This patch adds ODP actions for SRv6 and its tests.
Signed-off-by: Nobuhiro MIKI
---
lib/odp-util.c| 70 +++
python/ovs/flow/odp.py| 8
python/ovs/tests/test_odp.py | 16
tests/odp.at | 12 +-
tests/tunn
SRv6 (Segment Routing IPv6) tunnel vport is responsible
for encapsulation and decapsulation the inner packets with
IPv6 header and an extended header called SRH
(Segment Routing Header). See spec in:
https://datatracker.ietf.org/doc/html/rfc8754
This patch implements SRv6 tunneling in userspace d
Checks whether IPPROTO_ROUTING exists in the IPv6 extension headers.
If it exists, the first address is retrieved.
If NULL is specified for "frag_hdr" and/or "rt_hdr", those addresses in
the header are not reported to the caller. Of course, "frag_hdr" and
"rt_hdr" are properly parsed inside this f
v11:
* Fix comments.
* Clean up conditional statements.
("!rt_hdr || rt_hdr->type != IPV6_SRCRT_TYPE_4").
* Remove variables from function prototype.
* Define IPPROTO_IPIP for sparse.
v10:
* Clean up tnl_type_to_nw_proto().
* Support frag_hdr=NULL and/or rt_hdr=NULL in parse_ipv6_ext_hdrs().
* Cl
The new ADD_VETH_NS macro creates two netns and connects them
with a veth pair. We can use it for testing in a generic purpose.
e.g.
ADD_VETH_NS([ns1], [p1], [1.1.1.1/24], [ns2], [p2], [1.1.1.2/24])
Signed-off-by: Nobuhiro MIKI
---
tests/system-common-macros.at | 16
1 file cha
In some tunnels, inner packet needs to support both IPv4
and IPv6. Therefore, this patch improves to allow two
protocols to be tied together in one tunneling.
Signed-off-by: Nobuhiro MIKI
---
lib/tnl-ports.c | 80 +
1 file changed, 48 insertions(+)
On 2023/03/24 22:10, Ilya Maximets wrote:
> On 3/24/23 11:05, Nobuhiro MIKI wrote:
>> SRv6 (Segment Routing IPv6) tunnel vport is responsible
>> for encapsulation and decapsulation the inner packets with
>> IPv6 header and an extended header called SRH
>> (Segment Routing Header). See spec in:
>>
>
On 2023/03/24 21:06, Simon Horman wrote:
> On Fri, Mar 24, 2023 at 01:03:00PM +0100, Ilya Maximets wrote:
>> On 3/23/23 03:57, Nobuhiro MIKI wrote:
>>> On 2023/03/22 21:21, Simon Horman wrote:
On Wed, Mar 15, 2023 at 03:07:23PM +0900, Nobuhiro MIKI wrote:
> Checks whether IPPROTO_ROUTING e
On Mon, Mar 27, 2023 at 10:01 PM Numan Siddique wrote:
> "
>
> On Mon, Mar 27, 2023 at 2:34 AM Ales Musil wrote:
> >
> > There are essentially three problems with the current
> > combination of DGP + SNAT + LB:
> >
> > 1) The first packet is being SNATed in common zone due
> > to a problem with
On 3/27/23 10:40, Adrian Moreno wrote:
> There are currently two bugs that can make ovs-vswitchd create an
> incorrect number of threads on some corner cases.
>
> Firstly, if the system boots faster than 10s it's posible that the
> number of cpus have not been properly read and the number of handl
UB Sanitizer report:
lib/netdev-offload-tc.c:1276:19: runtime error: load of misaligned
address 0x7f74e801976c for type 'union ovs_u128', which requires 8 byte
alignment
#0 in netdev_tc_flow_dump_next lib/netdev-offload-tc.c:1276
#1 in netdev_flow_dump_next lib/netdev-offload.c:303
#2
"
On Mon, Mar 27, 2023 at 2:34 AM Ales Musil wrote:
>
> There are essentially three problems with the current
> combination of DGP + SNAT + LB:
>
> 1) The first packet is being SNATed in common zone due
> to a problem with pinctrl not preserving ct_mark/ct_label.
> The commit would create a SNAT
Change sets in OVSDB monitor are storing all the changes that happened
between a particular transaction ID and now. Initial change set
basically contains all the data.
On each monitor request a new initial change set is created by creating
an empty change set and adding all the database rows. Th
Cluster member, that initiates the schema conversion, converts the
database twice. First time while verifying the possibility of the
conversion, and the second time after reading conversion request
back from the storage.
Keep the converted database from the first time around and use it
after read
Currently, database schema conversion in case of clustered database
produces a transaction record with both new schema and converted
database data. So, the sequence of events is following:
1. Get the new schema.
2. Convert the database to a new schema.
3. Translate the newly converted datab
If the schema with no data was read from the clustered storage, it
should mean a database conversion request. In general, we can get:
1. Just data --> Transaction record.
2. Schema + Data --> Database conversion or raft snapshot install.
3. Just schema --> New. Database conversion request.
We c
If database conversion happens, both schema and the new data are
present in the database record. However, the schema is just silently
ignored by ovsdb-tool cluster-to-standalone. This creates data
inconsistency if the new data contains new columns, for example, so
the resulting database file will
This patch set aims to solve the issue of database conversion for
reasonably sized databases in high-scale OVN setups discussed here:
https://mail.openvswitch.org/pipermail/ovs-discuss/2022-December/052140.html
The general approach is described in this email:
https://mail.openvswitch.org/piper
Clustered databases do not support ephemeral columns, but ovsdb-server
checks for them after the conversion result is read from the storage.
It's much easier to recover if this constraint is checked before writing
to the storage instead.
It's not a big problem, because the check is always performe
On Mon, Mar 27, 2023 at 4:05 AM Dumitru Ceara wrote:
>
> Hi Han,
>
> Thanks for the northd refactor, that's great work!
>
> On 3/21/23 07:02, Han Zhou wrote:
> > Similar to the previous commit that splits switch ports and router
> > ports, this patch splits the two types of datapaths in different
On Mon, Mar 27, 2023 at 4:04 AM Dumitru Ceara wrote:
>
> Commits 53febfbc3776 ("northd: Split switch and router datapaths.") and
> b2f09ac55041 ("northd: Split switch ports and router ports.") made it
> such that for most router/switch specific functions we never process
> records that are not app
Until now weekly OVN jobs would try to compile against OVS master
branch. But that potentially contains changes that break API. For
example a recent OVS commit [0] changed the signature of the
daemonize_start() function. In order to avoid build failures due
to such changes, adapt the weekly OVN
On Mon, Mar 27, 2023 at 03:34:52PM +0200, Simon Horman wrote:
> On Wed, Mar 15, 2023 at 05:11:01PM +0800, Faicker Mo wrote:
> > Derivation cases of CVE-2020-35498:
> > 1. invalid ipv4 header total-length field
> > 2. invalid ipv6 header payload-length field
> > These may cause unwanted flow to send
On 3/27/23 04:40, Adrian Moreno wrote:
With the current implementation the available CPUs will not be read
until 10s have passed since the system's boot. For systems that boot
faster, this can make ovs-vswitchd create fewer handlers than necessary
for some time.
Fixes: 0d23948a598a ("ovs-thre
On 3/27/23 04:40, Adrian Moreno wrote:
Ensure at least 1 handler is created even if something goes wrong during
cpu detection or prime numer calculation.
Thanks Adrian for the fix. This should have been in my initial patch
series as it serves as a nice catch-all in case anything (such as this
On Wed, Mar 15, 2023 at 05:11:01PM +0800, Faicker Mo wrote:
> Derivation cases of CVE-2020-35498:
> 1. invalid ipv4 header total-length field
> 2. invalid ipv6 header payload-length field
> These may cause unwanted flow to send to datapath.
>
>
> Signed-off-by: Faicker Mo
I think the immediate
On Mon, Mar 27, 2023 at 4:40 AM Adrian Moreno wrote:
>
> With the current implementation the available CPUs will not be read
> until 10s have passed since the system's boot. For systems that boot
> faster, this can make ovs-vswitchd create fewer handlers than necessary
> for some time.
>
> Fixes:
On Mon, Mar 27, 2023 at 4:40 AM Adrian Moreno wrote:
>
> Ensure at least 1 handler is created even if something goes wrong during
> cpu detection or prime numer calculation.
>
> Fixes: a5cacea5f988 ("handlers: Create additional handler threads when using
> CPU isolation.")
> Cc: msant...@redhat.c
Make the read of the current seq->value atomic, i.e., not needing to
acquire the global mutex when reading it. On 64-bit systems, this
incurs no overhead, and it will avoid the mutex and potentially
a system call.
For incrementing the value followed by waking up the threads, we are
still taking th
On 3/27/23 11:16, Ales Musil wrote:
> Currently, there is one ct.est flow per LB VIP,
> that was required to keep track if we need to
> pass the "skip_snat" or "force_snat" flags.
> However since c1d6b8ac ("northd: Store skip_snat and force_snat in
> ct_label/mark")
> the flags are carried in the
Hi Han,
Thanks for the northd refactor, that's great work!
On 3/21/23 07:02, Han Zhou wrote:
> Similar to the previous commit that splits switch ports and router
> ports, this patch splits the two types of datapaths in different hmap
> tables. This is also mainly to help for future incremental p
Commits 53febfbc3776 ("northd: Split switch and router datapaths.") and
b2f09ac55041 ("northd: Split switch ports and router ports.") made it
such that for most router/switch specific functions we never process
records that are not applicable to the function type. Remove the
redundant checks and r
From: Flavio Leitner
The netdev receiving packets is supposed to provide the flags
indicating if the L4 checksum was verified and it is OK or BAD,
otherwise the stack will check when appropriate by software.
If the packet comes with good checksum, then postpone the
checksum calculation to the eg
From: Flavio Leitner
The netdev receiving packets is supposed to provide the flags
indicating if the IP checksum was verified and it is GOOD or BAD,
otherwise the stack will check when appropriate by software.
If the packet comes with good checksum, then postpone the
checksum calculation to the
From: Flavio Leitner
This patch modifies netdev_get_status to include information about
checksum offload status by port, allowing the user to gain insight into
where checksum offloading is active.
Signed-off-by: Flavio Leitner
Co-authored-by: Mike Pattrick
Signed-off-by: Mike Pattrick
Reviewe
This patch set is a stripped down subset of the initial 17 patchset introduced
by Flavio Leitner in 2021.
The initial omnibus patchset was very complex and included a refactor, which
stymied review and would have made backporting more complex. It also didn't
resolve an ongoing issue with the DPDK
From: Flavio Leitner
Document the implementation of netdev hardware offloading
in userspace datapath.
Signed-off-by: Flavio Leitner
Co-authored-by: Mike Pattrick
Signed-off-by: Mike Pattrick
---
Since v9:
- Renamed documentation to reflect the userspace checksum nature of
this feature
Bleep bloop. Greetings Ales Musil, I am a robot and I have tried out your
patch.
Thanks for your contribution.
I encountered some error that I wasn't expecting. See the details below.
checkpatch:
WARNING: Unexpected sign-offs from developers who are not authors or co-authors
or committers: D
Currently, there is one ct.est flow per LB VIP,
that was required to keep track if we need to
pass the "skip_snat" or "force_snat" flags.
However since c1d6b8ac ("northd: Store skip_snat and force_snat in
ct_label/mark")
the flags are carried in the ct entry and
we can use match on them the same w
On 16 Mar 2023, at 17:36, James Raphael Tiovalen wrote:
> This commit addresses several high and medium-impact Coverity defects by
> fixing several possible null-pointer dereferences and potentially
> uninitialized variables.
>
> There were cases when crashes were encountered when some null poi
Hi folks,
Anything that I can do to move this patch forward? I did consider
splitting this patch up into smaller chunks, but I am not sure if it
would be helpful since the main changes in this patch are mostly
similar, just spread across multiple functions and files. That said,
if it would make it
Ensure at least 1 handler is created even if something goes wrong during
cpu detection or prime numer calculation.
Fixes: a5cacea5f988 ("handlers: Create additional handler threads when using
CPU isolation.")
Cc: msant...@redhat.com
Suggested-by: Aaron Conole
Signed-off-by: Adrian Moreno
---
With the current implementation the available CPUs will not be read
until 10s have passed since the system's boot. For systems that boot
faster, this can make ovs-vswitchd create fewer handlers than necessary
for some time.
Fixes: 0d23948a598a ("ovs-thread: Detect changes in number of CPUs.")
Rep
There are currently two bugs that can make ovs-vswitchd create an
incorrect number of threads on some corner cases.
Firstly, if the system boots faster than 10s it's posible that the
number of cpus have not been properly read and the number of handlers is
incorrect.
Secondly, dpif_netlink_calcula
On Fri, Mar 24, 2023 at 5:14 PM Dumitru Ceara wrote:
> On 3/9/23 14:14, Simon Horman wrote:
> > On Thu, Mar 09, 2023 at 07:21:44AM +0100, Ales Musil wrote:
> >> Currently, there is one ct.est flow per LB VIP,
> >> that was required to keep track if we need to
> >> pass the "skip_snat" or "force_s
45 matches
Mail list logo
