Simon Horman [Wed, 30 Oct 2013 09:17:13 +0000 (18:17 +0900)]
ofproto: Break out resubmit resource checking
Break out resubmit resource checking into a helper function
xlate_resubmit_resource_check() and use this new function.
This is to allow the check to be re-used by a subsequent patch.
Suggested-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sat, 2 Nov 2013 18:36:50 +0000 (11:36 -0700)]
nicira-ext: Update comment.
The ARP headers have been acceptable as NXAST_REG_MOVE destinations since
commit f6c8a6b163 (Add software switch support for modifying ARP headers
in OpenFlow.)
Reported-by: Anupam Chanda <achanda@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Joe Stringer <joestringer@nicira.com>
Ben Pfaff [Sat, 2 Nov 2013 15:43:14 +0000 (08:43 -0700)]
ofproto-dpif-xlate: Handle oversized actions more gracefully.
If the datapath actions exceed the maximum size of a Netlink attribute
(about 64 kB), then previously we would assert-fail (before commit 542024c4c3d36 "ofproto-dpif-xlate: Suppress oversize datapath actions.")
or just drop all of them (after that commit). This commit makes OVS cope
by slow-pathing the flow and executing all of its actions in userspace.
Ben Pfaff [Mon, 30 Sep 2013 21:46:50 +0000 (14:46 -0700)]
flow: Fill in ->l7 in flow_compose().
flow_extract() fills in ->l7 but flow_compose() wasn't doing it, which
confused bfd_process_packet() when invoked via the ofproto/trace appctl
command.
Ben Pfaff [Sat, 2 Nov 2013 13:55:40 +0000 (06:55 -0700)]
util: Allow set_subprogram_name() to take a printf() format string.
This will be convenient in an upcoming commit.
I had to add -Wno-format-zero-length to suppress a GCC warning about a
zero-length format string in this monitor_daemon() call:
set_subprogram_name("");
I don't know what that warning is good for anyway, and I guess the Clang
developers don't either because Clang didn't warn.
Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
Simon Horman [Wed, 30 Oct 2013 09:17:10 +0000 (18:17 +0900)]
ofproto: Verify compatibility of liveness of groups with their type
Require liveness for fast-failover groups as it is mandated by OpenFlow1.3.
Allow livness for select groups which is in keeping with OpenFlow1.3.
Disallow liveness it for other group types.
Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sat, 2 Nov 2013 04:45:28 +0000 (21:45 -0700)]
ofproto: Centralize action checking, doing it at decode time.
Jarno pointed out that modify_flows__() didn't really need to check every
instance of the flow separately. After some further investigation I
decided that this was even more of an improvement.
Jarno Rajahalme [Thu, 24 Oct 2013 20:19:28 +0000 (13:19 -0700)]
OXM inspired match field names.
Adds OXM inspired aliases for match fields that don't have them
already ("ip_proto", "ip_ecn", "ip_dscp", and "tunnel_id").
"ip_dscp" replaces the earlier undocumented "nw_tos_shifted",
and takes the DSCP value (0-63), which is then shifted
appropriately when applied to an IP packet.
The number of bits for this field is fixed from 8 to 6.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Thu, 31 Oct 2013 04:00:02 +0000 (13:00 +0900)]
Return no protocols if mask is supplied for unmaskable match
Currently if a mask is supplied for an unmaskable match then NOT_REACHED()
is called. The effect of this for a user calling ovs-vsctl with a match
that includes a mask which is not permitted is to politely inform them of
the error of their ways by calling abort and segfaulting.
This patch takes an alternate approach to return no protocols which has the
has the effect when that ovs-vsctl is called with a match that includes a
mask which is not permitted an error message of the following form is
displayed.
ovs-ofctl: none of the usable flow formats (none) is among the allowed flow formats (OpenFlow10,NXM)
This patch also updates the ovs-ofctl test to test matches with masks
where possible.
Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Tue, 29 Oct 2013 23:39:52 +0000 (16:39 -0700)]
classifier: Rename struct cls_table as cls_subtable.
The naming of the classifier table has been a source of confusion,
since each OpenFlow table is implemented as a classifier, which
consists of multiple (sub)tables. This name change hopefully makes
classifier related discussion a bit less confusing.
For consistency, relevant field names as well as the function and
variable names have been renamed in similar fashion.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 29 Oct 2013 20:01:07 +0000 (13:01 -0700)]
vtep: Bring BFD specification in vtep.xml into sync with OVS.
A number of new key-value pairs have been added to the bfd and bfd_status
columns of the OVS schema since the VTEP schema was created. To aid
interoperability between OVS instances and VTEPs, this patch brings
the VTEP schema into line with that of OVS.
CC: Bruce Davie <bdavie@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Implement OFPT_QUEUE_GET_CONFIG_REQUEST and OFPT_QUEUE_GET_CONFIG_REPLY.
Open vSwitch has never implemented this request and reply, even though they
have been in OpenFlow since version 1.0. This commit adds an
implementation.
Signed-off: Venkitachalam Gopalakrishnan <gops@vmware.com> Co-authored-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Joe Stringer <joestringer@nicira.com>
Jarno Rajahalme [Mon, 28 Oct 2013 20:54:40 +0000 (13:54 -0700)]
TCP flags matching support.
tcp_flags=flags/mask
Bitwise match on TCP flags. The flags and mask are 16-bit num‐
bers written in decimal or in hexadecimal prefixed by 0x. Each
1-bit in mask requires that the corresponding bit in port must
match. Each 0-bit in mask causes the corresponding bit to be
ignored.
TCP protocol currently defines 9 flag bits, and additional 3
bits are reserved (must be transmitted as zero), see RFCs 793,
3168, and 3540. The flag bits are, numbering from the least
significant bit:
Jarno Rajahalme [Mon, 28 Oct 2013 20:54:39 +0000 (13:54 -0700)]
Widen TCP flags handling.
Widen TCP flags handling from 7 bits (uint8_t) to 12 bits (uint16_t).
The kernel interface remains at 8 bits, which makes no functional
difference now, as none of the higher bits is currently of interest
to the userspace.
Pravin B Shelar [Fri, 25 Oct 2013 20:42:12 +0000 (13:42 -0700)]
datapath: Enable all GSO features on internal port.
OVS already can handle all types of segmentation offloads that
are supported by the kernel.
Following patch specifically enables UDP and IPV6 segmentation
offloads.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Fri, 25 Oct 2013 20:31:50 +0000 (13:31 -0700)]
ofproto: Avoid abandoning an ofopgroup without committing it.
Commit e3b5693319c (Fix table checking for goto table instruction.) moved
action checking into modify_flows__(), for good reason, but as a side
effect made modify_flows__() abandon and never commit the ofopgroup that it
started, if action checking failed. This commit fixes the problem.
The following commands, run under "make sandbox", illustrate the problem.
Without this change, the final command hangs because the barrier request
that ovs-ofctl sends never gets a response (because barriers wait for all
ofopgroups to complete, which never happens). With this commit, the
commands complete quickly:
Ben Pfaff [Fri, 25 Oct 2013 16:22:37 +0000 (09:22 -0700)]
jsonrpc: Only compose message to log if it's really going to be logged.
This suppresses a testsuite failure when the testsuite is run from a
directory whose name contains a non-ASCII character. I'd rather fix the
problem but webpages like the following make it sound difficult or
impossible on Python 2.x: http://stackoverflow.com/a/11742928
Ben Pfaff [Fri, 25 Oct 2013 16:22:36 +0000 (09:22 -0700)]
tests: Skip Python daemon tests in directory with non-ASCII name.
The Debian autobuild machines run their builds inside a top-level
directory named /«BUILDDIR». That name contains two non-ASCII characters
that cause the Python code in the interface-reconfigure and ovs-monitor-ipsec
tests to fail. The problem seems to be related to the locale, because
switching to a UTF-8 locale allows the tests to proceed farther but does
not fix the problem. I was not able to easily fix the actual problem.
Web searches turn up articles that imply that the problem is not
reasonably fixable with Python 2.x, e.g.:
http://stackoverflow.com/a/11742928
This commit instead avoids the problem by skipping these tests if the
current working directory's name contains non-ASCII characters. This is
a legitimate solution only because interface-reconfigure and
ovs-monitor-ipsec run from initscripts and thus their current working
directories are system directories. (Also, the current working directory
matters much less when run in a real environment because the --root-prefix
option that causes the issue is not used in a real environment.)
YAMAMOTO Takashi [Thu, 24 Oct 2013 03:07:44 +0000 (12:07 +0900)]
ofproto: Report multipart buffer overflow.
Because our size of the multipart request buffer is effectively 0,
always report multipart buffer overflow error for multipart requests
with "more" flag set.
While this might be simpler if done in ofp-msgs.c, i put this in
ofproto.c because it seems like a better place to implement the
buffering logic if/when desirable.
An option question: what to do for the following messages with the
same xid? especially for the last message which doesn't have the
"more" flag set? it would be neater to detect and drop them.
Signed-off-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp> Signed-off-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Wed, 23 Oct 2013 21:34:39 +0000 (14:34 -0700)]
datapath: Per cpu flow stats.
With mega flow implementation ovs flow can be shared between
multiple CPUs which makes stats updates highly contended
operation. Following patch allocates separate stats for each
CPU to make stats update scalable.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
Jarno Rajahalme [Wed, 23 Oct 2013 19:52:57 +0000 (12:52 -0700)]
lib/ofp-actions: Enforce action consistency.
OpenFlow 1.1+ specs encourage switches to verify action consistency
at flow setup time. Implement this for OpenFlow 1.1+ only to not
break any current OF 1.0 based use.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 23 Oct 2013 20:46:57 +0000 (13:46 -0700)]
ofp-actions: Make union ofp_action more generic.
Make union ofp_action more generic by allowing it to be used for
all actions. OFP_ACTION_ALIGN (which is 8, as the sizeof(union
ofp_action) used to be) is now used where sizeof union ofp_action
was used before. On the same note, variable name 'n_actions' is
changed to 'max_actions' as the number of actions cannot be simply
divided when actions have various sizes.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 23 Oct 2013 16:58:34 +0000 (09:58 -0700)]
Allow OFPACT_SET_IP_DSCP to act on both IPv4 and IPv6 packets.
This removes semantic differences between different OpenFlow
versions, making it easier to translate between them.
Also, rename OFPACT_SET_IPV4_DSCP to OFPACT_SET_IP_DSCP.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 23 Oct 2013 04:58:58 +0000 (21:58 -0700)]
pinsched: Eliminate function callback in interface.
I'm not a fan of function callbacks because I feel that they obscure
interfaces. This eliminates the function callback used until now in
the pinsched code.
Ben Pfaff [Wed, 23 Oct 2013 04:36:22 +0000 (21:36 -0700)]
fail-open: Add function to identify fail-open's flows.
This seems slightly cleaner than embedding this logic directing into
ofproto-dpif, since it is an interface that theoretically could be useful
to other ofproto providers.
Ben Pfaff [Tue, 22 Oct 2013 23:57:46 +0000 (16:57 -0700)]
ofp-util: Use correct cookie value in "packet_in"s when no flow involved.
OpenFlow 1.3 uses all-1-bits in a packet_in to indicate that the packet_in
was not generated by a flow, but Open vSwitch incorrectly used 0. This
fixes the problem.
For consistency, this commit also changes NXT_PACKET_IN to use all-1-bits
for this case, event though NXT_PACKET_IN was previously defined to use
zero. This doesn't appear to make a difference for the NVP controller; if
it causes a problem for some other controller then I will revert that part
of the change.
Ben Pfaff [Tue, 22 Oct 2013 23:32:13 +0000 (16:32 -0700)]
connmgr: Move send_len from ofputil_packet_in to ofproto_packet_in.
send_len is not directly part of the OpenFlow packet_in message, at least
given that it is partially redundant with packet_len. send_len is, rather,
a request to the connmgr that expresses how many bytes the action requested
be sent to the controller, but the connmgr cannot always honor it.
Ben Pfaff [Tue, 22 Oct 2013 23:16:31 +0000 (16:16 -0700)]
ofproto, ofp-util: Begin disentangling packet-in wire format and handling.
struct ofputil_packet_in mixes data included in OpenFlow packet_in messages
with data that used internally by ofproto and connmgr to queue and route
packet_ins. This commit begins disentangling these purposes by adding a
new struct ofproto_packet_in that wraps struct ofputil_packet_in. Adding
this new level of indirection causes a lot of code churn, so this commit
mainly takes care of that to make the remaining changes easier to read.
This commit does move the list node used for queuing packet_ins into the
new wrapper structure.
Alex Wang [Sat, 19 Oct 2013 00:27:51 +0000 (17:27 -0700)]
odp-execute: Fix possible segfault.
In current code, the odp_execute_actions() function does not check
the value of "userspace" function pointer before invoking it. This
patch adds a check for it.
Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Thu, 17 Oct 2013 01:15:08 +0000 (10:15 +0900)]
ofp-actions: Distinguish OF1.1/1.2 push_mpls from OF1.3+.
In OpenFlow 1.1 and 1.2, the push_mpls action pushes the MPLS label after
any existing VLAN tag. In OpenFlow 1.3, it pushes the label before any
existing VLAN tag. Until now, the action parser didn't distinguish these
cases. This commit adds support. Nothing yet actually changes the
behavior of push_mpls.
enum ofpact_mpls_position contributed by Ben Pfaff.
Signed-off-by: Joe Stringer <joe@wand.net.nz> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Ben Pfaff <blp@nicira.com>
This commit changes VTEP simulator's flooding logic as follows:
1. Traffic coming from a VTEP physical port will only be flooded
to all the physical ports in the same VTEP that belongs to that logical
switch and to ONLY one of the devices that have been marked as 'unknown-dst'
2. Traffic coming from any device that has 'unknown-dst' marked, will only be
flooded by VTEP to its physical ports that belong to that logical switch.
Ansis Atteka [Fri, 18 Oct 2013 04:32:19 +0000 (21:32 -0700)]
configure: check for uuid python module
After introducing commit a5ae88ff8a276e86c842ac102145432662bf711a
"ovsdb-doc: generate vswitch.[pic|gv] files only if dot tool is
available" Open vSwitch did not build anymore on hosts that did not
have uuid python module installed (for example, we still support
XenServer that still uses old python 2.4 and hence does not have uuid).
After this commit ./configure will check whether uuid module is present
and, if it isn't, then it will add python/compat to the PYTHONPATH.
Acked-By: Ben Pfaff <blp@nicira.com> Signed-Off-By: Ansis Atteka <aatteka@nicira.com>
Issue: 20476
Pravin B Shelar [Mon, 14 Oct 2013 22:26:40 +0000 (15:26 -0700)]
datapath: Add support for Linux 3.11
Kernel 3.11 has support for extended GRE API required for
OVS datapath, But vxlan still needs out of tree tunneling
compatibility. Therefore to simplify, all tunneling modules
are forced to use compat tunneling.
CC: James Page <james.page@ubuntu.com> Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
Justin Pettit [Thu, 17 Oct 2013 21:58:17 +0000 (14:58 -0700)]
vswitchd: Use vswitch-specific variable name in automake.mk.
The variable OVSDB_DOT_DIAGRAM_ARG is describing the vswitch dot file,
so use the name VSWITCH_DOT_DIAGRAM_ARG to prevent confusion in the
generated makefile.
Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Wed, 9 Oct 2013 00:27:12 +0000 (17:27 -0700)]
vtep: Add Debian packaging.
Co-authored-by: David Yang <davidy@vmware.com> Signed-off-by: David Yang <davidy@vmware.com> Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Bruce Davie [Tue, 8 Oct 2013 21:37:51 +0000 (14:37 -0700)]
vtep: Initial checkin of vtep schema.
The hardware VTEP OVSDB schema specifies relations that a VTEP can use
to integrate physical ports into logical switches maintained by a
network virtualization controller such as NVP.
Co-authored-by: Ben Pfaff <blp@nicira.com> Co-authored-by: Kenneth Duda <kduda@aristanetworks.com> Co-authored-by: Justin Pettit <jpettit@nicira.com> Signed-off-by: Bruce Davie <bdavie@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Kenneth Duda <kduda@aristanetworks.com> Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>