We used to count exact match cache hits and masked classifier hits
together. This commit splits the DP_STAT_HIT counter into two.
This change will be used by future commits.
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Ethan Jackson <ethan@nicira.com>
A read operation from a non atomic shared value (without external
locking) can return incorrect values. Using the atomic semantics
prevents this from happening.
However:
* No memory barriers are used. We don't need that kind of consistency
for statistics (we use relaxed operations).
* The updates are not atomic, just the loads and stores. This is ok
because there's a single writer.
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Ethan Jackson <ethan@nicira.com>
datapath: Account for "udptunnels: Call handle_offloads after inserting vlan tag."
Upstream commit:
udptunnels: Call handle_offloads after inserting vlan tag.
handle_offloads() calls skb_reset_inner_headers() to store
the layer pointers to the encapsulated packet. However, we
currently push the vlag tag (if there is one) onto the packet
afterwards. This changes the MAC header for the encapsulated
packet but it is not reflected in skb->inner_mac_header, which
breaks GSO and drivers which attempt to use this for encapsulation
offloads.
Fixes: b736a623 ("vxlan: Add tx-vlan offload support.") Signed-off-by: Jesse Gross <jesse@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: 4aac884d ("udptunnels: Call handle_offloads after inserting vlan tag.") Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
If we receive a packet with an invalid tunnel header, we
should drop the packet without further processing. Currently
we do this by removing any parsed tunnel metadata. However,
this is not sufficient to stop processing - this only results
in the packet getting dropped by chance when something
usually runs across part of the packet that does not make
sense. Since both the packet and its metadata are in an
inconsistent state, it's also possible that the result is
an ovs-vswitchd crash or forwarding of a mangled packet.
Rather than clear the metadata, an alternate solution is to
remove all of the packet data. This guarantees that the
packet gets dropped during the next round of processing.
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
tunneling: Convert tunnel push/pop functions to act on single packets.
The userspace tunneling API for pushing and popping tunnel headers
is currently based on processing batches of packets. However, there
is no obvious way to take advantage of batching for these operations
and so each tunnel operation has a pair of loops to process the
batch. This changes the API to operate on single packets to enable
better code reuse.
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
INSTALL.Windows: Add details about local build and installation.
This commits adds the following.
* Clearly callout to set pthread-win32's dll path in $PATH
* Details about running parallel make and parallel unit tests.
* Installing Open vSwitch locally via 'make install'
* Update the steps to run the user processes by relying on
the previous 'make install'. The steps now run the daemons
in the background with the creation of a logfile and pidfile.
Due to a CVE bug, the patch was modified to not allow following
symlinks out of the workdir. However, this causes a bug when
there is a regular file out of the workdir which breaks the current
testsuite build.
Steps to reproduce:
./boot.sh
mkdir _gcc && cd _gcc
../configure
make
[...]
/bin/sh /home/fleitner/ovs/testsuite/build-aux/missing autom4te
--language=autotest -I '..' -o ../tests/testsuite.tmp
../tests/testsuite.at
patch -p0 ../tests/testsuite.tmp ../tests/testsuite.patch
Invalid file name ../tests/testsuite.tmp -- skipping patch
Makefile:5155: recipe for target '../tests/testsuite' failed
make[2]: *** [../tests/testsuite] Error 1
make[2]: Leaving directory
'/home/fleitner/NetworkingServices/openvswitch/repo/testsuite/_gcc'
Makefile:4087: recipe for target 'all-recursive' failed
make[1]: *** [all-recursive] Error 1
Since it's just a temporary file, this patch changes to use the
workdir as the place to put the file.
geneve: Zero header before parsing userspace tunneling action.
When we parse the text representation of the Geneve action the
header is not fully initialized. Besides the obvious potential
to generate an action that the user did not actually specify, this
also causes intermittent unit test failures when an action is
read in and printed out and the result is different.
packet: Avoid array of struct with zero length member.
Windows doesn't like that the Geneve header has an array of
options with each have a zero length member (the variable data).
Nothing is accessing the data now, so just replace the member with
a comment - we can use pointer arithmetic when necessary.
Jesse Gross [Thu, 26 Mar 2015 21:27:19 +0000 (14:27 -0700)]
tunneling: Add UDP checksum support for userspace tunnels.
Kernel based OVS recently added the ability to support checksums
for UDP based tunnels (Geneve and VXLAN). This adds similar support
for the userspace datapath to bring feature parity.
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Jesse Gross [Mon, 30 Mar 2015 19:17:05 +0000 (12:17 -0700)]
packet: Add IP pseudoheader checksum calculation.
As OVS adds userspace support for being the endpoint in protocols
like tunnels, it will need to be able to calculate pseudoheaders
as part of the checksum calculation.
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Jesse Gross [Thu, 26 Mar 2015 20:51:06 +0000 (13:51 -0700)]
tunneling: Add userspace tunnel support for Geneve.
This adds basic userspace dataplane support for the Geneve
tunneling protocol. The rest of userspace only has the ability
to handle Geneve without options and this follows that pattern
for the time being. However, when the rest of userspace is updated
it should be easy to extend the dataplane as well.
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Jesse Gross [Thu, 26 Mar 2015 19:07:02 +0000 (12:07 -0700)]
tunneling: Factor out common UDP tunnel code.
Currently, the userspace VXLAN implementation contains the code
for generating and parsing both the UDP and VXLAN headers. This
pulls out the UDP portion for better layering and to make it
easier to support additional UDP based tunnels and features.
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
The VNI is always present in the VXLAN header, so we should
set the FLOW_TNL_F_KEY flag to indicate this. However, the
userspace implementation of VXLAN currently does not.
Jesse Gross [Sat, 28 Mar 2015 00:51:35 +0000 (17:51 -0700)]
odp-util: Shift VXLAN VNI when printing/parsing.
Currently when printing a userspace tunnel action for VXLAN, the
VNI is treated as a 32 bit field rather than 24 bit. Even if this
is the representation that we use internally, we should still show
the right VNI to avoid confusing people.
Jesse Gross [Fri, 27 Mar 2015 05:55:53 +0000 (22:55 -0700)]
tunneling: Use flow flag for GRE checksum calculation.
The indication to calculate the GRE checksum is currently the port
config rather than the tunnel flow. Currently there is a one to one
mapping between the two so there is no difference. However, the
kernel datapath must use the flow and it is also potentially more
flexible, so this switches how we decide whether to calculate the
checksum.
Jesse Gross [Fri, 27 Mar 2015 00:09:38 +0000 (17:09 -0700)]
tunneling: Fix location of GRE checksums.
The GRE checksum is a 16 bit field stored in a 32 bit option (the
rest is reserved). The current code treats the checksum as a 32-bit
field and places it in the right place for little endian systems but
not big endian. This fixes the problem by storing the 16 bit field
directly.
Jesse Gross [Thu, 26 Mar 2015 23:53:39 +0000 (16:53 -0700)]
tunneling: Add check for GRE protocol is Ethernet.
On receive, the userspace GRE code doesn't check the protocol
field. Since OVS only understands Ethernet packets, this adds a
check that the inner protocol is Ethernet and discards other types
of packets.
Jesse Gross [Fri, 27 Mar 2015 14:39:18 +0000 (07:39 -0700)]
tunneling: Include IP TTL in flow metadata.
The IP TTL is currently omitted in the extracted tunnel information
that is stored in the flow for userspace tunneling. This includes it
so that the same logic used by the kernel also applies.
Alex Wang [Wed, 1 Apr 2015 00:07:03 +0000 (17:07 -0700)]
bridge: Wait for previous stats update transation when it is incomplete.
When ovsdb happens to get blocked for few seconds, the 'stats_timer'
will not be updated due to incompletion of previous transaction.
When the current time passes the 'stats_timer', the call to
poll_timer_wait_until(stats_timer) will keep waking up ovs-vswitchd,
causing 100% cpu utilization.
This commit fixes this issue by making ovs-vswitchd wait on the
previous idl transaction when it is incomplete rather than the
'stats_timer'.
Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sun, 5 Apr 2015 19:12:13 +0000 (12:12 -0700)]
rhel: Package vport-*.ko in Fedora kernel package.
Fixes a presumed build break due to unpackaged files. (Only "presumed" at
this point because it is masked in the VMware build system by the similar
XenServer build failure.)
Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Justin Pettit <jpettit@nicira.com>
Russell Bryant [Fri, 3 Apr 2015 20:04:14 +0000 (16:04 -0400)]
ovs-sandbox: Tell gdb to start the daemon.
The current gdb support launches gdb but doesn't start the daemon.
If you start ovsdb-server with gdb, ovs-sandbox produces an error as
it tries to run ovs-vsctl before ovsdb-server is running. Telling gdb
to start the daemon immediately avoids this error.
There are cases where it's useful to go straight to the gdb prompt,
too. For example, someone may want to set a breakpoint. In that
case, it's easy enough to just kill it, set a breakpoint, and execute
'run' again.
In passing, fix indentation to use spaces instead of tabs.
Signed-off-by: Russell Bryant <rbryant@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Kevin Lo [Sat, 4 Apr 2015 16:59:26 +0000 (00:59 +0800)]
netdev-bsd: Fix sign extension bug in ifr_flags on FreeBSD.
FreeBSD fills the int return value with ifr_flagshigh in the high
16 bits and ifr_flags in the low 16 bits rather than blindly promoting
ifr_flags to an int, which will preserve the sign.
This commit makes sure the flags returned isn't negative and apply mask
0xffff to flags.
Signed-off-by: Kevin Lo <kevlo@FreeBSD.org> Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Graf [Sat, 4 Apr 2015 06:24:13 +0000 (08:24 +0200)]
datapath: Turn vports with dependencies into separate modules
Upstream commit:
The internal and netdev vport remain part of openvswitch.ko. Encap
vports including vxlan, gre, and geneve can be built as separate
modules and are loaded on demand. Modules can be unloaded after use.
Datapath ports keep a reference to the vport module during their
lifetime.
Allows to remove the error prone maintenance of the global list
vport_ops_list.
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
Also folds in the follow-up commits 9ba559d9ca3 to turned the non-GPL
symbol exports to GPL exports, and fa2d8ff4e35 which fixes a module
reference release bug.
Exports various backwards compat functions linked into the main
openvswitch module as GPL symbols to ensure vport modules can use them.
Some fiddling with the Makefile was needed to work around the fact
that Makefile variables can't contain '-' characters needed to define
'vport-xxx' module sources. Also, Kbuild complains heavily if a
$(module)-y = $(module).o is defined which is actually backed with a .c
file of the same name. Therefore, a new $(build_multi_modules) variable
is defined which lists all module which consist of more than one source
file.
Upstream: 62b9c8d0372 ("ovs: Turn vports with dependencies into separate modules")
Upstream: 9ba559d9ca3 ("openvswitch: Export symbols as GPL symbols.")
Upstream: fa2d8ff4e35 ("openvswitch: Return vport module ref before destruction") Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Ben Pfaff [Fri, 3 Apr 2015 22:10:57 +0000 (15:10 -0700)]
acinclude: Always assume buggy strtok_r() for glibc < 2.8.
Lately our internal build system has been seeing intermittent failures that
I can't explain. With old glibc versions, the "configure" time check will
pass, but the equivalent (almost identical) "make check" test will fail.
One possibility, I guess, is that occasionally address space randomization
will put valid data at the 0xc0ffee address that the test assumes will
segfault, and another is that some change in compiler optimization flags
is making a difference. At any rate, I think it's safe to just always
assume that this strtok_r() bug is present whenever glibc before 2.8 is
in use.
Specifically we've seen this happen intermittently when building against
the XenServer DDK 5.6.100 build 39265, which uses glibc 2.5.
Reported-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Alex Wang <alexw@nicira.com>
Russell Bryant [Thu, 2 Apr 2015 21:51:49 +0000 (17:51 -0400)]
INSTALL.md: Add note about EXTRA_CFLAGS.
Add a note about the use of EXTRA_CFLAGS to provide custom CFLAGS for
the build of the Linux kernel module.
This addition is technically in the "configuring the sources" section
of the document. However, it's the spot where custom CFLAGS is
discussed already, so that seemed like the best place to put it.
Alternatively, it could go in the "Building the Sources" section
instead.
Signed-off-by: Russell Bryant <rbryant@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Added a new IOCTL in order to retrieve the PID from the kernel datapath.
The new method uses a direct and cleaner way, as opposed to the old way
of using a Netlink transaction, avoiding the unnecessary overhead.
Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com> Reported-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Reported-at: https://github.com/openvswitch/ovs-issues/issues/31 Acked-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Tested-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Alex Wang [Wed, 1 Apr 2015 23:11:19 +0000 (16:11 -0700)]
bridge: Execute bridge_run() only after retrieving db contents.
During upgrade of ovs-vswitchd, we do not want to recreate the already
configured kernel interfaces. Especially when IP address is assigned to
the internal port, the recreation will cause the lost of connection.
Therefore, ovs-vswitchd should read current ovsdb content first and then
reuse the existing kernel interfaces that are configured in ovsdb. In
terms of the code language, ovs-vswitchd should only execute bridge_run()
after it finishes reading the ovsdb content.
However, this expected behavior is broken by the recent commit d18e52e
(ovsdb-idl: Tolerate missing tables and columns.) which causes the
execution of bridge_run() before getting the hint of configured interfaces
from ovsdb.
To fix the issue, this commit makes sure that the execution of bridge_run()
happens only after retrieving the ovsdb contents.
Ben Pfaff [Fri, 20 Mar 2015 06:45:42 +0000 (23:45 -0700)]
ovsdb-idl: Tolerate missing tables and columns.
Until now, if ovs-vsctl (or another client of the C ovsdb-idl library) was
compiled against a schema that had a column or table that was not in the
database actually being used (e.g. during an upgrade), and the column or
table was selected for monitoring, then ovsdb-idl would fail to get any
data at all because ovsdb-server would report an error due to a request
about a column or a table it didn't know about.
This commit fixes the problem by making ovsdb-idl retrieve the database
schema from the database server and omit any tables or columns that don't
exist from its monitoring request. This works OK for the kinds of upgrades
that OVSDB otherwise supports gracefully because it will simply make the
missing columns or tables appear empty, which clients of the ovsdb-idl
library already have to tolerate.
VMware-BZ: #1413562 Reported-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Alex Wang <alexw@nicira.com>
Alin Serdean [Tue, 31 Mar 2015 19:16:58 +0000 (19:16 +0000)]
lockfile: Support \-delimited file names in lockfile_name().
Currently paths that have only forward slashes like the following
"C:/package/binaries/conf.db" work seamlessly.
If we try the native windows filepaths i.e. "C:\package\binaries\conf.db" we
will hit the following problem:
2015-03-31T15:54:17Z|00001|lockfile|WARN|.c:\package\binaries\conf.db.~lock~:
failed to open lock file: Invalid argument
2015-03-31T15:54:17Z|00002|lockfile|WARN|.c:\package\binaries\conf.db.~lock~:
failed to lock file: Invalid argument
ovsdb-server: I/O error: c:\package\binaries\conf.db: failed to lock lockfile
(Invalid argument)
In this patch we update the lockfile_name function to also look for
backslashes, and also accommodate if we have a mix of backslashes and forward
slashes.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
[blp@nicira.com simplified the code] Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sun, 29 Mar 2015 22:49:29 +0000 (15:49 -0700)]
hmap: Don't include ovs-atomic.h unnecessarily.
GNU C++ isn't too happy with ovs-atomic.h. We could fix that (maybe we
should) but the report I received from a C++ user implied to me that it
would be just as useful to just drop the unnecessary #include
"ovs-atomic.h" from hmap.h.
Reported-by: Michael Hu <humichael@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Alin Serdean [Mon, 30 Mar 2015 15:34:28 +0000 (15:34 +0000)]
build-aux/cccl: Enhance --with-debug option
This patch changes the behaviour in case the configure argument: --with-debug
was specified.
Currently the optimization flag in the case of debugging is the following:
https://msdn.microsoft.com/en-us/library/f9534wye.aspx
which does not fully disable optimization, that is why it was changed with
the following flag:
https://msdn.microsoft.com/en-us/library/aafb762y.aspx
which disables all code optimization.
Also this patch includes the definition of the following preprocessor
definitions:
_DEBUG - in case --with-debug is specified
The above definitions usually are defined when compiling with the following
flags:
https://msdn.microsoft.com/en-us/library/2kzt1wy3.aspx
Since we are not compiling with the above flag, mimic the behaviour the
debug becahviour.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Gurucharan Shetty <gshetty@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Alex Wang [Sat, 28 Mar 2015 06:19:22 +0000 (23:19 -0700)]
ofproto-dpif: Set need_revalidate when removing cfm from ofport.
When cfm is deleted from a port, all modules should release their
reference so that the cfm struct can be removed from the global hmap
and freed. Therein, the reference held by xlate module can only be
released when the need_revalidate flag is set (e.g set to
REV_RECONFIGURE). And this flag should be set while removing cfm
from ofport. Unfortunately, this has never been done before and the
bug was hidden by another bug fixed in recent commit a190839
(netdev-vport: Do not update netdev when there is no config change.)
To fix this issue, this commit makes the code set need_revalidate
when removing cfm from ofport.
Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Alex Wang [Fri, 27 Mar 2015 18:34:53 +0000 (11:34 -0700)]
netdev-linux: Make htb quantum always no less than mtu.
Currently, ovs uses hardcoded rate2quantum = 10 for each htb qdisc.
When qdisc class's rate is small, the resulting quantum (calculated
by min_rate / rate2quantum) will be smaller than MTU. This is not
recommended and tc will keep complaining the following in syslog.
localhost kernel: HTB: quantum of class 10003 is small. Consider r2q change.
localhost kernel: HTB: quantum of class 10004 is small. Consider r2q change.
localhost kernel: HTB: quantum of class 10005 is small. Consider r2q change.
localhost kernel: HTB: quantum of class 10006 is small. Consider r2q change.
To fix the issue, this commit makes ovs always use htb quantum no less
than the MTU.
Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Kevin Traynor [Fri, 27 Mar 2015 18:06:57 +0000 (11:06 -0700)]
netdev-dpdk: Put cuse thread into quiescent state.
ovsrcu_synchronize() is used when setting virtio_dev to NULL.
This results in an ovsrcu_quiesce_end() call which means the
cuse thread may not go into quiescent state again for an
indefinite time. Add an ovsrcu_quiesce_start() call to prevent
this.
Signed-off-by: Kevin Traynor <kevin.traynor@intel.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Alex Wang [Fri, 27 Mar 2015 00:35:32 +0000 (17:35 -0700)]
netdev-vport: Do not update netdev when there is no config change.
When there is any update from ovsdb, ovs will call netdev_set_config()
for every vport. Even though the change is not related to vport, the
current implementation will always increment the per-netdev sequence
number. Subsequently this could cause even more unwanted effects,
e.g. the recreation of 'struct tnl_port' in ofproto level.
This commit fixes the issue by only updating the netdev when there
is actual configuration change.
Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 26 Mar 2015 05:25:50 +0000 (22:25 -0700)]
ovs-sandbox: Initialize database before starting ovs-vswitchd.
Otherwise ovs-vswitchd can't immediately start working (until some other
call to ovs-vsctl initializes the database). This is most obvious if one
runs "ovs-vsctl list Open_vSwitch ." as the first command, because the
output will not show the changes that ovs-vswitchd will make to the
database at startup (in particular initializing datapath_types and
iface_types), which is confusing.
Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Russell Bryant <rbryant@redhat.com>
Jarno Rajahalme [Thu, 26 Mar 2015 22:32:45 +0000 (15:32 -0700)]
flow_format: Do not format "in_port=0".
flow_format() is used mainly for formating the headers of packets
embedded in OpenFlow PACKET_IN messages. In this case the flow does
not have a valid port number, and printing out "in_port=0" only
confuses the resulting output. Besides, 0 is not a valid OpenFlow
port number.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Thu, 26 Mar 2015 18:18:17 +0000 (11:18 -0700)]
ofproto-dpif-xlate: Fix MPLS recirculation.
Prior to this patch MPLS recirculation was not performed on a table
lookup following an MPLS_POP action. This patch refactors MPLS
recirculation triggering so that a table action can be re-done after
recirculation if that table action follows an MPLS_POP action.
Recirculation for a patch port traversal (which also does a table
lookup) after an MPLS_POP action does not need to store the output
action, as recirculation without any post-recirculation actions causes
the table lookup to happen anyway.
Furthermore, the stack actions now have the same post-MPLS_POP
optimization as the SET_FIELD and MOVE actions had already:
recirculation is triggered only if the register in the action is L3 or
higher.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Thu, 26 Mar 2015 18:18:16 +0000 (11:18 -0700)]
ofproto-dpif: Restore metadata and registers on recirculation.
xlate_actions() now considers an optional recirculation context (via
'xin') and restores OpenFlow pipeline metadata (registers, 'metadata',
etc.) based on it. The recirculation context may contain an action
set and stack to be restored and further actions to be executed upon
recirculation. It also contains a table_id number to be used for rule
lookup in cases where no post-recirculation actions are used.
The translation context internal metadata is restored using a new
internal action: UNROLL_XLATE action stores the translation context
data visible to OpenFlow controllers via PACKET_IN messages. This
includes the current table number and the current rule cookie.
UNROLL_XLATE actions are inserted only when the remaining actions may
generate PACKET_IN messages.
These changes allow the post-MPLS recirculation to properly continue
with the pipeline metadata that existed at the time of recirculation.
The internal table is still consulted for bonds.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 24 Mar 2015 17:51:56 +0000 (10:51 -0700)]
netdev-linux: Fix build with old kernel headers.
Commit 677d9158fc0a (netdev-linux: Support for SFQ, FQ_CoDel and CoDel
qdiscs.) added support for new qdiscs. The commit uses TCA_CODEL_* and
TCA_FQ_CODEL_* not in old kernel headers, causing a build failure against
such headers. This commit should fix the problem by defining these values
ourselves. (I haven't tested it against old headers, so I might have
missed something, but it's a straightforward change and at worst won't do
harm.)
It appears that sfq (also added by the same commit) was in Linux before
2.6.32, so it seems unlikely that we need any compatibility code there.
CC: Jonathan Vestin <jonavest@kau.se> Signed-off-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Tue, 24 Mar 2015 14:42:47 +0000 (07:42 -0700)]
tunnels: Enable UDP checksum computation for Geneve and VXLAN.
The kernel module can already support outer UDP checksums for
Geneve and VXLAN using the standard checksum flag in tunnel
metadata. This makes userspace aware of the capability so that
users can enable it on tunnel ports.
There is a complication in that there is no way for userspace to
probe or detect if the kernel does not support this capability
in order to warn the user. In this case, connectivity will appear
to function normally but packets will not be checksum protected.
This is mainly an issue for VXLAN which has existed in the kernel
for a some time without checksum support - while there are also
a few kernel versions that support Geneve only without checksums,
they are much less common.
There isn't a particularly good solution to the compatibility
issue without introducing a larger capabilities structure. However,
UDP checksums are likely to be used only rarely at this point in
time and the VXLAN spec (where the main problem lies) recommends
against them. Therefore, this is considered to be an advanced user
feature and we settle for just documenting the issue.
Jarno Rajahalme [Thu, 19 Mar 2015 22:39:48 +0000 (15:39 -0700)]
ofproto-dpif-xlate: More robust wildcarding for select group.
The flow key should be the same regardless of whether a live bucket is
found or not, as it would be confusing that the flow key would be
different (different mask bits) after the last group bucket goes dead.
In general, the megaflow algorithm expects the mask bits be set as
soon as we read the header bits, regardless of what happens
afterwards.
Also, use flow_mask_hash_fields() instead of individually setting mask
fields. This immediately brings in IPv6 support, and helps keeping
masks in sync with potential algorithm changes to flow hashing
functions.
Found by inspection.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Thu, 19 Mar 2015 22:20:21 +0000 (15:20 -0700)]
ofproto-dpif-xlate: Roll back group bucket actions after every bucket.
We used to roll back group bucket changes only for 'all' and
'indirect' group types, but the expected semantics of all group types
is that any changes by the group bucket are not visible after the
group has been executed.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Thu, 12 Mar 2015 20:02:07 +0000 (13:02 -0700)]
ofproto-dpif-xlate: Remove bond recirculation parameters from context.
The bond recirculation parameters in the translation context are short
lived and only carry parameters to immediate downstream functions. As
such they are better served as normal function parameters. This
simplifies the translation context, which needs to be essentially
restored after traversing patch ports.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Fri, 20 Mar 2015 04:50:30 +0000 (13:50 +0900)]
Support decoding of NTR selection method
This is in preparation for supporting group mod and desc reply
messages with an NTR selection method group experimenter property.
Currently decoding always fails as it only allows properties for known
selection methods and no selection methods are known yet. A subsequent
patch will propose a hash selection method.
NTR selection method Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Fri, 20 Mar 2015 04:50:28 +0000 (13:50 +0900)]
Documentation: Add documentation of group selection method property
NTR selection method Signed-off-by: Simon Horman <simon.horman@netronome.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Mark D. Gray [Tue, 24 Mar 2015 10:39:11 +0000 (10:39 +0000)]
vswitch.ovsschema: Add datapath_types and port_types.
At startup enumerate datapath and port types and add this information to
the datapath_types and port_types columns in the ovsdb.
This allows an ovsdb client to query the datapath in order to determine
if certain datapath and port types exist. For example, by querying the
port_types column, an ovsdb client will be able to determine if this
instance of ovs-vswitchd was compiled with DPDK support.
Signed-off-by: Mark D. Gray <mark.d.gray@intel.com> Signed-off-by: Billy O'Mahony <billy.o.mahony@intel.com>
[blp@nicira.com made several changes] Signed-off-by: Ben Pfaff <blp@nicira.com>
Sorin Vinturis [Tue, 24 Mar 2015 14:53:11 +0000 (14:53 +0000)]
datapath-windows: Updated WFP system provider handling
If the Base Filtering Engine (BFE) is not started, the WFP system
provider failed to be added because no session to the engine could
be acquired.
The solution for this was to registered a BFE notification callback
that is called whenever the BFE's state changes. Only if the BFE's
state is running the WFP system provider is added.
Jonathan Vestin [Wed, 18 Mar 2015 16:13:01 +0000 (17:13 +0100)]
netdev-linux: Support for SFQ, FQ_CoDel and CoDel qdiscs.
This patch adds support for SFQ, CoDel and FQ_CoDel classless qdiscs to Open vSwitch. It also removes the requirement for a QoS to have at least one Queue (as this makes no sense when using classless qdiscs). I have also not implemented class_{get,set,delete,get_stats,dump_stats} because they are meant for qdiscs with classes.
Signed-off-by: Jonathan Vestin <jonavest@kau.se>
[blp@nicira.com mostly applied stylistic changes] Signed-off-by: Ben Pfaff <blp@nicira.com>
Dennis Flynn [Wed, 18 Mar 2015 18:47:14 +0000 (14:47 -0400)]
auto-attach: Support latest version of auto-attach LLDP TLVs
The following enhancements to the auto-attach feature are provided
- Support recent modifications to the AA element discovery TLV
- Support recent Avaya Organizationally Unique ID (OUI) change.
(This will change to IEEE assigned OUI once AA standard has been ratified)
- Remove some Avaya specific #defines
The primary purpose of this commit is to catch up with the latest changes made
to the auto attach TLVs as the Auto Attach feature progresses through the
802.1Q IEEE standards committee. Most notably this includes some minor rework
of the AA element discovery TLV and a recent change to the Avaya OUI value.
Signed-off-by: Dennis Flynn <drflynn@avaya.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Alex Wang [Wed, 18 Mar 2015 21:32:23 +0000 (14:32 -0700)]
bashcomp: Install and package completion scripts.
This commit makes the bash completion scripts be installed to
$(sysconfdir)/bash_completion.d/ through 'make install' and to
/etc/bash_completion.d/ through package installation. This will
make the scripts available for each bash session.
An alternative is to put scripts to /usr/share/bash_completion/
directory. However, this is not supported by earlier version of
bash completion.