David Marchand [Wed, 16 Jan 2019 02:58:15 +0000 (18:58 -0800)]
conntrack: fix tcp seq adjustments when mangling commands.
The ftp alg deals with packets in two ways for the command connection:
either they are inspected and can be mangled when nat is enabled
(CT_FTP_CTL_INTEREST) or they just go through without being modified
(CT_FTP_CTL_OTHER).
For CT_FTP_CTL_INTEREST packets, we must both adjust the packet tcp seq
number by the connection current offset, then prepare for the next
packets by setting an accumulated offset in the ct object. However,
this was not done for multiple CT_FTP_CTL_INTEREST packets for the same
connection.
This is relevant for handling multiple child data connections that also
need natting.
The tests are updated so that some ftp+NAT tests send multiple port
commands or other similar commands for a single control connection.
Wget is not able to do this, so switch to lftp.
Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.") Co-authored-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: David Marchand <david.marchand@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Sat, 15 Dec 2018 02:16:54 +0000 (18:16 -0800)]
odp-util: Avoid revalidation error for masked NSH set action.
A masked NSH set action has mdtype 0 because the mdtype is not being
changed, but odp_nsh_key_from_attr() rejects this because mdtype 0 does
not match up with the OVS_NSH_KEY_ATTR_MD1 attribute being present. This
fixes the problem.
The kernel datapath in flow_netlink function nsh_key_put_from_nlattr() has
a similar exception.
Acked-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Sat, 15 Dec 2018 02:16:53 +0000 (18:16 -0800)]
Fix bugs in L3 protocol support.
Test 854 "tunnel_push_pop - action" showed problems in revalidation for
L3 protocol support in its L3 GRE test. L3 packets (that is, packets
without an Ethernet header but only some L3 protocol such as IPv4 or IPv6)
have an Ethernet type that is kept in the dl_type member of the flow, and
the flows that they pass through can cause L3 and L4 fields to be matched.
However, the translation process incorrectly forced the dl_type to be
wildcarded, which caused a contradiction since it's not possible to match
on L3 and L4 fields if the dl_type is not known, and the code in
odp_flow_key_to_flow() and related functions therefore rejected these flows
at revalidation time.
This commit fixes the problem by treating dl_type the same for L2 and L3
flows in translation. It also makes odp_flow_key_to_flow__() copy the
Ethernet type that comes from a packet_type field into dl_type, which is
the expected behavior.
The actual error that this fixes is only visible after applying an upcoming
commit that improves logging for bad datapath flows.
Acked-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yi-Hung Wei [Mon, 7 Jan 2019 23:48:19 +0000 (15:48 -0800)]
selinux: Add missing permissions for ovs-kmod-ctl
Starting from OVS 2.10, ovs-vswitchd may fail to run after system reboot
since it fails to load ovs kernel module. It is because the conntrack
zone limit feature introduced in OVS 2.10 now depends on
nf_conntrack_ipv4/6 kernel module, and the SELinux prevents it to load the
two kernel modules.
Example log of the AVC violations:
type=AVC msg=audit(1546903594.735:29): avc: denied { execute_no_trans }
for pid=820 comm="modprobe" path="/usr/bin/bash" dev="dm-0" ino=50337111
scontext=system_u:system_r:openvswitch_load_module_t:s0
tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
Ben Pfaff [Wed, 12 Dec 2018 20:28:34 +0000 (12:28 -0800)]
connmgr: Do not send asynchronous messages to rconns lacking protocols.
There are corner cases in which an rconn might not have a defined OpenFlow
protocol or version. These happen at connection startup, before the
protocol version has been negotiated, and can also happen when a connection
is being shut down. It's desirable to avoid these situations entirely,
but so far we haven't managed to do this. This commit avoids trying to
send messages to such connection, which is what really tends to get OVS in
trouble since there's no way to construct an OpenFlow message without
knowing what version of OpenFlow to use (with a few exceptions that don't
matter here).
Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2018-December/047876.html Reported-by: Josh Bailey <joshb@google.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yunjian Wang [Fri, 18 Jan 2019 05:38:58 +0000 (13:38 +0800)]
odp-util: Fix parsing QinQ packet in parse_8021q_onward.
A problem the userspace datapath failed to create a new datapath flow
when dealing with QinQ packets(the flow includeing ip,udp,etc). L2-L5
header should be considered before parsing the second 802.1Q header.
Fixes: f0fb825a3785 ("Add support for 802.1ad (QinQ tunneling)") Signed-off-by: Yunjian Wang <wangyunjian@huawei.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Fri, 18 Jan 2019 08:56:50 +0000 (11:56 +0300)]
dpif-netdev: Per-port configurable EMC.
Conditional EMC insert helps a lot in scenarios with high numbers
of parallel flows, but in current implementation this option affects
all the threads and ports at once. There are scenarios where we have
different number of flows on different ports. For example, if one
of the VMs encapsulates traffic using additional headers, it will
receive large number of flows but only few flows will come out of
this VM. In this scenario it's much faster to use EMC instead of
classifier for traffic from the VM, but it's better to disable EMC
for the traffic which flows to VM.
To handle above issue introduced 'emc-enable' configurable to
enable/disable EMC on a per-port basis. Ex.:
ovs-vsctl set interface dpdk0 other_config:emc-enable=false
EMC probability kept as is and it works for all the ports with
'emc-enable=true'.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Acked-by: Kevin Traynor <ktraynor@redhat.com> Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Ben Pfaff [Thu, 10 Jan 2019 23:38:01 +0000 (15:38 -0800)]
poll-loop: Set poll loop initial deadline to LLONG_MAX.
This is consistent with the re-initialization value that poll_block() uses.
It is better than 0 because the monotonic clock can have a negative value,
even though that is rare and pathological.
Found by inspection.
Acked-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yifeng Sun [Thu, 17 Jan 2019 18:22:12 +0000 (10:22 -0800)]
odp-util: Fix a bug in parse_odp_push_nsh_action
In this piece of code, 'struct ofpbuf b' should always point to
metadata so that metadata can be filled with values through ofpbuf
operations, like ofpbuf_put_hex and ofpbuf_push_zeros. However,
ofpbuf_push_zeros may change the data pointer of 'struct ofpbuf b'
and therefore, metadata will not contain the expected values.
This patch fixes it by changing ofpbuf_push_zeros to
ofpbuf_put_zeros.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10863 Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ophir Munk [Thu, 17 Jan 2019 18:42:35 +0000 (18:42 +0000)]
netdev-dpdk: support port representors
Dpdk port representors were introduced in dpdk versions 18.xx.
Prior to port representors there was a one-to-one relationship
between an rte device (e.g. PCI bus) and an eth device (referenced as
dpdk port id in OVS). With port representors the relationship becomes
one-to-many rte device to eth devices.
For example in [3] there are two devices (representors) using the same
PCI physical address 0000:08:00.0: "0000:08:00.0,representor=[3]" and
"0000:08:00.0,representor=[5]".
This commit handles the new one-to-many relationship. For example,
when one of the device port representors in [3] is closed - the PCI bus
cannot be detached until the other device port representor is closed as
well. OVS remains backward compatible by supporting dpdk legacy PCI
ports which do not include port representors.
Dpdk port representors related commits are listed in [1]. Dpdk port
representors documentation appears in [2]. A sample configuration
which uses two representors ports (the output of "ovs-vsctl show"
command) is shown in [3].
[1] e0cb96204b71 ("net/i40e: add support for representor ports") cf80ba6e2038 ("net/ixgbe: add support for representor ports") 26c08b979d26 ("net/mlx5: add port representor awareness")
Yifeng Sun [Wed, 16 Jan 2019 22:37:08 +0000 (14:37 -0800)]
ofp-actions: Avoid overflow for ofpact_learn_spec->n_bits
ofpact_learn_spec->n_bits is the size of immediate data that is
following ofpact_learn_spec. Now it is defined as 'uint8_t'.
In many places, it gets its value directly from mf_subfield->n_bits,
whose type is 'unsigned int'. If input is large enough, there will
be uint8_t overflow.
For example, the following command will make ovs-ofctl crash:
ovs-ofctl add-flow br0 "table=0, priority=0, action=learn(limit=20 tun_metadata15=0x60ff00000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002fffffffffffffff0ffffffffffffffffffffffffffff)"
This patch fixies this issue by changing type of ofpact_learn_spec->n_bits
from uint8_t to uint32_t.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11870 Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Han Zhou [Wed, 16 Jan 2019 21:45:10 +0000 (13:45 -0800)]
sandbox: Fix env for clustered OVN DBs.
When ovn clustered mode is specified, the environment veriables
OVN_NB_DB/OVN_SB_DB are wrong. It should be something like
unix:nb1,unix:nb2,unix:nb3 but it turns out to be unix:nb1,unix:nb1,unix:nb2.
So when nb3 becomes leader, the connection will always fail.
It is caused by using an undefined variable $n resulting in the
unexpected result of `seq 2 $n`. This patch fixed it by using the
correct variable $servers.
Signed-off-by: Han Zhou <hzhou8@ebay.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Mark Michelson [Wed, 16 Jan 2019 15:37:06 +0000 (10:37 -0500)]
ovn: Add port addresses to IPAM later.
ipam_add_port_adresses() needs to be called after the peer field is set
on the ovn_port structures. This way, addresses taken by peered router
ports will be added to the logical switch's IPAM and therefore will be
barred from assignment to other ports.
Reported-by: Girish Moodalbail <gmoodalbail@nvidia.com> Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ian Stokes [Tue, 6 Nov 2018 21:17:38 +0000 (21:17 +0000)]
travis: Add dpdk shared library build.
Add travis builds for DPDK as a shared library.
Currently the DPDK builds in travis only compile DPDK as a static library.
With static builds in DPDK there is a risk that if a function is not
exported then it will not be supported when DPDK is used as a shared library.
This commit adds the option to build DPDK as a shared library. Also two
build jobs are added to the travis.yml whereby a shared DPDK is built
with both static and shared OVS libraries.
Signed-off-by: Ian Stokes <ian.stokes@intel.com> Acked-by: Tiago Lam <tiago.lam@intel.com> Acked-by: Kevin Traynor <ktraynor@redhat.com>
Nitin Katiyar [Wed, 16 Jan 2019 05:41:43 +0000 (05:41 +0000)]
Adding support for PMD auto load balancing
Port rx queues that have not been statically assigned to PMDs are currently
assigned based on periodically sampled load measurements.
The assignment is performed at specific instances – port addition, port
deletion, upon reassignment request via CLI etc.
Due to change in traffic pattern over time it can cause uneven load among
the PMDs and thus resulting in lower overall throughout.
This patch enables the support of auto load balancing of PMDs based on
measured load of RX queues. Each PMD measures the processing load for each
of its associated queues every 10 seconds. If the aggregated PMD load reaches
95% for 6 consecutive intervals then PMD considers itself to be overloaded.
If any PMD is overloaded, a dry-run of the PMD assignment algorithm is
performed by OVS main thread. The dry-run does NOT change the existing
queue to PMD assignments.
If the resultant mapping of dry-run indicates an improved distribution
of the load then the actual reassignment will be performed.
The automatic rebalancing will be disabled by default and has to be
enabled via configuration option. The interval (in minutes) between
two consecutive rebalancing can also be configured via CLI, default
is 1 min.
Following example commands can be used to set the auto-lb params:
ovs-vsctl set open_vswitch . other_config:pmd-auto-lb="true"
ovs-vsctl set open_vswitch . other_config:pmd-auto-lb-rebalance-intvl="5"
Terry Wilson [Mon, 14 Jan 2019 14:15:36 +0000 (08:15 -0600)]
Un-revert Work around Python/C JSON unicode differences
This fix was reverted because it depended on a small bit of code
in a patch that was reverted that changed some python/ovs testing
and build. The fix is still necessary.
The OVS C-based JSON parser operates on bytes, so the parser_feed
function returns the number of bytes that are processed. The pure
Python JSON parser currently operates on unicode, so it expects
that Parser.feed() returns a number of characters. This difference
leads to parsing errors when unicode characters are passed to the
C JSON parser from Python.
Acked-by: Lucas Alvares Gomes <lucasagomes@gmail.com> Signed-off-by: Terry Wilson <twilson@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Mon, 14 Jan 2019 15:04:32 +0000 (18:04 +0300)]
checkpatch: Check style of FOREACH loops.
Current checkpatch rules matches only OVS 'FOR_EACH' loops.
This change will apply same style checks for DPDK iterators
like 'RTE_ETH_FOREACH_MATCHING_DEV () {}'.
Ilya Maximets [Tue, 15 Jan 2019 14:03:00 +0000 (17:03 +0300)]
python: Escape backslashes while formatting logs.
Since python version 3.7 (and some 3.6+ versions) regexp engine
changed to treat the wrong escape sequences as errors. Previously,
if the replace string had something like '\u0000', '\u' was
qualified as a bad escape sequence and treated just as a sequence
of characters '\' and 'u'. But know this triggers an error:
Traceback (most recent call last):
File "/usr/lib/python3.7/sre_parse.py", line 1021, in parse_template
this = chr(ESCAPES[this][1])
KeyError: '\\u'
From the documentation [1]:
Unknown escapes consisting of '\' and an ASCII letter in replacement
templates for re.sub() were deprecated in Python 3.5, and will now
cause an error.
We need to escape the backslash by another one to keep regexp engine
from errors. In case of '\\u000', '\\' is a valid escape sequence
and the 'u' is a simple character.
To be 100% safe we need to use 're.escape(replace)', but it escapes
too many characters making the logs hard to read.
This change fixes Python 3 tests on systems with python 3.7.
Should be backward compatible.
Reported-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Thu, 10 Jan 2019 23:23:45 +0000 (15:23 -0800)]
python: Fix invalid escape sequences.
It appears that Python silently treats invalid escape sequences in
strings as literals, e.g. "\." is the same as "\\.". Newer versions of
checkpatch complain, and it does seem reasonable to me to fix these.
Ilya Maximets [Fri, 11 Jan 2019 08:09:19 +0000 (11:09 +0300)]
vconn: Fix using of uninitialized deadline.
Typo introduced while making minor refactoring before applying the
patch.
Fixes logic and the clang build:
lib/vconn.c:707:47: error:
variable 'deadline' is uninitialized when
used within its own initialization [-Werror,-Wuninitialized]
? time_msec() + deadline
^~~~~~~~
Acked-by: Kevin Traynor <ktraynor@redhat.com> Fixes: 04895042e9f6 ("vconn: Allow timeout configuration for blocking connection.") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Wed, 29 Aug 2018 18:14:31 +0000 (11:14 -0700)]
ofproto: Handle multipart requests with multiple parts.
OpenFlow has a concept of multipart messages, that is, messages that can be
broken into multiple pieces that are sent separately. Before OpenFlow 1.3,
only replies could actually have multiple pieces. OpenFlow 1.3 introduced
the idea that requests could have multiple pieces. This is only useful for
multipart requests that take an array as part of the request, which amounts
to only flow monitoring requests and table features requests. So far, OVS
hasn't implemented the multipart versions of these (it just reports an
error). This commit introduces the necessary infastructure to implement
them properly.
Acked-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Wed, 9 Jan 2019 17:30:17 +0000 (20:30 +0300)]
vconn: Allow timeout configuration for blocking connection.
On some systems in case where remote is not responding, socket could
remain in SYN_SENT state for a really long time without errors waiting
for connection. This leads to situations where vconn connection hangs
for a few minutes waiting for connection to the DOWN remote.
For example, this situation emulated by "refuse-connection" vconn
testcase. This leads to test failures because Alarm signal arrives much
faster than ETIMEDOUT from the socket:
./vconn.at:21: ovstest test-vconn refuse-connection tcp
Alarm clock
stderr:
|socket_util|INFO|0:127.0.0.1: listening on port 63812
|poll_loop|DBG|wakeup due to 0-ms timeout
|poll_loop|DBG|wakeup due to 10155-ms timeout
|fatal_signal|WARN|terminating with signal 14 (Alarm clock)
./vconn.at:21: exit code was 142, expected 0
vconn.at:21: 535. tcp vconn - refuse connection (vconn.at:21): FAILED
This patch allowes to specify timeout value for vconn blocking
connections. If the connection takes more time, socket will be closed
with ETIMEDOUT error code. Negative value could be used to wait
infinitely.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Wed, 9 Jan 2019 17:30:16 +0000 (20:30 +0300)]
stream: Allow timeout configuration for open_block.
On some systems in case where remote is not responding, socket could
remain in SYN_SENT state for a really long time without errors waiting
for connection. This leads to situations where open_blok() hangs for
a few minutes waiting for connection to the DOWN remote.
For example, our "multiple remotes" idl tests hangs waiting for
connection to the WRONG_PORT on FreeBSD in CirrusCI environment.
This leads to test failures because Alarm signal arrives much faster
than ETIMEDOUT from the socket.
This patch allowes to specify timeout value for 'open_block' function.
If the connection takes more time, socket will be closed with
ETIMEDOUT error code. Negative value or None in python could be
used to wait infinitely.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
# ovs-ofctl -O OpenFlow15 insert-buckets br0 "group_id=10,type=select command_bucket_id=last,bucket=bucket_id=3,weight=100,actions=output:1"
ovs-ofctl: type is not needed
# ovs-ofctl -O OpenFlow15 insert-buckets br0 "group_id=10 command_bucket_id=last,bucket=bucket_id=3,weight=100,actions=output:1"
ovs-ofctl: Only select groups can have bucket weights.
This patch can help us. However, for other types that are not select, the
check of the parameters is not strict, but it does not affect their
function, because other types do not use this weight parameter.
Signed-off-by: solomon <liwei.solomon@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Eli Britstein [Wed, 26 Dec 2018 07:36:22 +0000 (09:36 +0200)]
netdev-tc-offloads: Support IPv6 hlimit rewrite
Add support for IPv6 hlimit field.
Signed-off-by: Eli Britstein <elibr@mellanox.com> Reviewed-by: Paul Blakey <paulb@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
Eli Britstein [Wed, 26 Dec 2018 07:34:35 +0000 (09:34 +0200)]
netdev-tc-offloads: Do not set 0 port attribute to TC tunnel
For non UDP tunnels as GRE there is no UDP port, i.e initialized to 0.
Do not set the port attribute in such case.
Signed-off-by: Eli Britstein <elibr@mellanox.com> Reviewed-by: Paul Blakey <paulb@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
Lorenzo Bianconi [Fri, 28 Dec 2018 17:18:04 +0000 (18:18 +0100)]
OVN: add mac address only support to IPAM/MACAM
Add the capability to assign just L2 address to IPAM/MACAM since
in the current implementation either subnet or ipv6_prefix are mandatory
to enable IPAM
Tested-by: Yossi Segev <ysegev@redhat.com> Acked-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Han Zhou [Tue, 18 Dec 2018 22:18:34 +0000 (14:18 -0800)]
ovn-sb.ovsschema: Avoid duplicated IPs in Encap table.
When adding a new chassis, if there is an old chassis with same IP
existed in Encap table, it is allowed to be added today. However,
allowing it to be added results in problems:
1. The new chassis cannot work because none of the other chassises
are able to create tunnel to it, because of the IP confliction
with already existed tunnel to the old chassis.
2. All the other chassises will continuously retry creating the tunnel
and complaining about the error.
So, instead of hiding the problem, it is better to expose it while
trying to add the second chassis with duplicated IP. This patch
ensures it from the ovsdb schema.
Signed-off-by: Han Zhou <hzhou8@ebay.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yifeng Sun [Thu, 27 Dec 2018 00:52:23 +0000 (16:52 -0800)]
odp-util: Fix fuzz runtime error of invalid dont_send value
Oss-fuzz complains that (struct user_action_cookie)->controller->dont_send
has invalid vlue, like below:
runtime error: load of value 26, which is not a valid value for type 'bool'
From this piece of code "cookie.controller.dont_send ? 1 : 0", it looks
like that we want to tolerate values than 0 and 1.
Thus, this patch changes the types of dont_send and continuation from bool
to uint8_t in order to make oss-fuzz happy.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11330 Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
David Marchand [Fri, 21 Dec 2018 13:29:59 +0000 (14:29 +0100)]
system-traffic.at: avoid a race condition on monitor log
Rather than letting the test framework kill any remaining ofctl monitor,
ask and wait for it to gracefully exit before looking at the log file.
This solves random failures of tests 29, 30 and 50.
Signed-off-by: David Marchand <david.marchand@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
luzhipeng-zte [Sat, 22 Dec 2018 15:13:42 +0000 (23:13 +0800)]
fix rpmbuild fails for rhel
This patch fixes the rpm build fail for rhel. The error is:
Checking for unpackaged file(s): /usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/openvswitch-2.10.0-1.x86_64
error: Installed (but unpackaged) file(s) found:
/usr/share/openvswitch/scripts/ovs-monitor-ipsec
Signed-off-by: ZhiPeng LU <luzhipeng@uniudc.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Wed, 26 Dec 2018 15:23:59 +0000 (18:23 +0300)]
ovsdb-idl.at: Increase timeouts for tests with multiple remotes.
Tests with multiple remotes always involves connection attempts
to the wrong destinations. This includes few reconnection cycles
for 1 second each and also possible long timeouts for blocking
connections.
Let's increase the timeouts for these tests to allow them finish
successfully.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Wed, 26 Dec 2018 15:23:57 +0000 (18:23 +0300)]
ovsdb-idl.at: Better choosing of wrong ports.
On some systems (ex. FreeBSD) kernel could allocate outcoming tcp ports
too close to the listening port of ovsdb-server. This could lead to having
outcoming tcp port of test-ovsdb application equal to one of the
WRONG_PORTs. In this case self-connection to the WRONG_PORT succeeds and
fails the tests:
Ilya Maximets [Wed, 26 Dec 2018 15:23:54 +0000 (18:23 +0300)]
python: jsonrpc: Pick new remote on disconnect.
If attempt to open non-blocking connection results with EINPROGRESS,
further polling will trigger DISCONNECT action in case of failures.
While handling this action, jsonrpc python library closes the
connection but does not change the current remote. This leads to
subsequent connection to the same remote. And the story starts from
the beginning producing infinite attempts to connect to a single
remote regardless of existense of others. Like this:
Fix that by always picking the new remote on disconnect.
This mimics the behaviour of jsonrpc C library.
Fixes "multiple remotes" tests on FreeBSD.
CC: Numan Siddique <nusiddiq@redhat.com> Fixes: 31e434fc985c ("python jsonrpc: Allow jsonrpc_session to have more than one remote.") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Anand Kumar [Fri, 9 Nov 2018 19:08:33 +0000 (11:08 -0800)]
datapath-windows: Use layers info to extract IP header in IpFragment
- Rely on layers l3Offset field to get offset of IP header.
- Aslo fix passing 'newNbl' to IP fragment which is not required.
- Fixed including a header file twice.
Signed-off-by: Anand Kumar <kumaranand@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org>
Ilya Maximets [Thu, 20 Dec 2018 17:23:12 +0000 (20:23 +0300)]
ofproto-dpif.at: Make sFlow sampling tests invariant to IP version.
sflow.log reports the first ip address of the 'loopback' interface.
It could be different on different systems. For example, on FreeBSD
IPv6 [::1] address goes first despite of IPv4 127.0.0.1 on Linux.
Let's just replace it to IPv4 always to make tests work.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Thu, 20 Dec 2018 17:31:39 +0000 (20:31 +0300)]
ofproto-macros.at: Ignore attempts to open '127.0.0.1' as a device.
While configuring sFlow agent OVS tries to treat the value as a name
of the interface at first, after that it tries to treat it as an ip
address. While trying to create netdev from the 'agent', netdev-bsd
calls 'netdev_get_flags()' which produces following warning:
failed to get flags for network device 127.0.0.1
This does not happen with netdev-linux because it uses its own
implementation of 'get_flags' while creating the netdev.
Let's just ignore the warning for sFlow tests.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Thu, 20 Dec 2018 17:35:57 +0000 (20:35 +0300)]
python: Catch setsockopt exceptions for TCP stream.
'sock.setsockopt' could throw exceptions. For example, if non-blocking
connection failed before the call:
Traceback (most recent call last):
File "../.././test-ovsdb.py", line 896, in <module>
main(sys.argv)
File "../.././test-ovsdb.py", line 891, in main
func(*args)
File "../.././test-ovsdb.py", line 604, in do_idl
ovs.stream.Stream.open(r))
File "/root/git_/ovs/python/ovs/stream.py", line 190, in open
error, sock = cls._open(suffix, dscp)
File "/root/git_/ovs/python/ovs/stream.py", line 744, in _open
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
File "/usr/local/lib/python2.7/socket.py", line 228, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 54] Connection reset by peer
This fixes tests on FreeBSD.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Wed, 19 Dec 2018 15:00:20 +0000 (18:00 +0300)]
odp.at: Make 'sed -i' BSD compatible.
'sed -i' on FreeBSD always expects backup filename extention
passed while GNU version expects it only if specified without
extra space after the '-i'. Let's specify the backup extention
to make BSD sed work.
This fixes test on FreeBSD.
CC: Joe Stringer <joe@ovn.org> Fixes: 07659514c3c1 ("Add support for connection tracking.") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Tue, 18 Dec 2018 15:56:16 +0000 (18:56 +0300)]
odp-util: Don't try to parse geneve data if not provided.
Despite of linux, 'strtoull' on FreeBSD sets errno to EINVAL in case
of no digits found. This causes odp_flow parsing failure if
there is no geneve data inside it. For example, ovs fails to parse
following flow on FreeBSD:
Ilya Maximets [Tue, 18 Dec 2018 12:54:53 +0000 (15:54 +0300)]
ovn.at: Drop bash specific 'function' keyword.
This keyword is not portable and also optional in bash.
Fixes test on FreeBSD.
CC: Miguel Angel Ajo <majopela@redhat.com> Fixes: 508b7f961bd6 ("ovn: l3ha, make is_chassis_active aware of gateway_chassis") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Tue, 18 Dec 2018 16:38:27 +0000 (19:38 +0300)]
stopwatch: Fix qsort comparison function.
Current version is broken because it converts first argument to
integer and after that substracts the duoble value. At the end
the result converted to integer again.
This does not cause unit test failures because qsort on linux
accidentially makes right order. On FreeBSD this leads to the
test failure:
projects / mirror_ovs.git / log