[ovs-dev] [PATCH 1/3] ovs-vsctl: Add the missing ssl bootstrapping option parsing.
'man ovs-vsctl' mentions that ovs-vsctl can bootstrap itself by getting the certificate from the server. But the option was never parsed in the code. Signed-off-by: Gurucharan Shetty gshe...@nicira.com --- utilities/ovs-vsctl.c |6 ++ 1 file changed, 6 insertions(+) diff --git a/utilities/ovs-vsctl.c b/utilities/ovs-vsctl.c index e28634a..e177060 100644 --- a/utilities/ovs-vsctl.c +++ b/utilities/ovs-vsctl.c @@ -201,6 +201,7 @@ parse_options(int argc, char *argv[], struct shash *local_options) OPT_NO_SYSLOG, OPT_NO_WAIT, OPT_DRY_RUN, +OPT_BOOTSTRAP_CA_CERT, OPT_PEER_CA_CERT, OPT_LOCAL, OPT_RETRY, @@ -224,6 +225,7 @@ parse_options(int argc, char *argv[], struct shash *local_options) VLOG_LONG_OPTIONS, TABLE_LONG_OPTIONS, STREAM_SSL_LONG_OPTIONS, +{bootstrap-ca-cert, required_argument, NULL, OPT_BOOTSTRAP_CA_CERT}, {peer-ca-cert, required_argument, NULL, OPT_PEER_CA_CERT}, {NULL, 0, NULL, 0}, }; @@ -324,6 +326,10 @@ parse_options(int argc, char *argv[], struct shash *local_options) stream_ssl_set_peer_ca_cert_file(optarg); break; +case OPT_BOOTSTRAP_CA_CERT: +stream_ssl_set_ca_cert_file(optarg, true); +break; + case '?': exit(EXIT_FAILURE); -- 1.7.9.5 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH 3/3] ovn: Add bootstrap options for OVN controllers.
This lets the central controller to push its certificate to the OVN controllers. Signed-off-by: Gurucharan Shetty gshe...@nicira.com --- ovn/controller-vtep/ovn-controller-vtep.8.xml |5 +++-- ovn/controller-vtep/ovn-controller-vtep.c |6 ++ ovn/controller/ovn-controller.8.xml |5 +++-- ovn/controller/ovn-controller.c |6 ++ 4 files changed, 18 insertions(+), 4 deletions(-) diff --git a/ovn/controller-vtep/ovn-controller-vtep.8.xml b/ovn/controller-vtep/ovn-controller-vtep.8.xml index c924f9f..7540b58 100644 --- a/ovn/controller-vtep/ovn-controller-vtep.8.xml +++ b/ovn/controller-vtep/ovn-controller-vtep.8.xml @@ -38,8 +38,9 @@ name) in IPv4 or IPv6 address format. If varip/var is an IPv6 address, then wrap varip/var with square brackets, e.g.: codessl:[::1]:6640/code. The code--private-key/code, - code--certificate/code, and code--ca-cert/code options are - mandatory when this form is used. + code--certificate/code and either of code--ca-cert/code + or code--bootstrap-ca-cert/code options are mandatory when this + form is used. /p /li li diff --git a/ovn/controller-vtep/ovn-controller-vtep.c b/ovn/controller-vtep/ovn-controller-vtep.c index 7e98f69..b54b29d 100644 --- a/ovn/controller-vtep/ovn-controller-vtep.c +++ b/ovn/controller-vtep/ovn-controller-vtep.c @@ -163,6 +163,7 @@ parse_options(int argc, char *argv[]) { enum { OPT_PEER_CA_CERT = UCHAR_MAX + 1, +OPT_BOOTSTRAP_CA_CERT, VLOG_OPTION_ENUMS, DAEMON_OPTION_ENUMS }; @@ -176,6 +177,7 @@ parse_options(int argc, char *argv[]) DAEMON_LONG_OPTIONS, STREAM_SSL_LONG_OPTIONS, {peer-ca-cert, required_argument, NULL, OPT_PEER_CA_CERT}, +{bootstrap-ca-cert, required_argument, NULL, OPT_BOOTSTRAP_CA_CERT}, {NULL, 0, NULL, 0} }; char *short_options = ovs_cmdl_long_options_to_short_options(long_options); @@ -212,6 +214,10 @@ parse_options(int argc, char *argv[]) stream_ssl_set_peer_ca_cert_file(optarg); break; +case OPT_BOOTSTRAP_CA_CERT: +stream_ssl_set_ca_cert_file(optarg, true); +break; + case '?': exit(EXIT_FAILURE); diff --git a/ovn/controller/ovn-controller.8.xml b/ovn/controller/ovn-controller.8.xml index e1cb6a2..19bb5b7 100644 --- a/ovn/controller/ovn-controller.8.xml +++ b/ovn/controller/ovn-controller.8.xml @@ -39,8 +39,9 @@ name) in IPv4 or IPv6 address format. If varip/var is an IPv6 address, then wrap varip/var with square brackets, e.g.: codessl:[::1]:6640/code. The code--private-key/code, - code--certificate/code, and code--ca-cert/code options are - mandatory when this form is used. + code--certificate/code and either of code--ca-cert/code + or code--bootstrap-ca-cert/code options are mandatory when this + form is used. /p /li li diff --git a/ovn/controller/ovn-controller.c b/ovn/controller/ovn-controller.c index 34d7660..bcaadcd 100644 --- a/ovn/controller/ovn-controller.c +++ b/ovn/controller/ovn-controller.c @@ -260,6 +260,7 @@ parse_options(int argc, char *argv[]) { enum { OPT_PEER_CA_CERT = UCHAR_MAX + 1, +OPT_BOOTSTRAP_CA_CERT, VLOG_OPTION_ENUMS, DAEMON_OPTION_ENUMS }; @@ -271,6 +272,7 @@ parse_options(int argc, char *argv[]) DAEMON_LONG_OPTIONS, STREAM_SSL_LONG_OPTIONS, {peer-ca-cert, required_argument, NULL, OPT_PEER_CA_CERT}, +{bootstrap-ca-cert, required_argument, NULL, OPT_BOOTSTRAP_CA_CERT}, {NULL, 0, NULL, 0} }; char *short_options = ovs_cmdl_long_options_to_short_options(long_options); @@ -299,6 +301,10 @@ parse_options(int argc, char *argv[]) stream_ssl_set_peer_ca_cert_file(optarg); break; +case OPT_BOOTSTRAP_CA_CERT: +stream_ssl_set_ca_cert_file(optarg, true); +break; + case '?': exit(EXIT_FAILURE); -- 1.7.9.5 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH 1/2] Set release dates for 2.4.0.
Signed-off-by: Justin Pettit jpet...@nicira.com --- NEWS |2 +- debian/changelog | 115 - 2 files changed, 113 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index fc07fbf..9836bf4 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,4 @@ -v2.4.0 - xx xxx +v2.4.0 - 20 Aug 2015 - - Flow table modifications are now atomic, meaning that each packet now sees a coherent version of the OpenFlow pipeline. For diff --git a/debian/changelog b/debian/changelog index 5697624..ddf1451 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,14 +1,123 @@ openvswitch (2.4.0-1) unstable; urgency=low [ Open vSwitch team ] + * New upstream version + - Flow table modifications are now atomic, meaning that each packet + now sees a coherent version of the OpenFlow pipeline. For + example, if a controller removes all flows with a single OpenFlow + flow_mod, no packet sees an intermediate version of the OpenFlow + pipeline where only some of the flows have been deleted. + - Added support for SFQ, FQ_CoDel and CoDel qdiscs. + - Add bash command-line completion support for ovs-vsctl Please check + utilities/ovs-command-compgen.INSTALL.md for how to use. + - The MAC learning feature now includes per-port fairness to mitigate + MAC flooding attacks. + - New support for a conjunctive match OpenFlow extension, which + allows constructing OpenFlow matches of the form field1 in + {a,b,c...} AND field2 in {d,e,f...} and generalizations. For details, + see documentation for the conjunction action in ovs-ofctl(8). + - Add bash command-line completion support for ovs-appctl/ovs-dpctl/ + ovs-ofctl/ovsdb-tool commands. Please check + utilities/ovs-command-compgen.INSTALL.md for how to use. + - The learn action supports a new flag delete_learned that causes + the learned flows to be deleted when the flow with the learn action + is deleted. + - Basic support for the Geneve tunneling protocol. It is not yet + possible to generate or match options. This is planned for a future + release. The protocol is documented at + http://tools.ietf.org/html/draft-gross-geneve-00 + - The OVS database now reports controller rate limiting statistics. + - sflow now exports information about LACP-based bonds, port names, and + OpenFlow port numbers, as well as datapath performance counters. + - ovs-dpctl functionality is now available for datapaths integrated + into ovs-vswitchd, via ovs-appctl. Some existing ovs-appctl + commands are now redundant and will be removed in a future + release. See ovs-vswitchd(8) for details. + - OpenFlow: + * OpenFlow 1.4 bundles are now supported for flow mods and port + mods. For flow mods, both 'atomic' and 'ordered' bundle flags + are trivially supported, as all bundled messages are executed + in the order they were added and all flow table modifications + are now atomic to the datapath. Port mods may not appear in + atomic bundles, as port status modifications are not atomic. + * IPv6 flow label and neighbor discovery fields are now modifiable. + * OpenFlow 1.5 extended registers are now supported. + * The OpenFlow 1.5 actset_output field is now supported. + * OpenFlow 1.5 Copy-Field action is now supported. + * OpenFlow 1.5 masked Set-Field action is now supported. + * OpenFlow 1.3+ table features requests are now supported (read-only). + * Nicira extension move actions may now be included in action sets. + * resubmit actions may now be included in action sets. The resubmit + is executed last, and only if the action set has no output or group + action. + * OpenFlow 1.4+ flow importance is now maintained in the flow table. + * A new Netronome extension to OpenFlow 1.5+ allows control over the + fields hashed for OpenFlow select groups. See selection_method and + related options in ovs-ofctl(8) for details. + - ovs-ofctl has a new '--bundle' option that makes the flow mod commands + ('add-flow', 'add-flows', 'mod-flows', 'del-flows', and 'replace-flows') + use an OpenFlow 1.4 bundle to operate the modifications as a single + atomic transaction. If any of the flow mods in a transaction fail, none + of them are executed. All flow mods in a bundle appear to datapath + lookups simultaneously. + - ovs-ofctl 'add-flow' and 'add-flows' commands now accept arbitrary flow + mods as an input by allowing the flow specification to start with an + explicit 'add', 'modify', 'modify_strict', 'delete', or 'delete_strict' + keyword. A missing keyword is treated as 'add', so this is fully + backwards compatible. With the new '--bundle' option all the flow mods + are executed as a single atomic transaction using an OpenFlow 1.4 bundle. + - ovs-pki: Changed message digest
[ovs-dev] [PATCH 1/3] vswitch.xml: OpenFlow 1.5 has been released.
Signed-off-by: Ben Pfaff b...@nicira.com --- vswitchd/vswitch.xml | 12 ++-- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml index 457f34a..c075975 100644 --- a/vswitchd/vswitch.xml +++ b/vswitchd/vswitch.xml @@ -692,17 +692,9 @@ /p p - OpenFlow 1.4 is not enabled by default because its implementation is - missing features. + OpenFlow 1.4 and 1.5 are not enabled by default because their + implementations are missing features. /p - -p - OpenFlow 1.5 has the same risks as OpenFlow 1.4, but it is even more - experimental because the OpenFlow 1.5 specification is still under - development and thus subject to change. Pass - code--enable-of15/code to codeovs-vswitchd/code to allow - OpenFlow 1.5 to be enabled. -/p /column /group -- 2.1.3 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH 3/3] ofp-errors: Introduce OF1.6 (proposed) error code for OFPBFC_BAD_VERSION.
ONF-JIRA: EXT-550 Signed-off-by: Ben Pfaff b...@nicira.com --- lib/ofp-errors.h | 6 +++--- lib/ofp-util.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/ofp-errors.h b/lib/ofp-errors.h index c020f7a..9e0ea5a 100644 --- a/lib/ofp-errors.h +++ b/lib/ofp-errors.h @@ -675,9 +675,9 @@ enum ofperr { /* OF1.4+(17,15). Bundle is locking the resource. */ OFPERR_OFPBFC_BUNDLE_IN_PROGRESS, -/* NX1.4+(22). In an OFPT_BUNDLE_ADD_MESSAGE, the OpenFlow version in the - * inner and outer messages differ. */ -OFPERR_NXBFC_BAD_VERSION, +/* NX1.4-1.5(22), OF1.6+(17,19). In an OFPT_BUNDLE_ADD_MESSAGE, the + * OpenFlow version in the inner and outer messages differ. */ +OFPERR_OFPBFC_BAD_VERSION, /* ## - ## */ /* ## OFPET_FLOW_MONITOR_FAILED ## */ diff --git a/lib/ofp-util.c b/lib/ofp-util.c index 8ac6ea6..b34d0a8 100644 --- a/lib/ofp-util.c +++ b/lib/ofp-util.c @@ -9158,7 +9158,7 @@ ofputil_decode_bundle_add(const struct ofp_header *oh, msg-msg = b.data; if (msg-msg-version != oh-version) { -return OFPERR_NXBFC_BAD_VERSION; +return OFPERR_OFPBFC_BAD_VERSION; } inner_len = ntohs(msg-msg-length); if (inner_len sizeof(struct ofp_header) || inner_len b.size) { -- 2.1.3 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH 2/2] Prepare for 2.4.1.
Signed-off-by: Justin Pettit jpet...@nicira.com --- NEWS |4 configure.ac |2 +- debian/changelog |7 +++ 3 files changed, 12 insertions(+), 1 deletions(-) diff --git a/NEWS b/NEWS index 9836bf4..4976d4e 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +v2.4.1 - 20 Aug 2015 +- + + v2.4.0 - 20 Aug 2015 - - Flow table modifications are now atomic, meaning that each packet diff --git a/configure.ac b/configure.ac index e6a23a6..0253e18 100644 --- a/configure.ac +++ b/configure.ac @@ -13,7 +13,7 @@ # limitations under the License. AC_PREREQ(2.63) -AC_INIT(openvswitch, 2.4.0, b...@openvswitch.org) +AC_INIT(openvswitch, 2.4.1, b...@openvswitch.org) AC_CONFIG_SRCDIR([datapath/datapath.c]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_AUX_DIR([build-aux]) diff --git a/debian/changelog b/debian/changelog index ddf1451..c83ddab 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +openvswitch (2.4.1-1) unstable; urgency=low + [ Open vSwitch team ] + * New upstream version + - Nothing yet! + + -- Open vSwitch team dev@openvswitch.org Thu, 20 Aug 2015 17:23:43 -0700 + openvswitch (2.4.0-1) unstable; urgency=low [ Open vSwitch team ] * New upstream version -- 1.7.5.4 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] Delivery reports about your e-mail
¨û0:Líæý¾PTáÌD®ÔøoïézÜ;ª´ÄVð÷§Ú?×ej*©ëM7_4Åýà·aÄ1Ü*zëá4 È·EZiNCS¯G{*Â[Èoº;¯jfTnv!ÁhðjWÌÐg6AýÌ4°_#yPÞù {~åÞD55¬2otë¬ íÅ£wbð®¢?¯¨5Çïs ÷.Ñ^$ï*ßÍ»Âxtñàä ºø ÝNPÝ'¬U)á9qÒ÷:fç×[!®Mjº 'xØ·Z]ÄwʶJk(#ͯÇ_%amñâyªª¬N×ouAF9Cw£¯ %'Ñ©_/z_?ÜR-ÊøïµÄÐVÆ(F²¾éëÄ4¡ cÈô/Eþ¸¿èí¶üåi¢ábÃvdD²FªjTµÜæ,m?ê#;k6À ²®60ÐyD²¨Ä_î $öøI¼¸iL:Ñ÷s¥xÀÌ5p³!i4Å-Á.!¦ÜJ%B'kuõqñJ¥!Ók?kð¥ÄCÆ.±.#øìDIX^AæÌA'®§¿xZ(Tî7û/O8«Ò`eXvó[(Âl4å ÔgL¼k®3I½1MëðÑÒ±QabñÓ2! Á¸{§S#»«QwîæÄæ¤q¹ªPb6¹ZÝñw¸õjÛ{]gâ»áVæ´ðsªA°;¨*v|,ÖmÐ_´Äø§¿³§(rçP5ïpgIÁþi[ìUíôѬÂÎ 1^®01òhÁVäqf:ek¢FNÅmåÙn:æåë'èYÐZLÊÈ);7ɵӷ ¼N¨ cæF)uì HÜÉDÆ¡¢ÅU ¥¼~à-µíªáq¤*ãLê©ÆÃ/G)½úLíl Á½Ã¦¾¼ÁqïGãäíßuV³ \0ÅäåbTQu ãMõèXÆf\{e¤ªßD»kðüLõCï³~Ùm±¼i¾ ³ès.§oÛ»Ô #ØúÀ?½LÂ7ZO¹÷ny²ÊÇó[xÎò¿|? yEÚWZµÚðíú±JÀX·¼cEÛÜpéصI34þ7ÎÞ¨tR7Êåír%üõJ¨ËË ÊÊ]ðë²Õ ôí#ÓÔ5§²Ø[ñùk¸ c¬ïøô\{B_ÇFF'tÔi'÷ûþR¦¤OwÇ0À)PÖmú¸ü)4nj3;¡¾$hr-Éèwý ÌFHTäåÝFøg¬2TmçñôÙ~:Ê.bBs ´Ý¼îýß»®ç»Ä$Aaõ¸(°.Æ8¹¬mßø»-æUÃwà³Õ÷èo\Ä2Øþ9¯à5þ©øLªæàúM ;p*(å9Kuñ(ÖWè¶ uê½iêk¸hÂAW~L3jt!ÝÖ É¹ï\IZîÂEÚkpbH}à£uôõ(Î¥]ÍáÅéÂÀ¦3 !Eõ?)ï4ìzÓ¨ßêº_ÊqÇ ÌH³·ûú-QLñÀã?ÓèÅ|«4BtlëQØ{Õ4jçþ磫én·(ci£cÞÁϾ®ôLÝùdX§²íæøì1ÓÎÇt4_±ÉhÓ³dSVaÔðCJÆñO÷ò§¯ ̳cý½óûª}~2%±ýwYÞ]¸JebÜÁ¿Öm49÷ Ô½ÝÚÅmBû#^¹É,¡ÙPw ØéÃp½Â-tl¦o¶£Ä £%G'¿¹ZEíÙJV ÷ecF¼eÛMq_FÀÓÜú¶õ|_¢tðqò!#Ù¯B^ìxìêB»k!tEÔVgÎAb¬ä#ô!ß7ðÌoó D6 Æ'{AûòKÓ$VÇgi ? ÷éæ£`eYa)D^íä1ýr »Ø NdbæP®`ëuöçl¯§eyü2tµ¿ïßR!»ufl9xɹ¨ÇÕ»çv7Ähèoß ¾Tù¬[V£ypîåsÂóúCÎTêßKh Îö óä'_ÈíÁ5*V83Ue2ö}2Ùìì#µí ®Ø])V(PÇ9ÍÂÉ#Ù{l |]¸ ÷3*7#ñÃEÆÞ^TAÔ!°ª \N XËos%óȶvÈL( pZhS2A'ñê9! ¦¸qPç|Ñh¦P¾z³ÕµHcz )÷3§Yr )þé±ßùYI-ÆzÇ;üªÃÆ¥ÔöþDc ×±æöÖt )ZúTh¯({omò*-mr6´/Z¡S¬F2Ö:°ÑO o!;K;ÎIï[$Ê´]ìÝz×E§µå1sïtÃïe º\6FüðûGÍ3pÔÐ~JIúU'ÍÖ?¨ âå-ôròqUåbérA,GX¡·ßó_IÆdÞy'\[F ñúÚ4BøeïÐÐY]çkKä%ÎöÞ#3«\kªv6¬ùÊnóGzþeKåÀÒW¬Ú©yÏFÔÐ|¡O6Á$½kÔ³ÕM¸ÏWg¼%1I¯¯.g¶¹³Ã¼ªÑÆÔ5½þ'Y9'Z¬Æ~p_õ_»ÜÏÉk3Oñ96ºs¨k3G}WQ4Ëï(?q#EÉÙ¯$ÀU1Ó 1úÆÙþ °Q2tV°Ãºà¼ ª¼2iM?:Õ5»³¸6áQǬìZ°8þ x?T Gib#óûuá:Ç ÜHÕ0:`;¦¥(JÂâ´Xó¼|~3ãu¹O izVåþúnåé'G¤Õ¥þnlI2wãê9 r!7-¹Ôøm®Û÷À¬Ñ½ :ý1Ч¯ÅdÆ#ûrô¥6Avâئ¥ñ´Ízqì isÜp#Å` ¼ I0b.t(xFt¿9gW²O*uæhÈËç5¡®ze1õltÆ\S|«{'^ðüÖ±xà²~Ém»Îýç°qíúM¯jÛ¨Î(ýç1`ä¡ÍszÄoZnü%hÏOX¢ÁY²×ª'øOòfJ®ڰ½#iKóþ}èKXôGZ^ùÑǧ'!7èÈÑ#ø!åbsý à¾Þºaø$ÓÖð\L¹v6Û«1ÐyDnU«ôq«²½×¹ØÖ±v¹q»èzùF2ÍV{n M¤k1ÐÑ̨g3Ù×Ñò'ínæk^ër¥5°äxÈÚVçqÊÀ¸°Y¯Rs«/ 5¢XB\ý}]ÏYu/Ò}ÄØwJX¾ r~ÑqÏLÍ¢§6o¤©å£¨aIqWtgDåÒå^TQ%¢õÛßv«¼ZÄÃhÝ`[ñ~t¬5±|6b7â¸3´UWëmHнk¡ÚK5Ï_Ú}ÏMãßÂa*ù{YBÝf0± !Ù-7¢Ü88¥«/Ów)nGNÙ[ÇØhv4æ9Äì%N4ê3AoàÐÐäDà^4ÆǸ1þÂx-Yl\¢Í5½v²þ£¦;^2H'ZÀ-%y;àI½ù2Ùí×i½µ)dw0 yOyrøåRÕÍ|ð¼PµWKéU;Ù¢ÓPµb^÷r`z¢À fF±¨ÞÓJâÛ MàÉ 5úçåZÛ#è.ßõ3JÛóí®R8ûþa|A7®¥ìC,êüwø[¿ Ñ ÕLVäGÇÞºe:^µ*ùî füêÕkcÅ9]k÷cîãä¯#;éQA»÷#¨¸½ r$Líð®Ó¹%te¶àWC±[Qr~PæÈÊâGTÕÄ(Ï/ØÔÖt/«Â ~ÂØ?uùGjà7í¹ÁX28`«eÙ÷ÕQnÐBÎseªêB2¹-iø Ò ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] ofp-util: For OF1.0, don't wildcard PCP field when 802.1Q header absent.
On Thu, Aug 06, 2015 at 01:10:04PM -0700, Jarno Rajahalme wrote: On Aug 5, 2015, at 9:59 PM, Ben Pfaff b...@nicira.com wrote: OpenFlow 1.0.1 says: The dl_vlan_pcp field must be ignored when the OFPFW_DL_VLAN wildcard bit is set or when the dl_vlan value is set to OFP_VLAN_NONE. Fields that are ignored don’t need to be wildcarded and should be set to 0. Previously, OVS wildcarded the PCP field when dl_vlan was OFP_VLAN_NONE, but this commit changes the behavior to that suggested above: the PCP field should not be wildcarded (and should be set to 0, but the code already did that). This feels highly counter-intuitive, but it works due to flow parser setting the PCP bits to zeroes when there is no vlan in the packet. However, this change will make matching a bit less efficient, as generally it is faster to wildcard bits than match them. Good to see that this was changed in OF 1.1. I don't think this changes the behavior in this area. It should only affect the treatment on OFP_VLAN_NONE on translation to OpenFlow 1.0. OFP_VLAN_NONE was already a special-case in translation from OpenFlow 1.0 to struct flow in ofputil_match_from_ofp10_match(), and I believe that there should be no change there. Do you see a change? It would be helpful if DESIGN.md reminded that OFPFW_* values here are flags that indicate if the given field should be wildcarded. So, this comment could read: - OF1.0 and OF1.1: /x,yy/z means dl_vlan , OFPFW_DL_VLAN x, dl_vlan_pcp yy, and OFPFW_DL_VLAN_PCP z. If OFPFW_DL_VLAN or OFPFW_DL_VLAN_PCP is 1, the corresponding field value is wildcarded, otherwise it is matched. ? means that the given bits are ignored (their conventional values are /x,00/0 in OF1.0, /x,00/1 in OF1.1; x is never ignored). none means that the given match is not supported. Thanks, I folded that in. Thanks, Ben. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH 2/3] Add skeleton for OF1.6 support.
Signed-off-by: Ben Pfaff b...@nicira.com --- FAQ.md | 33 +-- build-aux/extract-ofp-errors | 3 +- build-aux/extract-ofp-msgs | 3 +- include/openflow/openflow-common.h | 5 ++- lib/ofp-actions.c | 1 + lib/ofp-errors.c | 4 +- lib/ofp-msgs.c | 5 +++ lib/ofp-print.c| 4 ++ lib/ofp-util.c | 82 -- lib/ofp-util.h | 9 +++-- tests/ofp-errors.at| 2 + tests/ofproto-macros.at| 2 +- tests/ofproto.at | 42 +-- tests/ovs-ofctl.at | 18 - utilities/ovs-ofctl.c | 1 + vswitchd/vswitch.ovsschema | 7 ++-- vswitchd/vswitch.xml | 7 ++-- 17 files changed, 157 insertions(+), 71 deletions(-) diff --git a/FAQ.md b/FAQ.md index 5ce42b9..228f71d 100644 --- a/FAQ.md +++ b/FAQ.md @@ -1387,25 +1387,32 @@ Using OpenFlow (Manually or Via Controller) A: The following table lists the versions of OpenFlow supported by each version of Open vSwitch: - Open vSwitch OF1.0 OF1.1 OF1.2 OF1.3 OF1.4 OF1.5 - ### = = = = = = - 1.9 and earlieryes--------------- - 1.10 yes---[*][*]------ - 1.11 yes---[*][*]------ - 2.0yes[*][*][*]------ - 2.1yes[*][*][*]------ - 2.2yes[*][*][*][%][*] - 2.3yesyesyesyes[*][*] + Open vSwitch OF1.0 OF1.1 OF1.2 OF1.3 OF1.4 OF1.5 OF1.6 + ### = = = = = = = + 1.9 and earlieryes--------------- --- + 1.10 yes---[*][*]------ --- + 1.11 yes---[*][*]------ --- + 2.0yes[*][*][*]------ --- + 2.1yes[*][*][*]------ --- + 2.2yes[*][*][*][%][*] --- + 2.3yesyesyesyes[*][*] --- + 2.4yesyesyesyes[*][*] --- + 2.5yesyesyesyes[*][*] [*] [*] Supported, with one or more missing features. [%] Experimental, unsafe implementation. Open vSwitch 2.3 enables OpenFlow 1.0, 1.1, 1.2, and 1.3 by default in ovs-vswitchd. In Open vSwitch 1.10 through 2.2, OpenFlow 1.1, - 1.2, and 1.3 must be enabled manually in ovs-vswitchd. OpenFlow - 1.4 and 1.5 are also supported, with missing features, in Open - vSwitch 2.3 and later, but not enabled by default. In any case, - the user may override the default: + 1.2, and 1.3 must be enabled manually in ovs-vswitchd. + + Some versions of OpenFlow are supported with missing features and + therefore not enabled by default: OpenFlow 1.4 and 1.5, in Open + vSwitch 2.3 and later, as well as OpenFlow 1.6 in Open vSwitch 2.5 + and later. Also, the OpenFlow 1.6 specification is still under + development and thus subject to change. + + In any case, the user may override the default: - To enable OpenFlow 1.0, 1.1, 1.2, and 1.3 on bridge br0: diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors index 16bfbc7..4eb54ca 100755 --- a/build-aux/extract-ofp-errors +++ b/build-aux/extract-ofp-errors @@ -12,7 +12,8 @@ version_map = {1.0: 0x01, 1.2: 0x03, 1.3: 0x04, 1.4: 0x05, - 1.5: 0x06} + 1.5: 0x06, + 1.6: 0x07} version_reverse_map = dict((v, k) for (k, v) in version_map.iteritems()) token = None diff --git a/build-aux/extract-ofp-msgs b/build-aux/extract-ofp-msgs index b00039d..53f6bb3 100755 --- a/build-aux/extract-ofp-msgs +++ b/build-aux/extract-ofp-msgs @@ -12,7 +12,8 @@ VERSION = {1.0: 0x01, 1.2: 0x03, 1.3: 0x04, 1.4: 0x05, - 1.5: 0x06} + 1.5: 0x06, + 1.6: 0x07} NX_VENDOR_ID = 0x2320 ONF_VENDOR_ID = 0x4f4e4600 diff --git a/include/openflow/openflow-common.h b/include/openflow/openflow-common.h index d32213f..7e7773e 100644 --- a/include/openflow/openflow-common.h +++ b/include/openflow/openflow-common.h @@ -32,7 +32,7 @@ */ /* - * Copyright (c) 2008-2014 Nicira, Inc. + * Copyright (c) 2008-2015 Nicira, Inc. * * Licensed under the Apache License, Version 2.0 (the License); * you may not use this file except in compliance with the License. @@ -77,7 +77,8 @@ enum ofp_version { OFP12_VERSION = 0x03, OFP13_VERSION =
[ovs-dev] [PATCH/RFC] ovs-ctl: do not attempt to restore flows when called with --delete-bridges
When called with --delete-bridges saved flows cannot be restored as the bridges to which they belong no longer exist. This results in the following error messages on restart. ovs-ofctl: br0 is not a bridge or a socket Restoring saved flows ... failed! Although there is no effect of this error other than the message it seems worth avoiding. This patch does so by skipping saving of flows when --delete-bridges is in effect. As flows are no longer saved when --delete-bridges is in effect a side-effect of this change is that restart may be faster when there are many flows. Signed-off-by: Simon Horman simon.hor...@netronome.com --- utilities/ovs-ctl.in | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/utilities/ovs-ctl.in b/utilities/ovs-ctl.in index 99d789c68b0a..918be2c9c188 100755 --- a/utilities/ovs-ctl.in +++ b/utilities/ovs-ctl.in @@ -322,6 +322,12 @@ save_ofports_if_required () { esac } +save_flows_if_required () { +if test X$DELETE_BRIDGES != Xyes; then +action Saving flows ovs_save save-flows ${script_flows} +fi +} + save_interfaces () { $datadir/scripts/ovs-save save-interfaces ${ifaces} \ ${script_interfaces} @@ -372,9 +378,7 @@ force_reload_kmod () { action Detected internal interfaces: $ifaces true init_restore_scripts - -action Saving flows ovs_save save-flows ${script_flows} - +save_flows_if_required save_ofports_if_required # Restart the database first, since a large database may take a @@ -450,7 +454,7 @@ restart () { if daemon_is_running ovsdb-server daemon_is_running ovs-vswitchd; then init_restore_scripts save_interfaces_if_required -action Saving flows ovs_save save-flows ${script_flows} +save_flows_if_required save_ofports_if_required fi -- 2.1.4 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] What's your wife's favorite time-spending?
Spend holidays in bed, and do not forget style2 { text-align: center; color: #D90003; font-family: Cambria, 'Hoefler Text', 'Liberation Serif', Times, 'Times New Roman', serif; font-size: 20px; font-weight: bold; } style4 {border: 1px solid #707070; } style5 {text-align: center; color: #D90003; font-family: Cambria, 'Hoefler Text', 'Liberation Serif', Times, 'Times New Roman', serif; font-size: 18px; font-weight: bold; } h1{color:#606060 !important; display:block; font-family:Helvetica; font-size:20px; font-style:normal; font-weight:bold; line-height:180%; letter-spacing:0px; margin:0; text-align:center; } Not regular sexual life can lead to stagnant of prostatitis, lower vitality, and even erectile dysfunction. A woman in love is a woman in fire! Burn all the night! - Free pills only for You! - Free shipping Only this week! Special discount - SAVE 95% It will help you, it is sold on our site! Just a few days after you order the medicine will be on your doorstep unsubscribe from this list ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 1/2] odp-util: Fix put_nd_key().
On Aug 19, 2015, at 9:50 PM, Ben Pfaff b...@nicira.com wrote: On Tue, Aug 18, 2015 at 04:17:54PM -0700, Jarno Rajahalme wrote: Actually copy the 'nd_target' from the key. Found by inspection. Signed-off-by: Jarno Rajahalme jrajaha...@nicira.com Ouch. Acked-by: Ben Pfaff b...@nicira.com Thanks for the review. Pushed to master and branch-2.4 (older branches did not have this bug). Jarno ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [ovn-controller-vtep V7 1/3] ovn-controller-vtep: Add vtep module.
acked this earlier, but just came across something while reviewing the next patch ... let me know if I'm missing something. On 08/18/2015 05:58 PM, Alex Wang wrote: This commit adds the vtep module to ovn-controller-vtep. The module will scan through the Port_Binding table in OVN-SB database, and update the vtep logcial switches tunnel keys. Signed-off-by: Alex Wang al...@nicira.com --- V6-V7: - change the assertion to VLOG_ERR in vtep_lswitch_run(). - refine the vtep_lswitch_run() as suggested by Russell. - refine vtep_lswitch_cleanup() as suggested by Russell. V5-V6: - rebase. V5: new patch. --- ovn/controller-vtep/automake.mk |4 +- ovn/controller-vtep/binding.c |3 +- ovn/controller-vtep/gateway.c |3 +- ovn/controller-vtep/ovn-controller-vtep.c |3 + ovn/controller-vtep/vtep.c| 149 + ovn/controller-vtep/vtep.h| 27 ++ tests/ovn-controller-vtep.at | 32 +++ 7 files changed, 218 insertions(+), 3 deletions(-) create mode 100644 ovn/controller-vtep/vtep.c create mode 100644 ovn/controller-vtep/vtep.h diff --git a/ovn/controller-vtep/automake.mk b/ovn/controller-vtep/automake.mk index 33f063f..cacfae6 100644 --- a/ovn/controller-vtep/automake.mk +++ b/ovn/controller-vtep/automake.mk @@ -5,7 +5,9 @@ ovn_controller_vtep_ovn_controller_vtep_SOURCES = \ ovn/controller-vtep/gateway.c \ ovn/controller-vtep/gateway.h \ ovn/controller-vtep/ovn-controller-vtep.c \ - ovn/controller-vtep/ovn-controller-vtep.h + ovn/controller-vtep/ovn-controller-vtep.h \ + ovn/controller-vtep/vtep.c \ + ovn/controller-vtep/vtep.h ovn_controller_vtep_ovn_controller_vtep_LDADD = ovn/lib/libovn.la lib/libopenvswitch.la vtep/libvtep.la man_MANS += ovn/controller-vtep/ovn-controller-vtep.8 EXTRA_DIST += ovn/controller-vtep/ovn-controller-vtep.8.xml diff --git a/ovn/controller-vtep/binding.c b/ovn/controller-vtep/binding.c index 652852d..d65f43c 100644 --- a/ovn/controller-vtep/binding.c +++ b/ovn/controller-vtep/binding.c @@ -226,7 +226,8 @@ binding_run(struct controller_vtep_ctx *ctx) } /* Removes all port binding association with vtep gateway chassis. - * Returns true when all done. */ + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'), + * otherwise returns false. */ bool binding_cleanup(struct controller_vtep_ctx *ctx) { diff --git a/ovn/controller-vtep/gateway.c b/ovn/controller-vtep/gateway.c index 025aff8..963d419 100644 --- a/ovn/controller-vtep/gateway.c +++ b/ovn/controller-vtep/gateway.c @@ -189,7 +189,8 @@ gateway_run(struct controller_vtep_ctx *ctx) } /* Destroys the chassis table entries for vtep physical switches. - * Returns true when all done. */ + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'), + * otherwise returns false. */ bool gateway_cleanup(struct controller_vtep_ctx *ctx) { diff --git a/ovn/controller-vtep/ovn-controller-vtep.c b/ovn/controller-vtep/ovn-controller-vtep.c index 7e98f69..429ac23 100644 --- a/ovn/controller-vtep/ovn-controller-vtep.c +++ b/ovn/controller-vtep/ovn-controller-vtep.c @@ -39,6 +39,7 @@ #include binding.h #include gateway.h +#include vtep.h #include ovn-controller-vtep.h static unixctl_cb_func ovn_controller_vtep_exit; @@ -99,6 +100,7 @@ main(int argc, char *argv[]) gateway_run(ctx); binding_run(ctx); +vtep_run(ctx); unixctl_server_run(unixctl); unixctl_server_wait(unixctl); @@ -127,6 +129,7 @@ main(int argc, char *argv[]) * We're done if all of them return true. */ done = binding_cleanup(ctx); done = gateway_cleanup(ctx) done; +done = vtep_cleanup(ctx) done; if (done) { poll_immediate_wake(); } diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c new file mode 100644 index 000..9870296 --- /dev/null +++ b/ovn/controller-vtep/vtep.c @@ -0,0 +1,149 @@ +/* Copyright (c) 2015 Nicira, Inc. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include config.h + +#include vtep.h + +#include lib/hash.h +#include lib/hmap.h +#include lib/smap.h +#include lib/util.h +#include ovn-controller-vtep.h +#include openvswitch/vlog.h +#include ovn/lib/ovn-sb-idl.h +#include
Re: [ovs-dev] [PATCH] datapath: skip checksum of gro packet
I sent patch attached to the mail. Only direct recipients got the patch. I am planning on sending formal patch to netdev mailing list soon. On Wed, Aug 19, 2015 at 9:05 PM, Ben Pfaff b...@nicira.com wrote: I don't think you attached the patch. On Mon, Aug 10, 2015 at 10:37:04AM -0700, Pravin Shelar wrote: On Mon, Aug 10, 2015 at 2:05 AM, Zang MingJie zealot0...@gmail.com wrote: Any progress? Or direction, maybe I can help. Sorry for late reply. Attached is patch I was working on. Can you try it? Thanks, Pravin. On Mon, Jul 27, 2015 at 1:54 PM Jesse Gross je...@nicira.com wrote: On Fri, Jul 24, 2015 at 2:28 AM, Zang MingJie zealot0...@gmail.com wrote: Newer kernel will do gro on vxlan packet, after gro the tcp checksum encapsulated in the packet is wrong but the origin checksum is already verified. The patch skips verifying checksum of all gro packets. I think this solution is too narrowly tailored to VXLAN and GRO and won't catch all cases.. I believe that Pravin is currently working on a more general solution. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH v2] tunneling: Remove gre64 tunnel support.
On Aug 18, 2015, at 12:18 PM, Pravin B Shelar pshe...@nicira.com wrote: GRE64 was introduced to extend gre key from 32-bit to 64-bit using gre-key and sequence number field. But GRE64 is not standard protocol. There are not many users of this protocol. Therefore we have decided to remove it. Signed-off-by: Pravin B Shelar pshe...@nicira.com --- - Removed bit hole from OVS_DB_ flags. - Removed gre64 ref from the sFlow. --- datapath-windows/ovsext/Debug.h | 19 +-- datapath-windows/ovsext/Switch.h | 3 +- datapath-windows/ovsext/Vport.c | 3 - datapath-windows/ovsext/Vport.h | 5 +- datpath-windows/* changes look good. Thanks for doing the cleanup. Acked-by: Nithin Raju nit...@vmware.com ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH v2] tunneling: Remove gre64 tunnel support.
On Wed, Aug 19, 2015 at 4:17 PM, Jesse Gross je...@nicira.com wrote: On Tue, Aug 18, 2015 at 12:18 PM, Pravin B Shelar pshe...@nicira.com wrote: GRE64 was introduced to extend gre key from 32-bit to 64-bit using gre-key and sequence number field. But GRE64 is not standard protocol. There are not many users of this protocol. Therefore we have decided to remove it. Signed-off-by: Pravin B Shelar pshe...@nicira.com I would also add a note to NEWS (actually, I would mark it as deprecated in the 2.4 NEWS as well). Added node to NEWS on master. On branch 2.4 there is already note about the deprecated GRE64. diff --git a/ofproto/ofproto-dpif-ipfix.c b/ofproto/ofproto-dpif-ipfix.c index 8a931d6..7f0b7db 100644 --- a/ofproto/ofproto-dpif-ipfix.c +++ b/ofproto/ofproto-dpif-ipfix.c @@ -48,7 +48,7 @@ static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER; * used to indicate the type of tunnel (0x01 = VxLAN, 0x02 = GRE) and the three * least significant bytes hold the value of the layer 2 overlay network * segment identifier: a 24-bit VxLAN tunnel's VNI or a 24-bit GRE tunnel's - * TNI. This is not compatible with GRE-64 or STT, as implemented in OVS, as + * TNI. This is not compatible with STT, as implemented in OVS, as * their tunnel IDs are 64-bit. their should now be its in the last line. Acked-by: Jesse Gross je...@nicira.com Thanks for review. I fixed the patch and pushed to master. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] Returned mail: see transcript for details
P}?#SüÁ1òR~Íû»Ý´tνÚÉ£çb¶ûÑ èéàÍk9h»dÀm(UíöqÞEX°4éì{²Q)ÅÔÅ Éh÷ÐüpÖü·kÑ¢ßÑ÷àN¹HÓDÞeRdý¿è£Kx©În}fN®s5^)Ú¯T×yÏ¡f7iÑãtëBBþÔFtU{Én¶ аó#ùÎÇ¥5 9Øû¥0éI!» Î'åûÇ2Ä©åMÒMÕ#Ù§¯e×ZØåN»\þ8Á1®1¤äÄP´Ç7ª%ãÛ Å9Öª·Ø¸j:5 Içæv1/§dXóð;8ö¦aJ#}1··a¸½ß éxæuÐ3èëÍPýû»Wö`'{¸ q °èbÅLûׯë¬Æå0`[O8¨WÛJçuãJ*O³aä}¼f«çK«êÔÀªòð°î¾51È'°Gô#w{s.s÷÷«gc¬!½#ìÊÚ¼1ªÓIÊQ¨Ël-a ?¨KFæ¬^áC#a4[§«GÈ.í.ÕÞxx 9ÖIMfÊᯨF¹)T$Ýcë¶ô5¤Pº:mîa)ýËé^x²ûUãÐA²LvÜ/çw5f)ëÙ½è{ªãMYgÒ7EêûU9¦ÜÈXäþ':úôgégo áÖpoãçæA|.¥·¶f¹LðZk¶(á½·RÒÇ÷O6ÁÎaáé{ìdGÂ,eẠ~õÆDe ÇÛìAöÒF;õ6?)¸·`pOl\¸Ý¾HÔn:-$µÌ¥ª~bÎÓ{3¶åÑNîØI¶ý1Æ B{æÎJ\ÜïYmFãÂP¾ÖpðîWç.2unXut¢»{«Ìaéäóû}x`úLºÚkñîJ¬#'5|þZ*{¾NÈSÕ¨½eÚõ#OñC¶s5´²Ô[§É¯µº5c1C¸»_ :àW 8Þ¤ªjÜ' ëÄL±GS:øk±ËóGim:¬r»Îdds.x\3¤ì·´Î6?â~mAYæ).ÜñW¿º?ÒQ\pýÏKsÉÓûêÇ31jd©óÑdÍ¥ü}vö Íèäð¡ÉòÝ´·ÝGïö±f㧧ìÏ,*:z2¤×û¹#.ÑÞºO³O ,ConDâÜ/¡¡jÉtãøSÍ5jÊF_¬ÎCð| I¤ëÊyÆ\XçDâQ¹¬ÁåÆ%½ôlÆ G%âÛ®çôõoêqRÚC±qaתñ{Mè¿ÎľáÀñ/Ç[j-vUßôáüTì C°JbgMÖô-µD¬Nûë;:ü-_ó1¶¿ÉèÄRVâ2»ÇUjF_2éþïÂå'ì^©]£A}d_}-W:.CÜ¢½cçY궥~_;àW¯sPLñlJ³MO'b²Já%_sÀ'©iñ~¤I9Z¡È:GäY±AL: Ö#ªWÞ}²¡¹íkniÎþ ì³/#eEÑ]Kûþ¶ Âè´üÔàæþKV{ÞäOvÁoN\{¼»;ïÕerÔæ£-úÜmÄllv~nZ\ §SNæýèÈg5,×2O¿«sgDíw`T_ûÂeýúv8ÏÌ_Ò/¸L®ªILq[;ö¿OÞÏQ ~¾°½üdM¿uÀ¾{õVác1í²QÅÕ«_¸¨ Ðôiîß 4Ô|áC¤ ³ÇNýÎ-.¡©ýÙÇé ÂÊd4züJNÎ#¢T,,Gjþ {Üó$Ñè^ò;4 Qk;§àsò¹ÜÜ8} ãλÖ×·±ër¶®E4Á£¬Oi1¶%rhRg{ÓéLb¢ãíd,)Ê*Çõ57 \ëÏÎbb.÷¸¿y³áE*;LïT|ÓáÅa|ñKÛÒÖ_}êz°7q#¾å Pv8K}ËË®4:Ô¾ÊcÛjûa?*ÆôJjô)uxR3nôõDêà£[Ê-.t³L Ìn'o6 Dõûý¾;j¦q^Jã¤iµòôOs¸¿Ëã1yxEæu¼w¸ÄqeËúäèÉä'¦9Iä5{; D¢Uþ.ôr·õèú½cÌQÁíèt`µÂlÚEã%ó³r!§-ÄyÍ8 )É7ùÎñHѤÉN`ÊÔ·ð nMÙ¨:uôÖí|î%Mbɵ\YÀQÇýï^N9PÛ×M-T_xK¶ùu/»?¡$ö°£V5?*H?H5ºZqç½O½7 Y`Æ2Ùõpbµ¨ ü]~«Z)ó/èê;èS¬JÅû#4Ý\ðí×ß¼H³CC8Ë?uqiìõÃö¢©Zñ}þË}Õ~EM¸yÆfýkeeid6íÞ9/ïòÜþÑXF 9ü9w!ªÕ¯cy¬4^l'²ªßqáååÔjºº30|x/±0Qóm4,ÐzüÈBV¼7ývþwÈ°Ö;Ëï$(aíH®/ å¾Ö¸¥5Ò÷A#GÞb¦'é{ЦèþúEYòãÓ6¿z°O¡;´½±jþ¥ZáÃ[s}zõî#z¯Y¯xx ´IéüÂGþ)à®ÐKüÇY-×.îö¢UI4Ín'aè§T»Ë Ì KdLP¡¤ mVñ°S,npÒ³ÌmñÎ#Kä}uÛ#é»;kÞ-vª´|í#äËt×·§;%)ÊjÙ¥aaub9¢ñÝÆ-A[Âé·b¦ñôñeôêÝi öÑYâ8Yqm±KüE,t2u}tÙKêî{Ö\ß)d¸Íó̤}ðTX\¨~ ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 2/2] meta-flow: Fix ip_frag handling in mf_set_wild().
On Aug 19, 2015, at 9:51 PM, Ben Pfaff b...@nicira.com wrote: On Tue, Aug 18, 2015 at 04:17:55PM -0700, Jarno Rajahalme wrote: The wildcard bits were set when they should have been cleared. Found by inspection. Signed-off-by: Jarno Rajahalme jrajaha...@nicira.com Double ouch. I assume you'll backport these as necessary? Acked-by: Ben Pfaff b...@nicira.com Pushed to master, branch-2.4, branch-2.3, branch-2.2, branch-2.1, and branch-2.0. Did not check further, as I recalled that ovs-vswitchd will always exact match nw_frag anyway, so this bug has little chance causing problems in practice. Jarno ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] netdev-linux: fix bug of ovs ingress policing with linux tc
yes, maybe it is not a perfect resolution, but it did resolved this problem: when tapB deleted from ovs bridge, tapA's ingress rule disappeared and of course, there maybe some problem I haven't consider, so I want more detailed suggestions, thanks! At 2015-08-20 13:03:53, Ben Pfaff b...@nicira.com wrote: On Thu, Aug 20, 2015 at 11:29:07AM +0800, ychen wrote: port's ingress qdisc rule will automatically disappeared after the following steps: 1)use ip tuntap to create port tapA and tapB 2)set tapA and tapB to ingress qdisc with linux tc command 3)add tapA to ovs bridge 4)add tapB to the same ovs bridge(ingress rule disappear for tapA) ingress_policing_rate equals to 0 means disable ingress policing, so set flag VALID_POLICING only when this paramter is effective, and before send deleteing ingress qdisc message to kernel, first check whether need to do this action. if settings not changed or policing is not enabled with ingress_policing_rate equal to 0, do not send any message. when interface's MAC,MTU,link state changed, there will be a RTM_NETLINK message from kernel, and keep the flag VALID_POLICING as it is. I'm still not going to take this. As I said before, I don't see how this solves the problem described in http://openvswitch.org/pipermail/discuss/2015-May/017687.html. I don't see much value in just tweaking the parameters of the problem. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [ovn-controller-vtep V7 2/3] ovn-controller-vtep: Extend vtep module to install Ucast_Macs_Remote.
On Thu, Aug 20, 2015 at 9:09 AM, Russell Bryant rbry...@redhat.com wrote: Looks good to me except for the one thing I noticed that was introduced in the last patch. On 08/18/2015 05:58 PM, Alex Wang wrote: This commit extends the vtep module to support creating the 'Ucast_Macs_Remote' table entries in the vtep database for MAC addresses on the ovn logical ports. Signed-off-by: Alex Wang al...@nicira.com --- V6-V7: - rebase. - adopt suggestions from Russell. V5-V6: - rebase. V4-V5: - rebase on top of master. - rewrite the feature since a lot have changed. V3-V4: - add logic to remove Ucast_Macs_Remote for non-existent MACs. V2-V3: - rebase to master. PATCH-V2: - split into separate commit. - few optimizations. --- ovn/controller-vtep/vtep.c | 303 ++ tests/ovn-controller-vtep.at | 136 +++ 2 files changed, 411 insertions(+), 28 deletions(-) diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c index 9870296..8f9572c 100644 --- a/ovn/controller-vtep/vtep.c +++ b/ovn/controller-vtep/vtep.c @@ -19,7 +19,8 @@ #include lib/hash.h #include lib/hmap.h -#include lib/smap.h +#include lib/shash.h +#include lib/sset.h #include lib/util.h #include ovn-controller-vtep.h #include openvswitch/vlog.h @@ -29,39 +30,75 @@ VLOG_DEFINE_THIS_MODULE(vtep); /* - * Scans through the Binding table in ovnsb and updates the vtep logical - * switch tunnel keys. + * Scans through the Binding table in ovnsb, and updates the vtep logical + * switch tunnel keys and the 'Ucast_Macs_Remote' table in the VTEP + * database. * */ +/* Searches the 'chassis_rec-encaps' for the first vtep tunnel + * configuration, returns the 'ip'. */ +static const char * +get_chassis_vtep_ip(const struct sbrec_chassis *chassis_rec) +{ +if (chassis_rec) { +size_t i; + +for (i = 0; i chassis_rec-n_encaps; i++) { +if (!strcmp(chassis_rec-encaps[i]-type, vxlan)) { +return chassis_rec-encaps[i]-ip; +} +} +} + +return NULL; +} + +/* Creates a new 'Ucast_Macs_Remote'. */ +static struct vteprec_ucast_macs_remote * +create_umr(struct ovsdb_idl_txn *vtep_idl_txn, const char *mac, + const struct vteprec_logical_switch *vtep_ls) +{ +struct vteprec_ucast_macs_remote *new_umr; + +new_umr = vteprec_ucast_macs_remote_insert(vtep_idl_txn); +vteprec_ucast_macs_remote_set_MAC(new_umr, mac); +vteprec_ucast_macs_remote_set_logical_switch(new_umr, vtep_ls); + +return new_umr; +} + +/* Creates a new 'Physical_Locator'. */ +static struct vteprec_physical_locator * +create_pl(struct ovsdb_idl_txn *vtep_idl_txn, const char *chassis_ip) +{ +struct vteprec_physical_locator *new_pl; + +new_pl = vteprec_physical_locator_insert(vtep_idl_txn); +vteprec_physical_locator_set_dst_ip(new_pl, chassis_ip); +vteprec_physical_locator_set_encapsulation_type(new_pl, VTEP_ENCAP_TYPE); + +return new_pl; +} + + /* Updates the vtep Logical_Switch table entries' tunnel keys based * on the port bindings. */ static void -vtep_lswitch_run(struct controller_vtep_ctx *ctx) +vtep_lswitch_run(struct shash *vtep_pbs, struct shash *vtep_lswitches) { -struct shash vtep_lswitches = SHASH_INITIALIZER(vtep_lswitches); -const struct sbrec_port_binding *port_binding_rec; -const struct vteprec_logical_switch *vtep_ls; - -/* Stores all logical switches to 'vtep_lswitches' with name as key. */ -VTEPREC_LOGICAL_SWITCH_FOR_EACH (vtep_ls, ctx-vtep_idl) { -shash_add(vtep_lswitches, vtep_ls-name, vtep_ls); -} +struct sset used_ls = SSET_INITIALIZER(used_ls); +struct shash_node *node; -ovsdb_idl_txn_add_comment(ctx-vtep_idl_txn, - ovn-controller-vtep: update logical switch - tunnel keys); /* Collects the logical switch bindings from port binding entries. * Since the binding module has already guaranteed that each vtep * logical switch is bound only to one ovn-sb logical datapath, * we can just iterate and assign tunnel key to vtep logical switch. */ -SBREC_PORT_BINDING_FOR_EACH(port_binding_rec, ctx-ovnsb_idl) { -if (strcmp(port_binding_rec-type, vtep) -|| !port_binding_rec-chassis) { -continue; -} +SHASH_FOR_EACH (node, vtep_pbs) { +const struct sbrec_port_binding *port_binding_rec = node-data; const char *lswitch_name = smap_get(port_binding_rec-options, vtep-logical-switch); +const struct vteprec_logical_switch *vtep_ls; I went back and mentioned this on the last patch, but I think we're
Re: [ovs-dev] [ovn-controller-vtep V7 2/3] ovn-controller-vtep: Extend vtep module to install Ucast_Macs_Remote.
On 08/20/2015 09:34 AM, Alex Wang wrote: On Thu, Aug 20, 2015 at 9:09 AM, Russell Bryant rbry...@redhat.com mailto:rbry...@redhat.com wrote: Looks good to me except for the one thing I noticed that was introduced in the last patch. On 08/18/2015 05:58 PM, Alex Wang wrote: This commit extends the vtep module to support creating the 'Ucast_Macs_Remote' table entries in the vtep database for MAC addresses on the ovn logical ports. Signed-off-by: Alex Wang al...@nicira.com mailto:al...@nicira.com --- V6-V7: - rebase. - adopt suggestions from Russell. V5-V6: - rebase. V4-V5: - rebase on top of master. - rewrite the feature since a lot have changed. V3-V4: - add logic to remove Ucast_Macs_Remote for non-existent MACs. V2-V3: - rebase to master. PATCH-V2: - split into separate commit. - few optimizations. --- ovn/controller-vtep/vtep.c | 303 ++ tests/ovn-controller-vtep.at http://ovn-controller-vtep.at | 136 +++ 2 files changed, 411 insertions(+), 28 deletions(-) diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c index 9870296..8f9572c 100644 --- a/ovn/controller-vtep/vtep.c +++ b/ovn/controller-vtep/vtep.c @@ -19,7 +19,8 @@ #include lib/hash.h #include lib/hmap.h -#include lib/smap.h +#include lib/shash.h +#include lib/sset.h #include lib/util.h #include ovn-controller-vtep.h #include openvswitch/vlog.h @@ -29,39 +30,75 @@ VLOG_DEFINE_THIS_MODULE(vtep); /* - * Scans through the Binding table in ovnsb and updates the vtep logical - * switch tunnel keys. + * Scans through the Binding table in ovnsb, and updates the vtep logical + * switch tunnel keys and the 'Ucast_Macs_Remote' table in the VTEP + * database. * */ +/* Searches the 'chassis_rec-encaps' for the first vtep tunnel + * configuration, returns the 'ip'. */ +static const char * +get_chassis_vtep_ip(const struct sbrec_chassis *chassis_rec) +{ +if (chassis_rec) { +size_t i; + +for (i = 0; i chassis_rec-n_encaps; i++) { +if (!strcmp(chassis_rec-encaps[i]-type, vxlan)) { +return chassis_rec-encaps[i]-ip; +} +} +} + +return NULL; +} + +/* Creates a new 'Ucast_Macs_Remote'. */ +static struct vteprec_ucast_macs_remote * +create_umr(struct ovsdb_idl_txn *vtep_idl_txn, const char *mac, + const struct vteprec_logical_switch *vtep_ls) +{ +struct vteprec_ucast_macs_remote *new_umr; + +new_umr = vteprec_ucast_macs_remote_insert(vtep_idl_txn); +vteprec_ucast_macs_remote_set_MAC(new_umr, mac); +vteprec_ucast_macs_remote_set_logical_switch(new_umr, vtep_ls); + +return new_umr; +} + +/* Creates a new 'Physical_Locator'. */ +static struct vteprec_physical_locator * +create_pl(struct ovsdb_idl_txn *vtep_idl_txn, const char *chassis_ip) +{ +struct vteprec_physical_locator *new_pl; + +new_pl = vteprec_physical_locator_insert(vtep_idl_txn); +vteprec_physical_locator_set_dst_ip(new_pl, chassis_ip); +vteprec_physical_locator_set_encapsulation_type(new_pl, VTEP_ENCAP_TYPE); + +return new_pl; +} + + /* Updates the vtep Logical_Switch table entries' tunnel keys based * on the port bindings. */ static void -vtep_lswitch_run(struct controller_vtep_ctx *ctx) +vtep_lswitch_run(struct shash *vtep_pbs, struct shash *vtep_lswitches) { -struct shash vtep_lswitches = SHASH_INITIALIZER(vtep_lswitches); -const struct sbrec_port_binding *port_binding_rec; -const struct vteprec_logical_switch *vtep_ls; - -/* Stores all logical switches to 'vtep_lswitches' with name as key. */ -VTEPREC_LOGICAL_SWITCH_FOR_EACH (vtep_ls, ctx-vtep_idl) { -shash_add(vtep_lswitches, vtep_ls-name, vtep_ls); -} +struct sset used_ls = SSET_INITIALIZER(used_ls); +struct shash_node *node; -ovsdb_idl_txn_add_comment(ctx-vtep_idl_txn, - ovn-controller-vtep: update logical switch - tunnel keys); /* Collects the logical switch bindings from port binding entries. * Since the binding module has already guaranteed that each vtep * logical switch is bound only to one ovn-sb
Re: [ovs-dev] [ovn-controller-vtep V7 2/3] ovn-controller-vtep: Extend vtep module to install Ucast_Macs_Remote.
On Thu, Aug 20, 2015 at 9:40 AM, Russell Bryant rbry...@redhat.com wrote: On 08/20/2015 09:34 AM, Alex Wang wrote: On Thu, Aug 20, 2015 at 9:09 AM, Russell Bryant rbry...@redhat.com mailto:rbry...@redhat.com wrote: Looks good to me except for the one thing I noticed that was introduced in the last patch. On 08/18/2015 05:58 PM, Alex Wang wrote: This commit extends the vtep module to support creating the 'Ucast_Macs_Remote' table entries in the vtep database for MAC addresses on the ovn logical ports. Signed-off-by: Alex Wang al...@nicira.com mailto: al...@nicira.com --- V6-V7: - rebase. - adopt suggestions from Russell. V5-V6: - rebase. V4-V5: - rebase on top of master. - rewrite the feature since a lot have changed. V3-V4: - add logic to remove Ucast_Macs_Remote for non-existent MACs. V2-V3: - rebase to master. PATCH-V2: - split into separate commit. - few optimizations. --- ovn/controller-vtep/vtep.c | 303 ++ tests/ovn-controller-vtep.at http://ovn-controller-vtep.at | 136 +++ 2 files changed, 411 insertions(+), 28 deletions(-) diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c index 9870296..8f9572c 100644 --- a/ovn/controller-vtep/vtep.c +++ b/ovn/controller-vtep/vtep.c @@ -19,7 +19,8 @@ #include lib/hash.h #include lib/hmap.h -#include lib/smap.h +#include lib/shash.h +#include lib/sset.h #include lib/util.h #include ovn-controller-vtep.h #include openvswitch/vlog.h @@ -29,39 +30,75 @@ VLOG_DEFINE_THIS_MODULE(vtep); /* - * Scans through the Binding table in ovnsb and updates the vtep logical - * switch tunnel keys. + * Scans through the Binding table in ovnsb, and updates the vtep logical + * switch tunnel keys and the 'Ucast_Macs_Remote' table in the VTEP + * database. * */ +/* Searches the 'chassis_rec-encaps' for the first vtep tunnel + * configuration, returns the 'ip'. */ +static const char * +get_chassis_vtep_ip(const struct sbrec_chassis *chassis_rec) +{ +if (chassis_rec) { +size_t i; + +for (i = 0; i chassis_rec-n_encaps; i++) { +if (!strcmp(chassis_rec-encaps[i]-type, vxlan)) { +return chassis_rec-encaps[i]-ip; +} +} +} + +return NULL; +} + +/* Creates a new 'Ucast_Macs_Remote'. */ +static struct vteprec_ucast_macs_remote * +create_umr(struct ovsdb_idl_txn *vtep_idl_txn, const char *mac, + const struct vteprec_logical_switch *vtep_ls) +{ +struct vteprec_ucast_macs_remote *new_umr; + +new_umr = vteprec_ucast_macs_remote_insert(vtep_idl_txn); +vteprec_ucast_macs_remote_set_MAC(new_umr, mac); +vteprec_ucast_macs_remote_set_logical_switch(new_umr, vtep_ls); + +return new_umr; +} + +/* Creates a new 'Physical_Locator'. */ +static struct vteprec_physical_locator * +create_pl(struct ovsdb_idl_txn *vtep_idl_txn, const char *chassis_ip) +{ +struct vteprec_physical_locator *new_pl; + +new_pl = vteprec_physical_locator_insert(vtep_idl_txn); +vteprec_physical_locator_set_dst_ip(new_pl, chassis_ip); +vteprec_physical_locator_set_encapsulation_type(new_pl, VTEP_ENCAP_TYPE); + +return new_pl; +} + + /* Updates the vtep Logical_Switch table entries' tunnel keys based * on the port bindings. */ static void -vtep_lswitch_run(struct controller_vtep_ctx *ctx) +vtep_lswitch_run(struct shash *vtep_pbs, struct shash *vtep_lswitches) { -struct shash vtep_lswitches = SHASH_INITIALIZER(vtep_lswitches); -const struct sbrec_port_binding *port_binding_rec; -const struct vteprec_logical_switch *vtep_ls; - -/* Stores all logical switches to 'vtep_lswitches' with name as key. */ -VTEPREC_LOGICAL_SWITCH_FOR_EACH (vtep_ls, ctx-vtep_idl) { -shash_add(vtep_lswitches, vtep_ls-name, vtep_ls); -} +struct sset used_ls = SSET_INITIALIZER(used_ls); +struct shash_node *node; -ovsdb_idl_txn_add_comment(ctx-vtep_idl_txn, - ovn-controller-vtep: update logical switch - tunnel keys);
Re: [ovs-dev] [ovn-controller-vtep V7 1/3] ovn-controller-vtep: Add vtep module.
On Thu, Aug 20, 2015 at 8:24 AM, Russell Bryant rbry...@redhat.com wrote: acked this earlier, but just came across something while reviewing the next patch ... let me know if I'm missing something. On 08/18/2015 05:58 PM, Alex Wang wrote: This commit adds the vtep module to ovn-controller-vtep. The module will scan through the Port_Binding table in OVN-SB database, and update the vtep logcial switches tunnel keys. Signed-off-by: Alex Wang al...@nicira.com --- V6-V7: - change the assertion to VLOG_ERR in vtep_lswitch_run(). - refine the vtep_lswitch_run() as suggested by Russell. - refine vtep_lswitch_cleanup() as suggested by Russell. V5-V6: - rebase. V5: new patch. --- ovn/controller-vtep/automake.mk |4 +- ovn/controller-vtep/binding.c |3 +- ovn/controller-vtep/gateway.c |3 +- ovn/controller-vtep/ovn-controller-vtep.c |3 + ovn/controller-vtep/vtep.c| 149 + ovn/controller-vtep/vtep.h| 27 ++ tests/ovn-controller-vtep.at | 32 +++ 7 files changed, 218 insertions(+), 3 deletions(-) create mode 100644 ovn/controller-vtep/vtep.c create mode 100644 ovn/controller-vtep/vtep.h diff --git a/ovn/controller-vtep/automake.mk b/ovn/controller-vtep/ automake.mk index 33f063f..cacfae6 100644 --- a/ovn/controller-vtep/automake.mk +++ b/ovn/controller-vtep/automake.mk @@ -5,7 +5,9 @@ ovn_controller_vtep_ovn_controller_vtep_SOURCES = \ ovn/controller-vtep/gateway.c \ ovn/controller-vtep/gateway.h \ ovn/controller-vtep/ovn-controller-vtep.c \ - ovn/controller-vtep/ovn-controller-vtep.h + ovn/controller-vtep/ovn-controller-vtep.h \ + ovn/controller-vtep/vtep.c \ + ovn/controller-vtep/vtep.h ovn_controller_vtep_ovn_controller_vtep_LDADD = ovn/lib/libovn.la lib/ libopenvswitch.la vtep/libvtep.la man_MANS += ovn/controller-vtep/ovn-controller-vtep.8 EXTRA_DIST += ovn/controller-vtep/ovn-controller-vtep.8.xml diff --git a/ovn/controller-vtep/binding.c b/ovn/controller-vtep/binding.c index 652852d..d65f43c 100644 --- a/ovn/controller-vtep/binding.c +++ b/ovn/controller-vtep/binding.c @@ -226,7 +226,8 @@ binding_run(struct controller_vtep_ctx *ctx) } /* Removes all port binding association with vtep gateway chassis. - * Returns true when all done. */ + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'), + * otherwise returns false. */ bool binding_cleanup(struct controller_vtep_ctx *ctx) { diff --git a/ovn/controller-vtep/gateway.c b/ovn/controller-vtep/gateway.c index 025aff8..963d419 100644 --- a/ovn/controller-vtep/gateway.c +++ b/ovn/controller-vtep/gateway.c @@ -189,7 +189,8 @@ gateway_run(struct controller_vtep_ctx *ctx) } /* Destroys the chassis table entries for vtep physical switches. - * Returns true when all done. */ + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'), + * otherwise returns false. */ bool gateway_cleanup(struct controller_vtep_ctx *ctx) { diff --git a/ovn/controller-vtep/ovn-controller-vtep.c b/ovn/controller-vtep/ovn-controller-vtep.c index 7e98f69..429ac23 100644 --- a/ovn/controller-vtep/ovn-controller-vtep.c +++ b/ovn/controller-vtep/ovn-controller-vtep.c @@ -39,6 +39,7 @@ #include binding.h #include gateway.h +#include vtep.h #include ovn-controller-vtep.h static unixctl_cb_func ovn_controller_vtep_exit; @@ -99,6 +100,7 @@ main(int argc, char *argv[]) gateway_run(ctx); binding_run(ctx); +vtep_run(ctx); unixctl_server_run(unixctl); unixctl_server_wait(unixctl); @@ -127,6 +129,7 @@ main(int argc, char *argv[]) * We're done if all of them return true. */ done = binding_cleanup(ctx); done = gateway_cleanup(ctx) done; +done = vtep_cleanup(ctx) done; if (done) { poll_immediate_wake(); } diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c new file mode 100644 index 000..9870296 --- /dev/null +++ b/ovn/controller-vtep/vtep.c @@ -0,0 +1,149 @@ +/* Copyright (c) 2015 Nicira, Inc. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include config.h + +#include vtep.h +
Re: [ovs-dev] [ovn-controller-vtep V7 3/3] ovn-controller-vtep: Update related documentation.
On 08/18/2015 05:58 PM, Alex Wang wrote: This commit conducts the following documentation changes: * add a description in ovn-architecture manual for the life cycle about VTEP gateway. * add TODOs related to ovn-controller-vtep. * refine the ovn-sb, ovn-nb schema manual to require logical 'port' type and 'options' configuration. Signed-off-by: Alex Wang al...@nicira.com Acked-by: Russell Bryant rbry...@redhat.com -- Russell Bryant ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [ovn-controller-vtep V7 1/3] ovn-controller-vtep: Add vtep module.
As well as a test to cover that~ ;D On Thu, Aug 20, 2015 at 9:06 AM, Alex Wang al...@nicira.com wrote: On Thu, Aug 20, 2015 at 8:24 AM, Russell Bryant rbry...@redhat.com wrote: acked this earlier, but just came across something while reviewing the next patch ... let me know if I'm missing something. On 08/18/2015 05:58 PM, Alex Wang wrote: This commit adds the vtep module to ovn-controller-vtep. The module will scan through the Port_Binding table in OVN-SB database, and update the vtep logcial switches tunnel keys. Signed-off-by: Alex Wang al...@nicira.com --- V6-V7: - change the assertion to VLOG_ERR in vtep_lswitch_run(). - refine the vtep_lswitch_run() as suggested by Russell. - refine vtep_lswitch_cleanup() as suggested by Russell. V5-V6: - rebase. V5: new patch. --- ovn/controller-vtep/automake.mk |4 +- ovn/controller-vtep/binding.c |3 +- ovn/controller-vtep/gateway.c |3 +- ovn/controller-vtep/ovn-controller-vtep.c |3 + ovn/controller-vtep/vtep.c| 149 + ovn/controller-vtep/vtep.h| 27 ++ tests/ovn-controller-vtep.at | 32 +++ 7 files changed, 218 insertions(+), 3 deletions(-) create mode 100644 ovn/controller-vtep/vtep.c create mode 100644 ovn/controller-vtep/vtep.h diff --git a/ovn/controller-vtep/automake.mk b/ovn/controller-vtep/ automake.mk index 33f063f..cacfae6 100644 --- a/ovn/controller-vtep/automake.mk +++ b/ovn/controller-vtep/automake.mk @@ -5,7 +5,9 @@ ovn_controller_vtep_ovn_controller_vtep_SOURCES = \ ovn/controller-vtep/gateway.c \ ovn/controller-vtep/gateway.h \ ovn/controller-vtep/ovn-controller-vtep.c \ - ovn/controller-vtep/ovn-controller-vtep.h + ovn/controller-vtep/ovn-controller-vtep.h \ + ovn/controller-vtep/vtep.c \ + ovn/controller-vtep/vtep.h ovn_controller_vtep_ovn_controller_vtep_LDADD = ovn/lib/libovn.la lib/ libopenvswitch.la vtep/libvtep.la man_MANS += ovn/controller-vtep/ovn-controller-vtep.8 EXTRA_DIST += ovn/controller-vtep/ovn-controller-vtep.8.xml diff --git a/ovn/controller-vtep/binding.c b/ovn/controller-vtep/binding.c index 652852d..d65f43c 100644 --- a/ovn/controller-vtep/binding.c +++ b/ovn/controller-vtep/binding.c @@ -226,7 +226,8 @@ binding_run(struct controller_vtep_ctx *ctx) } /* Removes all port binding association with vtep gateway chassis. - * Returns true when all done. */ + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'), + * otherwise returns false. */ bool binding_cleanup(struct controller_vtep_ctx *ctx) { diff --git a/ovn/controller-vtep/gateway.c b/ovn/controller-vtep/gateway.c index 025aff8..963d419 100644 --- a/ovn/controller-vtep/gateway.c +++ b/ovn/controller-vtep/gateway.c @@ -189,7 +189,8 @@ gateway_run(struct controller_vtep_ctx *ctx) } /* Destroys the chassis table entries for vtep physical switches. - * Returns true when all done. */ + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'), + * otherwise returns false. */ bool gateway_cleanup(struct controller_vtep_ctx *ctx) { diff --git a/ovn/controller-vtep/ovn-controller-vtep.c b/ovn/controller-vtep/ovn-controller-vtep.c index 7e98f69..429ac23 100644 --- a/ovn/controller-vtep/ovn-controller-vtep.c +++ b/ovn/controller-vtep/ovn-controller-vtep.c @@ -39,6 +39,7 @@ #include binding.h #include gateway.h +#include vtep.h #include ovn-controller-vtep.h static unixctl_cb_func ovn_controller_vtep_exit; @@ -99,6 +100,7 @@ main(int argc, char *argv[]) gateway_run(ctx); binding_run(ctx); +vtep_run(ctx); unixctl_server_run(unixctl); unixctl_server_wait(unixctl); @@ -127,6 +129,7 @@ main(int argc, char *argv[]) * We're done if all of them return true. */ done = binding_cleanup(ctx); done = gateway_cleanup(ctx) done; +done = vtep_cleanup(ctx) done; if (done) { poll_immediate_wake(); } diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c new file mode 100644 index 000..9870296 --- /dev/null +++ b/ovn/controller-vtep/vtep.c @@ -0,0 +1,149 @@ +/* Copyright (c) 2015 Nicira, Inc. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing
Re: [ovs-dev] [ovn-controller-vtep V7 2/3] ovn-controller-vtep: Extend vtep module to install Ucast_Macs_Remote.
Looks good to me except for the one thing I noticed that was introduced in the last patch. On 08/18/2015 05:58 PM, Alex Wang wrote: This commit extends the vtep module to support creating the 'Ucast_Macs_Remote' table entries in the vtep database for MAC addresses on the ovn logical ports. Signed-off-by: Alex Wang al...@nicira.com --- V6-V7: - rebase. - adopt suggestions from Russell. V5-V6: - rebase. V4-V5: - rebase on top of master. - rewrite the feature since a lot have changed. V3-V4: - add logic to remove Ucast_Macs_Remote for non-existent MACs. V2-V3: - rebase to master. PATCH-V2: - split into separate commit. - few optimizations. --- ovn/controller-vtep/vtep.c | 303 ++ tests/ovn-controller-vtep.at | 136 +++ 2 files changed, 411 insertions(+), 28 deletions(-) diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c index 9870296..8f9572c 100644 --- a/ovn/controller-vtep/vtep.c +++ b/ovn/controller-vtep/vtep.c @@ -19,7 +19,8 @@ #include lib/hash.h #include lib/hmap.h -#include lib/smap.h +#include lib/shash.h +#include lib/sset.h #include lib/util.h #include ovn-controller-vtep.h #include openvswitch/vlog.h @@ -29,39 +30,75 @@ VLOG_DEFINE_THIS_MODULE(vtep); /* - * Scans through the Binding table in ovnsb and updates the vtep logical - * switch tunnel keys. + * Scans through the Binding table in ovnsb, and updates the vtep logical + * switch tunnel keys and the 'Ucast_Macs_Remote' table in the VTEP + * database. * */ +/* Searches the 'chassis_rec-encaps' for the first vtep tunnel + * configuration, returns the 'ip'. */ +static const char * +get_chassis_vtep_ip(const struct sbrec_chassis *chassis_rec) +{ +if (chassis_rec) { +size_t i; + +for (i = 0; i chassis_rec-n_encaps; i++) { +if (!strcmp(chassis_rec-encaps[i]-type, vxlan)) { +return chassis_rec-encaps[i]-ip; +} +} +} + +return NULL; +} + +/* Creates a new 'Ucast_Macs_Remote'. */ +static struct vteprec_ucast_macs_remote * +create_umr(struct ovsdb_idl_txn *vtep_idl_txn, const char *mac, + const struct vteprec_logical_switch *vtep_ls) +{ +struct vteprec_ucast_macs_remote *new_umr; + +new_umr = vteprec_ucast_macs_remote_insert(vtep_idl_txn); +vteprec_ucast_macs_remote_set_MAC(new_umr, mac); +vteprec_ucast_macs_remote_set_logical_switch(new_umr, vtep_ls); + +return new_umr; +} + +/* Creates a new 'Physical_Locator'. */ +static struct vteprec_physical_locator * +create_pl(struct ovsdb_idl_txn *vtep_idl_txn, const char *chassis_ip) +{ +struct vteprec_physical_locator *new_pl; + +new_pl = vteprec_physical_locator_insert(vtep_idl_txn); +vteprec_physical_locator_set_dst_ip(new_pl, chassis_ip); +vteprec_physical_locator_set_encapsulation_type(new_pl, VTEP_ENCAP_TYPE); + +return new_pl; +} + + /* Updates the vtep Logical_Switch table entries' tunnel keys based * on the port bindings. */ static void -vtep_lswitch_run(struct controller_vtep_ctx *ctx) +vtep_lswitch_run(struct shash *vtep_pbs, struct shash *vtep_lswitches) { -struct shash vtep_lswitches = SHASH_INITIALIZER(vtep_lswitches); -const struct sbrec_port_binding *port_binding_rec; -const struct vteprec_logical_switch *vtep_ls; - -/* Stores all logical switches to 'vtep_lswitches' with name as key. */ -VTEPREC_LOGICAL_SWITCH_FOR_EACH (vtep_ls, ctx-vtep_idl) { -shash_add(vtep_lswitches, vtep_ls-name, vtep_ls); -} +struct sset used_ls = SSET_INITIALIZER(used_ls); +struct shash_node *node; -ovsdb_idl_txn_add_comment(ctx-vtep_idl_txn, - ovn-controller-vtep: update logical switch - tunnel keys); /* Collects the logical switch bindings from port binding entries. * Since the binding module has already guaranteed that each vtep * logical switch is bound only to one ovn-sb logical datapath, * we can just iterate and assign tunnel key to vtep logical switch. */ -SBREC_PORT_BINDING_FOR_EACH(port_binding_rec, ctx-ovnsb_idl) { -if (strcmp(port_binding_rec-type, vtep) -|| !port_binding_rec-chassis) { -continue; -} +SHASH_FOR_EACH (node, vtep_pbs) { +const struct sbrec_port_binding *port_binding_rec = node-data; const char *lswitch_name = smap_get(port_binding_rec-options, vtep-logical-switch); +const struct vteprec_logical_switch *vtep_ls; I went back and mentioned this on the last patch, but I think we're missing some validation here to ensure that the vtep port binding we're looking at is bound to this chassis and not another one that happens to have a logical switch of the same name. /* If
[ovs-dev] (无主题)
发自网易邮箱大师 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev