[ovs-dev] [PATCH ovn] util: Avoid double parsing of LB vip and backend ip

The current code was parsing the ip twice, once for the "inet_parse_active" and second time by calling either "ip_parse" or "ipv6_parse". Avoid that by getting the "in6_addr" directly from "sockaddr_storage". Signed-off-by: Ales Musil --- lib/lb.c | 20 +++-

[ovs-dev] [PATCH 1/2] ofproto-ipfix: use per-domain template timeouts

IPFIX templates have to be sent for each Observation Domain ID. Currently, a timer is kept at each dpif_ipfix_exporter to send them. This works fine for per-bridge sampling where there is only one Observation Domain ID per exporter. However, this is does not work for per-flow sampling where more

[ovs-dev] [PATCH 0/2] ofproto-ipfix: use per-domain template timeouts

While testing per-flow IPFIX sampling I realized that if the controller configures multiple Observation Domain IDs, IPFIX sampling doesn't actually work because Template information is not sent for all of them, making the collector fail to decode samples. The first patch fixes this situation,

[ovs-dev] [PATCH 2/2] ipfix: make template and stats interval configurable

Add options to the IPFIX table configure the interval to send statistics and template information. Signed-off-by: Adrian Moreno --- NEWS | 2 ++ ofproto/ofproto-dpif-ipfix.c | 38 ++-- ofproto/ofproto.h| 9 +

Re: [ovs-dev] [PATCH v1 1/2] cmap: add thread fence for slot update

On 11/18/19 03:45, Yanqin Wei wrote: > bucket update in the cmap lib is protected by a counter. But hash setting > is possible to be moved before counter update. This patch fix this issue. > > Reviewed-by: Ola Liljedahl > Reviewed-by: Gavin Hu > Signed-off-by: Yanqin Wei > --- > lib/cmap.c |

Re: [ovs-dev] [PATCH] utilities: Add a GDB macro to dump any cmap structure.

Bleep bloop. Greetings Eelco Chaudron, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. checkpatch: ERROR: Author Eelco Chaudron needs to sign off. Lines checked: 110, Warnings: 0, Errors: 1

[ovs-dev] [RFC PATCH ovn] northd, controller: Commit flows dropped by ACLs in a separate CT zone

To identify connections dropped by ACLs, users can enable logging for ACLs but this approach does not scale. ACL logging uses "controller" action which causes a significant spike in the CPU usage of ovs-vswitchd (and ovn-controller to a lesser extent) even with metering enabled (observed 65%

Re: [ovs-dev] [PATCH 2/2] ofproto-dpif-upcall.c: Add counters for reasons of DP flow deletions.

On 10/14/22 20:07, Han Zhou wrote: On Thu, Oct 13, 2022 at 11:51 PM Adrian Moreno > wrote: > > > > On 8/9/22 03:41, Han Zhou wrote: > > Signed-off-by: Han Zhou mailto:hz...@ovn.org>> > > --- > >   ofproto/ofproto-dpif-upcall.c | 13 - > >   1

Re: [ovs-dev] [PATCH] utilities: Add a GDB macro to dump any cmap structure.

On 18 Oct 2022, at 15:27, Eelco Chaudron wrote: > Add a new GDB macro called ovs_dump_cmap, which can be used to dump any > cmap structure. Some examples: > > (gdb) ovs_dump_cmap >rules > (struct cmap *) 0x3e02758 > > (gdb) ovs_dump_cmap >rules "struct dpcls_rule" cmap_node > (struct dpcls_rule

[ovs-dev] [PATCH] dpif-netdev: Use unmasked key when adding datapath flows.

The datapath supports installing wider flows, and OVS relies on this behavior. For example if ipv4(src=1.1.1.1/192.0.0.0, dst=1.1.1.2/192.0.0.0) exists, a wider flow (smaller mask) of ipv4(src=192.1.1.1/128.0.0.0,dst=192.1.1.2/128.0.0.0) is allowed to be added. However, if we try to add a

Re: [ovs-dev] [PATCH ovn v2] ovn-controller: Fixed missing flows after interface deletion

Hi Xavier, I have a comment down below. On 10/18/22 05:19, Xavier Simonart wrote: In the following scenario: - interface "old" is created and external_ids:iface-id is set (to lp) - interface "new" is created and external_ids:iface-id is set (to same lp) - interface "old" is deleted flows

Re: [ovs-dev] [PATCH v6 2/2] ofproto-dpif-xlate: Optimize the clone for patch ports

Please ignore this version, I've made a mistake with the stack and action_set buffer,it will be fixed in v7. On Fri, Oct 14, 2022 at 2:21 PM Ales Musil wrote: > When the packet was traveling through patch port boundary > OvS would check if any of the actions is reversible, > if not it would

Re: [ovs-dev] [PATCH 1/2] Revalidator: Allow min-revalidator-pps to be 0 (disabled).

On 10/14/22 19:49, Han Zhou wrote: On Thu, Oct 13, 2022 at 11:43 PM Adrian Moreno > wrote: > > Hi Han. > > On 8/9/22 03:40, Han Zhou wrote: > > Today the minimum value for this setting is 1. This patch allows it to > > be 0, meaning not checking pps at all,

Re: [ovs-dev] [PATCH 1/1] ofproto: Fix ofgroup ref_count in the group stats.

On 4/20/20 16:57, Pier Luigi Ventre wrote: > Hi everyone. > > This patch is a followup to this message sent in ovs-discuss: > https://mail.openvswitch.org/pipermail/ovs-discuss/2020-April/049897.html > > > This is the

[ovs-dev] [RFC ovn 1/2] northd: add ACL Sampling

Introduce a new table called Sample where per-flow IPFIX configuration can be specified. Also, reference rows from such table from the ACL table to enable the configuration of ACL sampling. If enabled, northd will add a sample action to each ACL-related logical flow. Signed-off-by: Adrian Moreno

[ovs-dev] [RFC ovn 2/2] ovn-nbctl: add sample to acl-add

Signed-off-by: Adrian Moreno --- utilities/ovn-nbctl.8.xml | 7 ++- utilities/ovn-nbctl.c | 20 +++- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/utilities/ovn-nbctl.8.xml b/utilities/ovn-nbctl.8.xml index 5f9eb186b..2172c1429 100644 ---

[ovs-dev] [RFC ovn 0/2] ACL Sampling using per-flow IPFIX

Based on the introduction of the OVN "sample" action (still WIP) [1], the proposal of this RFC is to use per-flow IPFIX sampling to increase visibility on ACLs. The idea of ACL sampling is very similar to the already existing ACL logging whith the following key differences: - Using IPFIX

[ovs-dev] [PATCH] openvswitch: Use kmalloc_size_roundup() to match ksize() usage

Round up allocations with kmalloc_size_roundup() so that openvswitch's use of ksize() is always accurate and no special handling of the memory is needed by KASAN, UBSAN_BOUNDS, nor FORTIFY_SOURCE. Cc: Pravin B Shelar Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni

[ovs-dev] [PATCH ovn v2] ovn-controller: Fixed missing flows after interface deletion

In the following scenario: - interface "old" is created and external_ids:iface-id is set (to lp) - interface "new" is created and external_ids:iface-id is set (to same lp) - interface "old" is deleted flows related to lp were deleted. Note that after "new" interface is created, flows use "new"

Re: [ovs-dev] [PATCH 1/2] ofproto-ipfix: use per-domain template timeouts

Bleep bloop. Greetings Adrian Moreno, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. checkpatch: WARNING: Comment with 'xxx' marker #273 FILE: ofproto/ofproto-dpif-ipfix.c:2928: /*

Re: [ovs-dev] [PATCH] python: allow UnixctlClient to get argv as tuple in transact

On 3/16/20 04:29, Moshe Levi wrote: > Currently transact check that argv is of type list. This patch > allow argv also to be tuple. > > Signed-off-by: Moshe Levi > --- > python/ovs/unixctl/client.py | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git

[ovs-dev] [PATCH] utilities: Add a GDB macro to dump any cmap structure.

Add a new GDB macro called ovs_dump_cmap, which can be used to dump any cmap structure. Some examples: (gdb) ovs_dump_cmap >rules (struct cmap *) 0x3e02758 (gdb) ovs_dump_cmap >rules "struct dpcls_rule" cmap_node (struct dpcls_rule *) 0x3e02758 (gdb) ovs_dump_cmap >rules "struct dpcls_rule"

Re: [ovs-dev] [ovs-dev 0/7] Support meter action offload

On 12/28/19 08:11, xiangxia.m@gmail.com wrote: > From: Tonghao Zhang > > This series patch support the meter action offload. > We add the general struct, api and implement the > dpdk meter offload. Any suggestion is welcome. > > Tonghao Zhang (7): > dpif-netdev: Remove dp_meter_* struct

Re: [ovs-dev] [PATCH v2] ofproto-dpif-xlate: Do not use zero-weight buckets in select groups.

On 9/9/20 20:34, Ilya Maximets wrote: > On 6/8/19 1:28 AM, Ben Pfaff wrote: >> The OpenFlow specification says that buckets in select groups with a weight >> of zero should not be selected, but the ofproto-dpif implementation could >> select them in corner cases. This fixes the problem. >> >>

Re: [ovs-dev] [PATCH ovn] tests: Don't run ovn-northd specific tests with ovn-controller flavors.

Thanks for the change, Dumitru. Acked-by: Mark Michelson On 10/5/22 05:53, Dumitru Ceara wrote: There's no point to do that because ovn-controller is not even running in ovn-northd.at tests. Wrap all tests in ovn-northd.at with calls to the newly added OVN_FOR_EACH_NORTHD_NO_HV(). This also

[ovs-dev] [PATCH v6 ovn 0/7] Support 2+ controllers on the same vswitchd

This series adds support to run multiple ovn-controller instances using the same vswitchd instance. This may be used to reuse a single host level vswitchd installation to run multiple CMS (e.g. k8s and openstack), each having its own OVN stack running on a separate integration bridge. This setup

[ovs-dev] [PATCH v6 ovn 1/7] Include "chassis index" into tunnel port name

This is in preparation to support multiple separate controller instances with distinct chassis names operating on the same vswitchd instance. To avoid conflicts, this patch introduces a unique "index" (from 0-9a-z range) into the port name. Each chassis allocates a separate index for itself on

Re: [ovs-dev] [PATCH ovn] tests: Don't run ovn-northd specific tests with ovn-controller flavors.

On Wed, Oct 5, 2022 at 2:53 AM Dumitru Ceara wrote: > > There's no point to do that because ovn-controller is not even running > in ovn-northd.at tests. Wrap all tests in ovn-northd.at with calls to > the newly added OVN_FOR_EACH_NORTHD_NO_HV(). > > This also fixes the fact that some tests were

Re: [ovs-dev] [PATCH] dpif-netdev: Use unmasked key when adding datapath flows.

On 10/18/22 18:42, Eelco Chaudron wrote: > The datapath supports installing wider flows, and OVS relies on > this behavior. For example if ipv4(src=1.1.1.1/192.0.0.0, > dst=1.1.1.2/192.0.0.0) exists, a wider flow (smaller mask) of > ipv4(src=192.1.1.1/128.0.0.0,dst=192.1.1.2/128.0.0.0) is allowed

Re: [ovs-dev] [PATCH ovn] northd: add the capability to inherit logical routers lbs groups on logical switches

Hi Lorenzo, thanks for the enhancement! Acked-by: Mark Michelson On 9/14/22 08:42, Lorenzo Bianconi wrote: Similar to single load balancers, add the capability to automatically deploy a load-balancer group on each logical-switch connected to a logical router where the load-balancer group has

[ovs-dev] [PATCH v7 2/2] ofproto-dpif-xlate: Optimize the clone for patch ports

When the packet was traveling through patch port boundary OvS would check if any of the actions is reversible, if not it would clone the packet. However, the check was only at the first level of the second bridge. That caused some issues when the packet had gone through more actions, some of them

[ovs-dev] [PATCH v6 ovn 5/7] Don't touch tunnel ports from a different br-int

When multiple controllers are running using the same vswitchd, controllers should delete only those tunnel ports that belong to the integration bridge that is managed by the controller instance. This makes sure multiple controllers don't step on each other when running using the same vswitchd

[ovs-dev] [PATCH v6 ovn 6/7] Add connectivity test for 2 controllers on the same host

Signed-off-by: Ihar Hrachyshka --- tests/ovn.at | 130 +++ 1 file changed, 130 insertions(+) diff --git a/tests/ovn.at b/tests/ovn.at index c6f06e3e6..ee512ebf1 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -33179,3 +33179,133 @@

[ovs-dev] [PATCH v6 ovn 2/7] Support ovn-...- specific global ovsdb options

Before the patch, all controller instances were reading configuration from the same external-ids:ovn-* options. This patch adds support for distinct config otions for different chassis names stored in the same ovsdb global config object. To configure an option for a distinct chassis name, an

[ovs-dev] [PATCH v6 ovn 7/7] Document experimental support for co-hosted controllers

Signed-off-by: Ihar Hrachyshka --- NEWS| 2 ++ controller/ovn-controller.8.xml | 12 2 files changed, 14 insertions(+) diff --git a/NEWS b/NEWS index 224a7b83e..63afcea9d 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,7 @@ Post v22.09.0 - + -

[ovs-dev] [PATCH v6 ovn 4/7] Support passing chassis name via CLI

This patch adds support for the desired system-id (chassis name) to be passed via CLI: $ ovn-controller -n If passed, CLI overrides any settings stored in ovsdb or in system-id-override file. This may be useful when running multiple controller instances using the same vswitchd instance.

[ovs-dev] [PATCH v6 ovn 3/7] Allow to override system-id via file

Before the patch, system-id could be configured via a global config option in ovsdb. This patch adds another option - configure system-id via a file. This is achieved by writing the desired system-id into the following file location: ${OVN_SYSCONFDIR}/system-id-override. The file is read on

Re: [ovs-dev] [PATCH v3 ovn 0/3] Introduce lb affinity timeout support

Hi Lorenzo, thanks for following up with the requested changes. For all patches: Acked-by: Mark Michelson On 10/14/22 10:04, Lorenzo Bianconi wrote: Introduce load-balancer affinity timeout in order to dnat connections received from the same client to a given load-balancer to the same

[ovs-dev] [PATCH v7 1/2] ofproto-dpif-xlate: Extract the freezing processing into a function

Through out the code there is the same pattern that occurs in regards to to finish_freezing when ctx->freezing=true or xlate_action_set when ctx->freezing=false. Extract it to common function that is called from those places instead. Signed-off-by: Ales Musil --- v6: Rebase on top of current

Re: [ovs-dev] [PATCH] dpif-netdev: Use unmasked key when adding datapath flows.

Hi guys, I am afraid that commit is too long ago that would remember any details that caused us to change the code in beb75a40fdc2 ("userspace: Switching of L3 packets in L2 pipeline"). What I vaguely remember was that I couldn’t comprehend the original code and it was not working correctly in

Re: [ovs-dev] [PATCH] dpif-netdev: Use unmasked key when adding datapath flows.

On 10/19/22 00:07, Jan Scheurich wrote: > Hi guys, > > I am afraid that commit is too long ago that would remember any details that > caused us to change the code in beb75a40fdc2 ("userspace: Switching of L3 > packets in L2 pipeline"). What I vaguely remember was that I couldn’t > comprehend

Re: [ovs-dev] [PATCH ovn] controller: Remove unused shash from update_ct_zone

On Wed, Oct 12, 2022 at 3:32 PM Mark Michelson wrote: > > Wow, this shash has been unused since branch-21.06 . Good find! > > Acked-by: Mark Michelson Thanks. Applied to the main branch. Numan > > On 10/12/22 04:07, Ales Musil wrote: > > Signed-off-by: Ales Musil > > --- > >

Re: [ovs-dev] [PATCH ovn] util: Avoid double parsing of LB vip and backend ip

On Tue, Oct 18, 2022 at 7:23 AM Ales Musil wrote: > > The current code was parsing the ip twice, once for > the "inet_parse_active" and second time by calling > either "ip_parse" or "ipv6_parse". Avoid that by > getting the "in6_addr" directly from "sockaddr_storage". > > Signed-off-by: Ales

Re: [ovs-dev] [PATCH ovn] util: Avoid double parsing of LB vip and backend ip

On Wed, Oct 19, 2022 at 1:51 AM Numan Siddique wrote: > On Tue, Oct 18, 2022 at 7:23 AM Ales Musil wrote: > > > > The current code was parsing the ip twice, once for > > the "inet_parse_active" and second time by calling > > either "ip_parse" or "ipv6_parse". Avoid that by > > getting the

[ovs-dev] [PATCH ovn v2] util: Avoid double parsing of LB vip and backend ip

The current code was parsing the ip twice, once for the "inet_parse_active" and second time by calling either "ip_parse" or "ipv6_parse". Avoid that by getting the "in6_addr" directly from "sockaddr_storage". Acked-by: Numan Siddique Signed-off-by: Ales Musil --- v2: Rebase on top of current