Aaron Conole [Fri, 12 Jan 2018 22:15:50 +0000 (17:15 -0500)]
flake8: Ignore bare except violations
Newer versions of flake8 (3.5.0, mccabe: 0.6.1, pycodestyle: 2.3.1,
pyflakes: 1.6.0) add an error code for 'bare exception'. The OvS
codebase does use bare exceptions in places, especially when the
specific exception isn't important (ie: the program will be
terminating, so the specific exception isn't important).
Without this change, the following error messages appear:
utilities/checkpatch.py:476:5: E722 do not use bare except'
utilities/checkpatch.py:514:5: E722 do not use bare except'
utilities/ovs-dev.py:189:5: E722 do not use bare except'
utilities/ovs-dev.py:192:9: E722 do not use bare except'
utilities/ovs-dev.py:197:5: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:360:13: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:434:5: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:470:13: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:609:9: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:679:5: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:712:13: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:744:9: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:751:9: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:825:5: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:1006:13: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:1041:13: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:1079:5: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:1202:5: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:1247:9: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:1257:13: E722 do not use bare except'
utilities/bugtool/ovs-bugtool.in:1328:9: E722 do not use bare except'
tests/test-daemon.py:60:5: E722 do not use bare except'
tests/test-l7.py:23:1: E722 do not use bare except'
tests/test-unixctl.py:96:5: E722 do not use bare except'
xenserver/usr_share_openvswitch_scripts_ovs-xapi-sync:404:5: E722 do not use bare except'
python/ovs/fcntl_win.py:39:9: E722 do not use bare except'
python/ovs/poller.py:38:1: E722 do not use bare except'
python/ovs/socket_util.py:151:13: E722 do not use bare except'
python/ovs/stream.py:169:17: E722 do not use bare except'
python/ovs/stream.py:578:17: E722 do not use bare except'
python/ovs/timeval.py:51:1: E722 do not use bare except'
python/ovstest/util.py:52:5: E722 do not use bare except'
vtep/ovs-vtep:767:5: E722 do not use bare except'
Signed-off-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Aaron Conole [Fri, 12 Jan 2018 20:40:21 +0000 (15:40 -0500)]
ovs-tcpundump: fix a conversion issue
When I tried using ovs-tcpundump, I got the following error message:
Traceback (most recent call last):
File ./ovs-tcpundump, line 64, in <module>
if m is None or int(m.group(1)) == 0:
ValueError: invalid literal for int() with base 10: '00a0'
Signed-off-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
netdev-native-tnl: Add assertion in vxlan_pop_header.
During tunnel decapsulation the below steps are performed:
[1] Tunnel information is populated in packet metadata i.e packet->md->tunnel.
[2] Outer header gets popped.
[3] Packet is recirculated.
For [1] to work, the dp_packet L3 and L4 header offsets should be valid.
The offsets in the dp_packet are set as part of miniflow extraction.
If offsets are accidentally reset (or) the pop header operation is performed
prior to miniflow extraction, step [1] fails silently and creates
issues that are harder to debug. Add the assertion to check if the
offsets are valid.
Signed-off-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Fri, 12 Jan 2018 18:42:39 +0000 (10:42 -0800)]
docs: Recommend newer version of "sparse".
The previously recommended version of sparse, version 0.4.4, does not
support -Wsparse-error properly, so configuring with --enable-Werror and
--enable-sparse will not have the desired effect of breaking the build
when sparse reports an error. Version 0.5.1 and later do implement this
properly.
This commit also updates the recommended URL for sparse because the
previous URL doesn't have the newer releases.
Ben Pfaff [Thu, 11 Jan 2018 23:49:24 +0000 (15:49 -0800)]
configure: New --enable-sparse option to enable sparse checking by default.
Until now, "make" called sparse to do checking only if C=1 was passed on
the command line. It was easy for developers to forget to specify that.
This commit adds another option: specifying --enable-sparse on the
configure command line enables sparse checking by default. (It can still
be disabled with C=0.)
packets: Prefetch the packet metadata in cacheline1.
pkt_metadata_prefetch_init() is used to prefetch the packet metadata
before initializing the metadata in pkt_metadata_init(). This is done
for every packet in userspace datapath and is performance critical.
Commit 99fc16c0 prefetches only cachline0 and cacheline2 as the metadata
part of respective cachelines will be initialized by pkt_metadata_init().
However in VXLAN case when popping the vxlan header, netdev_vxlan_pop_header()
invokes pkt_metadata_init_tnl() which zeroes out metadata part of
cacheline1 that wasn't prefetched earlier and causes performance
degradation.
By prefetching cacheline1, 9% performance improvement is observed with
vxlan decapsulation test case for packet sizes of 118 bytes. Performance
variation is observed based on CFLAGS.
CFLAGS="-O2" CFLAGS="-O2 -msse4.2"
Master 4.667 Mpps Master 4.710 Mpps
With Patch 5.045 Mpps With Patch 5.097 Mpps
CFLAGS="-O2 -march=native" CFLAGS="-Ofast -march=native"
Master 5.072 Mpps Master 5.349 Mpps
With Patch 5.193 Mpps With Patch 5.378 Mpps
Fixes: 99fc16c0 ("Reorganize the pkt_metadata structure.") Signed-off-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com> Acked-by: Sugesh Chandran <sugesh.chandran@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yi Yang [Thu, 11 Jan 2018 05:24:03 +0000 (13:24 +0800)]
nsh: add dec_nsh_ttl action
NSH ttl is a 6-bit field ranged from 0 to 63, it should be
decremented by 1 every hop, if it is 0 or it is so after
decremented, the packet should be dropped and a packet-in
message is sent to main controller.
Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Yi Yang [Thu, 11 Jan 2018 05:24:02 +0000 (13:24 +0800)]
nsh: fix nested mask for OVS_KEY_ATTR_NSH
NSH kernel implementation used nested mask for OVS_KEY_ATTR_NSH,
so NSH userspace must adapt to it, OVS hasn't used nested mask for
any key attribute so far, OVS_KEY_ATTR_NSH is the first use case.
Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Thu, 11 Jan 2018 21:59:04 +0000 (13:59 -0800)]
configure: Make --enable-Werror turn sparse warnings into errors.
Until now, when "sparse" reported a warning, it didn't fail the build for
that file, even when the project was configured with --enable-Werror, which
made it easy to miss warnings. This commit fixes the problem.
Reported-by: "Stokes, Ian" <ian.stokes@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Ian Stokes <ian.stokes@intel.com> Tested-by: Ian Stokes <ian.stokes@intel.com>
Justin Pettit [Thu, 11 Jan 2018 18:55:04 +0000 (10:55 -0800)]
odp-util: Fix Sparse warning in parse_odp_userspace_action().
Sparse complains with warning: incorrect type in argument 1 (different
base types) in function parse_odp_userspace_action due to a call to
htonll(rule_cookie). The variable is read in host-byte order, so it
shouldn't have been declared as big-endian.
Fixes: d39ec23de384 ("ofproto-dpif: Don't slow-path controller actions.") Reported-by: Ian Stokes <ian.stokes@intel.com> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ian Stokes <ian.stokes@intel.com> Tested-by: Ian Stokes <ian.stokes@intel.com> Acked-by: Ben Pfaff <blp@ovn.org>
Justin Pettit [Thu, 19 Oct 2017 06:16:22 +0000 (23:16 -0700)]
ofproto-dpif: Don't slow-path controller actions with pause.
A previous patch removed slow-pathing for controller actions with the
exception of ones that specified "pause". This commit removes that
restriction so that no controller actions are slow-pathed.
Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
Controller actions have become more commonly used for purposes other
than just making forwarding decisions (e.g., packet logging). A packet
that needs to be copied to the controller and forwarded would always be
sent to ovs-vswitchd to be handled, which could negatively affect
performance and cause heavier CPU utilization in ovs-vswitchd.
This commit changes the behavior so that OpenFlow controller actions
become userspace datapath actions while continuing to let packet
forwarding and manipulation continue to be handled by the datapath
directly.
This patch still slow-paths controller actions with the "pause" flag
set. A future patch will stop slow-pathing these pause actions as
well.
Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
Justin Pettit [Wed, 4 Oct 2017 00:31:34 +0000 (17:31 -0700)]
ofproto: Add 'ofproto_uuid' and 'ofp_in_port' to user action cookie.
Previously, the ofproto instance and OpenFlow port have been derived
based on the datapath port number. This change explicitly declares them
both, which will be helpful in future commits that no longer can depend
on having a unique datapath port (e.g., a source port that represents
the controller).
Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
Michal Weglicki [Tue, 9 Jan 2018 07:55:37 +0000 (07:55 +0000)]
netdev: Custom statistics.
- New get_custom_stats interface function is added to netdev. It
allows particular netdev implementation to expose custom
counters in dictionary format (counter name/counter value).
- New statistics are retrieved using experimenter code and
are printed as a result to ofctl dump-ports.
- New counters are available for OpenFlow 1.4+.
- New statistics are printed to output via ofctl only if those
are present in reply message.
- New statistics definition is added to include/openflow/intel-ext.h.
- Custom statistics are implemented only for dpdk-physical
port type.
- DPDK-physical implementation uses xstats to collect statistics.
Only dropped and error counters are exposed.
Co-authored-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Michal Weglicki <michalx.weglicki@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Michal Weglicki [Wed, 10 Jan 2018 13:06:03 +0000 (13:06 +0000)]
ofproto-dpif-ipfix: add interface Information Elements to flow key
Extend flow key part of data record to include following Information Elements:
- ingressInterface
- ingressInterfaceType
- egressInterface
- egressInterfaceType
- interfaceName
- interfaceDescription
In case of input sampling we don't have information about egress port.
Define templates depending not only on protocol types, but also on flow
direction. Only egress flow will include egress information elements.
With this change, dpif_ipfix_exporter stores every port in hmap rather
than only tunnel ports. It allows to easily retrieve required
information about interfaces during sampling upcalls.
Co-authored-by: Michal Weglicki <michalx.weglicki@intel.com> Signed-off-by: Michal Weglicki <michalx.weglicki@intel.com> Signed-off-by: Przemyslaw Szczerbik <przemyslawx.szczerbik@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Wed, 10 Jan 2018 16:35:04 +0000 (08:35 -0800)]
ofproto-dpif: Issue clear error messages for unsupported CT features.
I spent way too much time this last week tracking down errors due to a
VM with an antique kernel module that didn't support connection tracking.
This commit adds clear error messages that would have made the problem
obvious.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Darrell Ball <dlu998@gmail.com>
William Tu [Wed, 10 Jan 2018 21:13:11 +0000 (13:13 -0800)]
tunnel: fix tunnel flags set/clear.
Existing code only set these tunnel flags (df, csum, and key) when the
flag is set in the output tunnel port, but did not clear when the flag
is unset. The patch fixes it by setting and clearing it accordingly.
Two existing testcases need to fix:
'tunnel - Geneve option present' has no key set up, so we should match
'flags(df)' instead of 'flags(df|key)'. The second case
'tunnel - concomitant IPv6 and IPv4 tunnels' follows the same pattern.
One additional test case 'tunnel - Mix Geneve/GRE options' is added.
Signed-off-by: William Tu <u9012063@gmail.com>
VMWare-BZ: #2019012 Signed-off-by: Ben Pfaff <blp@ovn.org>
Ashish Varma [Fri, 15 Dec 2017 15:09:50 +0000 (07:09 -0800)]
tests: add-del-add sequence for interface
Added a unit test case for testing the condition when a veth interface
is added to br0 and then the veth interface is deleted from the
system and added back with the same name.
Darrell Ball [Tue, 9 Jan 2018 23:44:57 +0000 (15:44 -0800)]
conntrack: Reorder sanity checks in extract_l3_ipvx().
The functions extract_l3_ipv4 and extract_l3_ipv6 check for
unsupported ip fragments and return early. The checks were after
an assignment that would not be needed when early return happens.
This is slightly inefficient, but mostly reads poorly.
Hence, reorder the ip fragment checks before the assignments.
Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Darrell Ball [Tue, 9 Jan 2018 23:44:56 +0000 (15:44 -0800)]
conntrack: Some style improvements.
Fix up some instances where variable declarations were not close
enough to their use, as these were missed before. This is the
preferred art in OVS code and flagged heavily in code reviews.
This is highly desirable due to code clarity reasons.
There are also some cases where newlines were not needed by prior art
and some cases where they were needed but missed.
There was one case where there was a missing space after "}".
There were a few cases where for loop index declarations could be
folded into the loop.
One function was missing some const qualifiers.
There were a few instances where a local variable for conn_key_hash
could be eliminated.
Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Darrell Ball [Tue, 9 Jan 2018 23:44:55 +0000 (15:44 -0800)]
conntrack: Add additional alg support.
In order to support more algs with different requirements,
expectation handling is allowed to handle more cases, such as
a wildcard source ip as in the case of SIP. NAT can also be
skipped in some alg cases.
Expectation_create() was otherwise simplified in the process.
Some renaming was done to support the above changes.
Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Darrell Ball [Tue, 9 Jan 2018 23:44:54 +0000 (15:44 -0800)]
conntrack: Fix alg expectation cleanup.
Presently, alg expectations are removed by being time expired.
This was intended to happen before the control connections and
was intended to minimize the extra work involved for tracking and
removing the expectations. This is not the best option since it
should be possible to remove expectations when a control connection
is removed and a new api is in the works to do this. Also, conceptually
an expectation should not exist without a control connection context
and it can be argued that this should be a strict requirement.
The approach is changed to remove the expectations when the control
connections are removed. The previous code to expire the expectations
is removed at the same time.
Fixes: bd5e81a0e ("Userspace Datapath: Add ALG infra and FTP.")
Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2017-December/341683.html Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
ofproto-dpif-xlate: Incorrect handling of errors in group action processing
As per OpenFlow v1.3 specification, when an action list contains a group
action a copy of the packet is passed to the group for processing by the
group. This means that if there is an error encountered during group
processing, only the copy of packet should be dropped, but subsequent
actions in the action list should be executed on the original packet.
Additionally, if the group type is "ALL", each action bucket of the group
should process a copy of the packet. If there is an error while processing
one bucket other buckets should still be processed.
Example 1:
table=0,in_port=tap0 actions=output:tap1,group:10,output:tap2
Even if any error is encountered while processing the group action, the
packet should still be forwarded to ports tap1 and tap2.
Example 2:
group_id=1,type=all,bucket=actions=output:tap1,bucket=actions=encap(eth)
Even if processing the action in the second bucket fails because the
packet already has an Ethernet header, the other copy of the packet should
still be processed by the first bucket and output to port tap1.
Currently the error handling in OVS does not comply with those rules. When
any group bucket execution fails the error is recorded in the so-called
"translation context" which is global for the processing of the original
packet. Once an error is recorded, OVS skips processing subsequent buckets
and installs a drop action in the datapath even if parts of the action list
were previously processed successfully.
This patch clears the error flag after any bucket of a group is executed.
This way the error encountered in processing any bucket of the group will
not impact other actions of action-list or other buckets of the group.
Errors which are system limits to protect translation from taking too long
time or too much space are not cleared. Instead drop action is installed
for them.
Signed-off-by: Vishal Deep Ajmera <vishal.deep.ajmera@ericsson.com> Signed-off-by: Keshav Gupta <keshav.gupta@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
ovs-bugtool: Extend bugtool with query repeat feature.
Devs can configure bugtool plugin queries to be repeated using
repeat counters. The value of a repeat counter is an integer
greater than 1. The outputs of a repeated query are saved in the
same output file with date headers. Queries without repeat counter
will run only once. Users can set the delay between repeated
queries with the delay option. Default value for delay is 10
seconds.
Setting repeat counter value to "2" for traffic related queries.
Signed-off-by: David Patrik Pinter <david.patrik.pinter@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
ovs-bugtool: Refactorize bugtool plugin xml files.
Introducing new query calling practice:
- single line query called directly from plugin xml
- multiple line query saved as script and the script is called
from plugin xml
Signed-off-by: David Patrik Pinter <david.patrik.pinter@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Introducing 'ovs-bugtool-ovs-ofctl-loop-over-bridges' bash script.
It calls ovs-ofctl commands given as first parameter for each
bridge with the corresponding open flow protocol option.
Usage:
ovs-bugtool-ovs-ofctl-loop-over-bridges "param1" "param2"
- param1: ovs-ofctl command to call (show, dump-flows, etc...)
- param2: optional, add further parts for the shell command
(like "| grep something")
Calling ovs-ofctl commands 'show' and 'dump-flows' with the
'ovs-bugtool-ovs-ofctl-loop-over-bridges' bash script.
Signed-off-by: David Patrik Pinter <david.patrik.pinter@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Numan Siddique [Mon, 8 Jan 2018 07:35:56 +0000 (13:05 +0530)]
OVN pacemaker: Fix issues when started as pacemaker container bundles
When OVN dbs are created as a pacemaker container bundle resource with
meta attribute "container-attribute-target=host" defined, the OVN OCF script
is not working properly. It should use the function provided by the OCF lib
'ocf_attribute_target' [1] to get the physical hostname and use that to set the
master/slave scores. This patch makes use of this function when setting the
scores. Also fixes other issues seen and deletes the local unused function
'ovsdb_server_find_active_peers'.
[1] - Please see this commit in ResourceAgents for more information on
'ocf_attribute_target'
https://github.com/ClusterLabs/resource-agents/commit/9bd94137d77f770967d35db5de716590cfaf0435
Signed-off-by: Numan Siddique <nusiddiq@redhat.com> CC: Russell Bryant <russell@ovn.org> Signed-off-by: Russell Bryant <russell@ovn.org>
Markos Chandras [Wed, 27 Dec 2017 18:27:12 +0000 (18:27 +0000)]
ovsdb: ovsdb-dot.in: Change exception semantics for Python3
PEP-3110 changes the semantics for capturing exceptions in Python3
from 'except E,N' to 'except E as N'. This fixes the following problem
when building with python3
Markos Chandras [Wed, 27 Dec 2017 18:27:11 +0000 (18:27 +0000)]
ovsdb: ovsdb-dot.in: Use print function for Python3
The python2 print statement no longer works in python3 since the
latter uses a print function. As such, replace all instances of
'print' with 'print()'. This fixes the following build problem with
python3
Markos Chandras [Wed, 27 Dec 2017 18:27:10 +0000 (18:27 +0000)]
ovsdb: Use items() instead of iteritems() for Python3
Python3 removed the iteritems() iterator and replaced it with items()
which should also work in Python2. This fixes the following build
problem on Python3:
Traceback (most recent call last):
File "./ovsdb/ovsdb-idlc.in", line 1436, in <module>
func(*args[1:])
File "./ovsdb/ovsdb-idlc.in", line 314, in printCIDLHeader
for columnName, column in sorted(table.columns.iteritems()):
AttributeError: 'dict' object has no attribute 'iteritems'
Signed-off-by: Markos Chandras <mchandras@suse.de> Signed-off-by: Ben Pfaff <blp@ovn.org>
Daniel Alvarez [Tue, 9 Jan 2018 13:54:36 +0000 (14:54 +0100)]
ovn-controller: Change duplicate flows trace from INFO to DBG
When ovn-controller detects that a flow is duplicated, it will print an
INFO trace. Even though it's rate limited, this patch is changing the
trace level back to DEBUG to reduce noise.
Background: in our effort to ensure consistency across objects in
Neutron and OVN databases we find some special cases like security group
rules which match OVN ACLs but not in 1:1 relationship. Until now, two
identical security group rules beloning each to a different security
group would generate a single ACL in NB database. With this behavior,
there's no way to map the ACL in OVN to the corresponding Neutron
object.
By implementing [0] we're trying to ensure this mapping so we make use
of the external_ids column of every table for this purpose. It may
happen that we'll have two identical ACLs but each referencing a
different Neutron object in their external_ids field. However, this will
make ovn-controller to drop those duplicated flows and log a (rate
controlled) INFO trace. In order to reduce this noise, this patch
changes it to DBG.
Commit e995e3df57 ("Allow OVS_USERSPACE_ATTR_USERDATA to be variable
length.") changed userspace action userdata from eight bytes to variable
length. OVS only supports Linux kernels greater than or equal to 3.10,
which include support for variable length userdata. Other datapaths are
more modern and should have support, so it's no longer necessary to
probe.
Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Tue, 9 Jan 2018 18:38:31 +0000 (10:38 -0800)]
ofp-errors: Send as much of a message as possible in an error reply.
When an OpenFlow switch sends an error message in reply to a request
from a controller, it includes an excerpt from the original request. The
OpenFlow specification only requires the switch to send at least the first
64 bytes of the request. Until now, Open vSwitch has only sent that much.
This commit changes Open vSwitch to instead send the entire message, only
trimming it if necessary to keep the error message within the 64 kB limit
for an OpenFlow message. This should simplify debugging for controller
authors.
Yi Yang [Sat, 6 Jan 2018 05:47:51 +0000 (13:47 +0800)]
nsh: rework NSH netlink keys and actions
This patch changes OVS_KEY_ATTR_NSH
to nested attribute and adds three new NSH sub attribute keys:
OVS_NSH_KEY_ATTR_BASE: for length-fixed NSH base header
OVS_NSH_KEY_ATTR_MD1: for length-fixed MD type 1 context
OVS_NSH_KEY_ATTR_MD2: for length-variable MD type 2 metadata
Its intention is to align to NSH kernel implementation.
NSH match fields, set and PUSH_NSH action all use the below
nested attribute format:
OVS_KEY_ATTR_NSH begin
OVS_NSH_KEY_ATTR_BASE
OVS_NSH_KEY_ATTR_MD1
OVS_KEY_ATTR_NSH end
or
OVS_KEY_ATTR_NSH begin
OVS_NSH_KEY_ATTR_BASE
OVS_NSH_KEY_ATTR_MD2
OVS_KEY_ATTR_NSH end
In addition, NSH encap and decap actions are renamed as push_nsh
and pop_nsh to meet action naming convention.
Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Mon, 8 Jan 2018 21:13:34 +0000 (13:13 -0800)]
ofproto: Delete all groups and meters when (un)configuring a controller.
Open vSwitch has always deleted all flows from the flow table whenever a
controller is configured or whenever all the controllers are unconfigured.
After this commit, OVS additionally deletes all OpenFlow groups and meters.
Suggested-by: Periyasamy Palanisamy <periyasamy.palanisamy@ericsson.com> Suggested-by: Jan Scheurich <jan.scheurich@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Jan Scheurich <jan.scheurich@ericsson.com> Tested-by: Jan Scheurich <jan.scheurich@ericsson.com> Reviewed-by: Greg Rose <gvrose8192@gmail.com> Tested-by: Greg Rose <gvrose8192@gmail.com>
Timothy Redaelli [Fri, 22 Dec 2017 15:00:53 +0000 (16:00 +0100)]
rhel: add "force-reload-kmod" support in "ovs-systemd-reload"
Since you can't use "ovs-ctl force-reload-kmod" on Fedora/RHEL, due to
systemd dependencies, this commit adds the "force-reload-kmod" feature on
ovs-systemd-reload.
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: Greg Rose <gvrose8192@gmail.com> Reviewed-by: Greg Rose <gvrose8192@gmail.com>
Ben Pfaff [Fri, 5 Jan 2018 06:40:01 +0000 (22:40 -0800)]
ofp-print: Include full hex dump of messages that fail decode.
In debugging issues with a controller that appears to send invalid
OpenFlow messages, it can be difficult to actually see the important
details of those messages, because OpenFlow message logging (in the vconn
log module) will generally just print a generic decode error that doesn't
allow a developer to see what failed to decode. This commit enhances the
ofp-print code so that, if a message fails to decode, the full hex dump of
the message is included in the output.
Reported-by: Su Wang <suwang@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Gurucharan Shetty <guru@ovn.org>
Mark Michelson [Wed, 29 Nov 2017 21:59:48 +0000 (15:59 -0600)]
OVN: Add support for periodic router advertisements.
This change adds three new options to the Northbound
Logical_Router_Port's ipv6_ra_configs option:
* send_periodic: If set to "true", then OVN will send periodic router
advertisements out of this router port.
* max_interval: The maximum amount of time to wait between sending
periodic router advertisements.
* min_interval: The minimum amount of time to wait between sending
periodic router advertisements.
When send_periodic is true, then IPv6 RA configs, as well as some layer
2 and layer 3 information about the router port, are copied to the
southbound database. From there, ovn-controller can use this information
to know when to send periodic RAs and what to send in them.
Because periodic RAs originate from each ovn-controller, the new
keep-local flag is set on the packet so that ports don't receive an
overabundance of RAs.
Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Mark Michelson [Wed, 29 Nov 2017 21:59:47 +0000 (15:59 -0600)]
OVN: Add multicast local-only flag.
When this flag is set, then a multicast packet that would normally be
delivered to ports on multiple hypervisors is only delivered to ports
on the local hypervisor.
The primary known use case for this is when multicast packets originate
from ovn-controller. Multiple ovn-controllers will be attempting to send
out those multicast packets, and so each should only be responsible for
delivering those packets to their local ports.
Signed-off-by: Mark Michelson <mmichels@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Thu, 28 Dec 2017 20:34:50 +0000 (12:34 -0800)]
tunnel: Add ofproto/list-tunnels command for troubleshooting.
I've recently had to debug some issues related to tunnel implementation.
This command would make it easier to have some confidence in how tunnels
are actually set up inside OVS.
Ben Pfaff [Thu, 28 Dec 2017 20:34:49 +0000 (12:34 -0800)]
tunnel: Log sanely in tnl_port_receive().
When this function was introduced in 2012, it modified its 'flow' argument
and logged the changes (at debug level). However, since 2013 it has no
longer modified its 'flow' argument, but the logging was still oriented
around the idea that it did. This commit fixes up the logging to make
sense again.
This doesn't fix an actual bug that causes problems, but it does fix a
conceptual error.
Fixes: 2301f7ebc15e ("tunnel: Make tnl_port_receive() parameter 'const'.") Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
Jakub Sitnicki [Fri, 22 Dec 2017 15:12:52 +0000 (16:12 +0100)]
tests: Kill the daemons at cleanup only if pidfile exists.
Remembering the PIDs of started daemon processes and killing them during
cleanup can interfere with other tests.
When the tests are running in parallel (i.e., -jX was passed in
TESTSUITEFLAGS), PIDs of daemons that have terminated before the cleanup
are subject to reuse by processes, or threads, spawned in another test.
This means that, while executing its 'cleanup' script, one test can
accidentally send a SIGTERM to a process running as a part of another
test and influence its outcome.
Retrieve the PID of the process we intend to kill at the last possible
moment to narrow down the window of opportunity for interfering.
This approach has a downside that if the daemon's pidfile has
disappeared but the process has not terminated, we will not clean it up
at the end of the test.
Signed-off-by: Jakub Sitnicki <jkbs@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Fri, 6 Oct 2017 22:15:31 +0000 (15:15 -0700)]
log: Use absolute name of log file.
In ovsdb-server, the OVSDB log code is used to open the databases specified
on the command line before ovsdb-server daemonizes itself. Afterward, it
is occasionally necessary for ovsdb-server to reference those files by name
again. When that happens, if daemonization changed the current directory
to the root, any relative names are no longer valid and those references
will fail. Until now, this was handled at a higher level in ovsdb-server,
but in the future it will be convenient to handle it in the log code
itself. This commit prepares for that by making the log code take the
absolute name of log files itself.
Ben Pfaff [Mon, 25 Dec 2017 01:52:34 +0000 (17:52 -0800)]
log: Replace ovsdb_log_get_offset() by a more abstract mechanism.
Upcoming support for clustered databases will need to provide a more
abstract way to determine when a given file should be compacted, so this
changes the standalone database support to use this mechanism in advance.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Mon, 25 Dec 2017 00:19:24 +0000 (16:19 -0800)]
log: Support multiple magic.
Some OVSDB tools will want to open files that might be standalone or
clustered databases, and so it's better if ovsdb_log_open() can accept more
than one valid "magic". This commit makes that possible.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Fri, 6 Oct 2017 18:40:00 +0000 (11:40 -0700)]
log: Support using /dev/stdin for opening logs read-only.
On Unix-like systems, usually /dev/stdin opens a duplicate of fd 0, and
this will be convenient in a few places later on. This commit makes this
support universal.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Thu, 7 Dec 2017 22:33:28 +0000 (14:33 -0800)]
log: New functions for replacing a log's contents.
These functions will acquire users in future commits.
This new functionality made the internal state machine of the log hard
enough to understand that I thought that it was best to make it explicit
with a 'state' variable, so this commit introduces one.
This commit duplicates code and logic from ovsdb_rename() and
ovsdb_compact() in ovsdb/file.c. A future commit removes this duplication.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Wed, 6 Dec 2017 20:36:44 +0000 (12:36 -0800)]
log: Make reading in writing mode less of an error.
Clients are intended to use the OVSDB log code by reading zero or more
records and then writing zero or more records, but not reading after any
write has occurred. Until now, ovsdb_log_read() has signaled the latter
behavior as an error. Upcoming changes to OVSDB are going to make it an
expected behavior in some cases, so this commit changes it so that it
just becomes an empty read.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Wed, 6 Dec 2017 18:33:21 +0000 (10:33 -0800)]
log: Require log entries to be JSON objects.
The current and upcoming users of the OVSDB logging module only use
JSON objects as records. This commit simplifies the users slightly
by allowing them to always assume that the records are JSON objects.
Unfortunately this resulted in a large number of updates to tests,
which didn't always use JSON objects.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Sun, 24 Dec 2017 19:43:59 +0000 (11:43 -0800)]
log: Allow client to specify magic.
Until now, the logging code in ovsdb has only supported a single file
format, for OVSDB standalone database files. Upcoming commits will add
support for another, incompatible format, which uses a different magic
string for identification. This commit allows the logging code to
support both formats.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Mon, 6 Nov 2017 22:42:32 +0000 (14:42 -0800)]
sparse: Add guards to prevent FreeBSD-incompatible #include order.
FreeBSD insists that <sys/types.h> be included before <netinet/in.h> and
that <netinet/in.h> be included before <arpa/inet.h>. This adds guards to
the "sparse" headers to yield a warning if this order is violated. This
commit also adjusts the order of many #includes to suit this requirement.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Fri, 8 Dec 2017 20:36:57 +0000 (12:36 -0800)]
ovsdb-client: Show even constraint-breaking data in "dump" output.
The ovsdb-client "dump" command is a fairly low-level tool that can be
used, among other purposes, to debug the OVSDB protocol. It's better if
it just prints what the server sends without being too judgmental about it.
Thus, we might as well ignore constraints for the purpose of dumping
tables.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
Ben Pfaff [Mon, 4 Dec 2017 19:51:43 +0000 (11:51 -0800)]
odp-util: Use flexible sized buffer to hold Geneve options.
The 'mask' buffer in parse_odp_action() is supposed to always be big
enough:
/* 'mask' is big enough to hold any key. */
Geneve options can be really big and the comment was wrong. In addition,
the user might supply more options than can really fit in any case, so
we might as well just use a stub.
Found by libfuzzer.
Reported-by: Bhargava Shastry <bshastry@sec.t-labs.tu-berlin.de> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Mon, 27 Nov 2017 21:53:28 +0000 (13:53 -0800)]
netdev-tc-offloads: Use customary types for buffer.
This function uses local array set_buff[] to store Netlink attributes.
It declares set_buff as an array of character pointers, which is a strange
type for a buffer of non-character-pointer objects. In OVS it is
customary to use an ofpbuf with a stub of uint64_t objecs (to ensure
proper alignment, otherwise uint8_t would be more usual). This commit
changes to that more usual form.
projects / mirror_ovs.git / log