Ben Pfaff [Fri, 14 Jul 2017 19:51:43 +0000 (12:51 -0700)]
ofp-util: Update OpenFlow 1.6 port support to track latest proposal.
The latest updates to the OpenFlow 1.6 proposal removes the hw_addr_type
fields from ofp_port and ofp_port_mod. This commit updates the OVS
prototype to match the updated proposal.
ONF-JIRA: EXT-566 Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Joe Stringer [Wed, 6 Sep 2017 22:12:52 +0000 (15:12 -0700)]
ofproto-dpif-upcall: Transition ukey on dp_ops error.
In most situations, we don't expect that a flow we've successfully
dumped, which we intend to delete, cannot be deleted. However, to make
this code more resilient to ensure that ukeys *will* transition in all
cases (including an error at this stage), grab the lock and transition
this ukey forward to the evicted state, effectively treating a failure
to delete as "this flow is already gone".
If we subsequently find out that it wasn't deleted, then that's ok - we
will re-dump, and validate at that stage, which should lead to creating
a new ukey or deleting the datapath flow when that happens.
Signed-off-by: Joe Stringer <joe@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Greg Rose <gvrose8192@gmail.com>
William Tu [Thu, 2 Nov 2017 19:01:17 +0000 (12:01 -0700)]
dpif-netlink-rtnl: Fix ovs_geneve probing after restart.
When using the out-of-tree (openvswitch compat) geneve module,
the first time oot tunnel probing returns true (correct).
Without unloading the geneve module, if the userspace ovs-vswitchd
restarts, because the 'geneve_sys_6081' still exists, the probing
incorrectly returns false and loads the in-tree (upstream kernel)
geneve module.
The patch fixes it by querying the geneve device's kind when exists.
The out-of-tree modules uses kind string as 'ovs_geneve', while the
in-tree module uses 'geneve'. To reproduce the issue, start the ovs
> /etc/init.d/openvswitch-switch start
> creat a bridge and attach a geneve port using out-of-tree geneve
> /etc/init.d/openvswitch-switch restart
Fixes: 921c370a9df5 ("dpif-netlink: Probe for out-of-tree tunnels, decides used interface") Signed-off-by: William Tu <u9012063@gmail.com> Acked-by: Eric Garver <e@erig.me> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Yifeng Sun [Tue, 31 Oct 2017 17:52:10 +0000 (10:52 -0700)]
ovsdb-server: Fix memory leak
Valgrind testcase 2349 (ovn -- DSCP marking check) reports the leak below:
21 bytes in 21 blocks are definitely lost in loss record 24 of 362
at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x436FD4: xmalloc (util.c:120)
by 0x437044: xmemdup0 (util.c:150)
by 0x408C97: add_manager_options (ovsdb-server.c:709)
by 0x408C97: query_db_remotes (ovsdb-server.c:765)
by 0x408C97: reconfigure_remotes (ovsdb-server.c:926)
by 0x406273: main_loop (ovsdb-server.c:194)
by 0x406273: main (ovsdb-server.c:434)
When options are freed, options->role need to be freed explicitly.
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yifeng Sun [Tue, 31 Oct 2017 17:52:09 +0000 (10:52 -0700)]
test-ovsdb: Fix memory leak
Valgrind testcase 1465 (integer atom enum from string) reports the leak below:
16 bytes in 1 blocks are definitely lost in loss record 2 of 5
at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x43F5F4: xmalloc (util.c:120)
by 0x424AC6: alloc_default_atoms (ovsdb-data.c:315)
by 0x4271E0: ovsdb_atom_from_string__ (ovsdb-data.c:508)
by 0x4271E0: ovsdb_atom_from_string (ovsdb-data.c:632)
by 0x40ADCC: do_parse_atom_strings (test-ovsdb.c:566)
by 0x41BA73: ovs_cmdl_run_command__ (command-line.c:115)
by 0x4051C9: main (test-ovsdb.c:72)
range_end_atom is allocated in ovsdb_atom_from_string__() and no one is
holding a reference to it at the end of do_parse_atom_strings(). It should
be freed here, as also pointed out by ovsdb_atom_destroy().
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yifeng Sun [Tue, 31 Oct 2017 17:52:08 +0000 (10:52 -0700)]
ovsdb-idl: Fix memory leak
Valgrind testcase 2339 (ovn -- ipam connectivity) reports the leak below:
45 (32 direct, 13 indirect) bytes in 1 blocks are definitely lost in loss record 65 of 83
at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x4A6D64: xmalloc (util.c:120)
by 0x49C847: shash_add_nocopy__ (shash.c:109)
by 0x49C847: shash_add_nocopy (shash.c:121)
by 0x49CA85: shash_add (shash.c:129)
by 0x49CA85: shash_add_once (shash.c:136)
by 0x4914B5: ovsdb_idl_create_index (ovsdb-idl.c:2067)
by 0x406C98: create_ovnsb_indexes (ovn-controller.c:568)
by 0x406C98: main (ovn-controller.c:619)
The leak happens when vsdb_idl_table is freed but its indexes are not freed.
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yifeng Sun [Thu, 2 Nov 2017 13:42:22 +0000 (06:42 -0700)]
netdev-dummy: Avoid double-free in netdev_dummy_ip4addr().
netdev_dummy_ip6addr() calls netdev_close() twice though it increases
netdev's reference only once from netdev_from_name(). As a result, Valgrind
test 788 (tunnel_push_pop - action) reports the error below:
==20465== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
Invalid read of size 8
at 0x493FE0: netdev_get_name (netdev.c:911)
by 0x5125D3: tnl_port_map_delete_ipdev (tnl-ports.c:470)
by 0x4E551C: __rt_entry_delete (ovs-router.c:252)
by 0x4E64AA: ovs_router_flush (ovs-router.c:478)
by 0x475CA8: call_hooks.part.2 (fatal-signal.c:254)
by 0x5E53FF7: __run_exit_handlers (exit.c:82)
by 0x5E54044: exit (exit.c:104)
by 0x5E3A836: (below main) (libc-start.c:325)
Address 0x65ea680 is 0 bytes inside a block of size 640 free'd
at 0x4C2EDEB: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x492BA2: netdev_unref (netdev.c:572)
by 0x41646E: ofport_destroy__ (ofproto.c:2516)
by 0x41FD58: ofproto_destroy (ofproto.c:1645)
by 0x40B96B: bridge_destroy (bridge.c:3273)
by 0x410238: bridge_exit (bridge.c:506)
by 0x40700E: main (ovs-vswitchd.c:135)
Block was alloc'd at
at 0x4C2FB55: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x516A82: xcalloc (util.c:103)
by 0x48D74D: netdev_dummy_alloc (netdev-dummy.c:661)
by 0x4931D1: netdev_open.part.12 (netdev.c:406)
by 0x40A985: iface_do_create (bridge.c:1784)
by 0x40A985: iface_create (bridge.c:1837)
by 0x40A985: bridge_add_ports__ (bridge.c:931)
by 0x40C7EA: bridge_add_ports (bridge.c:947)
by 0x40C7EA: bridge_reconfigure (bridge.c:663)
by 0x410485: bridge_run (bridge.c:2998)
by 0x406F64: main (ovs-vswitchd.c:119)
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Numan Siddique [Thu, 2 Nov 2017 00:50:02 +0000 (06:20 +0530)]
ovn: Generate Neighbor Solicitation packet for unknown MAC IPv6 packets
In the router ingress pipeline, if the destination mac is unresolved
by the time the packet reaches the ARP_REQUEST stage, OVN should generate an
IPv6 Neighbor Solicitation packet to learn the MAC address. This feature is
presently missing. This patch adds this feature. A new action "nd_ns" is
added which replaces an IPv6 packet being processed with an IPv6 Neighbor
Solicitation packet. ovn-northd adds a flow in the ARP_REQUEST router ingress
pipeline stage if the eth.dst is zero which applies this action. This action is
similar to the IPv4 counterpart "arp" action.
OVN already has the support to learn the MAC from the IPv6 Neighbor Advertisement
packets and storing in the south bound MAC_Binding table.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Zongkai LI [Thu, 2 Nov 2017 00:49:45 +0000 (06:19 +0530)]
ovn-northd: Add logical flows to support native IPv6 RA
This patch adds logical flows which sends IPv6 Router Advertisement
packet in response to the IPv6 Router Solicitation request. It uses
the actions "put_nd_ra_opts" to transform the RS packet to RA packet
in the newly added ingress stage "lr_in_nd_ra_options" in router
pipeline. If the action "put_nd_ra_opts" is successful, it sends the
RA packet back to the originating port in the next ingress stage
"lr_in_nd_ra_response".
A new column "ipv6_ra_configs" is added in the Logical_Router_Port
table, which the CMS is expected to configure IPv6 RA
configurations - "address_mode" and "mtu" for adding these flows.
Co-authored-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Zongkai LI <zealokii@gmail.com> Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Acked-by: Miguel Angel Ajo <majopela@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Numan Siddique [Thu, 2 Nov 2017 00:49:24 +0000 (06:19 +0530)]
ovn-controller: Add a new action - 'put_nd_ra_opts'
This patch adds a new OVN action 'put_nd_ra_opts' to support native
IPv6 Router Advertisement in OVN. This action can be used to respond
to the IPv6 Router Solicitation requests.
ovn-controller parses this action and adds a NXT_PACKET_IN2 OF flow
with 'pause' flag set and the RA options stored in 'userdata' field.
This action is similar to 'put_dhcp_opts' and 'put_dhcpv6_opts'.
When a valid IPv6 RS packet is received by the pinctrl module of
ovn-controller, it frames a new RA packet and sets the RA options
from the 'userdata' field and resumes the packet storing 1 in the
1-bit result sub-field. If the packet is invalid, it resumes the
packet without any modifications storing 0 in the 1-bit result
sub-field.
Numan Siddique [Thu, 2 Nov 2017 00:48:34 +0000 (06:18 +0530)]
ovn util: Refactor dhcp_opts_map to make it generic
Renamed 'struct dhcp_opts_map' to 'struct gen_opts_map' and
renamed ovn-dhcp.h to ovn-l7.h. An upcoming commit to support IPv6
Router Advertisement, will make use of the refactored code to store
the IPv6 ND RA options in 'struct gen_opts_map'.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Acked-by: Miguel Angel Ajo <majopela@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yi-Hung Wei [Wed, 1 Nov 2017 21:40:27 +0000 (14:40 -0700)]
packets: Fix C++ compilation issues when include packets.h
This patch fixes three C++ compilation errors when it includes
"lib/packets.h".
1) Fix in "include/openvswitch/util.h" is to avoid duplicated
named_member__ in struct pkt_metadata.
2) Fix in "lib/packets.h" is because designated initializers are not
implemented in GNU C++ [1].
3) Fix in "lib/util.h" is because __builtin_types_compatible_p and
__builtin_choose_expr are only supported in GCC. I use one solution
for C++ that is type-safe and works at compile time from [2].
Ben Pfaff [Fri, 27 Oct 2017 15:40:23 +0000 (08:40 -0700)]
ofproto-dpif-upcall: Fix null pointer dereference on exit.
When revalidation occurs at the same time that a bridge is being removed
or ovs-vswitchd is exiting, xlate_lookup_ofproto() races with deletion of
the ofproto. This caused a null pointer dereference if revalidation lost
the race. This commit fixes the problem.
Reported-by: Jakub Sitnicki <jkbs@redhat.com> Tested-by: Jakub Sitnicki <jkbs@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Mark Michelson [Thu, 2 Nov 2017 16:13:58 +0000 (11:13 -0500)]
ovn: Allow northd to install IPv6 ct_lb logical flows.
For this commit, ovn-northd will now accept both IPv4 and IPv6 addresses
in the northbound database for a load balancer VIP or destination
addresses. For IPv4, the behavior remains the same. For IPv6, the
following logical flows will be added to the southbound database:
* An ND_NA response for incoming ND_NS requests for the load balancer
VIP.
* A ct_lb flow with the configured IPv6 addresses.
The ovn-northd manpage has been updated to indicate what flows are
added for load balancers with IPv6 VIPs.
Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Mark Michelson [Thu, 2 Nov 2017 16:13:57 +0000 (11:13 -0500)]
ovn: Allow ct_lb actions to take IPv6 address arguments.
The ct_lb action previously assumed that any address arguments were
IPv4. This patch expands the parsing, formatting, and encoding of ct_lb
to be amenable to IPv6 addresses as well.
Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Mark Michelson [Thu, 2 Nov 2017 16:13:56 +0000 (11:13 -0500)]
Add general-purpose IP/port parsing function.
OVS has functions for parsing IPv4 addresses, parsing IPv4 addresses
with a port, and parsing IPv6 addresses. What is lacking though is a
function that can take an IPv4 or IPv6 address, with or without a port.
This commit adds ipv46_parse(), which breaks the given input string into
its component parts and stores them in a sockaddr_storage structure. The
function accepts flags that determine how it should behave if a port is
present in the input string.
Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Mark Michelson [Thu, 26 Oct 2017 18:09:01 +0000 (13:09 -0500)]
OVN: Don't let peers be set to "<error>" on port bindings.
There are a couple of places in ovn-northd that set the "peer" option on
certain ports to "<error>" in certain cases. In every case where a peer is
looked up on a port binding, the code performs a NULL check in order to
ensure a peer exists. None check for the "<error>" string. They assume that the
presence of a peer string means a peer is defined and all is well.
In the past (OVS 2.6 series), this sometimes led to patch ports being created
in ovs that had names like "patch-ro-to-<error>". This particular problem
resolved itself in OVS 2.7 since such patch ports were no longer automatically
created. However, by naming the peer "<error>" the seeds are still sown for
similar issues to occur.
The solution this patch suggests is to no longer set the "peer" option
on a port binding to "<error>". Instead, if no peer can be set, then we
set no peer. Since other code is already equipped to deal with this,
this poses no problem.
Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Mark Michelson [Wed, 6 Sep 2017 13:38:40 +0000 (08:38 -0500)]
ovn: Check for known logical switch port types.
OVN is lenient with the types of logical switch ports. Maybe too
lenient. This patch attempts to solve this problem on two fronts:
1) In ovn-nbctl, if you attempt to set the port type to an unknown
type, the command will not end up setting the type.
2) In northd, when copying the port type from the northbound database to
the corresponding port-binding in the southbound database, a warning
will be issued if the port is of an unknown type.
Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Lance Richardson <lrichard@redhat.com>
Kaige Fu [Tue, 31 Oct 2017 01:13:50 +0000 (09:13 +0800)]
datapath: Remove redundant check for IFF_NO_QUEUE
IFF_NO_QUEUE is checked twice. This cause a situation
that HAVE_IFF_NO_QUEUE is defined no matter whether
the flag IFF_NO_QUEUE is defined in kernel or not.
Signed-off-by: Kaige Fu <fukaige@huawei.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Greg Rose <gvrose8192@gmail.com>
William Tu [Wed, 1 Nov 2017 00:29:50 +0000 (17:29 -0700)]
ofproto-dpif-xlate: Fix bad memory free.
Clang reports possibly bad free of 'ofm' when it comes from the stack
instead of malloc because Clang is not able to verify whether the previous
if condition 'ctx->xin->xcache' still hold the same. Fix it by
adding additional condition.
Signed-off-by: William Tu <u9012063@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
William Tu [Wed, 1 Nov 2017 00:29:51 +0000 (17:29 -0700)]
ovn-sbctl: Fix possible null pointer to qsort.
Clang reports possible null pointer 'lflows' passed to qsort.
This is due to the checker unable to make sure whether 'lflows'
gets malloc or not in the previous loop. Fix it by checking the
'n_flows' before calling qsort.
Signed-off-by: William Tu <u9012063@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
William Tu [Wed, 1 Nov 2017 00:03:41 +0000 (17:03 -0700)]
acinclude: Fix SKB_GSO_UDP check.
The HAVE_SKB_GSO_UDP checks whether skbuff.h defines SKB_GSO_UDP.
However, it falsely returns yes because grep matches SKB_GSO_UDP_TUNNEL.
Thus, add space character '[:space:]' before and after it.
Fixes: ad283644f0e4 ("acinclude: Check for SKB_GSO_UDP") Signed-off-by: William Tu <u9012063@gmail.com> Cc: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
tests: Add a default timeout for control utilities
Let's suppose that ovsdb-server is running properly, but ovs-vswitchd
is not responsive/crashed. We try to add a port via ovs-vsctl and it will
hang.
This patch aims at that scenario and tries to make life easier when
debugging hanging tests.
Some shells do not allow dashes in function names (default behavior),
we shall try to define an alias to overcome dashes if the shell allows it.
Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Suggested-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yi-Hung Wei [Thu, 26 Oct 2017 21:24:09 +0000 (14:24 -0700)]
system-traffic: Fix conntrack tests
Three conntrack system-traffic tests are broken because of a recent
change 7827edcaebd8 ("Add dl_type to flow metadata for correct
interpretation of conntrack metadata"). It can be reproduced by
$ make check-system-userspace TESTSUITEFLAGS='18 19 37'
This patch modifies the check messages to fix the breakage.
Fixes: 7827edcaebd8 ("Add dl_type to flow metadata for correct interpretation of conntrack metadata") CC: Daniel Alvarez <dalvarez@redhat.com> Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: William Tu <u9012063@gmail.com>
Zoltan Balogh [Tue, 31 Oct 2017 08:59:08 +0000 (09:59 +0100)]
tests: fix PTAP system test to check only OF stats
It turned out, checking datapath flow statistics during system-userspace
test is not reliable. Unwanted packets can be injected depending on
system configuration. As a workaround, this commit removes checking
statistics of datapath flows and does check OpenFlow statistics of the
integrator bridges. Datapath flows can be checked in normal PTAP unit
tests by running 'make check'.
Reported-by: Darrell Ball <dball@vmware.com> Suggested-by: Jan Scheurich <jan.scheurich@ericsson.com> Tested-by: Darrell Ball <dball@vmware.com> Signed-off-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
ZoltĂ¡n Balogh [Mon, 21 Aug 2017 08:34:41 +0000 (08:34 +0000)]
ofproto-dpif-xlate: use xlate error enum for unsupported packet type
Instead of using the value 1 a new enum should be used for indicating
translation error which occurs because of unsupported packet type.
Signed-off-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Jan Scheurich <jan.scheurich@ericsson.com> Fixes: f839892a206a ("OF support and translation of generic encap and decap") CC: Jan Scheurich <jan.scheurich@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Sairam Venugopal [Tue, 24 Oct 2017 21:51:49 +0000 (14:51 -0700)]
datapath-windows: Update OvsCompleteNbl argument to match definition
Update the OvsCompleteNbl to take in a PVOID and explicitly cast to
POVS_SWITCH_CONTEXT. This is useful when finding declarations in Visual
Studio. The mismatch breaks this functionality.
Sparse version 0.5.1 will be released in the near future. Prepare
for it by eliminating the only new warning (as of 0.5.1-rc5):
ofproto/fail-open.c:134:22: error: Initializer entry defined twice
ofproto/fail-open.c:135:22: also defined here
MATCH_CATCHALL_INITIALIZER effectively sets all fields of .flow to
zero, which is redundant because according to the C99 semantics for
structure initialization, initializing any single member of a
structure results in all other members being initialized to zero,
and the next line initializes a member of the same structure.
Signed-off-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Greg Rose <gvrose8192@gmail.com>
Kaige Fu [Mon, 14 Aug 2017 07:11:55 +0000 (15:11 +0800)]
route-table: Remove netdevs in netdev_hash when deleted
Start a virtual machine with its backend tap device attached to a brought
up linux bridge. If we delete the linux bridge when vm is still running,
we'll get the following error when trying to create a ovs bridge with
the same name.
The reason is that ovs-router subsystem add the linux bridge into
netdev_shash, but does not remove it when the bridge is deleted in the
situation. When the bridge is deleted, ovs will receive a RTM_DELLINK msg,
take this chance to remove the bridge in netdev_shash.
ovs-vsctl: Error detected while setting up 'br-eth'. See ovs-vswitchd log for details.
ovs-vswitchd log:
2017-05-11T03:45:25.293Z|00026|ofproto_dpif|INFO|system@ovs-system: Datapath supports recirculation
2017-05-11T03:45:25.293Z|00027|ofproto_dpif|INFO|system@ovs-system: MPLS label stack length probed as 1
2017-05-11T03:45:25.293Z|00028|ofproto_dpif|INFO|system@ovs-system: Datapath supports unique flow ids
2017-05-11T03:45:25.293Z|00029|ofproto_dpif|INFO|system@ovs-system: Datapath supports ct_state
2017-05-11T03:45:25.293Z|00030|ofproto_dpif|INFO|system@ovs-system: Datapath supports ct_zone
2017-05-11T03:45:25.293Z|00031|ofproto_dpif|INFO|system@ovs-system: Datapath supports ct_mark
2017-05-11T03:45:25.293Z|00032|ofproto_dpif|INFO|system@ovs-system: Datapath supports ct_label
2017-05-11T03:45:25.364Z|00001|ofproto_dpif_upcall(handler226)|INFO|received packet on unassociated datapath port 0
2017-05-11T03:45:25.368Z|00033|netdev_linux|WARN|ethtool command ETHTOOL_GFLAGS on network device br-eth failed: No such device
2017-05-11T03:45:25.368Z|00034|dpif|WARN|system@ovs-system: failed to add br-eth as port: No such device
2017-05-11T03:45:25.368Z|00035|bridge|INFO|bridge br-eth: using datapath ID 00002a51cf9f2841
2017-05-11T03:45:25.368Z|00036|connmgr|INFO|br-eth: added service controller "punix:/var/run/openvswitch/br-eth.mgmt"
Signed-off-by: Kaige Fu <fukaige@huawei.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: Greg Rose <gvrose8192@gmail.com> Reviewed-by: Greg Rose <gvrose8192@gmail.com>
Ilya Maximets [Mon, 30 Oct 2017 12:52:38 +0000 (15:52 +0300)]
netdev-dpdk: Fix mp_name leak on snprintf failure.
CC: Robert Wojciechowicz <robertx.wojciechowicz@intel.com> CC: Antonio Fischetti <antonio.fischetti@intel.com> Fixes: d555d9bded5f ("netdev-dpdk: Create separate memory pool for each port.") Fixes: 65056fd79694 ("netdev-dpdk: manage failure in mempool name creation.") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Timothy Redaelli [Fri, 27 Oct 2017 12:18:43 +0000 (14:18 +0200)]
rhel: Use python2-sphinx as BuildRequires on Fedora
python-* package names are deprecated on Fedora
(https://fedoraproject.org/wiki/Packaging:Naming#Python2_binary_package_naming)
so use python2-sphinx, when available, instead.
CC: Lance Richardson <lrichard@redhat.com> Fixes: cd6121410b52 ("rhel: add python-sphinx as a build dependency") Signed-off-by: Timothy Redaelli <tredaelli@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Han Zhou [Mon, 30 Oct 2017 19:21:49 +0000 (12:21 -0700)]
ovsdb-idl: fix index row setting with references.
IDL index should be able to be used without having to be in a
transaction. However, current implementation leads to crash if
a reference type column is being set in an index row for querying
purpose when it is not in a transaction. It is because of the
uninitialized arcs and unnecessary updates of the arcs. This patch
fixes it by identifying index rows by a magic uuid, so that when
parsing index row, the arcs are not updated. A new test case is
added to cover this scenario.
Signed-off-by: Han Zhou <zhouhan@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Fri, 27 Oct 2017 17:55:31 +0000 (10:55 -0700)]
Merge branch 'dpdk_merge' of https://github.com/istokes/ovs into HEAD
This patchset specifically deals with fixing a bug related to mempool
management for DPDK and vhost ports.
Patchset has been reviewed and Acked by a number of trusted contributors.
Patchset has been validated follows:
Clang/Sparse compilation and analysis.
OVS Unit tests
Vsperf Performance tests for OVS DPDK for p2p, pvp, pvvp,pvpv
Vpserf integration tests for OVS DPDK for p2p, pvp, pvvp.
MTU tests for both physical and vhost DPDK port types.
Multi queue for DPDK and vhost port types with both kernel virtio and DPDK
virtio interfaces in the guest.
Russell Bryant [Thu, 26 Oct 2017 21:33:18 +0000 (14:33 -0700)]
Introduce Emeritus Committer status.
This patch introduces an Emeritus status for OVS committers. An
Emeritus Committer is recognized as having made a significant impact
to the project and having been a committer in the past. It is
intended as an option for those that do not currently have the time or
interest to fulfill committer responsibilities based on their current
responsibilities. While in this status, they are not included in
voting for governance purposes.
An emeritus committer may be re-instated as a full committer at any
time.
The OVS committers voted approval of this change.
See documentation contents for full details.
Suggested-by: Ethan J. Jackson <ejj@eecs.berkeley.edu> Acked-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ethan J. Jackson <ethan@kelda.io> Signed-off-by: Russell Bryant <russell@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Thu, 26 Oct 2017 23:49:01 +0000 (16:49 -0700)]
dpif-netdev: Initialize new rxqs in port_reconfigure().
valgrind reported use of uninitialized data in port_reconfigure(), which
was due to xrealloc() not initializing the newly added data, combined with
dp_netdev_rxq_set_intrvl_cycles() reading 'intrvl_idx' from the added data.
This avoids the warning.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Kevin Traynor <ktraynor@redhat.com>
ovs-save: Use a file to restore flows instead of heredoc
This patch makes ovs-save to use a file to restore flows instead of using
shell script here-document.
This is needed since eval + here-documents are much slower than reading a file
with the rules directly.
rhel: Add systemd support to delete transient ports only on boot
Using the dependencies feature of systemd ovs-delete-transient-ports.service
is only started once and so transient ports are only deleted only the first
time after boot.
For code readability purposes mp_size is renamed as n_mbufs
in dpdk_mp structure.
This parameter is passed to rte mempool creation functions
and is meant to contain the number of elements inside
the requested mempool.
CC: Ciara Loftus <ciara.loftus@intel.com> CC: Aaron Conole <aconole@redhat.com> Acked-by: Kevin Traynor <ktraynor@redhat.com> Acked-by: Mark Kavanagh <mark.b.kavanagh@intel.com> Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com> Signed-off-by: Ian Stokes <ian.stokes@intel.com>
netdev-dpdk: manage failure in mempool name creation.
In case a mempool name could not be generated log a message
and return a null mempool pointer to the caller.
CC: Mark B Kavanagh <mark.b.kavanagh@intel.com> CC: Darrell Ball <dlu998@gmail.com> CC: Ciara Loftus <ciara.loftus@intel.com> CC: Kevin Traynor <ktraynor@redhat.com> CC: Aaron Conole <aconole@redhat.com> Fixes: d555d9bded5f ("netdev-dpdk: Create separate memory pool for each port.") Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com> Acked-by: Kevin Traynor <ktraynor@redhat.com> Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Create mempool names by considering also the NUMA socket number.
So a name reflects what socket the mempool is allocated on.
This change is needed for the NUMA-awareness feature.
CC: Mark B Kavanagh <mark.b.kavanagh@intel.com> CC: Aaron Conole <aconole@redhat.com> Acked-by: Kevin Traynor <ktraynor@redhat.com> Reported-by: Ciara Loftus <ciara.loftus@intel.com> Tested-by: Ciara Loftus <ciara.loftus@intel.com> Fixes: d555d9bded5f ("netdev-dpdk: Create separate memory pool for each port.") Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com> Signed-off-by: Ian Stokes <ian.stokes@intel.com>
netdev-dpdk: fix management of pre-existing mempools.
Fix an issue on reconfiguration of pre-existing mempools.
This patch avoids to call dpdk_mp_put() - and erroneously
release the mempool - when it already exists.
CC: Mark B Kavanagh <mark.b.kavanagh@intel.com> CC: Aaron Conole <aconole@redhat.com> CC: Darrell Ball <dlu998@gmail.com> Acked-by: Kevin Traynor <ktraynor@redhat.com> Reported-by: Ciara Loftus <ciara.loftus@intel.com> Tested-by: Ciara Loftus <ciara.loftus@intel.com> Reported-by: RĂ³bert Mulik <robert.mulik@ericsson.com> Fixes: d555d9bded5f ("netdev-dpdk: Create separate memory pool for each port.") Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com> Acked-by: Mark Kavanagh <mark.b.kavanagh@intel.com> Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Daniel Alvarez [Thu, 26 Oct 2017 12:52:22 +0000 (14:52 +0200)]
Add dl_type to flow metadata for correct interpretation of conntrack metadata
When a packet is sent to the controller, dl_type is not stored in the
'ofputil_packet_in_private'. When the packet is resumed, the flow's
dl_type is 0 and this leads to invalid value in ct_orig_tuple in the
pkt_metadata.
This patch adds the dl_type to the metadata so that conntrack
information can be interpreted correctly when packets are resumed.
This is a change from the ordinary practice, since flow_get_metadata() is
only supposed to deal with metadata and dl_type is not metadata. It is
necessary when ct_state is involved, though, because ct_state only applies
in the case of particular Ethertypes (IPv4 and IPv6 currently), so we need
to add it as a kind of prerequisite. (This isn't ideal; maybe we didn't
think through the ct_state mechanism carefully enough.)
Reported-by: Daniel Alvarez Sanchez <dalvarez@redhat.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2017-October/339868.html Signed-off-by: Daniel Alvarez <dalvarez@redhat.com> Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
In the case of openstack load balancer 'octavia' service, it creates logical
ports 'P1' (M1 IP1) and 'P2' (M2 IP2). It then disables logical port P2 and
adds IP2 to P1 - (M1 IP1 IP2).
When another port tries to reach IP2, it doesn't get delivered to port P1 because
of the above flow.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Numan Siddique [Mon, 16 Oct 2017 09:42:07 +0000 (15:12 +0530)]
ovn pacemaker: Provide the option to configure inactivity probe value
In the case of OVN HA deployments with openstack, it has been noticed
that the 5 seconds inactivity probe interval is not enough and ovsdb-servers
do not get the echo reply back from the IDL clients and disconnects the
connections.
This patch
- providdes an option to configure this value.
- creates a connection row in NB/SB dbs and sets the target and
inactivity_probe values when the node is promoted to master.
CC: Andy Zhou <azhou@ovn.org> Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Numan Siddique [Wed, 25 Oct 2017 18:03:03 +0000 (23:33 +0530)]
Check flow's dl_type before setting ct_orig_tuple in 'pkt_metadata_from_flow()'
Normally flow's dl_type will be a valid value. However when a packet is sent to
the controller, dl_type is not stored in the 'ofputil_packet_in_private'. When
the controller resumes (OFPRAW_NXT_RESUME) the packet, the flow's dl_type will be
0. If the flow's ct_state has valid value, then the 'pkt_metadata_from_flow'
neither sets the ct_orig_tuple from the flow nor resets it. This results in invalid
value ct_orig_tuple in the pkt_metadata.
This patch handles this situation by checking the dl_type before setting the
ct_orig_tuple. If dl_type is 0, it resets it. It also resets ct_orig_tuple if
dl_type is non zero and other than IPv4 or IPv6.
Reported-by: Daniel Alvarez Sanchez <dalvarez@redhat.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2017-October/339868.html Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
tests/stp: Use long warps instead of multiple calls.
This change fixes constant test failure on RHEL 7 system with
CFLAGS='-march=native':
>---------------------------------------------------------------<
2222: STP - flush the fdb and mdb when topology changed FAILED
...
./stp.at:609: ovs-appctl fdb/show br0
--- -
+++ ./tests/testsuite.dir/at-groups/2222/stdout
@@ -1,2 +1,3 @@
port VLAN MAC Age
+LOCAL 1 00:0c:29:a0:27:d1 33
>---------------------------------------------------------------<
Long warps takes threads a chance to perform some work on each
step unlike multiple appctl calls. Also, code looks cleaner and
works faster.
CC: Tonghao Zhang <xiangxia.m.yue@gmail.com> Fixes: 427e9751f300 ("tests: Add and improve stp tests.") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ilya Maximets [Fri, 6 Oct 2017 07:15:42 +0000 (10:15 +0300)]
tests: Add timeout to OVS_APP_EXIT_AND_WAIT.
ovs-appctl can wait indefinitely while executing an exit for a
dead service. Let's add a timeout (10 seconds should be
reasonable) to exit calls to avoid hanging up of the testsuite
in such cases.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Wed, 27 Sep 2017 20:50:26 +0000 (13:50 -0700)]
tests: Add support for 1-argument 'seq' in emulation.
The testsuite has an emulation of the common utility 'seq' that only
supported 2- and 3-argument forms. This commit adds support for the
1-argument form.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Russell Bryant <russell@ovn.org>
Ben Pfaff [Thu, 5 Oct 2017 06:38:43 +0000 (23:38 -0700)]
jsonrpc: Increment sequence number when connection actually made.
The purpose of the sequence number is to allow the client to figure out
when the connection status has changed. The significant event for the
client is when a connection completes, not when a connection attempt
starts. Thus, this commit changes the code to increment the sequence
number at completion, not at the attempt.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Russell Bryant <russell@ovn.org>
Mark Michelson [Fri, 20 Oct 2017 14:46:19 +0000 (09:46 -0500)]
Documentation: Add document describing RBAC
Role based access control is a relatively new addition to OVS/OVN, and
aside from the database documentation in ovn-sb(5), there is not much
explaining what RBAC is, how to use it, and the available roles. This
document remedies that situation.
It is hopeful that any new roles added will be added to this document in
the future.
Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>