From 8cd4882fd5c3080816a070ad582ef06842f7c482 Mon Sep 17 00:00:00 2001 From: Ben Pfaff Date: Wed, 8 Jul 2009 10:30:42 -0700 Subject: [PATCH] Rename "secchan" to "ofproto" (library) and "ovs-openflowd" (program). These names are more meaningful, so we prefer them. --- Makefile.am | 2 +- README | 8 +- debian/control | 6 +- debian/openvswitch-controller.README.Debian | 7 +- debian/openvswitch-monitor.default | 15 ++-- debian/openvswitch-switch-config.templates | 4 +- debian/openvswitch-switch.init | 10 +-- debian/openvswitch-switch.install | 2 +- debian/openvswitch-switch.logrotate | 4 +- debian/openvswitch-switch.manpages | 2 +- debian/openvswitch-switch.template | 22 ++--- debian/openvswitch-switchui.default | 10 +-- debian/ovs-switch-setup.8 | 2 +- debian/po/templates.pot | 4 +- extras/ezio/ovs-switchui.c | 6 +- include/openvswitch/datapath-protocol.h | 2 +- lib/automake.mk | 4 +- lib/rconn.c | 2 +- lib/vlog-modules.def | 3 +- {secchan => ofproto}/.gitignore | 2 - ofproto/automake.mk | 29 ++++++ {secchan => ofproto}/commands/automake.mk | 2 +- {secchan => ofproto}/commands/reboot | 0 {secchan => ofproto}/discovery.c | 0 {secchan => ofproto}/discovery.h | 0 {secchan => ofproto}/executer.c | 2 +- {secchan => ofproto}/executer.h | 0 {secchan => ofproto}/fail-open.c | 0 {secchan => ofproto}/fail-open.h | 0 {secchan => ofproto}/in-band.c | 8 +- {secchan => ofproto}/in-band.h | 1 - {secchan => ofproto}/netflow.c | 0 {secchan => ofproto}/netflow.h | 0 {secchan => ofproto}/ofproto.c | 2 +- {secchan => ofproto}/ofproto.h | 0 {secchan => ofproto}/pinsched.c | 0 {secchan => ofproto}/pinsched.h | 0 {secchan => ofproto}/pktbuf.c | 0 {secchan => ofproto}/pktbuf.h | 0 {secchan => ofproto}/status.c | 0 {secchan => ofproto}/status.h | 1 - secchan/automake.mk | 42 --------- tests/test-dhcp-client.c | 4 +- utilities/.gitignore | 2 + utilities/automake.mk | 11 +++ utilities/ovs-appctl.8.in | 4 +- utilities/ovs-controller.8.in | 6 +- utilities/ovs-discover.8.in | 6 +- utilities/ovs-dpctl.8.in | 9 +- utilities/ovs-monitor | 50 +++++------ utilities/ovs-ofctl.8.in | 6 +- .../ovs-openflowd.8.in | 88 +++++++++---------- secchan/main.c => utilities/ovs-openflowd.c | 12 +-- utilities/ovs-pki.8.in | 6 +- vswitchd/automake.mk | 2 +- vswitchd/bridge.c | 2 +- vswitchd/ovs-vswitchd.conf.5.in | 6 +- xenserver/vswitch-xen.spec | 4 +- 58 files changed, 208 insertions(+), 214 deletions(-) rename {secchan => ofproto}/.gitignore (53%) create mode 100644 ofproto/automake.mk rename {secchan => ofproto}/commands/automake.mk (71%) rename {secchan => ofproto}/commands/reboot (100%) rename {secchan => ofproto}/discovery.c (100%) rename {secchan => ofproto}/discovery.h (100%) rename {secchan => ofproto}/executer.c (99%) rename {secchan => ofproto}/executer.h (100%) rename {secchan => ofproto}/fail-open.c (100%) rename {secchan => ofproto}/fail-open.h (100%) rename {secchan => ofproto}/in-band.c (97%) rename {secchan => ofproto}/in-band.h (98%) rename {secchan => ofproto}/netflow.c (100%) rename {secchan => ofproto}/netflow.h (100%) rename {secchan => ofproto}/ofproto.c (99%) rename {secchan => ofproto}/ofproto.h (100%) rename {secchan => ofproto}/pinsched.c (100%) rename {secchan => ofproto}/pinsched.h (100%) rename {secchan => ofproto}/pktbuf.c (100%) rename {secchan => ofproto}/pktbuf.h (100%) rename {secchan => ofproto}/status.c (100%) rename {secchan => ofproto}/status.h (98%) delete mode 100644 secchan/automake.mk rename secchan/secchan.8.in => utilities/ovs-openflowd.8.in (83%) rename secchan/main.c => utilities/ovs-openflowd.c (98%) diff --git a/Makefile.am b/Makefile.am index 59ffc193..18dbb53d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -57,7 +57,7 @@ SUFFIXES = .in -e 's,[@]PERL[@],$(PERL),g' > $@ include lib/automake.mk -include secchan/automake.mk +include ofproto/automake.mk include utilities/automake.mk include tests/automake.mk include include/automake.mk diff --git a/README b/README index 3e986a48..4f5882b2 100644 --- a/README +++ b/README @@ -40,15 +40,15 @@ The main components of this distribution are: to be installed on a Citrix XenServer host as a drop-in replacement for its switch, with additional functionality. - * vlog-appctl, a utility that can control Open vSwitch daemons, + * ovs-appctl, a utility that can control Open vSwitch daemons, adjusting their logging levels among other uses. Open vSwitch also provides an OpenFlow implementation and tools for those interested in OpenFlow but not additional Open vSwitch features: - * secchan, a program that implements a simple OpenFlow switch - (without the special features provided by ovs-vswitchd) using - the same kernel module as ovs-vswitchd. + * ovs-openflowd, a program that implements a simple OpenFlow + switch (without the special features provided by ovs-vswitchd) + using the same kernel module as ovs-vswitchd. * ovs-controller, a simple OpenFlow controller. diff --git a/debian/control b/debian/control index a59dcd3a..13da9d7b 100644 --- a/debian/control +++ b/debian/control @@ -110,9 +110,9 @@ Architecture: any Recommends: openvswitch-switch Depends: ${shlibs:Depends}, ${misc:Depends} Description: Monitor utility for Open vSwitch switches - The ovs-monitor utility included in this package monitors the secure - channel and datapath. If either become unresponsive, the switch is - rebooted. + The ovs-monitor utility included in this package monitors the + ovs-openflowd process and the kernel datapath. If either become + unresponsive, it reboots the machine. Package: openvswitch-wdt Architecture: any diff --git a/debian/openvswitch-controller.README.Debian b/debian/openvswitch-controller.README.Debian index 18819a79..94b95c4a 100644 --- a/debian/openvswitch-controller.README.Debian +++ b/debian/openvswitch-controller.README.Debian @@ -6,7 +6,8 @@ README.Debian for openvswitch-controller * To enable OpenFlow switches to automatically discover the location of the controller, you must install and configure a DHCP server. - The secchan(8) manpage (found in the openvswitch-switch package) gives - a working example configuration file for the ISC DHCP server. + The ovs-openflowd(8) manpage (found in the openvswitch-switch + package) gives a working example configuration file for the ISC DHCP + server. - -- Ben Pfaff , Mon, 11 May 2009 13:26:38 -0700 + -- Ben Pfaff , Wed, 8 Jul 2009 09:39:53 -0700 diff --git a/debian/openvswitch-monitor.default b/debian/openvswitch-monitor.default index f0c356e8..3b6ccdf0 100644 --- a/debian/openvswitch-monitor.default +++ b/debian/openvswitch-monitor.default @@ -13,15 +13,16 @@ # it reboots the system. A value of zero disables the monitor. THRESHOLD=3 -# INTERVAL: The number of seconds to wait between probing secchan and -# the datapath. +# INTERVAL: The number of seconds to wait between probing +# ovs-openflowd and the datapath. INTERVAL=1 # LOG_FILE: File to log messages related to monitoring. LOG_FILE="/var/log/openvswitch/monitor" -# SWITCH_VCONN: The vconn used to connect to the switch (secchan). -# The secchan must be configured to listen to this vconn. The default -# here set is also listened to by default by the openvswitch-switch -# package, so ordinarily there is no need to modify this. -SWITCH_VCONN="/var/run/secchan.mgmt" +# SWITCH_VCONN: The vconn used to connect to the switch +# (ovs-openflowd). The ovs-openflowd must be configured to listen to +# this vconn. The default here set is also listened to by default by +# the openvswitch-switch package, so ordinarily there is no need to +# modify this. +SWITCH_VCONN="/var/run/ovs-openflowd.mgmt" diff --git a/debian/openvswitch-switch-config.templates b/debian/openvswitch-switch-config.templates index 24bf0352..16646824 100644 --- a/debian/openvswitch-switch-config.templates +++ b/debian/openvswitch-switch-config.templates @@ -64,7 +64,7 @@ _Description: Preparing to discover controller. The setup program will now attempt to discover the OpenFlow controller. Controller discovery may take up to 30 seconds. Please be patient. . - See secchan(8) for instructions on how to configure a DHCP server for + See ovs-openflowd(8) for instructions on how to configure a DHCP server for controller discovery. Template: openvswitch-switch/discovery-failure @@ -73,7 +73,7 @@ _Description: Controller discovery failed. The controller's location could not be determined automatically. . Ensure that the OpenFlow DHCP server is properly configured. See - secchan(8) for instructions on how to configure a DHCP server for + ovs-openflowd(8) for instructions on how to configure a DHCP server for controller discovery. Template: openvswitch-switch/discovery-success diff --git a/debian/openvswitch-switch.init b/debian/openvswitch-switch.init index b238f72e..ece07a83 100755 --- a/debian/openvswitch-switch.init +++ b/debian/openvswitch-switch.init @@ -19,9 +19,9 @@ ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/secchan -NAME=secchan -DESC=secchan +DAEMON=/usr/sbin/ovs-openflowd +NAME=ovs-openflowd +DESC=ovs-openflowd test -x $DAEMON || exit 0 @@ -35,7 +35,7 @@ DODTIME=1 # Time to wait for the server to die, in seconds # let some servers to die gracefully and # 'restart' will not work -# Include secchan defaults if available +# Include ovs-openflowd defaults if available unset NETDEVS unset MODE unset SWITCH_IP @@ -319,7 +319,7 @@ case "$1" in check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT" fi - # Compose secchan options. + # Compose ovs-openflowd options. set -- set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err set -- "$@" --log-file diff --git a/debian/openvswitch-switch.install b/debian/openvswitch-switch.install index 9fddacf0..a0cf9bf2 100644 --- a/debian/openvswitch-switch.install +++ b/debian/openvswitch-switch.install @@ -1,4 +1,4 @@ -_debian/secchan/secchan usr/sbin +_debian/utilities/ovs-openflowd usr/sbin _debian/utilities/ovs-dpctl usr/sbin _debian/utilities/ovs-discover usr/sbin _debian/utilities/ovs-kill usr/sbin diff --git a/debian/openvswitch-switch.logrotate b/debian/openvswitch-switch.logrotate index 41394e86..a45cc2a7 100644 --- a/debian/openvswitch-switch.logrotate +++ b/debian/openvswitch-switch.logrotate @@ -1,4 +1,4 @@ -/var/log/openvswitch/secchan.log { +/var/log/openvswitch/ovs-openflowd.log { daily compress create 640 root adm @@ -6,6 +6,6 @@ missingok rotate 30 postrotate - ovs-appctl --target /var/run/secchan.pid --reopen + ovs-appctl --target /var/run/ovs-openflowd.pid --reopen endscript } diff --git a/debian/openvswitch-switch.manpages b/debian/openvswitch-switch.manpages index f789eba9..821503a7 100644 --- a/debian/openvswitch-switch.manpages +++ b/debian/openvswitch-switch.manpages @@ -1,4 +1,4 @@ -_debian/secchan/secchan.8 +_debian/utilities/ovs-openflowd.8 _debian/utilities/ovs-discover.8 _debian/utilities/ovs-dpctl.8 _debian/utilities/ovs-kill.8 diff --git a/debian/openvswitch-switch.template b/debian/openvswitch-switch.template index 7fe0e15c..0a72198f 100644 --- a/debian/openvswitch-switch.template +++ b/debian/openvswitch-switch.template @@ -1,7 +1,7 @@ # This is a POSIX shell fragment -*- sh -*- -# To configure the secure channel, fill in the following properly and -# uncomment them. Afterward, the secure channel will come up +# To configure the OpenFlow switch, fill in the following properly and +# uncomment them. Afterward, the switch will come up # automatically at boot time. It can be started immediately with # /etc/init.d/openvswitch-switch start # Alternatively, use the ovs-switch-setup program (from the @@ -101,12 +101,12 @@ SWITCH_IP=dhcp # Set CACERT_MODE to 'secure' or 'bootstrap' for these respective cases. #CACERT_MODE=secure -# MGMT_VCONNS: List of vconns (space-separated) on which secchan +# MGMT_VCONNS: List of vconns (space-separated) on which ovs-openflowd # should listen for management connections from ovs-ofctl, etc. # openvswitch-switchui by default connects to -# unix:/var/run/secchan.mgmt, so do not disable this if you want to +# unix:/var/run/ovs-openflowd.mgmt, so do not disable this if you want to # use openvswitch-switchui. -MGMT_VCONNS="punix:/var/run/secchan.mgmt" +MGMT_VCONNS="punix:/var/run/ovs-openflowd.mgmt" # COMMANDS: Access control list for the commands that can be executed # remotely over the OpenFlow protocol, as a comma-separated list of @@ -122,7 +122,7 @@ MGMT_VCONNS="punix:/var/run/secchan.mgmt" #DISCONNECTED_MODE=switch # STP: Enable or disabled 802.1D-1998 Spanning Tree Protocol. Set to -# 'yes' to enable STP, 'no' to disable it. If unset, secchan's +# 'yes' to enable STP, 'no' to disable it. If unset, ovs-openflowd's # current default is 'no' (but this may change in the future). #STP=no @@ -133,17 +133,17 @@ MGMT_VCONNS="punix:/var/run/secchan.mgmt" #RATE_LIMIT=1000 # INACTIVITY_PROBE: The maximum number of seconds of inactivity on the -# controller connection before secchan sends an inactivity probe +# controller connection before ovs-openflowd sends an inactivity probe # message to the controller. The valid range is 5 and up. If unset, -# secchan defaults to 15 seconds. +# ovs-openflowd defaults to 15 seconds. #INACTIVITY_PROBE=5 -# MAX_BACKOFF: The maximum time that secchan will wait between +# MAX_BACKOFF: The maximum time that ovs-openflowd will wait between # attempts to connect to the controller. The valid range is 1 and up. -# If unset, secchan defaults to 15 seconds. +# If unset, ovs-openflowd defaults to 15 seconds. #MAX_BACKOFF=15 -# DAEMON_OPTS: Additional options to pass to secchan, e.g. "--fail=open" +# DAEMON_OPTS: Additional options to pass to ovs-openflowd, e.g. "--fail=open" DAEMON_OPTS="" # CORE_LIMIT: Maximum size for core dumps. diff --git a/debian/openvswitch-switchui.default b/debian/openvswitch-switchui.default index 6cdbf7a5..a759af83 100644 --- a/debian/openvswitch-switchui.default +++ b/debian/openvswitch-switchui.default @@ -1,7 +1,7 @@ # This is a POSIX shell fragment -*- sh -*- -# To configure the switch monitor, modify the following. Afterward, -# the secure channel will come up automatically at boot time. It can +# To configure the switch UI, modify the following. Afterward, +# the switch UI will come up automatically at boot time. It can # be restarted immediately with # /etc/init.d/openvswitch-switchui start @@ -9,11 +9,11 @@ # sourced by /etc/init.d/openvswitch-switchui # installed at /etc/default/openvswitch-switchui by the maintainer scripts -# SWITCH_VCONN: The vconn used to connect to the switch (secchan). -# The secchan must be configured to listen to this vconn. The default +# SWITCH_VCONN: The vconn used to connect to the switch (ovs-openflowd). +# The ovs-openflowd must be configured to listen to this vconn. The default # here set is also listened to by default by the openvswitch-switch # package, so ordinarily there is no need to modify this. -SWITCH_VCONN="unix:/var/run/secchan.mgmt" +SWITCH_VCONN="unix:/var/run/ovs-openflowd.mgmt" # EZIO3_DEVICE: To display the switch monitor on an EZIO3 (aka # MTB-134) 16x2 LCD displays found on server appliances made by diff --git a/debian/ovs-switch-setup.8 b/debian/ovs-switch-setup.8 index 696ad365..9c0da4ce 100644 --- a/debian/ovs-switch-setup.8 +++ b/debian/ovs-switch-setup.8 @@ -38,4 +38,4 @@ obtained from the OpenFlow PKI server. .BR ovs\-dpctl (8), .BR ovs-pki (8), -.BR secchan (8) +.BR ovs-openflowd (8) diff --git a/debian/po/templates.pot b/debian/po/templates.pot index ec14b8c0..d425b8a4 100644 --- a/debian/po/templates.pot +++ b/debian/po/templates.pot @@ -168,7 +168,7 @@ msgstr "" #. Description #: ../openvswitch-switch-config.templates:5001 msgid "" -"See secchan(8) for instructions on how to configure a DHCP server for " +"See ovs-openflowd(8) for instructions on how to configure a DHCP server for " "controller discovery." msgstr "" @@ -188,7 +188,7 @@ msgstr "" #. Description #: ../openvswitch-switch-config.templates:6001 msgid "" -"Ensure that the OpenFlow DHCP server is properly configured. See secchan(8) " +"Ensure that the OpenFlow DHCP server is properly configured. See ovs-openflowd(8) " "for instructions on how to configure a DHCP server for controller discovery." msgstr "" diff --git a/extras/ezio/ovs-switchui.c b/extras/ezio/ovs-switchui.c index b4391079..e25d4e1a 100644 --- a/extras/ezio/ovs-switchui.c +++ b/extras/ezio/ovs-switchui.c @@ -114,7 +114,7 @@ static void compose_messages(const struct dict *, struct rconn *rconn); static void show_flows(struct rconn *); static void show_dpid_ip(struct rconn *, const struct dict *); -static void show_secchan_state(const struct dict *); +static void show_ofproto_state(const struct dict *); static void show_fail_open_state(const struct dict *); static void show_discovery_state(const struct dict *); static void show_remote_state(const struct dict *); @@ -257,7 +257,7 @@ compose_messages(const struct dict *dict, struct rconn *rconn) if (!show_reboot_state()) { show_flows(rconn); show_dpid_ip(rconn, dict); - show_secchan_state(dict); + show_ofproto_state(dict); show_fail_open_state(dict); show_discovery_state(dict); show_remote_state(dict); @@ -648,7 +648,7 @@ addf(const char *format, ...) } static void -show_secchan_state(const struct dict *dict) +show_ofproto_state(const struct dict *dict) { static struct message *msg; const char *is_connected; diff --git a/include/openvswitch/datapath-protocol.h b/include/openvswitch/datapath-protocol.h index 44875881..ae363827 100644 --- a/include/openvswitch/datapath-protocol.h +++ b/include/openvswitch/datapath-protocol.h @@ -37,7 +37,7 @@ * ---------------------------------------------------------------------- */ -/* Protocol between secchan and datapath. */ +/* Protocol between userspace and kernel datapath. */ #ifndef OPENVSWITCH_DATAPATH_PROTOCOL_H #define OPENVSWITCH_DATAPATH_PROTOCOL_H 1 diff --git a/lib/automake.mk b/lib/automake.mk index 80d85c33..d129491d 100644 --- a/lib/automake.mk +++ b/lib/automake.mk @@ -187,8 +187,8 @@ COVERAGE_FILES = \ lib/unixctl.c \ lib/util.c \ lib/vconn.c \ - secchan/ofproto.c \ - secchan/pktbuf.c \ + ofproto/ofproto.c \ + ofproto/pktbuf.c \ vswitchd/bridge.c \ vswitchd/mgmt.c \ vswitchd/ovs-brcompatd.c diff --git a/lib/rconn.c b/lib/rconn.c index b18a2e59..b4da257d 100644 --- a/lib/rconn.c +++ b/lib/rconn.c @@ -89,7 +89,7 @@ struct rconn { time_t last_admitted; /* These values are simply for statistics reporting, not used directly by - * anything internal to the rconn (or the secchan for that matter). */ + * anything internal to the rconn (or ofproto for that matter). */ unsigned int packets_received; unsigned int n_attempted_connections, n_successful_connections; time_t creation_time; diff --git a/lib/vlog-modules.def b/lib/vlog-modules.def index a9b46a47..63b25cc2 100644 --- a/lib/vlog-modules.def +++ b/lib/vlog-modules.def @@ -50,16 +50,15 @@ VLOG_MODULE(netlink) VLOG_MODULE(ofctl) VLOG_MODULE(ovs_discover) VLOG_MODULE(ofproto) +VLOG_MODULE(openflowd) VLOG_MODULE(pktbuf) VLOG_MODULE(pcap) VLOG_MODULE(poll_loop) VLOG_MODULE(port_watcher) VLOG_MODULE(proc_net_compat) VLOG_MODULE(process) -VLOG_MODULE(secchan) VLOG_MODULE(rconn) VLOG_MODULE(stp) -VLOG_MODULE(stp_secchan) VLOG_MODULE(stats) VLOG_MODULE(status) VLOG_MODULE(svec) diff --git a/secchan/.gitignore b/ofproto/.gitignore similarity index 53% rename from secchan/.gitignore rename to ofproto/.gitignore index ada65665..b336cc7c 100644 --- a/secchan/.gitignore +++ b/ofproto/.gitignore @@ -1,4 +1,2 @@ /Makefile /Makefile.in -/secchan -/secchan.8 diff --git a/ofproto/automake.mk b/ofproto/automake.mk new file mode 100644 index 00000000..232d45f6 --- /dev/null +++ b/ofproto/automake.mk @@ -0,0 +1,29 @@ +# Copyright (C) 2009 Nicira Networks, Inc. +# +# Copying and distribution of this file, with or without modification, +# are permitted in any medium without royalty provided the copyright +# notice and this notice are preserved. This file is offered as-is, +# without warranty of any kind. + +noinst_LIBRARIES += ofproto/libofproto.a +ofproto_libofproto_a_SOURCES = \ + ofproto/discovery.c \ + ofproto/discovery.h \ + ofproto/executer.c \ + ofproto/executer.h \ + ofproto/fail-open.c \ + ofproto/fail-open.h \ + ofproto/in-band.c \ + ofproto/in-band.h \ + ofproto/netflow.c \ + ofproto/netflow.h \ + ofproto/ofproto.c \ + ofproto/ofproto.h \ + ofproto/pktbuf.c \ + ofproto/pktbuf.h \ + ofproto/pinsched.c \ + ofproto/pinsched.h \ + ofproto/status.c \ + ofproto/status.h + +include ofproto/commands/automake.mk diff --git a/secchan/commands/automake.mk b/ofproto/commands/automake.mk similarity index 71% rename from secchan/commands/automake.mk rename to ofproto/commands/automake.mk index cbe44d8c..96d165f5 100644 --- a/secchan/commands/automake.mk +++ b/ofproto/commands/automake.mk @@ -1,3 +1,3 @@ commandsdir = ${pkgdatadir}/commands dist_commands_SCRIPTS = \ - secchan/commands/reboot + ofproto/commands/reboot diff --git a/secchan/commands/reboot b/ofproto/commands/reboot similarity index 100% rename from secchan/commands/reboot rename to ofproto/commands/reboot diff --git a/secchan/discovery.c b/ofproto/discovery.c similarity index 100% rename from secchan/discovery.c rename to ofproto/discovery.c diff --git a/secchan/discovery.h b/ofproto/discovery.h similarity index 100% rename from secchan/discovery.h rename to ofproto/discovery.h diff --git a/secchan/executer.c b/ofproto/executer.c similarity index 99% rename from secchan/executer.c rename to ofproto/executer.c index 210d7cbc..87b76526 100644 --- a/secchan/executer.c +++ b/ofproto/executer.c @@ -83,7 +83,7 @@ static void send_child_message(struct rconn *, uint32_t xid, uint32_t status, /* Returns true if 'cmd' is allowed by 'acl', which is a command-separated * access control list in the format described for --command-acl in - * secchan(8). */ + * ovs-openflowd(8). */ static bool executer_is_permitted(const char *acl_, const char *cmd) { diff --git a/secchan/executer.h b/ofproto/executer.h similarity index 100% rename from secchan/executer.h rename to ofproto/executer.h diff --git a/secchan/fail-open.c b/ofproto/fail-open.c similarity index 100% rename from secchan/fail-open.c rename to ofproto/fail-open.c diff --git a/secchan/fail-open.h b/ofproto/fail-open.h similarity index 100% rename from secchan/fail-open.h rename to ofproto/fail-open.h diff --git a/secchan/in-band.c b/ofproto/in-band.c similarity index 97% rename from secchan/in-band.c rename to ofproto/in-band.c index 1e242385..8f5f977e 100644 --- a/secchan/in-band.c +++ b/ofproto/in-band.c @@ -43,8 +43,8 @@ #define IB_BASE_PRIORITY 18181800 enum { - IBR_FROM_LOCAL_PORT, /* Sent by secure channel. */ - IBR_TO_LOCAL_PORT, /* Sent to secure channel. */ + IBR_FROM_LOCAL_PORT, /* Sent by ofproto local port. */ + IBR_TO_LOCAL_PORT, /* Sent to ofproto local port. */ IBR_ARP_FROM_CTL, /* ARP from the controller. */ IBR_TO_CTL_OFP_SRC, /* To controller, OpenFlow source port. */ IBR_TO_CTL_OFP_DST, /* To controller, OpenFlow dest port. */ @@ -228,13 +228,13 @@ in_band_run(struct in_band *in_band) controller_mac = get_controller_mac(in_band); local_mac = get_local_mac(in_band); - /* Switch traffic sent by the secure channel. */ + /* Switch traffic sent from the local port. */ memset(&flow, 0, sizeof flow); flow.in_port = ODPP_LOCAL; setup_flow(in_band, IBR_FROM_LOCAL_PORT, &flow, OFPFW_IN_PORT, OFPP_NORMAL); - /* Deliver traffic sent to the secure channel to the local port. */ + /* Deliver traffic sent to the local port. */ if (local_mac) { memset(&flow, 0, sizeof flow); memcpy(flow.dl_dst, local_mac, ETH_ADDR_LEN); diff --git a/secchan/in-band.h b/ofproto/in-band.h similarity index 98% rename from secchan/in-band.h rename to ofproto/in-band.h index 972611d6..8d8d3535 100644 --- a/secchan/in-band.h +++ b/ofproto/in-band.h @@ -23,7 +23,6 @@ struct dpif; struct in_band; struct ofproto; struct rconn; -struct secchan; struct settings; struct switch_status; diff --git a/secchan/netflow.c b/ofproto/netflow.c similarity index 100% rename from secchan/netflow.c rename to ofproto/netflow.c diff --git a/secchan/netflow.h b/ofproto/netflow.h similarity index 100% rename from secchan/netflow.h rename to ofproto/netflow.h diff --git a/secchan/ofproto.c b/ofproto/ofproto.c similarity index 99% rename from secchan/ofproto.c rename to ofproto/ofproto.c index 44d1a850..79fe14c4 100644 --- a/secchan/ofproto.c +++ b/ofproto/ofproto.c @@ -133,7 +133,7 @@ rule_is_hidden(const struct rule *rule) return true; } - /* Rules with priority higher than UINT16_MAX are set up by secchan itself + /* Rules with priority higher than UINT16_MAX are set up by ofproto itself * (e.g. by in-band control) and are intentionally hidden from the * controller. */ if (rule->cr.priority > UINT16_MAX) { diff --git a/secchan/ofproto.h b/ofproto/ofproto.h similarity index 100% rename from secchan/ofproto.h rename to ofproto/ofproto.h diff --git a/secchan/pinsched.c b/ofproto/pinsched.c similarity index 100% rename from secchan/pinsched.c rename to ofproto/pinsched.c diff --git a/secchan/pinsched.h b/ofproto/pinsched.h similarity index 100% rename from secchan/pinsched.h rename to ofproto/pinsched.h diff --git a/secchan/pktbuf.c b/ofproto/pktbuf.c similarity index 100% rename from secchan/pktbuf.c rename to ofproto/pktbuf.c diff --git a/secchan/pktbuf.h b/ofproto/pktbuf.h similarity index 100% rename from secchan/pktbuf.h rename to ofproto/pktbuf.h diff --git a/secchan/status.c b/ofproto/status.c similarity index 100% rename from secchan/status.c rename to ofproto/status.c diff --git a/secchan/status.h b/ofproto/status.h similarity index 98% rename from secchan/status.h rename to ofproto/status.h index 7856674b..1186fa52 100644 --- a/secchan/status.h +++ b/ofproto/status.h @@ -21,7 +21,6 @@ struct nicira_header; struct rconn; -struct secchan; struct ofproto; struct status_reply; diff --git a/secchan/automake.mk b/secchan/automake.mk deleted file mode 100644 index d6bf1b0c..00000000 --- a/secchan/automake.mk +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright (C) 2009 Nicira Networks, Inc. -# -# Copying and distribution of this file, with or without modification, -# are permitted in any medium without royalty provided the copyright -# notice and this notice are preserved. This file is offered as-is, -# without warranty of any kind. - -bin_PROGRAMS += secchan/secchan -man_MANS += secchan/secchan.8 - -secchan_secchan_SOURCES = secchan/main.c -secchan_secchan_LDADD = \ - secchan/libsecchan.a \ - lib/libopenvswitch.a \ - $(FAULT_LIBS) \ - $(SSL_LIBS) - -noinst_LIBRARIES += secchan/libsecchan.a -secchan_libsecchan_a_SOURCES = \ - secchan/discovery.c \ - secchan/discovery.h \ - secchan/executer.c \ - secchan/executer.h \ - secchan/fail-open.c \ - secchan/fail-open.h \ - secchan/in-band.c \ - secchan/in-band.h \ - secchan/netflow.c \ - secchan/netflow.h \ - secchan/ofproto.c \ - secchan/ofproto.h \ - secchan/pktbuf.c \ - secchan/pktbuf.h \ - secchan/pinsched.c \ - secchan/pinsched.h \ - secchan/status.c \ - secchan/status.h - -EXTRA_DIST += secchan/secchan.8.in -DISTCLEANFILES += secchan/secchan.8 - -include secchan/commands/automake.mk diff --git a/tests/test-dhcp-client.c b/tests/test-dhcp-client.c index 7ea476ca..e4471c7b 100644 --- a/tests/test-dhcp-client.c +++ b/tests/test-dhcp-client.c @@ -176,8 +176,8 @@ usage(void) "\nDHCP options:\n" " --request-ip=IP request specified IP address (default:\n" " do not request a specific IP)\n" - " --vendor-class=STRING use STRING as vendor class (default:\n" - " none); use OpenFlow to imitate secchan\n" + " --vendor-class=STRING use STRING as vendor class; use\n" + " OpenFlow to imitate ovs-openflowd\n" " --no-resolv-conf do not update /etc/resolv.conf\n", program_name, program_name); vlog_usage(); diff --git a/utilities/.gitignore b/utilities/.gitignore index 32a7f2eb..ebbd6916 100644 --- a/utilities/.gitignore +++ b/utilities/.gitignore @@ -15,6 +15,8 @@ /ovs-kill.8 /ovs-ofctl /ovs-ofctl.8 +/ovs-openflowd +/ovs-openflowd.8 /ovs-parse-leaks /ovs-pki /ovs-pki-cgi diff --git a/utilities/automake.mk b/utilities/automake.mk index 97b827ac..5bf3cbb7 100644 --- a/utilities/automake.mk +++ b/utilities/automake.mk @@ -6,6 +6,7 @@ bin_PROGRAMS += \ utilities/ovs-dpctl \ utilities/ovs-kill \ utilities/ovs-ofctl \ + utilities/ovs-openflowd \ utilities/ovs-wdt noinst_PROGRAMS += utilities/nlmon bin_SCRIPTS += utilities/ovs-pki @@ -20,6 +21,7 @@ EXTRA_DIST += \ utilities/ovs-dpctl.8.in \ utilities/ovs-kill.8.in \ utilities/ovs-ofctl.8.in \ + utilities/ovs-openflowd.8.in \ utilities/ovs-parse-leaks.in \ utilities/ovs-pki-cgi.in \ utilities/ovs-pki.8.in \ @@ -32,6 +34,7 @@ DISTCLEANFILES += \ utilities/ovs-dpctl.8 \ utilities/ovs-kill.8 \ utilities/ovs-ofctl.8 \ + utilities/ovs-openflowd.8 \ utilities/ovs-parse-leaks \ utilities/ovs-pki \ utilities/ovs-pki.8 \ @@ -45,6 +48,7 @@ man_MANS += \ utilities/ovs-dpctl.8 \ utilities/ovs-kill.8 \ utilities/ovs-ofctl.8 \ + utilities/ovs-openflowd.8 \ utilities/ovs-pki.8 utilities_ovs_appctl_SOURCES = utilities/ovs-appctl.c @@ -68,6 +72,13 @@ utilities_ovs_kill_LDADD = lib/libopenvswitch.a utilities_ovs_ofctl_SOURCES = utilities/ovs-ofctl.c utilities_ovs_ofctl_LDADD = lib/libopenvswitch.a $(FAULT_LIBS) $(SSL_LIBS) +utilities_ovs_openflowd_SOURCES = utilities/ovs-openflowd.c +utilities_ovs_openflowd_LDADD = \ + ofproto/libofproto.a \ + lib/libopenvswitch.a \ + $(FAULT_LIBS) \ + $(SSL_LIBS) + utilities_ovs_wdt_SOURCES = utilities/ovs-wdt.c utilities_nlmon_SOURCES = utilities/nlmon.c diff --git a/utilities/ovs-appctl.8.in b/utilities/ovs-appctl.8.in index 9bf97fd2..d5e6b82e 100644 --- a/utilities/ovs-appctl.8.in +++ b/utilities/ovs-appctl.8.in @@ -79,7 +79,7 @@ expanded as follows: .RS .IP \fB%A\fR -The name of the application logging the message, e.g. \fBsecchan\fR. +The name of the application logging the message, e.g. \fBovs-vswitchd\fR. .IP \fB%c\fR The name of the module (as shown by \fBovs\-appctl --list\fR) logging @@ -163,4 +163,4 @@ error occurs. Use \fB-e help\fR to print a list of available commands. .BR ovs\-controller (8), .BR ovs\-dpctl (8), -.BR secchan (8) +.BR ovs\-openflowd (8) diff --git a/utilities/ovs-controller.8.in b/utilities/ovs-controller.8.in index 380ddeca..b6b05d07 100644 --- a/utilities/ovs-controller.8.in +++ b/utilities/ovs-controller.8.in @@ -82,7 +82,7 @@ already have the controller CA certificate for it to have any confidence in the controller's identity. However, this option allows a newly installed switch to obtain the controller CA certificate on first boot using, e.g., the \fB--bootstrap-ca-cert\fR option to -\fBsecchan\fR(8). +\fBovs\-openflowd\fR(8). .IP "\fB-n\fR, \fB--noflow\fR" By default, \fBovs\-controller\fR sets up a flow in each OpenFlow switch @@ -103,7 +103,7 @@ recommended, flows will never expire. The default is 60 seconds. This option affects only flows set up by the OpenFlow controller. In some configurations, the switch can set up some flows on its own. To set the idle time for those flows, pass -\fB--max-idle\fR to \fBsecchan\fR (on the switch). +\fB--max-idle\fR to \fBovs\-openflowd\fR (on the switch). This option has no effect when \fB-n\fR (or \fB--noflow\fR) is in use (because the controller does not set up flows in that case). @@ -133,6 +133,6 @@ To bind locally to port 6633 (the default) and wait for incoming connections fro .SH "SEE ALSO" -.BR secchan (8), +.BR ovs\-openflowd (8), .BR ovs\-appctl (8), .BR ovs\-dpctl (8) diff --git a/utilities/ovs-discover.8.in b/utilities/ovs-discover.8.in index eb83a5f8..fcb579ed 100644 --- a/utilities/ovs-discover.8.in +++ b/utilities/ovs-discover.8.in @@ -17,7 +17,7 @@ receives an acceptable DHCP response. It will accept any valid DHCP reply that has the same vendor class identifier and includes a vendor-specific option with code 1 whose contents are a string specifying the location of the controller in the same format used on -the \fBsecchan\fR command line (e.g. \fBssl:192.168.0.1\fR). +the \fBovs\-openflowd\fR command line (e.g. \fBssl:192.168.0.1\fR). When \fBovs\-discover\fR receives an acceptable response, it prints the details of the response on \fBstdout\fR. Then, by default, it @@ -115,5 +115,5 @@ arriving IP packets, will not. .SH "SEE ALSO" -.BR secchan (8), -.BR ovs-pki (8) +.BR ovs\-openflowd (8), +.BR ovs\-pki (8) diff --git a/utilities/ovs-dpctl.8.in b/utilities/ovs-dpctl.8.in index 0a1d6702..3d8854b5 100644 --- a/utilities/ovs-dpctl.8.in +++ b/utilities/ovs-dpctl.8.in @@ -110,9 +110,10 @@ up may be confused about their disappearance. .IP "\fBdump-groups \fIdp\fR" Prints to the console the sets of port groups maintained by datapath \fIdp\fR. Ordinarily there are at least 2 port groups in a datapath -that \fBsecchan\fR or \fBvswitch\fR is controlling: group 0 contains +that \fBovs\-openflowd\fR or \fBovs\-vswitch\fR is controlling: group +0 contains all ports except those disabled by STP, and group 1 contains all -ports. Additional groups might be used in the future. +ports. Additional or different groups might be used in the future. This command is primarily useful for debugging Open vSwitch. OpenFlow does not have a concept of port groups. @@ -141,7 +142,7 @@ Creates datapath number 0. Adds two network devices to the new datapath. .PP -At this point one would ordinarily start \fBsecchan\fR(8) on +At this point one would ordinarily start \fBovs\-openflowd\fR(8) on \fBdp0\fR, transforming \fBdp0\fR into an OpenFlow switch. Then, when the switch and the datapath is no longer needed: @@ -155,6 +156,6 @@ Deletes the datapath. .SH "SEE ALSO" -.BR secchan (8), .BR ovs\-appctl (8), +.BR ovs\-openflowd (8), .BR ovs\-vswitchd (8) diff --git a/utilities/ovs-monitor b/utilities/ovs-monitor index 215032ae..40ad64b3 100755 --- a/utilities/ovs-monitor +++ b/utilities/ovs-monitor @@ -16,8 +16,8 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -SECCHAN_PID=/var/run/secchan.pid -SECCHAN_SOCK=/var/run/secchan.mgmt +OPENFLOWD_PID=/var/run/ovs-openflowd.pid +OPENFLOWD_SOCK=/var/run/ovs-openflowd.mgmt LOG_FILE=/var/log/openflow/monitor INTERVAL=1 FAIL_THRESH=3 @@ -27,8 +27,8 @@ usage() { echo echo "OPTIONS:" echo " -h Show this message" - echo " -p PID file for secchan (default: $SECCHAN_PID)" - echo " -s Unix socket for secchan (default: $SECCHAN_SOCK)" + echo " -p PID file for ovs-openflowd (default: $OPENFLOWD_PID)" + echo " -s Unix socket for ovs-openflowd (default: $OPENFLOWD_SOCK)" echo " -l File to log messages (default: $LOG_FILE)" echo " -i Interval to send probes in seconds (default: $INTERVAL)" echo " -c Number of failed probes before reboot (default: $FAIL_THRESH)" @@ -48,11 +48,11 @@ while getopts "hp:s:l:i:c:" OPTION; do ;; p) - SECCHAN_PID=$OPTARG + OPENFLOWD_PID=$OPTARG ;; s) - SECCHAN_SOCK=$OPTARG + OPENFLOWD_SOCK=$OPTARG ;; l) @@ -73,14 +73,14 @@ while getopts "hp:s:l:i:c:" OPTION; do done -if [ ! -f $SECCHAN_PID ]; then - log "No secchan pid file: ${SECCHAN_PID}" - echo "No secchan pid file: ${SECCHAN_PID}" +if [ ! -f $OPENFLOWD_PID ]; then + log "No ovs-openflowd pid file: ${OPENFLOWD_PID}" + echo "No ovs-openflowd pid file: ${OPENFLOWD_PID}" fi -if [ ! -S $SECCHAN_SOCK ]; then - log "No secchan sock file: ${SECCHAN_SOCK}" - echo "No secchan sock file: ${SECCHAN_SOCK}" +if [ ! -S $OPENFLOWD_SOCK ]; then + log "No ovs-openflowd sock file: ${OPENFLOWD_SOCK}" + echo "No ovs-openflowd sock file: ${OPENFLOWD_SOCK}" fi if [ ! -d `dirname $LOG_FILE` ]; then @@ -88,17 +88,17 @@ if [ ! -d `dirname $LOG_FILE` ]; then fi let DP_DOWN=0 -let SECCHAN_DOWN=0 +let OPENFLOWD_DOWN=0 log "===== Starting Monitor ====" while `/bin/true`; do - # Only check for liveness if the secchan's PID file exists. The PID - # file is removed when secchan is brought down gracefully. - if [ -f $SECCHAN_PID ]; then - pid=`cat $SECCHAN_PID` + # Only check for liveness if ovs-openflowd's PID file exists. The PID + # file is removed when ovs-openflowd is brought down gracefully. + if [ -f $OPENFLOWD_PID ]; then + pid=`cat $OPENFLOWD_PID` if [ -d /proc/$pid ]; then - # Check if the secchan and datapath still can communicate - if [ -S $SECCHAN_SOCK ]; then - ovs-ofctl probe -t 2 unix:$SECCHAN_SOCK + # Check if the ovs-openflowd and datapath still can communicate + if [ -S $OPENFLOWD_SOCK ]; then + ovs-ofctl probe -t 2 unix:$OPENFLOWD_SOCK if [ $? -ne 0 ]; then log "datapath probe failed" let DP_DOWN++ @@ -106,15 +106,15 @@ while `/bin/true`; do let DP_DOWN=0 fi fi - let SECCHAN_DOWN=0 + let OPENFLOWD_DOWN=0 else - log "secchan probe failed" - let SECCHAN_DOWN++ + log "ovs-openflowd probe failed" + let OPENFLOWD_DOWN++ fi fi - if [ $SECCHAN_DOWN -ge $FAIL_THRESH ]; then - log "Failed to probe secchan after ${SECCHAN_DOWN} tries...rebooting!" + if [ $OPENFLOWD_DOWN -ge $FAIL_THRESH ]; then + log "Failed to probe ovs-openflowd after ${OPENFLOWD_DOWN} tries...rebooting!" reboot fi diff --git a/utilities/ovs-ofctl.8.in b/utilities/ovs-ofctl.8.in index eb98043c..fab61e4f 100644 --- a/utilities/ovs-ofctl.8.in +++ b/utilities/ovs-ofctl.8.in @@ -147,7 +147,7 @@ syntax of \fIflows\fR. \fBmonitor \fIswitch\fR [\fImiss-len\fR [\fIsend-exp]] Connects to \fIswitch\fR and prints to the console all OpenFlow messages received. Usually, \fIswitch\fR should specify a connection -named on \fBsecchan\fR(8)'s \fB-l\fR or \fB--listen\fR command line +named on \fBovs\-openflowd\fR(8)'s \fB-l\fR or \fB--listen\fR command line option. If \fImiss-len\fR is provided, \fBovs\-ofctl\fR sends an OpenFlow ``set @@ -327,7 +327,7 @@ omitted, then the entire packet is sent. .IP \fBlocal\fR Outputs the packet on the ``local port,'' which corresponds to the \fBof\fIn\fR network device (see \fBCONTACTING THE CONTROLLER\fR in -\fBsecchan\fR(8) for information on the \fBof\fIn\fR network device). +\fBovs\-openflowd\fR(8) for information on the \fBof\fIn\fR network device). .IP \fBdrop\fR Discards the packet, so no further processing or forwarding takes place. @@ -471,7 +471,7 @@ The following examples assume that an OpenFlow switch on the local host has been configured to listen for management connections on a Unix domain socket named \fB@RUNDIR@/openflow.sock\fR, e.g. by specifying \fB--listen=punix:@RUNDIR@/openflow.sock\fR on the -\fBsecchan\fR(8) command line. +\fBovs\-openflowd\fR(8) command line. .TP \fBovs\-ofctl dump-tables unix:@RUNDIR@/openflow.sock\fR diff --git a/secchan/secchan.8.in b/utilities/ovs-openflowd.8.in similarity index 83% rename from secchan/secchan.8.in rename to utilities/ovs-openflowd.8.in index 3b781aeb..3684fab4 100644 --- a/secchan/secchan.8.in +++ b/utilities/ovs-openflowd.8.in @@ -1,16 +1,16 @@ -.TH secchan 8 "March 2009" "Open vSwitch" "Open vSwitch Manual" -.ds PN secchan +.TH ovs\-openflowd 8 "March 2009" "Open vSwitch" "Open vSwitch Manual" +.ds PN ovs\-openflowd .SH NAME -secchan \- OpenFlow switch implementation +ovs\-openflowd \- OpenFlow switch implementation .SH SYNOPSIS -.B secchan +.B ovs\-openflowd [\fIoptions\fR] \fIdatapath\fR [\fIcontroller\fR] .SH DESCRIPTION -The \fBsecchan\fR program implements an OpenFlow switch using a -flow-based datapath. \fBsecchan\fR connects to an OpenFlow controller +The \fBovs\-openflowd\fR program implements an OpenFlow switch using a +flow-based datapath. \fBovs\-openflowd\fR connects to an OpenFlow controller over TCP or SSL. The mandatory \fIdatapath\fR argument argument specifies the local datapath @@ -40,7 +40,7 @@ The Unix domain server socket named \fIfile\fR. .RE .PP -If \fIcontroller\fR is omitted, \fBsecchan\fR attempts to discover the +If \fIcontroller\fR is omitted, \fBovs\-openflowd\fR attempts to discover the location of the controller automatically (see below). .SS "Contacting the Controller" @@ -53,9 +53,9 @@ the data traffic that it controls, that is, the switch does not use any of the network devices added to the datapath with \fBovs\-dpctl add\-if\fR in its communication with the controller. -To use \fBsecchan\fR in a network with out-of-band control, specify -\fB--out-of-band\fR on the \fBsecchan\fR command line. The control -network must be configured separately, before or after \fBsecchan\fR +To use \fBovs\-openflowd\fR in a network with out-of-band control, specify +\fB--out-of-band\fR on the \fBovs\-openflowd\fR command line. The control +network must be configured separately, before or after \fBovs\-openflowd\fR is started. .IP in-band @@ -66,7 +66,7 @@ add\-if\fR. This configuration is often more convenient than out-of-band control, because it is not necessary to maintain two independent networks. -In-band control is the default for \fBsecchan\fR, so no special +In-band control is the default for \fBovs\-openflowd\fR, so no special command-line option is required. With in-band control, the location of the controller can be configured @@ -74,23 +74,23 @@ manually or discovered automatically: .RS .IP "controller discovery" -To make \fBsecchan\fR discover the location of the controller +To make \fBovs\-openflowd\fR discover the location of the controller automatically, do not specify the location of the controller on the -\fBsecchan\fR command line. +\fBovs\-openflowd\fR command line. -In this mode, \fBsecchan\fR will broadcast a DHCP request with vendor +In this mode, \fBovs\-openflowd\fR will broadcast a DHCP request with vendor class identifier \fBOpenFlow\fR across the network devices added to the datapath with \fBovs\-dpctl add\-if\fR. It will accept any valid DHCP reply that has the same vendor class identifier and includes a vendor-specific option with code 1 whose contents are a string specifying the location of the controller in the same format used on -the \fBsecchan\fR command line (e.g. \fBssl:192.168.0.1\fR). +the \fBovs\-openflowd\fR command line (e.g. \fBssl:192.168.0.1\fR). The DHCP reply may also, optionally, include a vendor-specific option with code 2 whose contents are a string specifying the URI to the base of the OpenFlow PKI (e.g. \fBhttp://192.168.0.1/openflow/pki\fR). This URI is used only for bootstrapping the OpenFlow PKI at initial -switch setup; \fBsecchan\fR does not use it at all. +switch setup; \fBovs\-openflowd\fR does not use it at all. The following ISC DHCP server configuration file assigns the IP address range 192.168.0.20 through 192.168.0.30 to OpenFlow switches @@ -144,28 +144,28 @@ subnet 192.168.0.0 netmask 255.255.255.0 { .IP "manual configuration" To configure in-band control manually, specify the location of the -controller on the \fBsecchan\fR command line as the \fIcontroller\fR +controller on the \fBovs\-openflowd\fR command line as the \fIcontroller\fR argument. You must also configure the network device for the OpenFlow -``local port'' to allow \fBsecchan\fR to connect to that controller. -The OpenFlow local port is a virtual network port that \fBsecchan\fR +``local port'' to allow \fBovs\-openflowd\fR to connect to that controller. +The OpenFlow local port is a virtual network port that \fBovs\-openflowd\fR bridges to the physical switch ports. The name of the local port for a given \fIdatapath\fR may be seen by running \fBovs\-dpctl show \fIdatapath\fR; the local port is listed as port 0 in \fBshow\fR's output. .IP -Before \fBsecchan\fR starts, the local port network device is not +Before \fBovs\-openflowd\fR starts, the local port network device is not bridged to any physical network, so the next step depends on whether connectivity is required to configure the device's IP address. If the switch has a static IP address, you may configure its IP address now with a command such as .B ifconfig of0 192.168.1.1 -and then invoke \fBsecchan\fR. +and then invoke \fBovs\-openflowd\fR. On the other hand, if the switch does not have a static IP address, e.g. it obtains its IP address dynamically via DHCP, the DHCP client -will not be able to contact the DHCP server until the secure channel -has started up. Thus, start \fBsecchan\fR without configuring +will not be able to contact the DHCP server until the OpenFlow switch +has started up. Thus, start \fBovs\-openflowd\fR without configuring the local port network device, and start the DHCP client afterward. .RE @@ -173,7 +173,7 @@ the local port network device, and start the DHCP client afterward. .SS "Controller Discovery Options" .TP \fB--accept-vconn=\fIregex\fR -When \fBsecchan\fR performs controller discovery (see \fBContacting +When \fBovs\-openflowd\fR performs controller discovery (see \fBContacting the Controller\fR, above, for more information about controller discovery), it validates the controller location obtained via DHCP with a POSIX extended regular expression. Only controllers whose @@ -192,7 +192,7 @@ When controller discovery is not performed, this option has no effect. .TP \fB--no-resolv-conf\fR -When \fBsecchan\fR performs controller discovery (see \fBContacting +When \fBovs\-openflowd\fR performs controller discovery (see \fBContacting the Controller\fR, above, for more information about controller discovery), by default it overwrites the system's \fB/etc/resolv.conf\fR with domain information and DNS servers @@ -200,10 +200,10 @@ obtained via DHCP. If the location of the controller is specified using a hostname, rather than an IP address, and the network's DNS servers ever change, this behavior is essential. But because it also interferes with any administrator or process that manages -\fB/etc/resolv.conf\fR, when this option is specified, \fBsecchan\fR +\fB/etc/resolv.conf\fR, when this option is specified, \fBovs\-openflowd\fR will not modify \fB/etc/resolv.conf\fR. -\fBsecchan\fR will only modify \fBresolv.conf\fR if the DHCP response +\fBovs\-openflowd\fR will only modify \fBresolv.conf\fR if the DHCP response that it receives specifies one or more DNS servers. When controller discovery is not performed, this option has no effect. @@ -235,25 +235,25 @@ no new network connections can be set up. If the connection to the controller stays down long enough, no packets can pass through the switch at all. -If this option is set to \fBopen\fR (the default), \fBsecchan\fR will +If this option is set to \fBopen\fR (the default), \fBovs\-openflowd\fR will take over responsibility for setting up flows in the local datapath when no message has been received from the controller for three times the inactivity probe interval (see below), or 45 seconds by default. -In this ``fail open'' mode, \fBsecchan\fR causes the datapath to act -like an ordinary MAC-learning switch. \fBsecchan\fR will continue to +In this ``fail open'' mode, \fBovs\-openflowd\fR causes the datapath to act +like an ordinary MAC-learning switch. \fBovs\-openflowd\fR will continue to retry connection to the controller in the background and, when the connection succeeds, it discontinues its fail-open behavior. -If this option is set to \fBclosed\fR, then \fBsecchan\fR will not +If this option is set to \fBclosed\fR, then \fBovs\-openflowd\fR will not set up flows on its own when the controller connection fails. .TP \fB--inactivity-probe=\fIsecs\fR -When the secure channel is connected to the controller, the secure -channel waits for a message to be received from the controller for +When the OpenFlow switch is connected to the controller, the +switch waits for a message to be received from the controller for \fIsecs\fR seconds before it sends a inactivity probe to the controller. After sending the inactivity probe, if no response is -received for an additional \fIsecs\fR seconds, the secure channel +received for an additional \fIsecs\fR seconds, the switch assumes that the connection has been broken and attempts to reconnect. The default is 15 seconds, and the minimum value is 5 seconds. @@ -264,19 +264,19 @@ above). .TP \fB--max-idle=\fIsecs\fR|\fBpermanent\fR Sets \fIsecs\fR as the number of seconds that a flow set up by the -secure channel will remain in the switch's flow table without any +OpenFlow switch will remain in the switch's flow table without any matching packets being seen. If \fBpermanent\fR is specified, which -is not recommended, flows set up by the secure channel will never +is not recommended, flows set up by the switch will never expire. The default is 15 seconds. -Most flows are set up by the OpenFlow controller, not by the secure -channel. This option affects only the following flows, which the -secure channel sets up itself: +Most flows are set up by the OpenFlow controller, not by the +switch. This option affects only the following flows, which the +OpenFlow switch sets up itself: .RS .IP \(bu -When \fB--fail=open\fR is specified, flows set up when the secure -channel has not been able to contact the controller for the configured +When \fB--fail=open\fR is specified, flows set up when the +switch has not been able to contact the controller for the configured fail-open delay. .IP \(bu @@ -343,7 +343,7 @@ problems. .TP \fB--in-band\fR, \fB--out-of-band\fR -Configures \fBsecchan\fR to operate in in-band or out-of-band control +Configures \fBovs\-openflowd\fR to operate in in-band or out-of-band control mode (see \fBContacting the Controller\fR above). When neither option is given, the default is in-band control. @@ -401,7 +401,7 @@ Command names that include characters other than upper- and lower-case English letters, digits, and the underscore and hyphen characters are unconditionally disallowed. -When the whitelist and blacklist permit a command name, \fBsecchan\fR +When the whitelist and blacklist permit a command name, \fBovs\-openflowd\fR looks for a program with the same name as the command in the commands directory (see below). Other directories are not searched. @@ -435,7 +435,7 @@ the switch is connected to a trustworthy controller. .TP \fB--bootstrap-ca-cert=\fIcacert.pem\fR When \fIcacert.pem\fR exists, this option has the same effect as -\fB-C\fR or \fB--ca-cert\fR. If it does not exist, then \fBsecchan\fR +\fB-C\fR or \fB--ca-cert\fR. If it does not exist, then \fBovs\-openflowd\fR will attempt to obtain the CA certificate from the controller on its first SSL connection and save it to the named PEM file. If it is successful, it will immediately drop the connection and reconnect, and diff --git a/secchan/main.c b/utilities/ovs-openflowd.c similarity index 98% rename from secchan/main.c rename to utilities/ovs-openflowd.c index c886abe0..f60dea5a 100644 --- a/secchan/main.c +++ b/utilities/ovs-openflowd.c @@ -28,21 +28,17 @@ #include "compiler.h" #include "daemon.h" #include "dirs.h" -#include "discovery.h" #include "dpif.h" -#include "fail-open.h" #include "fault.h" -#include "in-band.h" #include "leak-checker.h" #include "list.h" #include "netdev.h" #include "ofpbuf.h" -#include "ofproto.h" +#include "ofproto/ofproto.h" #include "openflow/openflow.h" #include "packets.h" #include "poll-loop.h" #include "rconn.h" -#include "status.h" #include "svec.h" #include "timeval.h" #include "unixctl.h" @@ -51,7 +47,7 @@ #include "vconn.h" #include "vlog.h" -#define THIS_MODULE VLM_secchan +#define THIS_MODULE VLM_openflowd /* Behavior when the connection to the controller fails. */ enum fail_mode { @@ -522,7 +518,7 @@ usage(void) "usage: %s [OPTIONS] DATAPATH [CONTROLLER]\n" "DATAPATH is a local datapath (e.g. \"dp0\").\n" "CONTROLLER is an active OpenFlow connection method; if it is\n" - "omitted, then secchan performs controller discovery.\n", + "omitted, then ovs-openflowd performs controller discovery.\n", program_name, program_name); vconn_usage(true, true, true); printf("\nOpenFlow options:\n" @@ -542,7 +538,7 @@ usage(void) " closed: drop all packets\n" " open (default): act as learning switch\n" " --inactivity-probe=SECS time between inactivity probes\n" - " --max-idle=SECS max idle for flows set up by secchan\n" + " --max-idle=SECS max idle for flows set up by switch\n" " --max-backoff=SECS max time between controller connection\n" " attempts (default: 15 seconds)\n" " -l, --listen=METHOD allow management connections on METHOD\n" diff --git a/utilities/ovs-pki.8.in b/utilities/ovs-pki.8.in index 27dfccfc..0f1c4540 100644 --- a/utilities/ovs-pki.8.in +++ b/utilities/ovs-pki.8.in @@ -325,6 +325,6 @@ Prints a help usage message and exits. .SH "SEE ALSO" -.BR controller (8), -.BR ovs\-pki\-cgi (8), -.BR secchan (8) +.BR ovs\-controller (8), +.BR ovs\-openflowd (8), +.BR ovs\-pki\-cgi (8) diff --git a/vswitchd/automake.mk b/vswitchd/automake.mk index 6883731e..e3e6ea3a 100644 --- a/vswitchd/automake.mk +++ b/vswitchd/automake.mk @@ -22,7 +22,7 @@ vswitchd_ovs_vswitchd_SOURCES = \ vswitchd/xenserver.c \ vswitchd/xenserver.h vswitchd_ovs_vswitchd_LDADD = \ - secchan/libsecchan.a \ + ofproto/libofproto.a \ lib/libopenvswitch.a \ $(FAULT_LIBS) \ $(SSL_LIBS) diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c index cadefeeb..ab55658f 100644 --- a/vswitchd/bridge.c +++ b/vswitchd/bridge.c @@ -43,12 +43,12 @@ #include "odp-util.h" #include "ofp-print.h" #include "ofpbuf.h" +#include "ofproto/ofproto.h" #include "packets.h" #include "poll-loop.h" #include "port-array.h" #include "proc-net-compat.h" #include "process.h" -#include "secchan/ofproto.h" #include "socket-util.h" #include "stp.h" #include "svec.h" diff --git a/vswitchd/ovs-vswitchd.conf.5.in b/vswitchd/ovs-vswitchd.conf.5.in index d82a08af..b9bf9688 100644 --- a/vswitchd/ovs-vswitchd.conf.5.in +++ b/vswitchd/ovs-vswitchd.conf.5.in @@ -396,7 +396,7 @@ switch will perform all configured bridging and switching locally. .TP \fBdiscover\fR Use controller discovery to find the local OpenFlow controller. -Refer to \fBsecchan\fR(8) for information on how to configure a DHCP +Refer to \fB\ovs\-openflowd\fR(8) for information on how to configure a DHCP server to support controller discovery. The following additional options control the discovery process: . @@ -454,7 +454,7 @@ not in use, the following additional settings are honored: By default, or if this is set to \fBtrue\fR, \fBovs\-vswitchd\fR connects to the controller in-band. If this is set to \fBfalse\fR, \fBovs\-vswitchd\fR connects to the controller out-of-band. Refer to -\fBsecchan\fR(8) for a description of in-band and out-of-band control. +\fBovs\-openflowd\fR(8) for a description of in-band and out-of-band control. .IP "\fBbridge.\fIname\fB.controller.ip=\fIip\fR" If specified, the IP address to configure on the bridge's local port. .IP "\fBbridge.\fIname\fB.controller.netmask=\fInetmask\fR" @@ -476,7 +476,7 @@ When the switch is connected to the controller, it waits for a message to be received from the controller for \fIsecs\fR seconds before it sends a inactivity probe to the controller. After sending the inactivity probe, if no response is received for an additional -\fIsecs\fR seconds, the secure channel assumes that the connection has +\fIsecs\fR seconds, \fBovs-vswitchd\fR assumes that the connection has been broken and attempts to reconnect. .IP Changing the inactivity probe interval also changes the interval diff --git a/xenserver/vswitch-xen.spec b/xenserver/vswitch-xen.spec index e660027c..373bfb29 100644 --- a/xenserver/vswitch-xen.spec +++ b/xenserver/vswitch-xen.spec @@ -80,17 +80,17 @@ rm -rf \ $RPM_BUILD_ROOT/root/vswitch/bin/ovs-controller \ $RPM_BUILD_ROOT/root/vswitch/bin/ovs-discover \ $RPM_BUILD_ROOT/root/vswitch/bin/ovs-kill \ + $RPM_BUILD_ROOT/root/vswitch/bin/ovs-openflowd \ $RPM_BUILD_ROOT/root/vswitch/bin/ovs-pki \ $RPM_BUILD_ROOT/root/vswitch/bin/ovs-switchui \ $RPM_BUILD_ROOT/root/vswitch/bin/ovs-wdt \ - $RPM_BUILD_ROOT/root/vswitch/bin/secchan \ $RPM_BUILD_ROOT/root/vswitch/kernel_modules/veth_mod.ko \ $RPM_BUILD_ROOT/root/vswitch/sbin/ovs-monitor \ $RPM_BUILD_ROOT/root/vswitch/share/man/man8/ovs-controller.8 \ $RPM_BUILD_ROOT/root/vswitch/share/man/man8/ovs-discover.8 \ $RPM_BUILD_ROOT/root/vswitch/share/man/man8/ovs-kill.8 \ + $RPM_BUILD_ROOT/root/vswitch/share/man/man8/ovs-openflowd.8 \ $RPM_BUILD_ROOT/root/vswitch/share/man/man8/ovs-pki.8 \ - $RPM_BUILD_ROOT/root/vswitch/share/man/man8/secchan.8 \ $RPM_BUILD_ROOT/root/vswitch/share/openvswitch %clean -- 2.30.2