Ben Pfaff [Wed, 19 Apr 2017 18:29:15 +0000 (11:29 -0700)]
ofproto: Report only un-deleted groups in group stats replies.
Deleted groups hang around in the group table until the next grace period,
so it's important for the group stats code to pretend that they're gone
until they really get deleted.
Reported-by: "Timothy M. Redaelli" <tredaelli@redhat.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2017-April/331117.html Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: Timothy Redaelli <tredaelli@redhat.com> Acked-by: Greg Rose <gvrose8192@gmail.com> Acked-by: Jarno Rajahalme <jarno@ovn.org>
Andy Zhou [Fri, 21 Apr 2017 00:33:28 +0000 (17:33 -0700)]
bridge: Log interface deletion
Currently interface additions are logged but not deletions. This
makes system debugging, such as confirming OVSDB transaction are
timely replicated harder than necessary.
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Jarno Rajahalme <jarno@ovn.org>
Guru Shetty [Fri, 10 Mar 2017 07:46:38 +0000 (23:46 -0800)]
ovn-util: Allow /32 IP addresses for router ports.
On Google cloud, a VM gets a /32 IP address. When OVN
is deployed on such VMs, the OVN gateway router's IP
address becomes a /32 IP address. This commit allows
such a configuration.
Signed-off-by: Gurucharan Shetty <guru@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
Guru Shetty [Fri, 10 Mar 2017 07:46:37 +0000 (23:46 -0800)]
ovn-northd: Allow static routes with nexthop in different subnet.
There are cases where the default gateway of a interface is in
a different subnet than its IP address. Linux allows such
configuration. For e.g, one could set the IP address of
a Linux interface as 172.16.1.2/32 and then give it a default
gateway of 172.16.1.1. This can be done for e.g. by running the
following commands.
The above configuration is what google cloud uses for its VMs.
In OVN static routes, we currently have the ability to specify the
router port via which the packet needs to be pushed out to reach a
next hop. But when support for IPv6 was added, we only allowed
nexthops to be in the same subnet as one of the router's IP addresses.
This commit relaxes that restriction. When a outport is specified in
static routes and when a nexthop is in a different subnet than any
of the router IP addresses, we will assume that it is reachable from
the first IP address of the router. Since this is a corner case,
we just go with the first IP address. If it turns out that there
are more cases, we can let users choose the IP address via which
the destination is reachable.
Signed-off-by: Gurucharan Shetty <guru@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
László Sürü [Thu, 20 Apr 2017 15:41:57 +0000 (15:41 +0000)]
ofproto-dpif: Propagate may_enable flag as link aliveness.
The idea is to use OFPPS_LIVE bit to propagate link aliveness state
towards the controller also when sending port status. The
ofport->may_enable flag could be used for this purpose, thus any
change in LIVE bit is propagated towards conrtoller in
OFPT_PORT_STATUS message. OFPPS_LIVE bit is set only when links is
not down not administratively, neither operationally as recommended
in OF papers. I added 9 new unit tests to verify link state changes
when monitored with cfm, bfd or lacp for OF 1.3, OF 1.4 and OF 1.5.
I updated related unit tests according to the changes of
ofproto-dpif.
Signed-off-by: László Sürü <laszlo.suru at ericsson.com> Co-authored-by: Zoltán Balogh <zoltan.balogh at ericsson.com> Signed-off-by: Zoltán Balogh <zoltan.balogh at ericsson.com> Co-authored-by: Jan Scheurich <jan.scheurich at ericsson.com> Signed-off-by: Jan Scheurich <jan.scheurich at ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
datapath-windows: Add software checksums for nbl which contain multiple nb
Until now we only needed to compute software checksums on net buffer lists
containing a single net buffer.
This patch allows the software checksums to be applied on a net buffer list
with multiple net buffers. The hard assumption for this, is the net buffers are
part of the same connection. The position of the offsets is pointed by the
layers parameter.
This will be useful for introducing support ip fragments in conntrack.
Yin Lin [Thu, 20 Apr 2017 22:26:08 +0000 (15:26 -0700)]
datapath-windows: Pass fwdCtx to conntrack
There are dependencies in Contrack module such as NAT and fragmentation on
OvsForwardingContext. This patch will make OvsForwardingContext public
in order to implement these functionalities.
netlink: pass extended ACK struct to parsing functions
Pass the new extended ACK reporting struct to all of the generic
netlink parsing functions. For now, pass NULL in almost all callers
(except for some in the core.)
Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
The reference count held for skb needs to be released when the skb's
nfct pointer is cleared regardless of if nf_ct_delete() is called or
not.
Failing to release the skb's reference cound led to deferred conntrack
cleanup spinning forever within nf_conntrack_cleanup_net_list() when
cleaning up a network namespace:
Fixes: dd41d33f0b03 ("openvswitch: Add force commit.") Reported-by: Yang Song <yangsong@vmware.com> Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Joe Stringer <joe@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
Andy Zhou [Thu, 6 Apr 2017 20:10:25 +0000 (13:10 -0700)]
datapath: Openvswitch: Refactor sample and recirc actions implementation
Upstream commit:
Openvswitch: Refactor sample and recirc actions implementation
Added clone_execute() that both the sample and the recirc
action implementation can use.
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Pravin B Shelar <pshelar@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: bef7f7567a10 ("Openvswitch: Refactor sample and recirc actions implementation") Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
Andy Zhou [Thu, 6 Apr 2017 20:05:48 +0000 (13:05 -0700)]
datapath: openvswitch: Optimize sample action for the clone use cases
Upstream commit:
openvswitch: Optimize sample action for the clone use cases
With the introduction of open flow 'clone' action, the OVS user space
can now translate the 'clone' action into kernel datapath 'sample'
action, with 100% probability, to ensure that the clone semantics,
which is that the packet seen by the clone action is the same as the
packet seen by the action after clone, is faithfully carried out
in the datapath.
While the sample action in the datpath has the matching semantics,
its implementation is only optimized for its original use.
Specifically, there are two limitation: First, there is a 3 level of
nesting restriction, enforced at the flow downloading time. This
limit turns out to be too restrictive for the 'clone' use case.
Second, the implementation avoid recursive call only if the sample
action list has a single userspace action.
The main optimization implemented in this series removes the static
nesting limit check, instead, implement the run time recursion limit
check, and recursion avoidance similar to that of the 'recirc' action.
This optimization solve both #1 and #2 issues above.
One related optimization attempts to avoid copying flow key as
long as the actions enclosed does not change the flow key. The
detection is performed only once at the flow downloading time.
Another related optimization is to rewrite the action list
at flow downloading time in order to save the fast path from parsing
the sample action list in its original form repeatedly.
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Pravin B Shelar <pshelar@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: 798c166173ff ("openvswitch: Optimize sample action for the clone use cases") Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
The logic of allocating and copy key for each 'exec_actions_level'
was specific to execute_recirc(). However, future patches will reuse
as well. Refactor the logic into its own function clone_key().
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Pravin B Shelar <pshelar@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: 4572ef52a00b ("openvswitch: Refactor recirc key allocation.") Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
Andy Zhou [Thu, 6 Apr 2017 19:45:39 +0000 (12:45 -0700)]
datapath: openvswitch: Deferred fifo API change.
Upstream commit:
openvswitch: Deferred fifo API change.
add_deferred_actions() API currently requires actions to be passed in
as a fully encoded netlink message. So far both 'sample' and 'recirc'
actions happens to carry actions as fully encoded netlink messages.
However, this requirement is more restrictive than necessary, future
patch will need to pass in action lists that are not fully encoded
by themselves.
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org> Acked-by: Pravin B Shelar <pshelar@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: 47c697aa2d07 ("openvswitch: Deferred fifo API change.") Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
datapath: openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD
openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD
Added a case for OVS_TUNNEL_KEY_ATTR_PAD to the switch statement
in ip_tun_from_nlattr in order to prevent the default case
returning an error.
Fixes: b46f6ded906e ("libnl: nla_put_be64(): align on a 64-bit area") Signed-off-by: Kris Murphy <kriskend@linux.vnet.ibm.com> Acked-by: Joe Stringer <joe@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: 8f3dbfd79ed9("openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD")
Fixes: f34648187b03 ("datapath: backport: libnl: nla_put_be64(): align
on a 64-bit area")
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
Or Gerlitz [Thu, 6 Apr 2017 19:31:09 +0000 (12:31 -0700)]
datapath: net/openvswitch: Set the ipv6 source tunnel key address attribute correctly
Upstream commit:
net/openvswitch: Set the ipv6 source tunnel key address attribute correctly
When dealing with ipv6 source tunnel key address attribute
(OVS_TUNNEL_KEY_ATTR_IPV6_SRC) we are wrongly setting the tunnel
dst ip, fix that.
Fixes: 6b26ba3a7d95 ('openvswitch: netlink attributes for IPv6 tunneling') Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com> Reported-by: Paul Blakey <paulb@mellanox.com> Acked-by: Jiri Benc <jbenc@redhat.com> Acked-by: Joe Stringer <joe@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: 3d20f1f7bd575 ("net/openvswitch: Set the ipv6 source tunnel key address attribute correctly")
Fixes: 8a2d4905a00f ("datapath: Add support for IPv6 tunnels.") Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
Peter Downs [Wed, 1 Mar 2017 09:01:17 +0000 (01:01 -0800)]
datapath: actions: fixed a brace coding style warning.
Upstream commit:
openvswitch: actions: fixed a brace coding style warning
Fixed a brace coding style warning reported by checkpatch.pl
Signed-off-by: Peter Downs <padowns@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: f1304f7ba398 ("openvswitch: actions: fixed a brace coding style warning") Signed-off-by: Joe Stringer <joe@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
Eric Dumazet [Wed, 1 Mar 2017 22:45:06 +0000 (14:45 -0800)]
compat: ipv6: orphan skbs in reassembly unit.
Upstream commit:
ipv6: orphan skbs in reassembly unit
Andrey reported a use-after-free in IPv6 stack.
Issue here is that we free the socket while it still has skb
in TX path and in some queues.
It happens here because IPv6 reassembly unit messes skb->truesize,
breaking skb_set_owner_w() badly.
We fixed a similar issue for IPV4 in commit 8282f27449bf ("inet: frag:
Always orphan skbs inside ip_defrag()") Acked-by: Joe Stringer <joe@ovn.org>
==================================================================
BUG: KASAN: use-after-free in sock_wfree+0x118/0x120
Read of size 8 at addr ffff880062da0060 by task a.out/4140
Memory state around the buggy address: ffff880062d9ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff880062d9ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff880062da0000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
^ ffff880062da0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff880062da0100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
Reported-by: Andrey Konovalov <andreyknvl@google.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This patch is a bugfix, and will be progressively backported to earlier
kernels. If it is backported to any kernel 4.5 through 4.10, then users
use that updated kernel with the OVS kernel module prior to this patch, it
could cause a crash. The compat code here resolves such issues.
Upstream: 48cac18ecf1d ("ipv6: orphan skbs in reassembly unit") Signed-off-by: Joe Stringer <joe@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
struct sw_flow_key has two 16-bit holes. Move the most matched
conntrack match fields there. In some typical cases this reduces the
size of the key that needs to be hashed into half and into one cache
line.
Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Joe Stringer <joe@ovn.org> Acked-by: Pravin B Shelar <pshelar@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: 316d4d78cf9b ("openvswitch: Pack struct sw_flow_key.") Signed-off-by: Joe Stringer <joe@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
Andy Zhou [Fri, 14 Apr 2017 21:33:28 +0000 (14:33 -0700)]
datapath: Always define NF_CT_LABELS_MAX_SIZE
When CONFIG_NF_CONNTRACK_LABLES is not set, upstream code still make
use of NF_CT_LABLES_MAX_SIZE. Always define it in the compat code
to keep back ports close to the upstream.
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
ofproto-dpif: Check support for CT action force commit flag.
So far the force commit feature is implemented together with the
original direction tuple feature by all datapaths, so we can use the
support flag for the 'ct_orig_tuple' to indicate support for the force
commit feature as well.
Better fail the flow install than rely on ovs-vswitchd log being
filled by error messages from the datapath.
Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Ben Pfaff <bpl@ovn.org>
Debug log output for execute operations is missing the packet
metadata, which can be instrumental in tracing what the datapath
should be executing. No reason to not have the metadata on the debug
output, so add it there.
Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
ofp-parse: Fix match parsing with [x..y]=z format.
Commit 21b2fa617126 ("ofp-parse: Allow match field names in actions
and brackets in matches.") added support for matching a consecutive
set of bits with the [x..y]=z format, but the copying of the parsed
value ('z') to the match was done from a wrong offset, so that the
actual value matched would be incorrect.
Fix this and add a test case preventing regression in future.
Fixes: 21b2fa617126 ("ofp-parse: Allow match field names in actions and brackets in matches.") Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
Darrell Ball [Sun, 19 Mar 2017 17:11:09 +0000 (10:11 -0700)]
ovs build: Fix memset with zero size warning.
In file included from /usr/include/string.h:640:0,
from ./lib/string.h:20,
from /usr/include/netinet/icmp6.h:22,
from ../lib/flow.h:21,
from ../lib/flow.c:18:
In function 'memset',
inlined from 'flow_push_vlan_uninit' at ../lib/flow.c:2188:19:
/usr/include/x86_64-linux-gnu/bits/string3.h:81:30: error:
call to '__warn_memset_zero_len' declared with attribute warning:
memset used with constant zero length parameter; this could be
due to transposed parameters [-Werror]
__warn_memset_zero_len ();
^
cc1: all warnings being treated as errors
make[2]: *** [lib/flow.lo] Error 1
Fixes: f0fb825a3785 ("Add support for 802.1ad (QinQ tunneling)") Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Alin Serdean [Mon, 6 Feb 2017 04:41:41 +0000 (04:41 +0000)]
windows: return NULL in xreadlink
readlink does not exist on Windows.
While we could skip the function all togheter on Windows, we may add
support for it later on. For the moment return change errno to ENOENT
and return NULL.
Ben Pfaff [Fri, 14 Apr 2017 22:56:48 +0000 (15:56 -0700)]
doc: Add back target for datapath testing section.
This one really is used. I'm honestly not sure how I missed this, because
I did test things.
Fixes: 9ef589e4daf7 ("doc: Remove some link targets that aren't used anywhere.") Reported-by: Andy Zhou <azhou@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Andy Zhou <azhou@ovn.org>
Numan Siddique [Fri, 10 Mar 2017 02:17:20 +0000 (07:47 +0530)]
ovn-northd ipam: Support IPv6 dynamic assignment
OVN will generate the IPv6 address for a logical port if requested
using the IPv6 prefix and the MAC address (as IEEE EUI64 identifier).
To generate the IPv6 address, CMS should define the IPv6 prefix in the
'Logical_switch.other_config:ipv6_prefix' column.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Co-authored-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org>
Numan Siddique [Fri, 10 Mar 2017 02:16:58 +0000 (07:46 +0530)]
ovn-northd ipam: Support 'exclude_ips' option
If the CMS wants to make use of ovn ipam it can now provide a
list of IPv4 addresses and a range of IPv4 addresses which
will be excluded from the dynamic address assignment.
To support this, a new option 'exclude_ips' is added in the
Logical_switch.other_config column.
Eg. ovn-nbctl set Logical_switch sw0
other_config:exclude_ips="10.0.0.2 10.0.0.30..10.0.0.40"
The present code, uses hash maps to store the assigned IP addresses.
In order to support this option, this patch has refactored the IPAM
assignment. It now uses a bitmap to manage the IP assignment with
each bit in the bitmap representing an IPv4 address.
This patch also clears the 'Logical_switch_port.dynamic_addresses'
if the CMS has cleared 'dynamic' address assignment request.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Fri, 14 Apr 2017 17:31:16 +0000 (10:31 -0700)]
doc: Remove some link targets that aren't used anywhere.
It seems that there's a style here that every title has a separate link
target even if it's never used. Maybe there is some reason for that (maybe
it should be explained in the documentation style document?), but if not
then it seems reasonable to leave out the unused ones since they look to
me like just visual clutter.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Stephen Finucane <stephen@that.guru>
windows-installer: Update DriverVersion to be streamlined to OVS version
Patch:
https://github.com/openvswitch/ovs/commit/0c15b76511e78a1f84dec49138d7169c2f3eedf6
introduced a version variable for the MSI itself but did not propagate it
too the driver version (used by the windows certificate tests).
This patch updates the driver version.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
windows: Crash when the handle communication device cannot be found
When trying to uninstall/disable the OVS extension the driver will
fail to unload properly(require reboot)/hang until ovs-vswitchd is closed.
The root cause of this behavior is because the handles from ovs-vswitchd
to the kernel communication devices are still opened although the
actual device was removed from the kernel.
Trying to close the handles will also fail because they do not exist.
The remaining option is to cause a crash and rely on the service manager
to restart ovs-vswitchd.
Reported-at: https://github.com/openvswitch/ovs-issues/issues/27 Reported-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Stephen Finucane [Mon, 10 Apr 2017 14:15:07 +0000 (15:15 +0100)]
doc: Link to release FAQ from DPDK install guide
I wanted to find the mappings of DPDK versions to OVS versions. This was
a little more difficult than expected. Resolve the issue by linking to
it from the DPDK install guide.
Signed-off-by: Stephen Finucane <stephen@that.guru> Signed-off-by: Ben Pfaff <blp@ovn.org>
Add NAT information to the logical routers in nbctl show output
This patch is changing the print_lr() function in ovn-nbctl.c to include
logical router NAT information as part of the output (external ip,
logical ip and type).
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
python: Allow tuning the session probe_interval from IDL
This patch is adding a new parameter called "probe_interval" to the
constructor of the Idl class. This new parameter will be used to tune
the database connection probing for that IDL session, some users might
want to tune it to be less agressive than the current 5s default in OVS
or even disable it.
Reported-at: https://bugs.launchpad.net/networking-ovn/+bug/1680146 Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com> Acked-by: Daniel Alvarez <dalvarez@redhat.com> Signed-off-by: Russell Bryant <russell@ovn.org>
Eric Garver [Wed, 12 Apr 2017 20:11:18 +0000 (13:11 -0700)]
dpif-netlink: Handle netlink errors on port del.
The return code of dpif_netlink_port_query__() was not being checked.
Fixes: da467899ab6e ("Windows: Add internal switch port per OVS bridge") Signed-off-by: Eric Garver <e@erig.me> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Joe Stringer <joe@ovn.org>
Eric Garver [Tue, 4 Apr 2017 20:31:57 +0000 (16:31 -0400)]
dpif-netlink: Fix memory leak on port del on WIN32.
Fixes: da467899ab6e ("Windows: Add internal switch port per OVS bridge") Signed-off-by: Eric Garver <e@erig.me> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Joe Stringer <joe@ovn.org>
Russell Bryant [Tue, 11 Apr 2017 17:13:16 +0000 (13:13 -0400)]
docs: Update version numbers in doc config.
Update the version numbers in the documentation config to reflect 2.7.90
instead of 2.6.0.
This patch also updates the build system to automatically update this file.
conf.py is now a generated file from conf.py.in. We still include conf.py
in the tree because it's needed for the docs to be automatically generated
for docs.openvswitch.org.
Signed-off-by: Russell Bryant <russell@ovn.org> Acked-by: Stephen Finucane <stephen@that.guru>
Recent Travis builds are failing when making the distcleancheck
target with:
ERROR: files left in build directory after distclean:
./5
Fix by treating log fd as a file descriptor instead of a file.
Fixes: 7777d53d2f4b ("m4: Add hard requirements for python in "configure"") Signed-off-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
ovs-ctl: Expose openvswitch run directory through ovsdb.
When using vhost-user client or server mode with OpenStack, Neutron needs
to be able to construct the fully qualified socket path and pass it to
Nova. While the relative vhost-user socket directory is exposed via the
Open_vSwitch table in other_config:vhost-sock-dir, the openvswitch run
directory that it is relative to is not. This patch adds it to the
Open_vSwitch table as external_ids:rundir.
Signed-off-by: Robert Wojciechowicz <robertx.wojciechowicz@intel.com> Acked-by: Sean K Mooney <sean.k.mooney@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Allow ovn-controller to use SSL certificate and key configuration
from local ovsdb. With this change, SSL configuration from the
vswitchd database will be used if present, otherwise configuration
can still be specified from the command line.
If SSL configuration is present in both locations, the configuration
in the local ovsdb has precedence. This is consistent with how
vswitchd is currently implemented.
The existing ovs-vsctl get-ssl/set-ssl/del-ssl commands can be used
to manage the configuration in the vswitchd database.
Signed-off-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Thu, 6 Apr 2017 05:49:27 +0000 (22:49 -0700)]
util: New macro ovs_strlcpy_arrays().
When both arguments to ovs_strlcpy() are character arrays, it makes sense
to just pass the smaller of their sizes as the overall size. It's
somewhat error-prone and definitely redundant to write that by hand, so
this commit adds a new macro that does it automatically.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Andy Zhou <azhou@ovn.org>
Lance Richardson [Fri, 31 Mar 2017 17:21:03 +0000 (13:21 -0400)]
table: provide table formatting option help at runtime
Show table formatting options with help output from
ovn-nbctl, obn-sbctl, ovs-vsctl, and vtep-ctl commands.
Include "--data" option in ovsdb-client help output.
Signed-off-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Andy Zhou [Thu, 16 Mar 2017 01:39:57 +0000 (18:39 -0700)]
ofproto: Use macros to define DPIF support fields
When adding a new field in the 'struct dpif_backer_support', the
corresponding appctl show command should be updated to display
the new field. Currently, there is nothing to remind the developer
that to update the show command. This can lead to code maintenance
issues.
Switch to use macros to define those fields. This makes the show
command update automatic.
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Joe Stringer <joe@ovn.org>
Zhenyu Gao [Mon, 27 Mar 2017 03:16:11 +0000 (20:16 -0700)]
ofproto-dpif-mirror: Fix issue of reseting snaplen in mirroring
Currently, the mirror code doesn't check new value of snaplen when try
to reconfigure snaplen.
This patch fix this issue and add testings to reconfigure snaplen.
Signed-off-by: Zhenyu Gao <sysugaozhenyu@gmail.com> Acked-by: William Tu <u9012063@gmail.com> Signed-off-by: Andy Zhou <azhou@ovn.org>
Mickey Spiegel [Thu, 30 Mar 2017 18:42:22 +0000 (11:42 -0700)]
ovn: Gratuitous ARP for distributed NAT rules
This patch extends gratuitous ARP support for NAT addresses so that it
applies to distributed NAT rules on a distributed logical router.
Distributed NAT rules have type "dnat_and_snat" and specify
'external_mac' and 'logical_port'.
Gratuitous ARP packets for distributed NAT rules are only generated on
the chassis where the 'logical_port' specified in the NAT rule resides.
Gratuitous ARPs are issued for the 'external_ip' address, resolving to
the 'external_mac'.
Since the MAC address varies for each distributed NAT rule, a separate
'nat_addresses' string must be generated for each distributed NAT rule.
For this reason, in the southbound 'Port_Binding',
'options:nat-addresses' is replaced by a 'nat_addresses' column that
can have an unlimited number of instances. In order to allow for
upgrades, pinctrl in the ovn-controller can work off either the
'nat_addresses' column (if present), or 'options:nat-addresses'
otherwise.
Mickey Spiegel [Thu, 30 Mar 2017 18:42:21 +0000 (11:42 -0700)]
ovn: Gratuitous ARP for centralized NAT rules on a distributed router
This patch extends gratuitous ARP support for NAT addresses so that it
applies to centralized NAT rules on a distributed router, in addition to
the existing gratuitous ARP support for NAT addresses on gateway routers.
Centralized NAT rules have type other than "dnat_and_snat", or have type
"dnat_and_snat" but do not specify external_mac or logical_port. These
NAT rules apply on the redirect-chassis.
Gratuitous ARP packets for centralized NAT rules on a distributed router
are only generated on the redirect-chassis. This is achieved by extending
the syntax for "options:nat-addresses" in the southbound database,
allowing the condition 'is_chassis_resident("LPORT_NAME")' to be appended
after the MAC and IP addresses. This condition is automatically inserted
by ovn-northd when the northbound "options:nat-addresses" is set to
"router" and the peer is a distributed gateway port.
A separate patch will be required to support gratuitous ARP for
distributed NAT rules that specify logical_port and external_mac. Since
the MAC address differs and the logical port often resides on a different
chassis from the redirect-chassis, these addresses cannot be included in
the same "nat-addresses" string as for centralized NAT rules.
Ben Pfaff [Mon, 20 Mar 2017 17:56:22 +0000 (10:56 -0700)]
ovsdb-server: Drop unnecessary find_db() function.
'all_dbs' maps from a schema name to its struct db, so there's no need to
iterate the whole thing to find a database by schema name; instead, just
use the shash in the usual way.
Also, a few related but simpler changes elsewhere.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Andy Zhou <azhou@ovn.org>>
Ben Pfaff [Fri, 17 Mar 2017 17:55:03 +0000 (10:55 -0700)]
ofproto-dpif-xlate: Don't save pkt_mark in compose_output_action__().
Previously, this function could modify the pkt_mark field as part of IPsec
integration. It no longer does that, so there's no longer any need for it
to save and restore pkt_mark, and this commit removes that.
Mickey Spiegel [Tue, 28 Mar 2017 01:34:03 +0000 (18:34 -0700)]
ovn: Fix options:router-port in Gratuitous ARP tests
In two of the Gratuitous ARP tests, "options:router-port"
is not set correctly. This does not currently affect
validity of the tests since the next line resets
"options:router-port" to the correct value.
projects / mirror_ovs.git / log