Ansis Atteka [Tue, 1 Nov 2011 19:08:04 +0000 (12:08 -0700)]
ovs-appctl: Add fdb/flush command
Added a new command that will allow to flush particular bridge's
MAC learning table.
Issue #7819
Ansis Atteka [Tue, 1 Nov 2011 18:08:24 +0000 (11:08 -0700)]
packaging: dpkg --purge command fails on Ubuntu 11.04
The problem is that postrm script is unable to remove
contents of /var/log/openvswitch/ directory in case if
it contains any other directories. Steps to reproduce
on Ubuntu 11.04:
1. apt-get install openvswitch-switch
2. dpkg --purge openvswitch-switch
3. observe that purge failed, because of an empty "cores"
directory inside /var/log/openvswitch/
Ben Pfaff [Tue, 1 Nov 2011 21:16:41 +0000 (14:16 -0700)]
openvswitch.h: Add missing words in comment.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Tue, 1 Nov 2011 17:13:16 +0000 (10:13 -0700)]
datapath: Convert kernel priority actions into match/set.
Following patch adds skb-priority to flow key. So userspace will know
what was priority when packet arrived and we can remove the pop/reset
priority action. It's no longer necessary to have a special action for
pop that is based on the kernel remembering original skb->priority.
Userspace can just emit a set priority action with the original value.
Since the priority field is a match field with just a normal set action,
we can convert it into the new model for actions that are based on
matches.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7715
Ben Pfaff [Tue, 1 Nov 2011 16:25:03 +0000 (09:25 -0700)]
AUTHORS: Add Edward Tomasz Napierała.
Edward Tomasz Napierała [Tue, 1 Nov 2011 12:25:49 +0000 (13:25 +0100)]
Fix build on FreeBSD.
Patch below fixes build on FreeBSD; tested on 10.0-CURRENT.
Signed-off-by: Edward Tomasz Napierala <trasz@FreeBSD.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 31 Oct 2011 17:54:30 +0000 (10:54 -0700)]
netdev-vport: Again allow "tap" devices to be added to bridges.
I did not check that tap devices otherwise work. This at least allows
them to be part of a bridge again.
Reported-by: Janis Hamme <janis.hamme@student.kit.edu>
Ben Pfaff [Sat, 29 Oct 2011 17:08:42 +0000 (10:08 -0700)]
ofproto: Add OFPC_QUEUE_STATS to switch feature reply.
Open vSwitch has supported queue stats for a long time, but we forgot to
set the OFPC_QUEUE_STATS bit in the switch features reply to show that they
are supported. This fixes it.
Ben Pfaff [Mon, 31 Oct 2011 16:15:14 +0000 (09:15 -0700)]
ovsdb-idl: Prevent occasional hang when multiple database clients race.
When a client of the IDL tries to commit a read-modify-write transaction
but the database has changed in the meantime, the IDL tells its client to
wait for the IDL to change and then try the transaction again by returning
TXN_TRY_AGAIN. The "wait for the IDL to change" part is important because
there's no point in retrying the transaction before the IDL has received
the database updates (the transaction would fail in the same way all over
again).
However, the logic was incomplete: the database update can be received
*before* the reply to the transaction RPC (I think that in the current
ovsdb-server implementation this will always happen, in fact). When this
happens, the right thing to do is to retry the transaction immediately;
if we wait, then we're waiting for an additional change to the database
that may never come, causing an indefinite hang.
This commit therefore breaks the "try again" IDL commit status code
into two, one that means "try again immediately" and another that means
"wait for a change then try again". When an update is processed after a
transaction is committed but before the reply is received, the "try again
now" tells the IDL client not to wait for another database change before
retrying its transaction.
Bug #5980.
Reported-by: Ram Jothikumar <rjothikumar@nicira.com>
Reproduced-by: Alex Yip <alex@nicira.com>
Ethan Jackson [Fri, 28 Oct 2011 21:46:42 +0000 (14:46 -0700)]
nicira-ext: New action "exit".
The exit action causes the switch to immediately halt processing of
further actions. It's intended to be used in conjunction with
multi table support. It allows a table to force tables which call
it to discontinue processing a flow.
Ethan Jackson [Thu, 27 Oct 2011 23:58:20 +0000 (16:58 -0700)]
bundle: Parsing bug when using bracketed syntax.
This patch fixes the issue and adds a test which would have caught
it.
Reported-by: Michael Mao <mmao@nicira.com>
Bug #8045.
Ethan Jackson [Thu, 27 Oct 2011 18:58:31 +0000 (11:58 -0700)]
nicira-ext: Fix stale documentation in the bundle action.
Ethan Jackson [Wed, 26 Oct 2011 23:13:31 +0000 (16:13 -0700)]
bundle: Don't special case OFPP_LOCAL in bundle actions.
The OFPP_LOCAL port is a real port with a carrier status. There
isn't a good reason to ignore this data when implementing the
bundle action.
Ethan Jackson [Wed, 26 Oct 2011 23:10:26 +0000 (16:10 -0700)]
bundle: Allow OFPP_NONE in bundle actions.
This patch special cases OFPP_NONE to be always up in bundle
actions. Presumably, if a controller put OFPP_NONE in their bundle
action, they want it to be an available choice.
This patch also adds documentation to the bundle action about slave
liveness.
Ben Pfaff [Fri, 30 Sep 2011 18:01:49 +0000 (11:01 -0700)]
ofp-print: Pretty-print payloads in all error messages, except "hello"s.
This function was only pretty-printing "bad request" error payloads. I
don't know why. It makes sense to pretty-print all of them except for
"hello" messages, which already have their own special cases.
Suggestion #7369.
Suggested-by: Reid Price <reid@nicira.com>
Ben Pfaff [Wed, 26 Oct 2011 22:46:48 +0000 (15:46 -0700)]
ovsdb-idl: Don't even try to modify synthetic rows, instead of segfaulting.
Synthetic rows lack a lot of important metadata that the IDL adds to rows
actually obtained from the database, and it's impractical to add that
metadata to synthetic rows. This means that the IDL functions to modify
these rows dereference null pointers and segfault. So, it's really
important not to pass synthetic rows to such functions. However, we've
screwed this up a number of times now and in the end it seems that it's
probably better to just ignore attempts to modify these rows. This commit
implements that.
Feature #8013.
Reported-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 27 Oct 2011 16:39:24 +0000 (09:39 -0700)]
Fix manpage-check on RHEL 5.
The version of groff on RHEL 5 doesn't include the .SY, .OP, or .YS macros
that ovs-benchmark.1 uses, so the manpage-check target fails on that
platform. This commit adds the groff definitions of those macros to a
file and includes it into ovs-benchmark.1.
I tested that this allows RHEL 5 to pass manpage-check.
Jesse Gross [Thu, 27 Oct 2011 04:14:46 +0000 (21:14 -0700)]
tests: Fix intermittent failure in ovs-monitor-ipsec test.
The ovs-monitor-ipsec test waits for a specific number of lines
of output before doing a comparison to the correct values. However,
some copy and pasted code did not update the number of lines to
look for resulting in a race condition where the comparison could
happen before the script finished running.
Ben Pfaff [Wed, 26 Oct 2011 23:11:32 +0000 (16:11 -0700)]
Improve manpage checking rule.
The coverage of the previous version of this rule was incomplete because
$(MANS) does not include $(noinst_man_MANS). (Also, $(MANS) is
undocumented.) Writing it out as the list of manpages variables that
Open vSwitch uses is better.
Also, the previous version of the rule didn't actually signal an error
when warnings appeared. It looks like troff doesn't have a way to indicate
warnings as part of its exit status, so instead we grep the output for
"warning".
Ben Pfaff [Wed, 26 Oct 2011 23:06:37 +0000 (16:06 -0700)]
Implement automatic dependency generation for manpages.
This ensures that manpages actually get rebuilt if any of the lib/*.man
fragments that they depend upon are modified.
Ben Pfaff [Thu, 25 Aug 2011 18:15:27 +0000 (11:15 -0700)]
Move soexpand.pl into build-aux and make it non-executable.
Scripts for the build generally go in build-aux, so move soexpand.pl.
soexpand.pl had the "executable" bit set, but it doesn't have a #! line
and it's not a shell script, so that didn't make sense.
Ethan Jackson [Wed, 26 Oct 2011 18:39:46 +0000 (11:39 -0700)]
vswitch: Don't update STP on synthetic ports.
This can cause ovs-vswitchd to crash.
Bug #8007.
Reported-by: Krishna Miriyala <krishna@nicira.com>
Justin Pettit [Tue, 25 Oct 2011 19:37:26 +0000 (12:37 -0700)]
Prepare for post-1.3.0 (1.3.90).
Justin Pettit [Tue, 25 Oct 2011 06:37:11 +0000 (23:37 -0700)]
Declare the version as "1.3.0".
Ben Pfaff [Tue, 25 Oct 2011 21:03:35 +0000 (14:03 -0700)]
datapath: Improve <linux/openvswitch.h> comments.
Generally we've used the comments to the right of attribute enums to
explain the types of the arguments and the ones above them to explain their
meaning. This is a reasonable separation since it ensures that the type
of the argument is obvious, which in my opinion is important.
This updates a few comments to match this pattern.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Justin Pettit [Mon, 24 Oct 2011 21:40:58 +0000 (14:40 -0700)]
debian: Start ovs-monitor-ipsec after ovsdb running.
ovs-monitor-ipsec uses the OVS database to get configuration, so don't
bother starting the daemon until it's up.
Debian recently switched to using the LSB fields in the header of init
scripts to allow dependency-based boots. This is described in the
following page:
http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
This commit makes use of those fields to get the ordering we want.
Ben Pfaff [Mon, 24 Oct 2011 22:18:49 +0000 (15:18 -0700)]
datapath: Fully parenthesize ACTION macro.
This doesn't matter for any of the current users of ACTION, nor do I expect
it to matter, but it seems like a good idea nonetheless.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 24 Oct 2011 22:14:56 +0000 (15:14 -0700)]
datapath: Fix wrong indentation.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 24 Oct 2011 19:27:36 +0000 (12:27 -0700)]
datapath: Add multicast tunnel support.
Something like this, on two separate vswitches, works to try it out:
route add -net 224.0.0.0 netmask 240.0.0.0 dev eth0
ovs-vsctl \
-- add-port br0 gre0 \
-- set interface gre0 type=gre options:remote_ip=224.0.0.1
Runtime tested on Linux 3.0, build tested on Linux 2.6.18, both i386.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 17 Oct 2011 18:24:37 +0000 (11:24 -0700)]
ovs-dpctl: Add new "set-if" command.
I have found this useful for testing tunnel configuration.
Ben Pfaff [Mon, 24 Oct 2011 17:40:52 +0000 (10:40 -0700)]
datapath: Disallow unknown attributes on OVS_ACTION_ATTR_SAMPLE action.
Bug #7932.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 24 Oct 2011 16:58:35 +0000 (09:58 -0700)]
ofproto-dpif: Fix uninitialized struct member in xlate_actions().
Commit
7257b535ab "Implement new fragment handling policy." moved around
a bunch of initialization code in xlate_actions() so that the assignment
to ctx->flow.tp_src and .tp_dst would not have to also assign to
ctx->base_flow.tp_src and .tp_dst. However, this meant that the early-exit
"return" in the new switch statement exited without initializing a lot of
the context. In particular 'may_set_up_flow' didn't get initialized, so
something the early-exit would produce a flow that couldn't be installed,
which wasn't the intent.
It seems that this optimization was a bad tradeoff, so this commit puts
all of the initialization up front and just assigns to both copies of the
tp_src and tp_dst members.
Fixes a nondeterministic "make check" failure in the VLAN handling test.
Ben Pfaff [Mon, 24 Oct 2011 17:36:01 +0000 (10:36 -0700)]
test-openflowd: Remove.
Some users were still confused by its presence.
Ben Pfaff [Wed, 19 Oct 2011 23:03:31 +0000 (16:03 -0700)]
ofproto: Check for overlapping flows only in the target table.
There's no reason to check for overlapping flows in table A if the flow
is going to be inserted into table B.
(I doubt anyone actually uses OFPFF_CHECK_OVERLAP though.)
Ben Pfaff [Mon, 24 Oct 2011 16:23:18 +0000 (09:23 -0700)]
ofproto-dpif: Fix htons() that should be ntohs().
Not a real bug since htons() and ntohs() do the same thing on all
interesting target platforms.
Found by sparse.
Ben Pfaff [Thu, 6 Oct 2011 18:25:25 +0000 (11:25 -0700)]
ovsdb-tool: Make "show-log" convert raw JSON to easier-to-read syntax.
Now output that formerly looked like ["map", [["key1", "value1"], ["key2",
"value2"]]] is printed like {key1=value1, key2=value2}, which I find easier
to read.
Ben Pfaff [Thu, 6 Oct 2011 18:23:54 +0000 (11:23 -0700)]
ovsdb-tool: Add abbreviated UUIDs to "show-log" even when we have a name.
The "show-log" command tries to give names to the rows to make it easier to
understand what's going on, but it's still important to see at least
partial UUIDs so that one can search the output for references to the rows
by UUID.
Ben Pfaff [Thu, 29 Sep 2011 18:34:03 +0000 (11:34 -0700)]
DESIGN: Document multiple table support.
Suggested-by: Justin Pettit <jpettit@nicira.com>
Suggested-by: Michael Mao <mmao@nicira.com>
Ben Pfaff [Mon, 24 Oct 2011 16:14:12 +0000 (09:14 -0700)]
ovs-bugtool: Improve how Open vSwitch log files are saved.
This moves the OVS log files from the "network-status" capability, which
has a very small maximum size, to the "system-logs" capability, which is
much larger. It ensures that the newest OVS log files are prioritized over
old versions of system log files (if we just added the OVS log files after
the existing file_output, then new OVS log files would only be included
*after* all archived system log files were added).
Bug #5443.
Jesse Gross [Sun, 23 Oct 2011 01:50:44 +0000 (18:50 -0700)]
datapath: Cleanup openvswitch.h formatting.
The userspace/kernel interface file had acquired a mixture of userspace
and kernel style, so this makes it use kernel style consistently.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sun, 23 Oct 2011 01:22:18 +0000 (18:22 -0700)]
datapath: Define constants for versions of GENL families.
Currently we hard code the versions of our GENL families to 1 but it's
nicer to have symbolic constants.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Fri, 14 Oct 2011 16:48:17 +0000 (09:48 -0700)]
ovs-vswitchd: Add support for 802.1D STP.
Still alpha quality, since only tested for interoperability with Linux
bridge's STP implementation.
Justin Pettit [Fri, 14 Oct 2011 22:45:14 +0000 (15:45 -0700)]
ofproto: Add function to set OpenFlow state and update controller.
This will be used in an upcoming commit.
Justin Pettit [Mon, 10 Oct 2011 23:44:28 +0000 (16:44 -0700)]
ofproto: Mark 'ofproto' arg in is_mirror_output_bundle() as const.
No changes are made to 'ofproto', so it's safe to mark the argument as
const. This will be useful in a later commit.
Justin Pettit [Fri, 14 Oct 2011 16:48:43 +0000 (09:48 -0700)]
Various bug fixes and cleanups to STP library.
- Don't apply endian conversions to flags, which are 8 bits.
- Use #defines for default times for use outside library.
- Clarify our behavior when in STP_DISABLED state.
- Add "aux" member to STP port struct to be able to refer back to
the owning port.
- Define macros to print STP bridge and port ids.
- New helper function to get port id.
- New helper function to convert speed to cost.
- New functions to describe current role of port.
Justin Pettit [Tue, 20 Sep 2011 22:08:05 +0000 (15:08 -0700)]
Add back 802.1D Spanning Tree Protocol (STP) library code.
At one point, the OVS distribution contained an IEEE 802.1D Spanning
Tree Protocol (STP) library written by Ben Pfaff and based on the
802.1D-1998 reference code. It was never integrated into ovs-vswitchd,
so it was removed as part of commit
ba18611 (Remove vestigial support
for Spanning Tree Protocol.)
This commit reintroduces the library, cleans up a few spots, and makes
it build cleanly against new code. A future commit will have
ovs-vswitchd use this library.
Justin Pettit [Sat, 8 Oct 2011 01:24:12 +0000 (18:24 -0700)]
packets.h: Fix STP destination MAC address.
Justin Pettit [Fri, 14 Oct 2011 22:48:05 +0000 (15:48 -0700)]
ofproto: Fix comment describing ofport_modified().
Justin Pettit [Wed, 5 Oct 2011 07:13:56 +0000 (00:13 -0700)]
ovs-vsctl: Fix small formatting error in man page.
Justin Pettit [Mon, 17 Oct 2011 17:27:35 +0000 (10:27 -0700)]
ofproto-dpif: Update bundle when OFPPC_NO_FLOOD changed.
When the OFPPC_NO_FLOOD flag is toggled on the port, the "floodable"
member of the bundle was not updated. This would cause OFPP_NORMAL to
not include the proper ports when flooding. With this commit,
OFPPC_NO_FLOOD changes will cause the floodable members to be
recalculated.
Found by inspection.
Ben Pfaff [Fri, 21 Oct 2011 23:38:35 +0000 (16:38 -0700)]
datapath: Use kfree_skb() only on error paths.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Fri, 21 Oct 2011 22:19:33 +0000 (15:19 -0700)]
datapath: Fix uninitialized variable warning.
Commit
4edb9ae90e4092f5f56b9d914d2b88783c49860d "datapath: Refactor
actions in terms of match fields." introduced a spurious warning
because the compiler thinks a value might not have been assigned to
'err'. In practice this can't happen because we've already validated
the actions.
CC: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Ben Pfaff [Fri, 21 Oct 2011 22:34:25 +0000 (15:34 -0700)]
vport-capwap: Fix use-after-free on error path.
I originally meant just to fix the use of kfree_skb() instead of
consume_skb() on the success path, but then I realized that the failure
path returned an skb that it had just freed.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Thu, 20 Oct 2011 04:33:44 +0000 (21:33 -0700)]
Implement new fragment handling policy.
Until now, OVS has handled IP fragments more awkwardly than necessary. It
has not been possible to match on L4 headers, even in fragments with offset
0 where they are actually present. This means that there was no way to
implement ACLs that treat, say, different TCP ports differently, on
fragmented traffic; instead, all decisions for fragment forwarding had to
be made on the basis of L2 and L3 headers alone.
This commit improves the situation significantly. It is still not possible
to match on L4 headers in fragments with nonzero offset, because that
information is simply not present in such fragments, but this commit adds
the ability to match on L4 headers for fragments with zero offset. This
means that it becomes possible to implement ACLs that drop such "first
fragments" on the basis of L4 headers. In practice, that effectively
blocks even fragmented traffic on an L4 basis, because the receiving IP
stack cannot reassemble a full packet when the first fragment is missing.
This commit works by adding a new "fragment type" to the kernel flow match
and making it available through OpenFlow as a new NXM field named
NXM_NX_IP_FRAG. Because OpenFlow 1.0 explicitly says that the L4 fields
are always 0 for IP fragments, it adds a new OpenFlow fragment handling
mode that fills in the L4 fields for "first fragments". It also enhances
ovs-ofctl to allow users to configure this new fragment handling mode and
to parse the new field.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Bug #7557.
Pravin B Shelar [Fri, 21 Oct 2011 21:38:54 +0000 (14:38 -0700)]
datapath: Refactor actions in terms of match fields.
Almost all current actions can be expressed in the form of
push/pop/set <field>, where field is one of the match fields. We can
create three base actions and take a field. This has both a nice
symmetry and avoids inconsistencies where we can match on the vlan
TPID but not set it.
Following patch converts all actions to this new format.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7115
Pravin B Shelar [Fri, 21 Oct 2011 21:17:38 +0000 (14:17 -0700)]
datapath: Update supported kernel check.
Signed-off-by: Pravin Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Fri, 21 Oct 2011 21:16:59 +0000 (14:16 -0700)]
tunnel: Handle hh_cache access for Linux kernel 3.1
From 3.1 kernel, struct dst_entry no longer has direct ref to hh_cache.
Following patch handles this case.
Signed-off-by: Pravin Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Fri, 21 Oct 2011 21:16:04 +0000 (14:16 -0700)]
tunnel: hh_cache access cleanup
Following patch cleanup hh_cache access by avoiding hh pointer fetching
most of time. Now hh is read and checked at beginning of function. All
hh->hh_len access are done inside hh_lock.
This is required cleanup for next patch which adds support for kernel
3.1.
Suggested-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Pravin Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Wed, 19 Oct 2011 20:18:30 +0000 (13:18 -0700)]
ofproto-dpif: Increase recursion limit.
Requested-by: Pankaj Thakkar <thakkar@nicira.com>
Bug #7874.
Ben Pfaff [Thu, 29 Sep 2011 17:39:49 +0000 (10:39 -0700)]
test-lockfile: Provide better diagnostics on failure.
We spotted one failure of the "lock_timeout_runs_out" test several builds
ago, but there weren't enough diagnostics to track it down and I couldn't
reproduce it.
This commit should make the failure easier to understand if it recurs.
CC: Michael Hu <mhu@nicira.com>
Ben Pfaff [Tue, 18 Oct 2011 21:00:57 +0000 (14:00 -0700)]
ofp-util: Avoid misaligned memory access in ofputil_encode_packet_in().
Reported-by: Murphy McCauley <murphy.mccauley@gmail.com>
Ben Pfaff [Tue, 27 Sep 2011 23:58:55 +0000 (16:58 -0700)]
ofp-parse: Validate range of table, priority, and timeout values.
Otherwise, "table=257" (e.g.) was silently accepted but had a surprising
effect.
Bug #7445.
Reported-by: Michael Mao <mmao@nicira.com>
Ben Pfaff [Fri, 14 Oct 2011 18:37:24 +0000 (11:37 -0700)]
vlog: Skip reopening a log file if it would have no effect.
Avoids redundant "closing log file"/"opened log file" messages in log files.
Reported-by: Reid Price <reid@nicira.com>
Bug #7750.
Ben Pfaff [Sun, 9 Oct 2011 22:52:21 +0000 (15:52 -0700)]
ofproto-dpif: Make OFPAT_ENQUEUE to input port do nothing.
This makes OFPAT_ENQUEUE consistent with OFPAT_OUTPUT for the purpose of
sending a packet back out the input port: both only do it if the port is
given as OFPP_IN_PORT.
Found by inspection.
Ben Pfaff [Tue, 27 Sep 2011 20:35:09 +0000 (13:35 -0700)]
learn: Correct example in nicira-ext.h and add examples as test cases.
Ben Pfaff [Tue, 27 Sep 2011 20:12:04 +0000 (13:12 -0700)]
learn: Check learn actions after parsing in learn_parse().
learn_parse() and learn_check() are supposed to apply the same checks, but
they are implemented very differently. It seems best to have learn_parse()
actually call learn_check() just to be sure.
This would have caught the bug fixed in the previous commit, because
the tests actually contain instances of "learn" actions that trigger the
bug, but the tests only parsed the actions without ever doing anything
that checked them (like sending them to ovs-vswitchd over OpenFlow).
Ben Pfaff [Tue, 27 Sep 2011 20:10:58 +0000 (13:10 -0700)]
learn: Allow read-only fields to be matched.
nxm_dst_check() requires a writable field. Since NX_LEARN_DST_MATCH only
matches on a field and doesn't write to a field, use nxm_src_check() for
that case instead.
Bug #7507.
Reported-by: Michael Mao <mmao@nicira.com>
Ben Pfaff [Tue, 27 Sep 2011 20:03:00 +0000 (13:03 -0700)]
nx-match: Improve log message for errors parsing NX flow matches.
Ben Pfaff [Tue, 18 Oct 2011 16:29:54 +0000 (09:29 -0700)]
ovsdb: Remove dead Python-related code.
Initial versions of commit
8cdf034974 "python: Implement write support in
Python IDL for OVSDB" converted the OVSDB schemas to Python code so that
their Python clients could just import them. The final version instead
read the schemas from a file, but I forgot to remove some code that
generated the Python schema modules. This commit removes that code.
Reported-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Mon, 17 Oct 2011 18:32:23 +0000 (11:32 -0700)]
datapath: Fix tunnel reconfiguration that does not change key data.
Without this commit, a pair of commands like
ovs-dpctl add-if br0 gre0,type=gre,remote_ip=192.168.5.2,csum=true
ovs-dpctl set-if br0 gre0,csum=false
would result in a csum of "true" for gre0, that is, the second command
would silently have no effect. This could also happen when the key data
(such as remote_ip) changed but the port hash just happened to have the
same value.
This also fixes a small kernel memory leak in this case.
An upcoming commit implements the "ovs-dpctl set-if" command mentioned
above.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 17 Oct 2011 18:03:22 +0000 (11:03 -0700)]
datapath: Reject attempts to change vport type with OVS_VPORT_CMD_SET.
Until now this has just silently failed, but it seems to me like we should
actively reject it.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Tue, 18 Oct 2011 18:15:43 +0000 (11:15 -0700)]
ofproto-dpif: Fix in-band action for sFlow.
Use compose_output_action() API to generate OUTPUT action so
that sFlow can record output port.
Ben Pfaff [Tue, 18 Oct 2011 16:46:57 +0000 (09:46 -0700)]
types: Fix endianness check.
The Linux headers only check endianness if __CHECK_ENDIAN__ is declared.
We want that, so turn it on.
Jesse Gross [Wed, 21 Sep 2011 02:09:50 +0000 (19:09 -0700)]
datapath: Assert IFF_TX_SKB_SHARING on internal devices.
Linux 3.1 adds a flag to check whether it's OK for shared skbs to
be transmitted on devices. This generally isn't a problem for
hardware devices but software devices such as OVS that hold state
in the skb need to clear the flag, which is enabled by default.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 21 Sep 2011 02:12:32 +0000 (19:12 -0700)]
datapath: Add version check for struct netdev_ops.
Linux 3.1 drops the symbol HAVE_NET_DEVICE_OPS that lets us know
whether struct netdev_ops is present. As a result, we need to
replace it with an explicit version check.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 18 Oct 2011 15:57:37 +0000 (08:57 -0700)]
bridge: Allow specially named "unix:" controllers.
Some users want to use Unix domain socket controllers, so this relaxes the
restriction.
Requested-by: Jari Sundell <sundell.software@gmail.com>
Ethan Jackson [Fri, 14 Oct 2011 19:49:57 +0000 (12:49 -0700)]
vswitchd: New column "link_resets".
An interface's 'link_resets' column represents the number of times
Open vSwitch has observed its link_state change.
Ethan Jackson [Sat, 15 Oct 2011 01:13:04 +0000 (18:13 -0700)]
netdev-linux: Maintain carrier flag constantly.
Before this patch, the carrier of a linux device was only updated
if requested by a caller. This patch updates it whenever it
changes.
Ethan Jackson [Sat, 15 Oct 2011 00:29:35 +0000 (17:29 -0700)]
vswitchd: Update link_state instantly.
With this patch, instead of updating an interface's link_state once
every 5 seconds, it's updated immediately when changed. To avoid
stressing the database, these updates are rate limited to once per
second.
Ethan Jackson [Sat, 15 Oct 2011 00:20:25 +0000 (17:20 -0700)]
vswitchd: Cleanup rate limited DB writes.
The code to write the 'lacp_current' flag to the database was
unnecessarily complicated. Future patches will directly benefit
from this refactoring.
Ethan Jackson [Fri, 14 Oct 2011 22:17:19 +0000 (15:17 -0700)]
vswitchd: Remove iface_get_carrier().
It has only one caller, and doesn't improve the code's readability.
Ethan Jackson [Fri, 14 Oct 2011 22:39:49 +0000 (15:39 -0700)]
rtnetlink-link: Expose carrier changes.
This will be used in a future commit.
Ben Pfaff [Mon, 17 Oct 2011 19:22:34 +0000 (12:22 -0700)]
bond: Demote active-backup WARN to DBG.
This log message comes up for packets that are flooded through the network.
If the upstream switch doesn't realize that an active-backup bond is in
use, and there is significant packet flooding in the network, then we will
get a lot of these messages.
(This message doesn't get logged for multicast or broadcast packets since
they get dropped earlier in the function.)
Reported-by: Eivind Bulie Haanaes
Bug-report: http://forums.citrix.com/thread.jspa?messageID=
1589125
CC: Paul Fazzone <pfazzone@nicira.com>
Ben Pfaff [Fri, 14 Oct 2011 17:17:41 +0000 (10:17 -0700)]
bridge: Forbid '/' in bridge names to prevent arbitrary directory access.
Ben Pfaff [Fri, 14 Oct 2011 22:33:49 +0000 (15:33 -0700)]
datapath: Simplify tnl_find_port().
It's only called when we want a best-match now, so there's no need to pass
in any flags that indicate the desired type of match.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Fri, 14 Oct 2011 21:33:11 +0000 (14:33 -0700)]
datapath: Avoid confusing tunnels that have different types.
Without this change, the following commands succeed:
# ovs-dpctl add-if br1 gre1,type=gre,remote_ip=1.2.3.4,local_ip=2.3.4.5
# ovs-dpctl add-if br1 gre0,type=gre,remote_ip=1.2.3.4
but if they are run in the opposite order, they fail with:
ovs-dpctl: adding gre1 to br1 failed (File exists)
This fixes the problem.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Fri, 14 Oct 2011 21:28:49 +0000 (14:28 -0700)]
datapath: Factor out repeated tnl_vport_to_vport() calls.
This is a code cleanup only.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Fri, 14 Oct 2011 20:55:32 +0000 (13:55 -0700)]
ofproto-dpif: Batch interacting with the dpif on flow miss operations.
This improves "ovs-benchmark rate" performance in my testing by about 24%.
A quick experiment shows that there may still be some headroom for batching
flow deletions on facet expiration, up to perhaps 10% additional
improvement.
Ben Pfaff [Tue, 27 Sep 2011 22:58:53 +0000 (15:58 -0700)]
ofproto-dpif: Separate facet creation and action translation.
This will allow for some optimization in an upcoming commit.
Ben Pfaff [Tue, 27 Sep 2011 22:34:39 +0000 (15:34 -0700)]
ofproto-dpif: Factor controller optimization out of execute_odp_actions().
An upcoming commit will use this code separately from
execute_odp_actions(), so this prepares for that.
Ben Pfaff [Tue, 27 Sep 2011 22:22:22 +0000 (15:22 -0700)]
ofproto-dpif: Break send_packet_in() into two separate functions.
It's been more or less convenient to pass a dpif_upcall to send_packet_in()
in the past, because most callers had one handy. But an upcoming commit
won't have such easy access, so this commit breaks send_packet_in() into
two functions for the different types of packets to send to the controller,
each of which takes appropriate parameters instead of dpif_upcall.
Ben Pfaff [Tue, 27 Sep 2011 22:08:50 +0000 (15:08 -0700)]
dpif: New function dpif_operate() and dpif-linux implementation.
This will be used in an upcoming commit.
Ben Pfaff [Fri, 14 Oct 2011 20:55:00 +0000 (13:55 -0700)]
netlink-socket: New function nl_sock_transact_multiple().
This will be used in an upcoming commit.
Ben Pfaff [Fri, 14 Oct 2011 20:30:29 +0000 (13:30 -0700)]
socket-util: New function get_socket_rcvbuf().
This will be used in an upcoming commit.
Ben Pfaff [Tue, 27 Sep 2011 23:07:23 +0000 (16:07 -0700)]
dpif-linux: Only ask datapath to echo back results when they will be used.
A fair number of datapath flow operations optionally report back results
to the requester based on whether NLM_F_ECHO is set in the request. When
userspace isn't going to use those results anyway, it wastes memory to
store them and a system call to retrieve them.
This commit omits the NLM_F_ECHO bit in cases where the caller isn't going
to use the results.
(NLM_F_ECHO has no effect on operations whose entire purpose is to retrieve
data, e.g. "get" and "dump" operations, so we need not bother to set it
for those.)
This improves "ovs-benchmark rate" results in my testing by about 4%.
Ben Pfaff [Tue, 27 Sep 2011 22:19:30 +0000 (15:19 -0700)]
ofproto-dpif: Move DHCP in-band control special case into xlate_actions().
This eliminates an extra round trip to the kernel for this special case
and keeps all the flow translation logic in one place.
Ben Pfaff [Mon, 26 Sep 2011 19:59:23 +0000 (12:59 -0700)]
netlink: New macros for the sizes of Netlink attributes.
I was feeling tempted in some code to just guess "hey, 32 bytes ought to
be big enough" and so on, but really it seems better to just have a
convenient way to measure.
Ben Pfaff [Mon, 26 Sep 2011 19:57:41 +0000 (12:57 -0700)]
netlink: New functions for putting attributes at the beginning of a buffer.
These are really just copies of the corresponding "put" functions. An
upcoming commit will introduce a user of nl_msg_push_u32(). I thought I
might as well create all of these while I was at it.
Ben Pfaff [Tue, 27 Sep 2011 22:32:18 +0000 (15:32 -0700)]
ofproto-dpif: Revalidate tagged packets, too, in facet_lookup_valid().
I don't see a reason that we should only revalidate facets if we're
revalidating every facet.
Ben Pfaff [Tue, 27 Sep 2011 23:24:15 +0000 (16:24 -0700)]
ofproto-dpif: Properly re-translate uninstallable facets in rule_execute().
If the facet is not installable then every packet requires separate
translation, but the existing code didn't do that.