of the form:
netdev_linux|ERR|ioctl(SIOCGIFHWADDR) on vif426.1 device failed: No
such device
during migrations. These are normal and unavoidable, because the vifs
disappear from the kernel before they are removed them from the OVS
database. Reduce the log level to avoid making people worry.
Bug #5844.
Ethan Jackson [Thu, 16 Jun 2011 23:37:18 +0000 (16:37 -0700)]
xenserver: New iface-status external id.
The iface-status external id indicates to a controller which device
it should manage when there are multiple choices for a given vif.
Currently, it always chooses a tap device if available, but one
could imagine more sophisticated strategies in the future.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Thu, 16 Jun 2011 22:02:50 +0000 (15:02 -0700)]
xenserver: Give tap devices iface-ids.
In some cases XenServer will give a virtual machine a tap device in
addition to its usual vif. These tap devices need iface-ids so
that controllers can figure out which vif they are related to.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Thu, 16 Jun 2011 22:05:22 +0000 (15:05 -0700)]
xenserver: Fix use of undefined variable.
Found with pylint.
E:167:update_in_band_mgmt: Undefined variable 'bridge'
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 16 Jun 2011 17:47:16 +0000 (10:47 -0700)]
utilities: Install ovs-save in scripts directory.
This way, the xenserver spec file and the upcoming RHEL 5.6 spec file don't
have to install it by hand.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 17 Jun 2011 19:24:31 +0000 (12:24 -0700)]
Refactor initscripts into distro-independent and distro-specific pieces.
This should make it easier to add OVS support to new distributions.
Andrew Evans [Fri, 17 Jun 2011 19:24:54 +0000 (12:24 -0700)]
ovs-ofctl: Print the offending flow on parse error when reading from a file.
When an error is encountered while parsing flows from a file, ovs-ofctl doesn't
print the erroneous flow, so it's not always obvious which flow is causing
the error. Print the flow before the error message to make it clear.
David Tsai [Fri, 17 Jun 2011 06:13:24 +0000 (23:13 -0700)]
xenserver: allow dom0 traffic in secure pool host when controller unavailable.
A pool configured for secure fail-mode can block dom0 traffic on hosts joining
the pool or if the host reboots while the controller is unavailable. This
commit sets default flows on a host under these conditions to allow management
traffic. Once the connection with the controller is re-established, these
default flows are replaced by the controller.
tests/interface-reconfigure.at updated by Ben Pfaff.
NIC-376.
Signed-off-by: David Tsai <dtsai@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 15 Jun 2011 18:50:24 +0000 (11:50 -0700)]
stream-ssl: Clear CAs for certificate verification before adding new ones.
If the CA certificate changed and OVS added the new CA certificate, the
change was ineffective. Clearing the certificate store before adding the
new CA certificate fixes the problem.
I don't know exactly why this fixes the problem, but in my testing it does.
Bug #2921.
Reported-by: Dan Wendlandt <dan@nicira.com>
Reported-by: Pierre Ettori <pettori@nicira.com>
Justin Pettit [Fri, 17 Jun 2011 01:04:41 +0000 (18:04 -0700)]
netdev-vport: Don't use ipsec options for either arg in config_equal_ipsec().
Commit
aebf423 (netdev: Add methods to do netdev-specific argument
comparisons.) added a new config_equal_ipsec() function to ignore
IPsec key options when comparing an existing netdev's options with a new
netdev. We only ignored the options for the new netdev configuration,
which works when pulling the existing configuration from the kernel.
Unfortunately, if this is just a re-init of a netdev for which we just
created, this ignoring of the IPsec key options on the new netdev will
cause the check to fail, since the full options actually available in
both netdevs. This commit just ignore all IPsec key options from both
netdevs.
Jesse Gross [Thu, 16 Jun 2011 22:32:26 +0000 (15:32 -0700)]
datapath: Use consume_skb() on non-errors.
It's possible to trace kfree_skb() call sites to find out where
packets are getting dropped. Situations where kfree_skb() does
not actually indicate an error adds additional noise, so use
consume_skb() instead to avoid tracing non-errors.
Suggested-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Thu, 16 Jun 2011 22:14:08 +0000 (15:14 -0700)]
datapath: Backport consume_skb().
Kernels before 2.6.30 did not implement consume_skb() although RHEL
backports it. For other kernels, this provides a backport.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Andrew Evans [Thu, 16 Jun 2011 00:16:51 +0000 (17:16 -0700)]
ovs-ofctl: Add 'replace-flows' command to usage.
Jesse Gross [Fri, 27 May 2011 22:53:49 +0000 (15:53 -0700)]
datapath: Further mirror checksum offloading state on old kernels.
Older kernels (those before 2.6.22) rely on implicit assumptions
to determine checksum offloading status. These assumptions tend
to break down when doing switching because it sits in the middle
of the transmit and receive path. Newer kernels deal with this
problem by adding more explicit information about how to checksum.
This replicates that behavior by mirroring the state from newer
kernels in private OVS storage on the kernels that lack it. On
ingress and egress we then map that state onto the appropriate
location for the given kernel and can consistently manipulate it
within OVS. Some of this was already done for the checksum type
but this makes it more robust and expands it to the checksum start
and offset as well.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 8 Jun 2011 00:11:02 +0000 (17:11 -0700)]
datapath: Drop set_skb_csum_bits().
Various older kernels have had different bugs with copying checksum
state when a complete copy of a packet is made. However, it is not
actually necessary to make these copies and all occurrences have
now been removed. Therefore, we can also remove the workarounds to
deal with these bugs.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 8 Jun 2011 00:09:35 +0000 (17:09 -0700)]
tunneling: Avoid extra copying if expanding headroom.
Currently if we need additional headroom before encapsulating a
packet a clone is made before expanding headroom or if we are
just trying to make the headroom writable then we copy both
the struct sk_buff and the paged data. Both of these are unnecessary
and we end up freeing the original copy. We can remove these copies
and simplify the code by just expanding the linear data area.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Tue, 7 Jun 2011 02:17:25 +0000 (19:17 -0700)]
datapath: Simplify make_writable().
The current implementation of make_writable() is both overly complex
and unnecessarily aggressive about copying data. We can improve
performance by only making a copy of the data if someone else holds
a reference to the portion of the data that we want to modify. This
means that if a clone is held by the TCP stack for retransmission then
we do not need to make a copy if we are changing the IP header because
it will get regenerated on retransmit anyways. Even when it is necessary
to copy we avoid duplicating struct sk_buff.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Mon, 6 Jun 2011 23:11:47 +0000 (16:11 -0700)]
datapath: Use strip_vlan() for modify_vlan_tci().
The sematics for setting a vlan tag are to modify the existing tag
if one exists. This can be expressed as removing the existing tag
first and then adding a new one. This simplifies the code by not
requiring two copies of the logic that manipulates non-accelerated
vlans and should not make a performance difference because the vlan
tag is contained in a single cache line.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 16 Jun 2011 21:07:12 +0000 (14:07 -0700)]
ovs-appctl: Fix typo in usage message.
Reported-by: Reid Price <reid@nicira.com>
Bug #5978.
Ben Pfaff [Wed, 15 Jun 2011 23:39:49 +0000 (16:39 -0700)]
xenserver: Don't delete pidfile in stop_daemon.
Deleting the pidfile introduces a minor race: if some other process is
starting a daemon at the same time that the init script is stopping the
same daemon, then this could delete the new daemon's pidfile.
This is really a theoretical risk, because no one should be starting and
stopping a single daemon at the same time.
Ben Pfaff [Fri, 10 Jun 2011 20:10:28 +0000 (13:10 -0700)]
xenserver: Don't require confirmation to restart vswitch.
Early development versions of ovs-vswitchd didn't always restart
successfully, so we required confirmation if "restart" was invoked
interactively. Recent versions do just fine, so drop the confirmation
prompt.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 10 Jun 2011 20:08:26 +0000 (13:08 -0700)]
xenserver: Use $OVS_XAPI_SYNC_PIDFILE consistently.
This variable was used in some places but not in others.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 14 Jun 2011 23:08:59 +0000 (16:08 -0700)]
daemon: Disable logging to console after detaching.
When we detach, we replace stderr by /dev/null, so there's no point in
logging to the console after that. Just turn it off.
Justin Pettit [Wed, 15 Jun 2011 18:28:51 +0000 (11:28 -0700)]
ofproto: Rename ofproto-sflow.[ch] to ofproto-dpif-sflow.[ch].
The name ofproto-sflow.[ch] implies that this code would work with any
ofproto implementation, but in fact it is specific to the ofproto_dpif
implementation. Rename it to avoid confusion.
Ethan Jackson [Wed, 15 Jun 2011 21:13:02 +0000 (14:13 -0700)]
PORTING: Remove trailing whitespace.
Ben Pfaff [Wed, 15 Jun 2011 21:08:25 +0000 (14:08 -0700)]
PORTING: Improve second diagram.
Suggested-by: Peter Phaal <peter.phaal@inmon.com>
Ethan Jackson [Tue, 14 Jun 2011 21:38:16 +0000 (14:38 -0700)]
nicira-ext: Fix incorrect comment in autopath definition.
Ethan Jackson [Tue, 14 Jun 2011 21:37:32 +0000 (14:37 -0700)]
ofproto-dpif: Remove obsolete comment.
Ben Pfaff [Mon, 13 Jun 2011 20:19:34 +0000 (13:19 -0700)]
ofproto: Improve description of port dump functions.
Suggested-by: Hao Zheng <hzheng@nicira.com>
Ben Pfaff [Tue, 14 Jun 2011 17:36:56 +0000 (10:36 -0700)]
xenserver: Run "depmod" after old modules are removed by "rpm -U".
http://fedoraproject.org/wiki/Packaging/ScriptletSnippets says that
package upgrade does the following steps:
1. %pretrans of new package
2. %pre of new package
3. (package install)
4. %post of new package
5. %triggerin of other packages (set off by installing new package)
6. %triggerin of new package (if any are true)
7. %triggerun of old package (if it's set off by uninstalling the old
package)
8. %triggerun of other packages (set off by uninstalling old package)
9. %preun of old package
10. (removal of old package)
11. %postun of old package
12. %triggerpostun of old package (if it's set off by uninstalling the
old package)
13. %triggerpostun of other packages (if they're setu off by
uninstalling the old package)
14. %posttrans of new package
We're getting in trouble because the %post runs in step 4 before the
old files are removed in step 10, so depmod is finding the old modules.
This commit switches to running depmod in step 14 instead, after the
old files are removed.
Bug #5916.
Reported-by: Jesse Gross <jesse@nicira.com>
Reported-by: Henrik Amren <henrik@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 14 Jun 2011 22:00:50 +0000 (15:00 -0700)]
ovsdb-idl: Optimize out transactions that are complete no-ops.
Commit
1cc618c3252 "ovsdb-idl: Fix atomicity of writes that don't change a
column's value" fixed transactions that write the existing value to
some columns, ensuring that those columns still got written to the database
to avoid making the transaction nonatomic in the presence of writes that do
modify part of the database.
However, that commit was too conservative: we can still optimize out a
database transaction that writes *only* existing values to the database,
because if we drop such a transaction then the resulting database is still
one that could result from executing transactions in a serial order. This
commit implements that optimization.
As an example of what this commit does, before this commit, an "ovs-vsctl
set" command that specified the existing value for a column would do a
round-trip to the database to write that existing value. After this
commit, that round-trip would not occur.
Found by observing system startup.
Ben Pfaff [Wed, 15 Jun 2011 16:43:03 +0000 (09:43 -0700)]
ofp-util: Send table_id correctly in OpenFlow 1.0 flow_mods.
This fixes "ovs-ofctl add-flow <bridge> table=<number>,..." and similar
commands.
Reported-by: Hao Zheng <hzheng@nicira.com>
Simon Horman [Wed, 15 Jun 2011 01:59:26 +0000 (10:59 +0900)]
Debian: Update changelog for 1.1.0-1 and 1.1.1-1
This reflects the chagnelogs uploaded to Debian.Org
Simon Horman [Wed, 15 Jun 2011 01:59:24 +0000 (10:59 +0900)]
Debian: ${source:Version} dependency on python-openvswitch
As reported by lintian:
E: openvswitch source: not-binnmuable-any-depends-all openvswitch-ipsec -> python-openvswitch
N:
N: The package is not safely binNMUable because an arch:any package depends
N: on an arch:all package with a (= ${Source-Version}) or (=
N: ${binary:Version}) relationship. Please use (= ${source:Version})
N: instead.
N:
N: Severity: important, Certainty: certain
Simon Horman [Wed, 15 Jun 2011 01:59:23 +0000 (10:59 +0900)]
Debian: Update standards version from 3.9.1 to 3.9.2
Simon Horman [Wed, 15 Jun 2011 01:59:22 +0000 (10:59 +0900)]
Debian: Add ${misc:Depends} dependency to python-openvswitch
As reported by lintian -i:
W: openvswitch source: debhelper-but-no-misc-depends python-openvswitch
N:
N: The source package uses debhelper, but it does not include
N: ${misc:Depends} in the given binary package's debian/control entry. Any
N: debhelper command may add dependencies to ${misc:Depends} that are
N: required for the work that it does, so recommended best practice is to
N: always add ${misc:Depends} to the dependencies of each binary package if
N: debhelper is in use.
N:
N: Refer to the debhelper(7) manual page for details.
N:
N: Severity: normal, Certainty: possible
Ben Pfaff [Wed, 8 Jun 2011 20:35:00 +0000 (13:35 -0700)]
ofp-parse: Ignore extra fields produced by dump-flows.
It's reasonable to want to dump a flow table with "dump-flows" and then
later use that output as input to other commands that read flows, but until
now that hasn't been directly possible because "dump-flows" adds extra
fields that other commands reject on input. This changes the flow parser
to just ignore those extra fields.
Ben Pfaff [Wed, 8 Jun 2011 19:36:53 +0000 (12:36 -0700)]
ofp-print: Change "table_id" to "table" in flow_mod and flow_stats.
Flow dumps printed the OpenFlow table ID under the name "table_id", but
the flow parser only accepted "table". This makes them consistent by
changing the output. (Another alternative would be to change the accepted
input name.)
Ben Pfaff [Wed, 8 Jun 2011 19:28:44 +0000 (12:28 -0700)]
ofp-parse: Add support for vlan_tci field.
Until now, the flow parser has supported dl_vlan and dl_vlan_pcp but not
the fully maskable vlan_tci that NXM allows. This adds that support.
Ben Pfaff [Wed, 1 Jun 2011 00:09:43 +0000 (17:09 -0700)]
ofproto: Add simple tests for dumping aggregates and for OpenFlow 1.0.
We had no tests that exercised OFPST_AGGREGATE or NXST_AGGREGATE. At one
point in development I screwed up aggregate stats badly enough that they
caused an immediate and reproducible segfault, which this simple test would
have caught.
Also, it's best to test everything in both NXM and OpenFlow 1.0 flow
formats, since they have slightly different code.
Ben Pfaff [Fri, 27 May 2011 22:16:08 +0000 (15:16 -0700)]
Define UINT64_MAX as "unknown" in Open vSwitch specific interfaces.
Some hardware supports reporting packet or byte counters but not both, so
OVS has to be prepared for that.
Suggested-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Tue, 7 Jun 2011 23:21:59 +0000 (16:21 -0700)]
ofproto: Implement asynchronous OFPT_FLOW_MOD commands.
Some switching hardware takes a very long time to update its forwarding
rules, up to hundreds of milliseconds. It is undesirable for Open
vSwitch to block waiting this long for individual OpenFlow flow table
modification commands to complete. This commit enables ofproto to queue
up any number of independent flow table operations with asynchronous
completion.
I tested earlier versions of this commit using the "ofproto/clog" and
"ofproto/unclog" commands that it implements in the software switch
implementation. I have not tested the current version very much at all.
CC: Casey Barker <crbarker@google.com>
CC: Rajiv Ramanathan <rajivr@google.com>
Ben Pfaff [Fri, 27 May 2011 21:13:46 +0000 (14:13 -0700)]
ofproto: Collect all rules for an OpenFlow request before acting on any.
An upcoming commit adds support for asynchronous flow table modification.
In an attempt to ensure that the software and hardware flow tables are
properly in sync, that commit limits any given rule to a single outstanding
operation at a time. It does so by figuring out all of the rules that an
OpenFlow request will affect before modifying any of them, and then
deferring the request if it will affect any rules that have ongoing
operations. This commit is a step in that direction.
Ben Pfaff [Thu, 26 May 2011 23:49:10 +0000 (16:49 -0700)]
ofp-util: New functions ofputil_actions_equal(), ofputil_actions_clone().
I found that introducing these helper functions provided a very modest
increase in readability.
Ben Pfaff [Thu, 26 May 2011 23:41:52 +0000 (16:41 -0700)]
connmgr: New function ofconn_send_error().
An upcoming commit will sometimes make connmgr responsible for sending
error replies, so it's reasonable for it to have a function to do that.
Ben Pfaff [Thu, 26 May 2011 23:24:38 +0000 (16:24 -0700)]
classifier: New function cls_rule_hash().
An upcoming commit will introduce the first use.
Ben Pfaff [Thu, 26 May 2011 23:23:21 +0000 (16:23 -0700)]
flow: Give flow_wildcards_hash() a 'basis' parameter.
An upcoming commit will add more interesting uses.
Ben Pfaff [Tue, 31 May 2011 23:55:02 +0000 (16:55 -0700)]
ofproto: Better abstract flow stats encoding.
Ben Pfaff [Thu, 26 May 2011 23:02:56 +0000 (16:02 -0700)]
ofproto: Better abstract aggregate stats encoding and decoding.
Ben Pfaff [Tue, 31 May 2011 23:49:06 +0000 (16:49 -0700)]
openflow: Make stats replies more like other OpenFlow messages.
Ben Pfaff [Tue, 24 May 2011 20:30:04 +0000 (13:30 -0700)]
nicira-ext: Separate nx_aggregate_stats_reply from ofp_aggregate_stats_reply.
An upcoming patch will make stats messages much more like other messages,
in that their structures will include all of the headers. This means that
struct ofp_aggregate_stats_reply will no longer be appropriate as a
member of struct nx_aggregate_stats_reply, because it will then include
those additional header members.
Also, struct nx_aggregate_stats_reply doesn't need to use the special
ovs_32aligned_be64 type, since its 64-bit members are correctly aligned,
which is another reasonable reason to keep it separate.
Ben Pfaff [Mon, 23 May 2011 23:07:22 +0000 (16:07 -0700)]
openflow: Merge ofp_flow_stats_request and ofp_aggregate_stats_request.
Ben Pfaff [Thu, 26 May 2011 16:34:05 +0000 (09:34 -0700)]
openflow: Remove 'body' member from struct ofp_stats_msg.
This member does not actually help with anything.
Ben Pfaff [Thu, 26 May 2011 16:30:25 +0000 (09:30 -0700)]
openflow: Merge ofp_stats_request and ofp_stats_reply.
These structures for OpenFlow stats requests and replies have identical
memebers, but until now they have been separate structures. Since in some
cases we actually want to treat both of them the same way, this has led
to various kinds of awkwardness. This commit merges them into a new
"struct ofp_stats_msg" and fixes up the users.
Ben Pfaff [Fri, 20 May 2011 23:37:52 +0000 (16:37 -0700)]
ofproto: Correctly fill in table_id in NXST_FLOW replies.
Ethan Jackson [Mon, 13 Jun 2011 20:45:05 +0000 (13:45 -0700)]
lacp: Loosen lacp_slave_is_current().
The lacp_slave_is_current() function is used to indicate to a
controller failover status of the LACP module. However, the result
of this function is more strict than the failover logic. Thus, the
function will generally return false quite a bit before a failover
actually happens. This patch loosens lacp_slave_is_current() so
that it changes in-line with the failover logic.
Justin Pettit [Tue, 14 Jun 2011 02:26:47 +0000 (19:26 -0700)]
netdev: Add methods to do netdev-specific argument comparisons.
When doing a netdev_open(), a check is first done to make sure the
arguments are equivalent for any open devices with the same name. In
most cases, a simple shash comparison is sufficient. However, IPsec
key configuration is handled by an external program, so it is not pushed
down into the kernel module. Thus, when the "unparse_config" method is
called on an existing IPsec-based vport, a simple comparison with the
returned data will not match the original configuration. This commit
adds code to allow netdev-specific argument comparisons and has
"ipsec_gre" make use of them.
Bug #5575
Ben Pfaff [Mon, 13 Jun 2011 20:19:58 +0000 (13:19 -0700)]
AUTHORS: Add Hao Zheng <hzheng@nicira.com>.
Ben Pfaff [Mon, 13 Jun 2011 16:37:09 +0000 (09:37 -0700)]
python: Fix "make install" on systems without Python.
Reported-by: 冯全树(Crab) <fqs888@126.com>
Jesse Gross [Mon, 13 Jun 2011 18:36:19 +0000 (11:36 -0700)]
datapath: Check for supported kernel versions.
Most of the time kernels older or newer than the ones we support
simply fail to compile. However, sometimes they appear to succeed
but then cause problems later on. This explicitly checks for
supported versions at compile time.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Justin Pettit [Fri, 10 Jun 2011 17:04:43 +0000 (10:04 -0700)]
ofproto: Correct comment describing set_netflow().
Ben Pfaff [Fri, 10 Jun 2011 16:18:58 +0000 (09:18 -0700)]
tests: Add test for printing NXT_FLOW_MOD_TABLE_ID.
Ben Pfaff [Fri, 10 Jun 2011 16:18:42 +0000 (09:18 -0700)]
nicira-ext: Explicitly assign each extension message type a number.
This has no semantic change but it makes the numbering harder to screw up
by reordering.
Ben Pfaff [Thu, 9 Jun 2011 22:18:21 +0000 (15:18 -0700)]
nicira-ext: Renumber NXT_FLOW_MOD_TABLE_ID.
We don't know of anyone using this command in production yet, so it seems
reasonable to give it a new number instead of coping with it having a
conflicting number.
Justin Pettit [Thu, 9 Jun 2011 22:43:18 +0000 (15:43 -0700)]
Remove NXAST_DROP_SPOOFED_ARP action.
The NXAST_DROP_SPOOFED_ARP action has been deprecated in favor of
defining flows using the NXM_NX_ARP_SHA flow match for a while. This
commit removes it.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ethan Jackson [Thu, 9 Jun 2011 00:49:01 +0000 (17:49 -0700)]
tests: Unit test autopath action parsing.
Justin Pettit [Thu, 9 Jun 2011 00:34:39 +0000 (17:34 -0700)]
vlog: Output configuration list in alphabetical order.
Ben Pfaff [Wed, 8 Jun 2011 21:03:47 +0000 (14:03 -0700)]
dpif: Improve logging of upcalls.
The kernel now provides the entire flow key for a packet sent up to
userspace, but dpif_recv() would only log the in_port. This change makes
userspace log the entire flow key.
This would have made a bug that I recently looked at a bit easier to
investigate.
Ben Pfaff [Wed, 8 Jun 2011 21:06:21 +0000 (14:06 -0700)]
ovs-brcompatd: Fix uninitialized br_vlan variable in handle_fdb_query_cmd().
Reported-by: Jesse Gross <jesse@nicira.com>
Tested-by: Jesse Gross <jesse@nicira.com>