Ben Pfaff [Mon, 14 May 2012 18:26:36 +0000 (11:26 -0700)]
python: Break unixctl implementation into registry, client, and server.
I wish to add some unixctl commands to the Python vlog module. However,
importing ovs.unixctl in ovs.vlog creates a circular dependency, because
ovs.unixctl imports ovs.vlog already. The solution, in this commit, is to
break the unixctl module into three parts: a register (ovs.unixctl) that
does not depend on ovs.vlog, and client (ovs.unixctl.client) and server
(ovs.unixctl.server) modules that do. This breaks the circular dependency.
Ben Pfaff [Mon, 30 Apr 2012 23:49:59 +0000 (16:49 -0700)]
tests: Fix Emacs syntax highlighting in vlog.at.
[^"] confuses the Emacs syntax highlighter for Autotest mode. It thinks
that it terminates a quoted string and therefore everything following the
next " in the file is highlighted as if it was part of a quoted string.
Ben Pfaff [Tue, 22 May 2012 17:17:00 +0000 (10:17 -0700)]
Use PYTHONDONTWRITEBYTECODE=yes for invoking Python for build or test.
An upcoming commit will break the ovs.vlog module into an ovs.vlog package
with submodules. This commit makes switching between trees with the old
structure and those with the new structure much easier.
This commit works by setting PYTHONDONTWRITEBYTECODE=yes in Python
invocations from the build system and testing. This keeps Python 2.6+ from
creating .pyc and .pyo files. Creating .py[co] works OK for any given
version of Open vSwitch, but it causes trouble if you switch from a version
with foo/__init__.py into an (older) version with plain foo.py, since
foo/__init__.pyc will cause Python to ignore foo.py.
Ethan Jackson [Mon, 21 May 2012 20:20:18 +0000 (13:20 -0700)]
bridge: Ignore "null" interfaces as required.
Commit bae7208e91a0 (bridge: Refactor bridge_reconfigure().)
introduced a regression in which the switch would attempt to
instantiate "null" interfaces in the datapath. This would, of
course, fail and trigger a warning. Though harmless, these
warnings confused users.
Jesse Gross [Thu, 17 May 2012 18:43:15 +0000 (11:43 -0700)]
datapath: Reset upper layer protocol info on internal devices.
It's possible that packets that are sent on internal devices (from
the OVS perspective) have already traversed the local IP stack.
After they go through the internal device, they will again travel
through the IP stack which may get confused by the presence of
existing information in the skb. The problem can be observed
when switching between namespaces. This clears out that information
to avoid problems but deliberately leaves other metadata alone.
This is to provide maximum flexibility in chaining together OVS
and other Linux components.
Bug #10995
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Arun Sharma [Wed, 16 May 2012 18:39:55 +0000 (11:39 -0700)]
ovs-vsctl: Add "--all" option for "destroy" command in ovs-vsctl.
Adds the ability to delete all records from table. This will help
users to destroy all records from Qos or Queue table using single
command rather then current method.
Feature #11306 Suggested-by: Kevin Mancuso <kevin.mancuso@rackspace.com> Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
dpif-netdev: allow for proper destruction of netdev datapaths
Until now, bridges with datapath_type=netdev did not destroy the datapath
when deleted. In particular, the tap device implementing the internal
interface was not close()d, and therefore the tap persists until
ovs-vswitchd exit()s.
This behaviour was caused by the missing callback for 'enumerate' in the
dpif-netdev class. Without this callback 'bridge_reconfigure' failed to
realize that there are datapaths with no bridge, and thus cannot destroy
them. Providing an 'enumerate' callback fixes this.
Signed-off-by: Giuseppe Lettieri <g.lettieri@iet.unipi.it> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sun, 13 May 2012 23:41:05 +0000 (16:41 -0700)]
ovs-ofctl: Avoid impossible check for !osm in fetch_port_by_stats().
At the time of the call to ofpbuf_at(), we know that the ofp_stats_msg is
present because ofputil_decode_msg_type() reported that it was. Therefore,
we can use ofpbuf_at_assert() and don't have to check for a null pointer.
In ovs-bugtool, we do a bunch of Popen calls to
get the results of some shell commands with stdout
set to PIPE. Once we are done, we need to
close the file descriptors.
Arun Sharma [Wed, 9 May 2012 23:34:21 +0000 (16:34 -0700)]
bugtool: rename label names in plugins related to ovs-appctl
It improves to have proper out file name in bugtool archive with respect
to ovs-appctl commands. E.g. if command is 'ovs-appctl lacp/show' then
the related out file will be 'ovs-appctl-lacp-show.out'
Feature #11283. Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Arun Sharma [Wed, 9 May 2012 06:47:30 +0000 (23:47 -0700)]
bugtool: Collect bond state information from ovs.
This is an enhancement in bugtool archive output to determine the bond
state information. It is implemented as a plugin which internally calls
"ovs-appctl bond/show" command to get bond state.
Feature #11283. Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sat, 5 May 2012 18:07:42 +0000 (11:07 -0700)]
ofproto-dpif: Segregate CFM, LACP, and STP traffic into separate queues.
Until now, packets for these special protocols have been mixed with general
traffic in the kernel-to-userspace queues. This means that a big-enough
storm of new flows in these queues can cause packets for these special
protocols to be dropped at this interface, fooling userspace into believing
that, say, no CFM packets have been received even though they are arriving
at the expected rate.
This commit moves special protocols to a dedicated kernel-to-userspace
queue to avoid the problem.
Bug #7550. Signed-off-by: Ben Pfaff <blp@nicira.com>
Most exact-match flows can be handled directly in the datapath, but
for various reasons, some cannot: every packet in these flows must
be sent separately to userspace. Until now, flows that cannot be
handled entirely in the kernel have been allowed to miss each time
in the datapath. This is generally OK, but it has a few
disadvantages:
* It can make troubleshooting at the level where one must look
at datapath flows a bit confusing in some cases, because
datapath misses due to genuinely new flows are mixed in with
datapath misses for known flows that cannot be set up.
* It means that the kernel-to-userspace packets for a given
input port always go to a single kernel-to-userspace queue,
even if we'd like to segregate out some of the packets for
known flows. (An upcoming commit has examples.)
This commit therefore introduces the concept of a "slow path" flow,
one that is installed in the datapath with a single action that
sends the flow's packets to userspace. To make troubleshooting
easier, the action includes a reason code (displayed by "ovs-dpctl
dump-flows") that explains why the flow has been slow-pathed.
Bug #7550. Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sat, 5 May 2012 17:55:30 +0000 (10:55 -0700)]
ofproto-dpif: Introduce "internal flows" for handling flow table misses.
The ofproto-dpif implementation of "facet"s requires a facet to be
associated with an OpenFlow rule. Until now, this meant that packets
that miss in the OpenFlow table (and thus didn't have OpenFlow rules)
couldn't be set up as facets and thus couldn't be installed in the
kernel. This commit changes that, by introducing "internal" OpenFlow
rules to associate with such packets.
Ben Pfaff [Fri, 4 May 2012 21:56:40 +0000 (14:56 -0700)]
odp-util: Change user_action_cookie from struct to union.
An upcoming commit will introduce a new type and a new use for the
additional members. It seems cleanest to use a union, rather that using
the existing members multiple ways.
Ben Pfaff [Fri, 4 May 2012 21:52:17 +0000 (14:52 -0700)]
ofproto: Don't limit flows in OpenFlow tables by default.
This bug is ordinarily not exposed because bridge_configure_tables() in
bridge.c configures the max number of flows soon after an ofproto is
created. But an upcoming commit will make construct() in ofproto-dpif.c
try to create some built-in flows before bridge gets control, so we need
to allow creating flows immediately upon initialization.
Brian Kruger [Wed, 9 May 2012 16:13:42 +0000 (09:13 -0700)]
rhel: Add timeouts to network scripts.
If the daemon(s) aren't running for whatever reason, the RHEL ovs
ifup/ifdown scripts don't take that into account and an attempt to reboot a
system could take forever. (literally. endless loop!) Here are a couple of
patches (one of ifup, one for ifdown) to add timeouts (10 seconds), because
it runs per interface you have configured and that could take awhile to
reboot a system if needed.
Signed-off-by: Brian Kruger <bkruger+ovsdev@gmail.com>
[blp@nicira.com fixed up a conflict against master] Signed-off-by: Ben Pfaff <blp@nicira.com>
debian: Remove --no-wait option from the ifupdown script.
Using the --no-wait option in the ifupdown script creates a
race condition where-in the network devices may not yet be created
after ovs-vsctl returns successfully.
Justin Pettit [Sat, 5 May 2012 00:27:16 +0000 (17:27 -0700)]
ovs-ofctl: Support large number of ports with "show" command.
OpenFlow Features Reply messages prior to 1.3 can give users the wrong
impression about how many ports are on the system. With this commit,
the command will check if the number of ports may be truncated. If so,
it will send a Port Description stats request to get the complete list
and ignore the Features Reply port list.
Add function to determine whether the max number of ports are contains
in a Features Reply. If so, it removes the port list, since it may be
incomplete. This function will be used in a later commit.
Justin Pettit [Fri, 4 May 2012 21:42:04 +0000 (14:42 -0700)]
ofproto: Add support for OF1.3 port description multipart message.
OpenFlow 1.0 is limited to displaying 1364 ports in the Features Reply
message, and there is no other way to get consolidated port information.
OpenFlow 1.3 adds a new port description multipart message
(OFPMP_PORT_DESC) that is not limited by size. This commit adds support
through the OpenFlow 1.0 stats mechanism, since they have complimentary
enum values.
Justin Pettit [Wed, 2 May 2012 23:35:49 +0000 (16:35 -0700)]
OpenFlow: Move stats message enums into "common".
We will be adding some OpenFlow 1.3 stats (aka multipart request)
messages to our OpenFlow 1.0 implementation. As such, move the
definition of those message numbers to the common location.
Pravin B Shelar [Tue, 8 May 2012 00:04:57 +0000 (17:04 -0700)]
datapath: Validation of IPv6 set port action uses IPv4 header
When the kernel validates set TCP/UDP port actions, it looks at
the ports in the existing flow to make sure that the L4 header exists.
However, these actions always use the IPv4 version of the struct.
Following patch fixes this by checking for flow ip protocol first.
Ben Pfaff [Mon, 7 May 2012 19:30:54 +0000 (12:30 -0700)]
ofp-util: Treat a packet-out in_port of OFPP_CONTROLLER as OFPP_NONE.
Some OpenFlow 1.0 controllers incorrectly use OPFP_CONTROLLER as the
in_port in packet-out messages, when OFPP_NONE is their intent. Until now,
Open vSwitch has rejected such requests with an error message. This commit
makes Open vSwitch instead treat OFPP_CONTROLLER the same as OFPP_NONE for
compatibility with those controllers.
(Also, as of this writing, OpenFlow 1.0.1 appears to be changing the port
to use from OFPP_NONE to OFPP_CONTROLLER.)
Suggested-by: Rob Sherwood <rob.sherwood@bigswitch.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 4 May 2012 17:05:44 +0000 (10:05 -0700)]
ofproto-dpif: Accept OpenFlow-like flows in "ofproto/trace".
Until now it has not been possible to directly trace flows that include
register values and other concepts that are not in datapath flows, because
"ofproto/trace" requires a flow in the format output by "ovs-dpctl
dump-flows", which doesn't know anything about registers. This commit
makes it possible to instead specify an OpenFlow-like flow.
Feature #10084. Requested-by: Igor Ganichev <iganichev@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 4 May 2012 16:52:37 +0000 (09:52 -0700)]
ofp-parse: New function parse_ofp_exact_flow().
This function parses a flow rather than a cls_rule. It will be useful
for "ofproto/trace", which currently requires an odp_flow and thus can't
accept values for registers and other concepts that don't exist in the
kernel.
Ben Pfaff [Fri, 27 Apr 2012 16:41:02 +0000 (09:41 -0700)]
ofp-util: Avoid ovs_fatal() in ofputil_parse_key_value().
ofputil_parse_key_value() is safe to use from a process that must not abort
except in one case: where the argument contains unbalanced parentheses.
This commit eliminates that call to ovs_fatal(), instead just treating the
end of the string as closing all nested parentheses.
It would be better to propagate the error condition upward, but I'm not
sure that it's worth it just for this one corner case.
The purpose of this commit is to make it possible to use this function
indirectly within the "ofproto/trace" implementation, which must never
abort ovs-vswitchd. (All the current callers are within ovs-ofctl and
other utilities.)
Add scripts that will allow Open vSwitch bridges and ports to be
configured through /etc/network/interfaces. This patch follows a
very similar style as OVS network integration for rhel.
Justin Pettit [Wed, 2 May 2012 17:20:07 +0000 (10:20 -0700)]
ofproto: Rate-limit STP status errors on non-existent ports.
As part of the bridge's main loop, it queries the STP status of all
ports. If the port doesn't exist, log files can become filled with
warning messages. This situation is very unusual, since system devices
do not normally disappear, but it's easy enough to rate-limit these
messages.
Ben Pfaff [Tue, 1 May 2012 23:24:09 +0000 (16:24 -0700)]
DESIGN: Document uses for flow cookies.
The paragraph near the end that starts out "However, unlike OpenFlow 1.1,
..." seems to correctly document OVS behavior, but it also seems like
pretty lousy behavior. Justin says that he's going to fix it before we
put out an OVS release version with this behavior.
CC: Justin Pettit <jpettit@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 1 May 2012 22:36:44 +0000 (15:36 -0700)]
ovs-ctl: Make "force-reload-kmod" warn when DHCP clients must be restarted.
This should make it more obvious when the admin needs to restart a DHCP
client (or other daemon). Without this, unless the admin carefully reads
the documentation, the first notice he gets about a need to restart the
DHCP client can easily be when the lease expires and the machine drops off
the network.
Ben Pfaff [Thu, 26 Apr 2012 22:54:54 +0000 (15:54 -0700)]
ofp-print: Add some more white space to flow dumps.
Before idle_age and hard_age were added, in the absence of timeouts there
was a space between the statistics for a flow and the start of the flow
match. This restores that space.
Requested-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 30 Apr 2012 20:56:49 +0000 (13:56 -0700)]
connmgr: Log when controllers are added and removed.
Otherwise occasionally during debugging it can hard to figure out why a
controller connection seemed to drop for a while (when in fact it happened
because the configuration changed).
Suggested-by: Natasha Gude <natasha@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 30 Apr 2012 17:47:51 +0000 (10:47 -0700)]
ovs-bugtool: Add "ovs-vsctl show" output to bugtool.
The information output by "ovs-vsctl show" is a subset of that available
elsewhere in bugtool output, but it is human-readable instead of needing
to be processed through ovsdb-server or ovsdb-tool, so it is much more
convenient for basic diagnosis.
xenserver: Update Open vSwitch post upgrade instructions.
Currently, when we upgrade the userspace rpm for XenServer,
we print a message asking users to reboot the hypervisor.
This is not needed. The reboot of hypervisor is needed when
we upgrade the rpm containing the kernel module. This
reboot can sometimes be avoided by running a
"service openvswitch force-reload-kmod".
Ethan Jackson [Thu, 26 Apr 2012 04:12:18 +0000 (21:12 -0700)]
rconn: Simplify rconn_send() semantics.
Before this patch, rconn_send() would delete 'b' on success, and
not on error. This is confusing and error-prone. This patch
causes rconn_send() to always delete 'b'.
Ben Pfaff [Fri, 20 Apr 2012 21:09:30 +0000 (14:09 -0700)]
coverage: Make ovs-appctl command more useful and less alarming.
I've had a few complaints that ovs-vswitchd logs its coverage counters
at WARN level, but this is mainly wrong: ovs-vswitchd only logs coverage
counters at WARN level when the "coverage/log" command is used through
ovs-appctl. This was even documented.
The reason to log at such a high level was to make it fairly certain that
these messages specifically requested by the admin would not be filtered
out before making it to the log. But it's even better if the admin just
gets the coverage counters as a reply to the ovs-appctl command. So that
is what this commit does.
This commit also improves the documentation of the ovs-appctl command.
I'd always assumed that the exponentially weighted moving average code in
timeval was enough rate-limiting, but I actually encountered a pathological
case some time ago that forced this coverage information to print once a
second or so, which seems too often.
Ben Pfaff [Fri, 20 Apr 2012 20:43:54 +0000 (13:43 -0700)]
timeval: Rate-limit logging rusage information.
I'd always assumed that the exponentially weighted moving average code
here was sufficient rate-limiting, but I actually encountered a
pathological case some time ago that forced this rusage information to
print once a second or so, which seems too often.
Ben Pfaff [Fri, 20 Apr 2012 21:52:16 +0000 (14:52 -0700)]
cfm: Log fault status changes more informatively.
Until now, fault status changes just log the new status. This means that
the administrator has to find two consecutive status change messages to
see what actually changed.
This commit changes the log message format to prefix new faults with '+'
and faults that disappeared with '-'. Existing faults that are still
present are not prefixed.
This also simplifies the code a little by making ds_put_cfm_fault()
put spaces before fault names instead of after.
Ben Pfaff [Thu, 26 Apr 2012 16:48:28 +0000 (09:48 -0700)]
json: Correct position tracking in JSON parser implementations.
When json_lex_input() returns false, the parser does not consume the byte
passed in. That byte will get processed again in the next iteration of
the json_parser_feed() loop. Therefore, until now, this code has
double-counted bytes that cause a false return from json_lex_input().
This fixes the problem. Every input byte is now counted only once.
Ben Pfaff [Tue, 24 Apr 2012 17:57:41 +0000 (10:57 -0700)]
jsonrpc: Keep jsonrpc_recv() from taking over the CPU.
jsonrpc_recv() could take an unbounded amount of CPU time as long as data
kept arriving, preventing other work from taking place. This limits the
amount of work to processing at most 25 kB of received data and then
yielding to the caller.
Simon Horman [Wed, 25 Apr 2012 01:18:30 +0000 (10:18 +0900)]
Add OXM data to mf_fields
Add oxm_name and oxm_header elements to struct mf_field
and populate those entries for fields that are present
in both NXM and the OXM basic class.
This implementation was suggested by Ben Pfaff.
This does not address any possible differences in the NXM and
OXM basic class fields, for instance different maskability.
That may be addressed later as needed.
Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 24 Apr 2012 23:53:01 +0000 (16:53 -0700)]
vswitchd: Clean up iface_create().
iface_create() did its work in an order that meant it had to do a lot more
cleanup on error paths than is otherwise needed. This commit reorders the
work to avoid this extra cleanup.
bridge_ofproto_port_del() is no longer used after the refactoring so this
commit deletes it.