Re: [ovs-dev] [patch v2] openvswitch: using a bit shift as a mask

I just sent the patch to netfilter-devel and kernel-janitors with you as Reported-by. Jarno > On Mar 19, 2016, at 5:09 AM, Dan Carpenter wrote: > > It doesn't make sense to apply my patch. Can you please send your patch > but give me a Reported-by: tag? > >

[ovs-dev] [PATCH] openvswitch: Fix checking for new expected connections.

instead, as it is only ever applicable to the 'new' packets of the expected connection. Fixes: 05752523e565 ('openvswitch: Interface with NAT.') Reported-by: Dan Carpenter <dan.carpen...@oracle.com> Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack.c | 5 +

Re: [ovs-dev] Deletion of Indirect Groups on Ovs2.5

> On Mar 20, 2016, at 5:21 PM, Simon Horman <simon.hor...@netronome.com> wrote: > > On Fri, Mar 18, 2016 at 09:45:08AM -0700, Jarno Rajahalme wrote: >> OpenFlow 1.5 spec says: “The group type need not be specified for the delete >> request.” > > Thanks Jarno.

Re: [ovs-dev] Deletion of Indirect Groups on Ovs2.5

OpenFlow 1.5 spec says: “The group type need not be specified for the delete request.” Jarno > On Mar 17, 2016, at 7:40 PM, Simon Horman wrote: > > On Wed, Mar 16, 2016 at 05:48:23PM +, Shuva Jyoti Kar wrote: >> Hello, >> >> I am trying deletion of an

Re: [ovs-dev] [patch] openvswitch: using a bit shift as a mask

> On Mar 17, 2016, at 3:41 AM, Dan Carpenter wrote: > > The original condition is never true. We want to test if BIT(0) is set > but the code is ANDing with zero. > > Fixes: 05752523e565 ('openvswitch: Interface with NAT.') > Signed-off-by: Dan Carpenter

Re: [ovs-dev] [patch v2] openvswitch: using a bit shift as a mask

tch is correctly fixing a bug, the fix reveals another bug that breaks test cases. Maybe it would be better to send a new series with your fix as the first patch, and this one as the second patch? If so, here is my signed-off-by: Signed-off-by: Jarno Rajahalme <ja...@ovn.org <mailto:j

Re: [ovs-dev] Implementation of Packet-Out in Bundles

I think I’ll worry about that when I get to adding group and meter support. Jarno > On Mar 14, 2016, at 8:47 PM, Ben Pfaff wrote: > > Jarno, what do you think? > > On Mon, Mar 14, 2016 at 11:16:27PM +, André Mantas wrote: >> Ok. And what about Packet_Out validation

Re: [ovs-dev] [RFC 1/8] system-traffic: Load balancing.

> On Mar 14, 2016, at 10:42 AM, Ben Pfaff <b...@ovn.org> wrote: > > On Sun, Feb 28, 2016 at 10:33:17PM -0800, Gurucharan Shetty wrote: >> From: Jarno Rajahalme <jrajaha...@nicira.com> >> >> Signed-off-by: Jarno Rajahalme <ja...@ovn.org> > >

Re: [ovs-dev] [PATCH nf-next v10 7/8] openvswitch: Delay conntrack helper call for new connections.

Thanks for the reviews, Joe! Now we have acks for the patches 3-8, but not for 1 and 2 that touch netfilter proper. Who could review those? Jarno > On Mar 10, 2016, at 2:01 PM, Joe Stringer <j...@ovn.org> wrote: > > On 11 March 2016 at 07:54, Jarno Rajahalme <ja

[ovs-dev] [PATCH nf-next v10 8/8] openvswitch: Interface with NAT.

/nat. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> Acked-by: Thomas Graf <tg...@suug.ch> --- include/uapi/linux/openvswitch.h | 49 net/openvswitch/Kconfig | 3 +- net/openvswitch/conntrack.c | 524 +-- net/openvswitch

[ovs-dev] [PATCH nf-next v10 7/8] openvswitch: Delay conntrack helper call for new connections.

There is no need to help connections that are not confirmed, so we can delay helping new connections to the time when they are confirmed. This change is needed for NAT support, and having this as a separate patch will make the following NAT patch a bit easier to review. Signed-off-by: Jarno

Re: [ovs-dev] [PATCH nf-next v9 8/8] openvswitch: Interface with NAT.

Thanks for the reviews Joe! Comments below. > On Mar 9, 2016, at 7:47 PM, Joe Stringer <j...@ovn.org> wrote: > > Hi Jarno, > > Thanks for working on this. Mostly just a few style things around #ifdefs > below. > > On 9 March 2016 at 15:10, Jarno Rajahalme <ja

[ovs-dev] [PATCH nf-next v10 6/8] openvswitch: Handle NF_REPEAT in conntrack action.

Repeat the nf_conntrack_in() call when it returns NF_REPEAT. This avoids dropping a SYN packet re-opening an existing TCP connection. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> Acked-by: Joe Stringer <j...@ovn.org> --- net/openvswitch/conntrack.c | 10 -- 1 fil

[ovs-dev] [PATCH nf-next v10 3/8] openvswitch: Add commentary to conntrack.c

This makes the code easier to understand and the following patches more focused. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack.c | 21 - 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/net/openvswitch/conntrack.c b/net/openv

[ovs-dev] [PATCH nf-next v10 4/8] openvswitch: Update the CT state key only after nf_conntrack_in().

Only a successful nf_conntrack_in() call can effect a connection state change, so it suffices to update the key only after the nf_conntrack_in() returns. This change is needed for the later NAT patches. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> Acked-by: Joe Stringer <j...@ovn.org&

[ovs-dev] [PATCH nf-next v10 5/8] openvswitch: Find existing conntrack entry after upcall.

hrough NAT using the original ct reference also after the reference is lost after an upcall. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> Acked-by: Joe Stringer <j...@ovn.org> --- net/openvswitch/conntrack.c | 103 ++-- 1 file changed, 90 inser

[ovs-dev] [PATCH nf-next v10 2/8] netfilter: Allow calling into nat helper without skb_dst.

elar <pshe...@nicira.com> Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 30 -- net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 30 -- 2 files changed, 16 insertions(+), 44 deletions(-)

[ovs-dev] [PATCH nf-next v10 0/8] openvswitch: NAT support

, and the rules therein are translated to kernel flow entries on-demand by ovs-vswitchd. Jarno Rajahalme (8): netfilter: Remove IP_CT_NEW_REPLY definition. netfilter: Allow calling into nat helper without skb_dst. openvswitch: Add commentary to conntrack.c openvswitch: Update the CT state key only

[ovs-dev] [PATCH nf-next v10 1/8] netfilter: Remove IP_CT_NEW_REPLY definition.

Remove the definition of IP_CT_NEW_REPLY from the kernel as it does not make sense. This allows the definition of IP_CT_NUMBER to be simplified as well. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- include/uapi/linux/netfilter/nf_conntrack_common.h | 12 +--- net/openv

Re: [ovs-dev] [PATCH nf-next v9 8/8] openvswitch: Interface with NAT.

> On Mar 10, 2016, at 4:00 AM, Thomas Graf <tg...@suug.ch> wrote: > > On 03/09/16 at 07:47pm, Joe Stringer wrote: >> On 9 March 2016 at 15:10, Jarno Rajahalme <ja...@ovn.org> wrote: >>> Extend OVS conntrack interface to cover NAT. New nested >>> OVS

Re: [ovs-dev] [PATCH nf-next v8 1/8] netfilter: Remove IP_CT_NEW_REPLY definition.

Thanks for pointing this out, v10, which hope is the final version, will have the cover letter back. Jarno > On Mar 10, 2016, at 1:16 AM, Or Gerlitz <gerlitz...@gmail.com> wrote: > > On Wed, Mar 9, 2016 at 2:24 AM, Jarno Rajahalme <ja...@ovn.org> wrote: >

Re: [ovs-dev] [PATCH nf-next v8 3/8] openvswitch: Add commentary to conntrack.c

3/9/2016 3:24 AM, Jarno Rajahalme wrote: > >> This makes the code easier to understand and the following patches >> more focused. >> >> Signed-off-by: Jarno Rajahalme <ja...@ovn.org> >> --- >> net/openvswitch/conntrack.c | 21 - >&g

[ovs-dev] [PATCH nf-next v9 6/8] openvswitch: Handle NF_REPEAT in conntrack action.

Repeat the nf_conntrack_in() call when it returns NF_REPEAT. This avoids dropping a SYN packet re-opening an existing TCP connection. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> Acked-by: Joe Stringer <j...@ovn.org> --- net/openvswitch/conntrack.c | 10 -- 1 fil

Re: [ovs-dev] [PATCH nf-next v8 8/8] openvswitch: Interface with NAT.

Just sent a v9 addressing these dependency issues. Jarno > On Mar 9, 2016, at 12:04 AM, kbuild test robot <l...@intel.com> wrote: > > Hi Jarno, > > [auto build test ERROR on nf-next/master] > > url: > https://github.com/0day-ci/linux/commits/Ja

[ovs-dev] [PATCH nf-next v9 8/8] openvswitch: Interface with NAT.

/nat. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- v9: Fixed module dependencies. include/uapi/linux/openvswitch.h | 49 net/openvswitch/Kconfig | 3 +- net/openvswitch/conntrack.c | 523 +-- net/openvswitch/conntrack.h

[ovs-dev] [PATCH nf-next v9 7/8] openvswitch: Delay conntrack helper call for new connections.

There is no need to help connections that are not confirmed, so we can delay helping new connections to the time when they are confirmed. This change is needed for NAT support, and having this as a separate patch will make the following NAT patch a bit easier to review. Signed-off-by: Jarno

[ovs-dev] [PATCH nf-next v9 1/8] netfilter: Remove IP_CT_NEW_REPLY definition.

Remove the definition of IP_CT_NEW_REPLY from the kernel as it does not make sense. This allows the definition of IP_CT_NUMBER to be simplified as well. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- include/uapi/linux/netfilter/nf_conntrack_common.h | 12 +--- net/openv

[ovs-dev] [PATCH nf-next v9 4/8] openvswitch: Update the CT state key only after nf_conntrack_in().

Only a successful nf_conntrack_in() call can effect a connection state change, so if suffices to update the key only after the nf_conntrack_in() returns. This change is needed for the later NAT patches. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack

[ovs-dev] [PATCH nf-next v9 5/8] openvswitch: Find existing conntrack entry after upcall.

hrough NAT using the original ct reference also after the reference is lost after an upcall. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack.c | 103 ++-- 1 file changed, 90 insertions(+), 13 deletions(-) diff --git a

[ovs-dev] [PATCH nf-next v9 3/8] openvswitch: Add commentary to conntrack.c

This makes the code easier to understand and the following patches more focused. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack.c | 21 - 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/net/openvswitch/conntrack.c b/net/openv

[ovs-dev] [PATCH nf-next v9 2/8] netfilter: Allow calling into nat helper without skb_dst.

elar <pshe...@nicira.com> Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 30 -- net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 30 -- 2 files changed, 16 insertions(+), 44 deletions(-)

Re: [ovs-dev] [PATCH nf-next v7 6/7] openvswitch: Delay conntrack helper call for new connections.

Thanks for the reviews, Joe! I just posted a v8 addressing your concerns, Jarno > On Feb 17, 2016, at 4:00 PM, Joe Stringer <j...@ovn.org> wrote: > > On 5 February 2016 at 17:41, Jarno Rajahalme <ja...@ovn.org > <mailto:ja...@ovn.org>> wrote: >>

[ovs-dev] [PATCH nf-next v8 8/8] openvswitch: Interface with NAT.

/nat. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- include/uapi/linux/openvswitch.h | 49 net/openvswitch/conntrack.c | 519 +-- net/openvswitch/conntrack.h | 3 +- 3 files changed, 545 insertions(+), 26 deletions(-) diff --git a/i

[ovs-dev] [PATCH nf-next v8 6/8] openvswitch: Handle NF_REPEAT in conntrack action.

Repeat the nf_conntrack_in() call when it returns NF_REPEAT. This avoids dropping a SYN packet re-opening an existing TCP connection. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> Acked-by: Joe Stringer <j...@ovn.org> --- net/openvswitch/conntrack.c | 10 -- 1 fil

[ovs-dev] [PATCH nf-next v8 3/8] openvswitch: Add commentary to conntrack.c

This makes the code easier to understand and the following patches more focused. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack.c | 21 - 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/net/openvswitch/conntrack.c b/net/openv

[ovs-dev] [PATCH nf-next v8 7/8] openvswitch: Delay conntrack helper call for new connections.

There is no need to help connections that are not confirmed, so we can delay helping new connections to the time when they are confirmed. This change is needed for NAT support, and having this as a separate patch will make the following NAT patch a bit easier to review. Signed-off-by: Jarno

[ovs-dev] [PATCH nf-next v8 4/8] openvswitch: Update the CT state key only after nf_conntrack_in().

Only a successful nf_conntrack_in() call can effect a connection state change, so if suffices to update the key only after the nf_conntrack_in() returns. This change is needed for the later NAT patches. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack

[ovs-dev] [PATCH nf-next v8 5/8] openvswitch: Find existing conntrack entry after upcall.

hrough NAT using the original ct reference also after the reference is lost after an upcall. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack.c | 103 ++-- 1 file changed, 90 insertions(+), 13 deletions(-) diff --git a

[ovs-dev] [PATCH nf-next v8 2/8] netfilter: Allow calling into nat helper without skb_dst.

elar <pshe...@nicira.com> Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 30 -- net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 30 -- 2 files changed, 16 insertions(+), 44 deletions(-)

[ovs-dev] [PATCH nf-next v8 1/8] netfilter: Remove IP_CT_NEW_REPLY definition.

Remove the definition of IP_CT_NEW_REPLY from the kernel as it does not make sense. This allows the definition of IP_CT_NUMBER to be simplified as well. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- include/uapi/linux/netfilter/nf_conntrack_common.h | 12 +--- net/openv

Re: [ovs-dev] [PATCH 2/2] ofpbuf: Fix setting of 'msg' in ofpbuf_clone_with_headroom()

lems) > > On 3 March 2016 at 15:12, Jarno Rajahalme <ja...@ovn.org> wrote: >> Commit 38876d31 fixed setting 'msg' when resizing an ofpbuf, but >> failed to fix the same issue in ofpbuf_clone_with_headroom(). Without >> this fix the newly cloned ofpbuf's 'm

Re: [ovs-dev] [PATCH] nx-match: Fix use-after-free.

It might be super slow, but how about running the test suite with valgrind and ofpbuf code changed so that each put reallocates the memory? That way we would not have to be lucky about the timing/placement of reallocations to find these bugs? Jarno > On Mar 4, 2016, at 5:35 PM, William Tu

Re: [ovs-dev] [PATCH 3/3] xlate: Always recirculate after an MPLS POP to a non-MPLS ethertype.

Maybe going back to the design where we have a separate function analyzing the current action in case of “deferred recirculation” (== unmatchable struct flow) would be the best compromise. I recall I did not like that earlier, but it might be best option if recirculation between MPLS_POP and

[ovs-dev] [PATCH] ofp: Add support for bundles extension in OpenFlow 1.3.

ONF Extension 230 adds support for OpenFlow 1.4 bundles to OpenFlow 1.3. Supporting this allows OpenFlow 1.3 controllers to start using bundles. Also the ovs-ofctl '--bundle' option can now be used with OpenFlow 1.3. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> ---

[ovs-dev] [PATCH] odp-util: Use FLOW_MAX_MPLS_LABELS when parsing MPLS ODP keys.

Even though the number of supported MPLS labels may vary between a datapath and the OVS userspace, it is better to use the FLOW_MAX_MPLS_LABELS than a hard-coded '3' as the maximum number of labels to scan. Requested-by: Ben Pfaff <b...@ovn.org> Signed-off-by: Jarno Rajahalme <ja..

Re: [ovs-dev] [ovs-dev, 2/3] odp-util: Format and scan multiple MPLS labels.

> On Feb 23, 2016, at 5:01 PM, Ben Pfaff <b...@ovn.org> wrote: > > On Wed, Feb 17, 2016 at 11:45:29AM -0800, Jarno Rajahalme wrote: >> So far we have been limited to including only one MPLS label in the >> textual datapath flow format. Allow upto 3 labels to be

Re: [ovs-dev] [PATCH 3/3] xlate: Always recirculate after an MPLS POP to a non-MPLS ethertype.

Thanks for the reviews, series pushed to master. Jarno > On Feb 23, 2016, at 8:21 PM, Ben Pfaff <b...@ovn.org> wrote: > > On Wed, Feb 17, 2016 at 11:45:30AM -0800, Jarno Rajahalme wrote: >> So far we have tried to optimize MPLS POP action not to recirculate >> unl

Re: [ovs-dev] [PATCH] ofp: Add support for bundles extension in OpenFlow 1.3.

This needs a rebase, please defer reviews until v2. Jarno > On Feb 18, 2016, at 10:48 AM, Jarno Rajahalme <ja...@ovn.org> wrote: > > ONF Extension 230 adds support for OpenFlow 1.4 bundles to OpenFlow > 1.3. Supporting this allows OpenFlow 1.3 controllers to sta

Re: [ovs-dev] [PATCH 1/2] ofp-msgs: Add support for ONF extension messages.

I take that back, just now noticed your response to patch 2/2. Jarno > On Feb 24, 2016, at 2:44 PM, Jarno Rajahalme <ja...@ovn.org> wrote: > > Ping. > >> On Feb 18, 2016, at 10:46 AM, Jarno Rajahalme <ja...@ovn.org> wrote: >> >> I was able to imple

Re: [ovs-dev] [PATCH 1/2] ofp-msgs: Add support for ONF extension messages.

Ping. > On Feb 18, 2016, at 10:46 AM, Jarno Rajahalme <ja...@ovn.org> wrote: > > I was able to implement the Extension 230 on top of these, so looking good :-) > > Acked-by: Jarno Rajahalme <ja...@ovn.org> > >> On Jan 27, 2016, at 3:50 PM, Ben Pfaff <b..

Re: [ovs-dev] [PATCH] ovs-ofctl.8: Clarify conntrack documentation.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 23, 2016, at 1:26 PM, Joe Stringer <j...@ovn.org> wrote: > > Signed-off-by: Joe Stringer <j...@ovn.org> > --- > utilities/ovs-ofctl.8.in | 41 - > 1 file changed, 24 inse

Re: [ovs-dev] [PATCH v9 2/7] flow: add miniflow_pad_from_64

Sorry for the delay, Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Jan 19, 2016, at 10:15 PM, Simon Horman <simon.hor...@netronome.com> wrote: > > Provide leading padding to allow pushing a value to a miniflow where > the value is not aligned to 64 bytes and no value h

Re: [ovs-dev] [PATCH v9 1/7] flow: add miniflow_push_uint8

Sorry for the delay, Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Jan 19, 2016, at 10:15 PM, Simon Horman <simon.hor...@netronome.com> wrote: > > The motivation is to allow pushing single bytes in > a manner to that already used for 16, 32 and 64 bit integers

Re: [ovs-dev] [PATCH v4 06/14] ofp-prop: Add support for putting and parsing nested properties.

> On Feb 19, 2016, at 3:56 PM, Ben Pfaff <b...@ovn.org> wrote: > > On Fri, Feb 19, 2016 at 02:47:59PM -0800, Jarno Rajahalme wrote: >> With one comment below: >> >> Acked-by: Jarno Rajahalme <ja...@ovn.org> > > Thanks for the review. > >>&

Re: [ovs-dev] [PATCH v4 09/14] ofp-actions: Introduce macro for padding struct members.

I’ve reviewed the series unto this point. Maybe someone else will review the OVN patches. I did note, however, that the last patch does not help the test failure: Before the last patch: # put_arp

Re: [ovs-dev] [PATCH v4 08/14] pinctrl: Fix header guard.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 19, 2016, at 12:34 AM, Ben Pfaff <b...@ovn.org> wrote: > > Signed-off-by: Ben Pfaff <b...@ovn.org> > --- > ovn/controller/pinctrl.h | 7 +++ > 1 file changed, 3 insertions(+), 4 deletions(-) > > d

Re: [ovs-dev] [PATCH v4 07/14] Implement serializing the state of packet traversal in "continuations".

With small comments below: Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 19, 2016, at 12:34 AM, Ben Pfaff <b...@ovn.org> wrote: > > One purpose of OpenFlow packet-in messages is to allow a controller to > interpose on the path of a packet through the flow ta

Re: [ovs-dev] [PATCH v4 06/14] ofp-prop: Add support for putting and parsing nested properties.

With one comment below: Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 19, 2016, at 12:34 AM, Ben Pfaff <b...@ovn.org> wrote: > > It hadn't occurred to me before that any special support was actually > necessary or useful for nested properties, but the functions int

Re: [ovs-dev] [PATCH v4 05/14] Support userdata in NXT_PACKET_IN2.

With the comments below: Acked-by: Jarno Rajahalme <ja...@ovn.org> (snip) > +/* Properties for NXAST_CONTROLLER2. */ > +enum nx_action_controller2_prop_type { > +NXAC2PT_MAX_LEN,/* ovs_be16 max length to send controller. */ > +NXAC2PT_CONTROLLER_ID

Re: [ovs-dev] [PATCH v4 04/14] ofp-util: Rename struct ofputil_packet_in member 'len' to 'packet_len'.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 19, 2016, at 12:34 AM, Ben Pfaff <b...@ovn.org> wrote: > > An upcoming commit will introduce another member that has a length, and > it seems weird that bare 'len' would be one or the other. > > Signed-o

Re: [ovs-dev] [PATCH v4 03/14] Implement new packet-in format NXT_PACKET_IN2.

With the notes below: Acked-by: Jarno Rajahalme <ja...@ovn.org> (snip) > diff --git a/include/openflow/nicira-ext.h b/include/openflow/nicira-ext.h > index dad8707..bcc8758 100644 > --- a/include/openflow/nicira-ext.h > +++ b/include/openflow/nicira-ext.h > @@ -1,5 +1,5 @@

Re: [ovs-dev] [PATCH v4 02/14] ofp-util: Remove 'const' from struct ofputil_packet_in's 'packet' member.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 19, 2016, at 12:34 AM, Ben Pfaff <b...@ovn.org> wrote: > > It's not const in all cases so it doesn't entirely make sense to mark > it const here. > > Signed-off-by: Ben Pfaff <b...@ovn.org> > --- >

Re: [ovs-dev] [PATCH v4 01/14] ofpbuf: New function ofpbuf_const_initializer().

With a note and a question below: Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 19, 2016, at 12:34 AM, Ben Pfaff <b...@ovn.org> wrote: > > A number of times I've looked at code and thought that it would be easier > to understand if I could write an initializer inste

[ovs-dev] [PATCH] ofp: Add support for bundles extension in OpenFlow 1.3.

ONF Extension 230 adds support for OpenFlow 1.4 bundles to OpenFlow 1.3. Supporting this allows OpenFlow 1.3 controllers to start using bundles. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- NEWS | 5 + lib/ofp-errors.h | 38 ++-- lib/ofp-msgs.h

Re: [ovs-dev] [PATCH 2/2] ofp-msgs: Move most OpenFlow header definitions here.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Jan 27, 2016, at 3:50 PM, Ben Pfaff <b...@ovn.org> wrote: > > This code was the only user for OpenFlow header definitions other than > struct ofp_header itself. > > Signed-off-by: Ben Pfaff <b...@ovn.org> &

Re: [ovs-dev] [PATCH 1/2] ofp-msgs: Add support for ONF extension messages.

I was able to implement the Extension 230 on top of these, so looking good :-) Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Jan 27, 2016, at 3:50 PM, Ben Pfaff <b...@ovn.org> wrote: > > ONF introduced a number of "standard extensions" that use its own > vend

[ovs-dev] [PATCH 1/3] tests: Fix MPLS tests.

recirculation state. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- tests/dpif-netdev.at | 9 + tests/mpls-xlate.at | 8 tests/ofproto-dpif.at | 10 +- 3 files changed, 18 insertions(+), 9 deletions(-) diff --git a/tests/dpif-netdev.at b/tests/dpif-netdev.at

[ovs-dev] [PATCH 3/3] xlate: Always recirculate after an MPLS POP to a non-MPLS ethertype.

<b...@ovn.org> Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- ofproto/ofproto-dpif-xlate.c | 99 tests/mpls-xlate.at | 14 +++ tests/ofproto-dpif.at| 3 +- 3 files changed, 17 insertions(+), 99 deletions(-)

[ovs-dev] [PATCH 2/3] odp-util: Format and scan multiple MPLS labels.

So far we have been limited to including only one MPLS label in the textual datapath flow format. Allow upto 3 labels to be included so that testing with multiple labels becomes easier. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- lib/odp-util.c

Re: [ovs-dev] Implementation of Packet-Out in Bundles

> On Feb 17, 2016, at 2:39 AM, André Mantas wrote: > > Hi. I'm currently adding support for packet-out messages in bundles. > > I started to look at *handle_packet_out*, *handle_bundle_add *and > *do_bundle_commit > *functions to understand how things work. Here is what

Re: [ovs-dev] [PATCH v4] ofpbuf: Make ofpbuf_put_hex() accept period between hex bytes also.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 10, 2016, at 3:56 PM, Ben Pfaff <b...@ovn.org> wrote: > > This makes it accept the same syntax as parse_NOTE(), so that that function > can be simplified. In an upcoming commit a second action will also be > able to

Re: [ovs-dev] [PATCH v3 7/7] Implement "closures".

With the (few) comments below: Acked-by: Jarno Rajahalme <ja...@ovn.org> (snip) > + * In the current implementation, Open vSwitch forks the packet processing > + * pipeline across patch ports. Suppose, for example, that the pipeline for > + * br0 outputs to a patch port who

Re: [ovs-dev] [PATCH branch-2.3 2/2] ofproto: Allow in-place modifications of datapath flows.

Joe, I just noticed I never sent this out. Sorry, and thanks for the review! Jarno > On Feb 3, 2016, at 2:19 PM, Joe Stringer <j...@ovn.org> wrote: > > On 3 February 2016 at 12:33, Jarno Rajahalme <ja...@ovn.org> wrote: >> From: Ethan Jackson <et...@nicira.com

Re: [ovs-dev] [PATCH] netdev: Free packets in netdev_send() for devices that don't support send.

IMO we should figure out a name for the “may_steal” that carries the intended semantics a little bit better. Plain “steal” instead of “may_steal” would be better, but maybe not the best choice. Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 8, 2016, at 10:43 PM, Ben Pfaff <

Re: [ovs-dev] [PATCH v3 3/7] ofproto-dpif-xlate: Improve recirc_unroll_actions() interface.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 9, 2016, at 10:10 PM, Ben Pfaff <b...@ovn.org> wrote: > > This interface is still straightforward and easier for the client. > > Signed-off-by: Ben Pfaff <b...@ovn.org> > --- > ofproto/ofproto-dpif-xlat

Re: [ovs-dev] [PATCH v3 4/7] ofproto-dpif-xlate: New helper function ctx_cancel_recirculation().

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 9, 2016, at 10:10 PM, Ben Pfaff <b...@ovn.org> wrote: > > Signed-off-by: Ben Pfaff <b...@ovn.org> > --- > ofproto/ofproto-dpif-xlate.c | 26 +- > 1 file changed, 13 insertions(+), 13 de

Re: [ovs-dev] [PATCH v3 5/7] ofproto-dpif-xlate: Break recirculation actions out from action_set.

With one question below: Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 9, 2016, at 10:10 PM, Ben Pfaff <b...@ovn.org> wrote: > > In my opinion, this is less confusing in multiple ways. I now understand > the code better myself. > > Signed-off-by: Ben Pfaff

Re: [ovs-dev] [PATCH v3 0/7] another try at closures

I don’t have the patch 6/7 in my email, but here is the Ack for it: Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 9, 2016, at 10:10 PM, Ben Pfaff <b...@ovn.org> wrote: > > This is the third revision of my "closures" patch. > > The first version was: &

Re: [ovs-dev] [PATCH v3 0/7] another try at closures

For some reason I can’t find some to the patches in my inbox (nor in Junk mail). I applied the patches from patchwork, so this seems to be a problem with my mail. Anyway, this is an Ack for the 1st patch: Acked-by: Jarno Rajahalme <ja...@ovn.org> The second patch fails two test

Re: [ovs-dev] [PATCH 2/3] ofproto-dpif-xlate: Don't consider mirrors used when excluded by VLAN.

> On Feb 5, 2016, at 7:27 PM, Ben Pfaff <b...@ovn.org> wrote: > > On Fri, Feb 05, 2016 at 04:41:29PM -0800, Jarno Rajahalme wrote: >> >>> On Feb 5, 2016, at 3:30 PM, Ben Pfaff <b...@ovn.org> wrote: >>> >>> Mirroring is supposed to happen

Re: [ovs-dev] [PATCH 2/3] ofproto-dpif-xlate: Don't consider mirrors used when excluded by VLAN.

> On Feb 5, 2016, at 3:30 PM, Ben Pfaff wrote: > > Mirroring is supposed to happen at most once for any destination on a given > packet, so the implementation keeps track of which mirrors have already > been used. However, until this commit it did that incorrectly: it >

Re: [ovs-dev] [PATCH 3/3] tests: Add mirror-related keywords to all the mirroring tests.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 5, 2016, at 3:30 PM, Ben Pfaff <b...@ovn.org> wrote: > > Autotest isn't too smart, so if you try to use "mirroring" as a keyword > before this commit it doesn't select most of the tests due to the comma in

[ovs-dev] [PATCH nf-next v7 7/7] openvswitch: Interface with NAT.

/nat. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- include/uapi/linux/openvswitch.h | 47 net/openvswitch/conntrack.c | 516 +-- net/openvswitch/conntrack.h | 3 +- 3 files changed, 541 insertions(+), 25 deletions(-) diff --git a/i

[ovs-dev] [PATCH nf-next v7 6/7] openvswitch: Delay conntrack helper call for new connections.

There is no need to help connections that are not confirmed, so we can delay helping new connections to the time when they are confirmed. This change is needed for NAT support, and having this as a separate patch will make the following NAT patch a bit easier to review. Signed-off-by: Jarno

[ovs-dev] [PATCH nf-next v7 0/7] openvswitch: NAT support.

is properly set by the conntrack action. A full test case requires rules for ARP handling not shown here. The flow table above is an OpenFlow table, and the rules therein are translated to kernel flow entries on-demand by ovs-vswitchd. Jarno Rajahalme (7): netfilter: Remove IP_CT_NEW_REPLY

[ovs-dev] [PATCH nf-next v7 1/7] netfilter: Remove IP_CT_NEW_REPLY definition.

Remove the definition of IP_CT_NEW_REPLY from the kernel as it does not make sense. This allows the definition of IP_CT_NUMBER to be simplified as well. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- include/uapi/linux/netfilter/nf_conntrack_common.h | 12 +--- net/openv

[ovs-dev] [PATCH nf-next v7 4/7] openvswitch: Find existing conntrack entry after upcall.

hrough NAT using the original ct reference also after the reference is lost after an upcall. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack.c | 111 ++-- 1 file changed, 98 insertions(+), 13 deletions(-) diff --git a

[ovs-dev] [PATCH nf-next v7 3/7] openvswitch: Update the CT state key only after nf_conntrack_in().

Only a successful nf_conntrack_in() call can effect a connection state change, so if suffices to update the key only after the nf_conntrack_in() returns. This change is needed for the later NAT patches. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack

[ovs-dev] [PATCH nf-next v7 5/7] openvswitch: Handle NF_REPEAT in conntrack action.

Repeat the nf_conntrack_in() call when it returns NF_REPEAT. This avoids dropping a SYN packet re-opening an existing TCP connection. Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/openvswitch/conntrack.c | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git

[ovs-dev] [PATCH nf-next v7 2/7] netfilter: Allow calling into nat helper without skb_dst.

elar <pshe...@nicira.com> Signed-off-by: Jarno Rajahalme <ja...@ovn.org> --- net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 30 -- net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 30 -- 2 files changed, 16 insertions(+), 44 deletions(-)

Re: [ovs-dev] [PATCH branch-2.3 v2 4/5] ofproto: Allow in-place modifications of datapath flows.

Thanks for the reviews, series pushed to branch-2.3. Jarno > On Feb 5, 2016, at 5:44 PM, Joe Stringer <j...@ovn.org> wrote: > > On 4 February 2016 at 16:10, Jarno Rajahalme <ja...@ovn.org > <mailto:ja...@ovn.org>> wrote: >> From: Ethan Jackson <et...@n

Re: [ovs-dev] [PATCH 1/3] ofproto-macros: Fix definition of add_of_ports.

> On Feb 5, 2016, at 4:06 PM, Ben Pfaff <b...@ovn.org> wrote: > > On Fri, Feb 05, 2016 at 03:49:24PM -0800, Jarno Rajahalme wrote: >> Sorry for not spotting this on review, I must have assumed that if the >> tests pass it must be correct! > > It's funny, I re

Re: [ovs-dev] [PATCH] ovs-benchmark: Remove.

Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 5, 2016, at 4:02 PM, Ben Pfaff <b...@ovn.org> wrote: > > This utility was completely broken and no one noticed for the time of a > full release, so I think that's a safe sign that we should remove it. > > Signed-o

Re: [ovs-dev] [PATCH 1/3] ofproto-macros: Fix definition of add_of_ports.

Sorry for not spotting this on review, I must have assumed that if the tests pass it must be correct! A reference to the commit this fixes would be nice. Acked-by: Jarno Rajahalme <ja...@ovn.org> > On Feb 5, 2016, at 3:30 PM, Ben Pfaff <b...@ovn.org> wrote: > > This d

Re: [ovs-dev] Wildcard Matching optimization idea

> On Feb 4, 2016, at 6:08 AM, Fischetti, Antonio > wrote: > > Hi William, > Thanks for your interest on this idea. > I'm currently working to provide a patch, once it is ready I'll be glad to > share. > > In order to compare the throughput between the classifier

Re: [ovs-dev] [PATCH branch-2.3 2/2] ofproto: Allow in-place modifications of datapath flows.

> On Feb 4, 2016, at 3:00 PM, Ben Pfaff <b...@ovn.org> wrote: > > On Wed, Feb 03, 2016 at 12:33:01PM -0800, Jarno Rajahalme wrote: >> From: Ethan Jackson <et...@nicira.com> >> >> There are certain use cases (such as bond rebalancing) where a >> d

Re: [ovs-dev] [PATCH branch-2.3 2/2] ofproto: Allow in-place modifications of datapath flows.

> On Feb 4, 2016, at 3:22 PM, Ben Pfaff <b...@ovn.org> wrote: > > On Thu, Feb 04, 2016 at 03:08:48PM -0800, Jarno Rajahalme wrote: >> >>> On Feb 4, 2016, at 3:00 PM, Ben Pfaff <b...@ovn.org> wrote: >>> >>> On Wed, Feb 03, 2016 at 12:

Re: [ovs-dev] [PATCH branch-2.3 2/2] ofproto: Allow in-place modifications of datapath flows.

Just sent out the v2, Jarno > On Feb 4, 2016, at 3:25 PM, Jarno Rajahalme <ja...@ovn.org> wrote: > > >> On Feb 4, 2016, at 3:22 PM, Ben Pfaff <b...@ovn.org> wrote: >> >> On Thu, Feb 04, 2016 at 03:08:48PM -0800, Jarno Rajahalme wrote: >>>

[ovs-dev] [PATCH branch-2.3 v2 5/5] ofproto-dpif-upcall: Do not attribute stats when flow_del returns error.

erflow). Even though this should rarely happen, it is still good to make push_ukey_ops__() just ignore the operation when it fails. This is a backport of commit e83c935 to branch-2.3. Signed-off-by: Alex Wang <ee07b...@gmail.com> Acked-by: Daniele Di Proietto <diproiet...@vmware.com> Si

[ovs-dev] [PATCH branch-2.3 v2 3/5] ofproto-dpif-xlate: Make xlate_actions() caller supply action buffer.

; Signed-off-by: Jarno Rajahalme <ja...@ovn.org> Acked-by: Ben Pfaff <b...@ovn.org> --- ofproto/ofproto-dpif-upcall.c | 47 +++- ofproto/ofproto-dpif-xlate.c | 101 +++--- ofproto/ofproto-dpif-xlate.h | 11 ++--- ofproto/ofp

<    3   4   5   6   7   8   9   10   11   12   >