Re: [ovs-dev] [PATCH] xlate: Use OVS_CT_ATTR_EVENTMASK.
OK, I understand now. Thank you! On Mon, Apr 24, 2017 at 07:00:38PM -0700, Jarno Rajahalme wrote: > Ben, > > The visible effect is that listeners of conntrack update events do not get L4 > state transition events but still get the mark and label change > notifications. A simple way of seeing the difference is to run “conntrack -E” > while running a test case both before and after this change. For example: > > System testsuite test: > > 65: conntrack - FTP NAT postrecirc seqadj ok > > > Before: > > root@debian-jr:/home/jrajahalme# conntrack -E > [NEW] tcp 6 120 SYN_SENT src=10.1.1.1 dst=10.1.1.2 sport=40013 > dport=21 [UNREPLIED] src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 > helper=ftp > [UPDATE] tcp 6 60 SYN_RECV src=10.1.1.1 dst=10.1.1.2 sport=40013 > dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 helper=ftp > [UPDATE] tcp 6 432000 ESTABLISHED src=10.1.1.1 dst=10.1.1.2 sport=40013 > dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] helper=ftp > [NEW] tcp 6 120 SYN_SENT src=10.1.1.2 dst=10.1.1.240 sport=52549 > dport=48972 [UNREPLIED] src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 > [UPDATE] tcp 6 60 SYN_RECV src=10.1.1.2 dst=10.1.1.240 sport=52549 > dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 > [UPDATE] tcp 6 432000 ESTABLISHED src=10.1.1.2 dst=10.1.1.240 > sport=52549 dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 > [ASSURED] > [UPDATE] tcp 6 120 FIN_WAIT src=10.1.1.2 dst=10.1.1.240 sport=52549 > dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 [ASSURED] > [UPDATE] tcp 6 30 LAST_ACK src=10.1.1.2 dst=10.1.1.240 sport=52549 > dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 [ASSURED] > [UPDATE] tcp 6 120 TIME_WAIT src=10.1.1.2 dst=10.1.1.240 sport=52549 > dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 [ASSURED] > [UPDATE] tcp 6 120 FIN_WAIT src=10.1.1.1 dst=10.1.1.2 sport=40013 > dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] helper=ftp > [UPDATE] tcp 6 30 LAST_ACK src=10.1.1.1 dst=10.1.1.2 sport=40013 > dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] helper=ftp > [UPDATE] tcp 6 120 TIME_WAIT src=10.1.1.1 dst=10.1.1.2 sport=40013 > dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] helper=ftp > [DESTROY] tcp 6 src=10.1.1.1 dst=10.1.1.2 sport=40013 dport=21 > src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] > [DESTROY] tcp 6 src=10.1.1.2 dst=10.1.1.240 sport=52549 dport=48972 > src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 [ASSURED] > > After: > > [NEW] tcp 6 120 SYN_SENT src=10.1.1.1 dst=10.1.1.2 sport=40014 > dport=21 [UNREPLIED] src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40014 > helper=ftp > [NEW] tcp 6 120 SYN_SENT src=10.1.1.2 dst=10.1.1.240 sport=53008 > dport=50987 [UNREPLIED] src=10.1.1.1 dst=10.1.1.2 sport=50987 dport=53008 > [DESTROY] tcp 6 src=10.1.1.1 dst=10.1.1.2 sport=40014 dport=21 > src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40014 [ASSURED] > [DESTROY] tcp 6 src=10.1.1.2 dst=10.1.1.240 sport=53008 dport=50987 > src=10.1.1.1 dst=10.1.1.2 sport=50987 dport=53008 [ASSURED] > > > System testsuite tests (HTTP GET tests): > > 27: conntrack - ct_mark bit-fiddlingok > 30: conntrack - ct_label bit-fiddling ok > > Before: > > [NEW] tcp 6 120 SYN_SENT src=10.1.1.1 dst=10.1.1.2 sport=44270 > dport=80 [UNREPLIED] src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 mark=5 > [UPDATE] tcp 6 60 SYN_RECV src=10.1.1.1 dst=10.1.1.2 sport=44270 > dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 mark=3 > [UPDATE] tcp 6 432000 ESTABLISHED src=10.1.1.1 dst=10.1.1.2 sport=44270 > dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3 > [UPDATE] tcp 6 120 FIN_WAIT src=10.1.1.1 dst=10.1.1.2 sport=44270 > dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3 > [UPDATE] tcp 6 30 LAST_ACK src=10.1.1.1 dst=10.1.1.2 sport=44270 > dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3 > [UPDATE] tcp 6 120 TIME_WAIT src=10.1.1.1 dst=10.1.1.2 sport=44270 > dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3 > [DESTROY] tcp 6 src=10.1.1.1 dst=10.1.1.2 sport=44270 dport=80 > src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3 > > > [NEW] tcp 6 120 SYN_SENT src=10.1.1.1 dst=10.1.1.2 sport=44271 > dport=80 [UNREPLIED] src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44271 labels=0,2 > [UPDATE] tcp 6 60 SYN_RECV src=10.1.1.1 dst=10.1.1.2 sport=44271 > dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44271 labels=0,33 > [UPDATE] tcp 6 432000 ESTABLISHED src=10.1.1.1 dst=10.1.1.2 sport=44271 > dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44271 [ASSURED] > [UPDATE] tcp 6 432000 src=10.1.1.1
Re: [ovs-dev] ovn: SFC Patch V3
On Mon, Apr 24, 2017 at 12:56 PM,wrote: > From: John McDowall > > > Fixed changes from Mickey's last review. > > Changes > > 1) Fixed re-circulation rules > Still a few modifications required. See comments inline. I just typed some stuff out, have not run, built, or tested anything. > 2) Fixed match statement - match is only applied to beginnning of chain in >each direction. > 3) Fixed array length of chain of VNFs. I have tested thi sup to three VNFs >in a chain and it looks like it works in both directions. > > Areas to review > > 1) The logic now supports hair-pinnign the flow back to the original > source to >ensure that the MAC learnign problem is addressed. I tested this using >ovn-trace - any better testing that I should do? > > Current todo list > > 1) I have standalone tests need to add tests to ovs/ovn framework. > 2) Load-balancing support for port-pair-groups > 3) Publish more detailed examples. > 4) Submit suggestions to change and shorted the CLI names. > > Simple example using ovn-trace > > #!/bin/sh > # > clear > ovn-nbctl ls-add swt1 > > ovn-nbctl lsp-add swt1 swt1-appc > ovn-nbctl lsp-add swt1 swt1-apps > ovn-nbctl lsp-add swt1 swt1-vnfp1 > ovn-nbctl lsp-add swt1 swt1-vnfp2 > > ovn-nbctl lsp-set-addresses swt1-appc "00:00:00:00:00:01 192.168.33.1" > ovn-nbctl lsp-set-addresses swt1-apps "00:00:00:00:00:02 192.168.33.2" > ovn-nbctl lsp-set-addresses swt1-vnfp1 00:00:00:00:00:03 > ovn-nbctl lsp-set-addresses swt1-vnfp2 00:00:00:00:00:04 > # > # Configure Service chain > # > ovn-nbctl lsp-pair-add swt1 swt1-vnfp1 swt1-vnfp2 pp1 > ovn-nbctl lsp-chain-add swt1 pc1 > ovn-nbctl lsp-pair-group-add pc1 ppg1 > ovn-nbctl lsp-pair-group-add-port-pair ppg1 pp1 > ovn-nbctl lsp-chain-classifier-add swt1 pc1 swt1-appc "entry-lport" > "bi-directional" pcc1 > # > ovn-sbctl dump-flows > # > # Run trace command > printf "\n-Flow 1 -\n\n" > ovn-trace --detailed swt1 'inport == "swt1-appc" && eth.src == > 00:00:00:00:00:01 && eth.dst == 00:00:00:00:00:02' > printf "\n-Flow 2 -\n\n" > ovn-trace --detailed swt1 'inport == "swt1-vnfp1" && eth.src == > 00:00:00:00:00:01 && eth.dst == 00:00:00:00:00:02' > printf "\n-Flow 3 -\n\n" > ovn-trace --detailed swt1 'inport == "swt1-apps" && eth.dst == > 00:00:00:00:00:01 && eth.src == 00:00:00:00:00:02' > printf "\n-Flow 4 -\n\n" > ovn-trace --detailed swt1 'inport == "swt1-vnfp2" && eth.dst == > 00:00:00:00:00:01 && eth.src == 00:00:00:00:00:02' > # > # Cleanup > # > ovn-nbctl lsp-chain-classifier-del pcc1 > ovn-nbctl lsp-pair-group-del ppg1 > ovn-nbctl lsp-chain-del pc1 > ovn-nbctl lsp-pair-del pp1 > ovn-nbctl ls-del swt1 > > Reported at: https://mail.openvswitch.org/pipermail/ovs-discuss/2016- > March/040381.html > Reported at: https://mail.openvswitch.org/pipermail/ovs-discuss/2016- > May/041359.html > > Signed-off-by: John McDowall > Signed-off-by: Flavio Fernandes > Co-authored-by: Flavio Fernandes > --- > ovn/northd/ovn-northd.8.xml | 69 ++- > ovn/northd/ovn-northd.c | 382 - > ovn/ovn-architecture.7.xml| 91 > ovn/ovn-nb.ovsschema | 87 ++- > ovn/ovn-nb.xml| 188 ++- > ovn/utilities/ovn-nbctl.8.xml | 231 > ovn/utilities/ovn-nbctl.c | 1208 ++ > +++ > 7 files changed, 2227 insertions(+), 29 deletions(-) > > > > diff --git ovn/northd/ovn-northd.c ovn/northd/ovn-northd.c > index d0a5ba2..090f768 100644 > --- ovn/northd/ovn-northd.c > +++ ovn/northd/ovn-northd.c > @@ -106,13 +106,14 @@ enum ovn_stage { > PIPELINE_STAGE(SWITCH, IN, PRE_LB, 4, "ls_in_pre_lb") > \ > PIPELINE_STAGE(SWITCH, IN, PRE_STATEFUL, 5, "ls_in_pre_stateful") > \ > PIPELINE_STAGE(SWITCH, IN, ACL,6, "ls_in_acl") > \ > -PIPELINE_STAGE(SWITCH, IN, QOS_MARK, 7, "ls_in_qos_mark") > \ > -PIPELINE_STAGE(SWITCH, IN, LB, 8, "ls_in_lb") > \ > -PIPELINE_STAGE(SWITCH, IN, STATEFUL, 9, "ls_in_stateful") > \ > -PIPELINE_STAGE(SWITCH, IN, ARP_ND_RSP,10, "ls_in_arp_rsp") > \ > -PIPELINE_STAGE(SWITCH, IN, DHCP_OPTIONS, 11, "ls_in_dhcp_options") > \ > -PIPELINE_STAGE(SWITCH, IN, DHCP_RESPONSE, 12, "ls_in_dhcp_response") > \ > -PIPELINE_STAGE(SWITCH, IN, L2_LKUP, 13, "ls_in_l2_lkup") > \ > +PIPELINE_STAGE(SWITCH, IN, CHAIN, 7, "ls_in_chain")\ > +PIPELINE_STAGE(SWITCH, IN, QOS_MARK, 8, "ls_in_qos_mark")\ > +PIPELINE_STAGE(SWITCH, IN, LB, 9, "ls_in_lb") > \ > +PIPELINE_STAGE(SWITCH, IN, STATEFUL, 10, "ls_in_stateful") > \ > +PIPELINE_STAGE(SWITCH, IN, ARP_ND_RSP,11, "ls_in_arp_rsp") > \ > +PIPELINE_STAGE(SWITCH, IN, DHCP_OPTIONS, 12, "ls_in_dhcp_options") > \ > +
[ovs-dev] 高效挖掘外国客户买家信息采购信息
您是否觉得阿里巴巴过去被动,展会价格高效果却不明显。 百分之90的优质客户可以通过搜索引擎接触到,主动联系国外终端买家, 绕开活跃在中国的中间商,是目前最好的客户开发方法。 您可以没有使用,但是不能没有了解。 抢先一步,快人一路,客户开发不再被动等待,主动出击 咨询QQ:2955317800 联系电话:13316847219 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] xlate: Use OVS_CT_ATTR_EVENTMASK.
What's the visible effect of this change? I am not sure, based on the patch description. One or two more sentences of context would help. Thanks, Ben. On Mon, Apr 24, 2017 at 02:58:49PM -0700, Jarno Rajahalme wrote: > Specify the event mask with CT commit including bits for CT features > exposed at the OVS interface (mark and label changes in addition to > basic creation and destruction of conntrack entries). > > VMware-BZ: #1837218 > Signed-off-by: Jarno Rajahalme> --- > This patch depends on the following other patches currently in review: > - "datapath-windows: Add missing IPCT_LABEL." > - "datapath: Add eventmask support to CT action." > > build-aux/extract-odp-netlink-h | 2 ++ > ofproto/ofproto-dpif-xlate.c| 3 +++ > 2 files changed, 5 insertions(+) > > diff --git a/build-aux/extract-odp-netlink-h b/build-aux/extract-odp-netlink-h > index 907a70a..7fb6ce8 100755 > --- a/build-aux/extract-odp-netlink-h > +++ b/build-aux/extract-odp-netlink-h > @@ -19,6 +19,8 @@ $i\ > #ifdef _WIN32\ > #include "OvsDpInterfaceExt.h"\ > #include "OvsDpInterfaceCtExt.h"\ > +#else\ > +#include "linux/netfilter/nf_conntrack_common.h"\ > #endif\ > > # Use OVS's own struct eth_addr instead of a 6-byte char array. > diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c > index d8c6a7c..21f2f7a 100644 > --- a/ofproto/ofproto-dpif-xlate.c > +++ b/ofproto/ofproto-dpif-xlate.c > @@ -5351,6 +5351,9 @@ compose_conntrack_action(struct xlate_ctx *ctx, struct > ofpact_conntrack *ofc) > if (ofc->flags & NX_CT_F_COMMIT) { > nl_msg_put_flag(ctx->odp_actions, ofc->flags & NX_CT_F_FORCE ? > OVS_CT_ATTR_FORCE_COMMIT : OVS_CT_ATTR_COMMIT); > +nl_msg_put_u32(ctx->odp_actions, OVS_CT_ATTR_EVENTMASK, > + 1 << IPCT_NEW | 1 << IPCT_RELATED | 1 << IPCT_DESTROY > | > + 1 << IPCT_MARK | 1 << IPCT_LABEL); > } > nl_msg_put_u16(ctx->odp_actions, OVS_CT_ATTR_ZONE, zone); > put_ct_mark(>xin->flow, ctx->odp_actions, ctx->wc); > -- > 2.1.4 > > ___ > dev mailing list > d...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] xlate: Use OVS_CT_ATTR_EVENTMASK.
Specify the event mask with CT commit including bits for CT features exposed at the OVS interface (mark and label changes in addition to basic creation and destruction of conntrack entries). VMware-BZ: #1837218 Signed-off-by: Jarno Rajahalme--- This patch depends on the following other patches currently in review: - "datapath-windows: Add missing IPCT_LABEL." - "datapath: Add eventmask support to CT action." build-aux/extract-odp-netlink-h | 2 ++ ofproto/ofproto-dpif-xlate.c| 3 +++ 2 files changed, 5 insertions(+) diff --git a/build-aux/extract-odp-netlink-h b/build-aux/extract-odp-netlink-h index 907a70a..7fb6ce8 100755 --- a/build-aux/extract-odp-netlink-h +++ b/build-aux/extract-odp-netlink-h @@ -19,6 +19,8 @@ $i\ #ifdef _WIN32\ #include "OvsDpInterfaceExt.h"\ #include "OvsDpInterfaceCtExt.h"\ +#else\ +#include "linux/netfilter/nf_conntrack_common.h"\ #endif\ # Use OVS's own struct eth_addr instead of a 6-byte char array. diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c index d8c6a7c..21f2f7a 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -5351,6 +5351,9 @@ compose_conntrack_action(struct xlate_ctx *ctx, struct ofpact_conntrack *ofc) if (ofc->flags & NX_CT_F_COMMIT) { nl_msg_put_flag(ctx->odp_actions, ofc->flags & NX_CT_F_FORCE ? OVS_CT_ATTR_FORCE_COMMIT : OVS_CT_ATTR_COMMIT); +nl_msg_put_u32(ctx->odp_actions, OVS_CT_ATTR_EVENTMASK, + 1 << IPCT_NEW | 1 << IPCT_RELATED | 1 << IPCT_DESTROY | + 1 << IPCT_MARK | 1 << IPCT_LABEL); } nl_msg_put_u16(ctx->odp_actions, OVS_CT_ATTR_ZONE, zone); put_ct_mark(>xin->flow, ctx->odp_actions, ctx->wc); -- 2.1.4 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 2/2] datapath: Add eventmask support to CT action.
On 24 April 2017 at 14:03, Greg Rosewrote: > On Mon, 2017-04-24 at 13:50 -0700, Jarno Rajahalme wrote: >> Upstream commit: >> >> commit 120645513f55a4ac5543120d9e79925d30a0156f >> Author: Jarno Rajahalme >> Date: Fri Apr 21 16:48:06 2017 -0700 >> >> openvswitch: Add eventmask support to CT action. >> >> Add a new optional conntrack action attribute OVS_CT_ATTR_EVENTMASK, >> which can be used in conjunction with the commit flag >> (OVS_CT_ATTR_COMMIT) to set the mask of bits specifying which >> conntrack events (IPCT_*) should be delivered via the Netfilter >> netlink multicast groups. Default behavior depends on the system >> configuration, but typically a lot of events are delivered. This can be >> very chatty for the NFNLGRP_CONNTRACK_UPDATE group, even if only some >> types of events are of interest. >> >> Netfilter core init_conntrack() adds the event cache extension, so we >> only need to set the ctmask value. However, if the system is >> configured without support for events, the setting will be skipped due >> to extension not being found. >> >> Signed-off-by: Jarno Rajahalme >> Reviewed-by: Greg Rose >> Acked-by: Joe Stringer >> Signed-off-by: David S. Miller >> >> Signed-off-by: Jarno Rajahalme > > On patches that have already been reviewed, accepted by the community > and pushed upstream do we still ACK those here on the OVS dev list? It's worth a last round of review just in case something was missed upstream, but particularly if there are any changes within datapath/linux/compat/* or outside datapath/, as those may not have received review. The datapath backport compatibility changes need to work across a variety of different kernels so that's an easy vector to introduce bugs. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 2/2] datapath: Add eventmask support to CT action.
On Mon, 2017-04-24 at 13:50 -0700, Jarno Rajahalme wrote: > Upstream commit: > > commit 120645513f55a4ac5543120d9e79925d30a0156f > Author: Jarno Rajahalme> Date: Fri Apr 21 16:48:06 2017 -0700 > > openvswitch: Add eventmask support to CT action. > > Add a new optional conntrack action attribute OVS_CT_ATTR_EVENTMASK, > which can be used in conjunction with the commit flag > (OVS_CT_ATTR_COMMIT) to set the mask of bits specifying which > conntrack events (IPCT_*) should be delivered via the Netfilter > netlink multicast groups. Default behavior depends on the system > configuration, but typically a lot of events are delivered. This can be > very chatty for the NFNLGRP_CONNTRACK_UPDATE group, even if only some > types of events are of interest. > > Netfilter core init_conntrack() adds the event cache extension, so we > only need to set the ctmask value. However, if the system is > configured without support for events, the setting will be skipped due > to extension not being found. > > Signed-off-by: Jarno Rajahalme > Reviewed-by: Greg Rose > Acked-by: Joe Stringer > Signed-off-by: David S. Miller > > Signed-off-by: Jarno Rajahalme On patches that have already been reviewed, accepted by the community and pushed upstream do we still ACK those here on the OVS dev list? Just want to keep noise down if they're not considered necessary. Thanks, - Greg > --- > datapath/conntrack.c | 27 > +++ > datapath/linux/compat/include/linux/openvswitch.h | 12 ++ > lib/dpif-netdev.c | 4 > 3 files changed, 43 insertions(+) > > diff --git a/datapath/conntrack.c b/datapath/conntrack.c > index f911fe8..95c3739 100644 > --- a/datapath/conntrack.c > +++ b/datapath/conntrack.c > @@ -73,7 +73,9 @@ struct ovs_conntrack_info { > u8 nat : 3; /* enum ovs_ct_nat */ > u8 random_fully_compat : 1; /* bool */ > u8 force : 1; > + u8 have_eventmask : 1; > u16 family; > + u32 eventmask; /* Mask of 1 << IPCT_*. */ > struct md_mark mark; > struct md_labels labels; > #ifdef CONFIG_NF_NAT_NEEDED > @@ -1041,6 +1043,20 @@ static int ovs_ct_commit(struct net *net, struct > sw_flow_key *key, > if (!ct) > return 0; > > + /* Set the conntrack event mask if given. NEW and DELETE events have > + * their own groups, but the NFNLGRP_CONNTRACK_UPDATE group listener > + * typically would receive many kinds of updates. Setting the event > + * mask allows those events to be filtered. The set event mask will > + * remain in effect for the lifetime of the connection unless changed > + * by a further CT action with both the commit flag and the eventmask > + * option. */ > + if (info->have_eventmask) { > + struct nf_conntrack_ecache *cache = nf_ct_ecache_find(ct); > + > + if (cache) > + cache->ctmask = info->eventmask; > + } > + > /* Apply changes before confirming the connection so that the initial >* conntrack NEW netlink event carries the values given in the CT >* action. > @@ -1277,6 +1293,8 @@ static const struct ovs_ct_len_tbl > ovs_ct_attr_lens[OVS_CT_ATTR_MAX + 1] = { > /* NAT length is checked when parsing the nested attributes. */ > [OVS_CT_ATTR_NAT] = { .minlen = 0, .maxlen = INT_MAX }, > #endif > + [OVS_CT_ATTR_EVENTMASK] = { .minlen = sizeof(u32), > + .maxlen = sizeof(u32) }, > }; > > static int parse_ct(const struct nlattr *attr, struct ovs_conntrack_info > *info, > @@ -1355,6 +1373,11 @@ static int parse_ct(const struct nlattr *attr, struct > ovs_conntrack_info *info, > break; > } > #endif > + case OVS_CT_ATTR_EVENTMASK: > + info->have_eventmask = true; > + info->eventmask = nla_get_u32(a); > + break; > + > default: > OVS_NLERR(log, "Unknown conntrack attr (%d)", > type); > @@ -1558,6 +1581,10 @@ int ovs_ct_action_to_attr(const struct > ovs_conntrack_info *ct_info, > ct_info->helper->name)) > return -EMSGSIZE; > } > + if (ct_info->have_eventmask && > + nla_put_u32(skb, OVS_CT_ATTR_EVENTMASK, ct_info->eventmask)) > + return -EMSGSIZE; > + > #ifdef CONFIG_NF_NAT_NEEDED > if (ct_info->nat && !ovs_ct_nat_to_attr(ct_info, skb)) > return -EMSGSIZE; > diff --git a/datapath/linux/compat/include/linux/openvswitch.h > b/datapath/linux/compat/include/linux/openvswitch.h > index 8a6b729..72627f9 100644 > ---
Re: [ovs-dev] [RFC 2/4] doc: Convert ovs-vlan-test to rST
On Mon, Apr 24, 2017 at 04:37:51PM -0400, Leif Madsen wrote: > On Mon, Apr 24, 2017 at 3:57 PM, Ben Pfaffwrote: > > > On Mon, Apr 24, 2017 at 03:52:53PM -0400, Leif Madsen wrote: > > > I think this change might have broken packaging :) > > > > > > I just tested, and with the removal / renaming of the man8 pages for > > > ovs-test and ovs-vlan-test, the RPM fails to build because of missing > > files > > > that no longer match the glob. > > > > > > These two lines need to be removed from the build: > > > > > > 471 %{_mandir}/man8/ovs-test.8* > > > 472 %{_mandir}/man8/ovs-vlan-test.8* > > > > > > > > > I'll submit a patch shortly. > > > > OK, I'm confused then. There was no removal or renaming of the > > installed man8 pages, only of the source files. So, when I run "make > > install DESTDIR=$PWD/inst", I get a file > > inst/usr/share/man/man8/ovs-test.8 installed, and that should be the > > same as before. > > > > Any idea what's going on? > > > > Huh, well then I'm very confused as well :) > > I just did a test, and things seem to build fine when I remove those two > lines. Otherwise, the RPM will fail to build with the following: > > Processing files: > openvswitch-test-2.7.90.14191.git3570f7e4-1.el7.centos.noarch > error: File not found by glob: > /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-test.8* > error: File not found by glob: > /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-vlan-test.8* > > > RPM build errors: > File not found by glob: > /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-test.8* > File not found by glob: > /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-vlan-test.8* > > > > So I'm not entirely sure why my build isn't resulting in those files. I > have everything being built from a script and done in mock, so things > should be quite reproducable. I see the same failure both on my COPR repo, > and in my local build environment. I don't really have a RPM build environment (my main distro is Debian), but can I suggest an experiment? Something like this: diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in index dbcab00cd428..1d43ebe50a69 100644 --- a/rhel/openvswitch-fedora.spec.in +++ b/rhel/openvswitch-fedora.spec.in @@ -228,6 +228,7 @@ make -f %{_datadir}/selinux/devel/Makefile %install rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT +find $RPM_BUILD_ROOT -name 'ovs-test*' install -d -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/openvswitch to find out whether the ovs-test manpage is being installed at all and if so where. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH 2/2] datapath: Add eventmask support to CT action.
Upstream commit: commit 120645513f55a4ac5543120d9e79925d30a0156f Author: Jarno RajahalmeDate: Fri Apr 21 16:48:06 2017 -0700 openvswitch: Add eventmask support to CT action. Add a new optional conntrack action attribute OVS_CT_ATTR_EVENTMASK, which can be used in conjunction with the commit flag (OVS_CT_ATTR_COMMIT) to set the mask of bits specifying which conntrack events (IPCT_*) should be delivered via the Netfilter netlink multicast groups. Default behavior depends on the system configuration, but typically a lot of events are delivered. This can be very chatty for the NFNLGRP_CONNTRACK_UPDATE group, even if only some types of events are of interest. Netfilter core init_conntrack() adds the event cache extension, so we only need to set the ctmask value. However, if the system is configured without support for events, the setting will be skipped due to extension not being found. Signed-off-by: Jarno Rajahalme Reviewed-by: Greg Rose Acked-by: Joe Stringer Signed-off-by: David S. Miller Signed-off-by: Jarno Rajahalme --- datapath/conntrack.c | 27 +++ datapath/linux/compat/include/linux/openvswitch.h | 12 ++ lib/dpif-netdev.c | 4 3 files changed, 43 insertions(+) diff --git a/datapath/conntrack.c b/datapath/conntrack.c index f911fe8..95c3739 100644 --- a/datapath/conntrack.c +++ b/datapath/conntrack.c @@ -73,7 +73,9 @@ struct ovs_conntrack_info { u8 nat : 3; /* enum ovs_ct_nat */ u8 random_fully_compat : 1; /* bool */ u8 force : 1; + u8 have_eventmask : 1; u16 family; + u32 eventmask; /* Mask of 1 << IPCT_*. */ struct md_mark mark; struct md_labels labels; #ifdef CONFIG_NF_NAT_NEEDED @@ -1041,6 +1043,20 @@ static int ovs_ct_commit(struct net *net, struct sw_flow_key *key, if (!ct) return 0; + /* Set the conntrack event mask if given. NEW and DELETE events have +* their own groups, but the NFNLGRP_CONNTRACK_UPDATE group listener +* typically would receive many kinds of updates. Setting the event +* mask allows those events to be filtered. The set event mask will +* remain in effect for the lifetime of the connection unless changed +* by a further CT action with both the commit flag and the eventmask +* option. */ + if (info->have_eventmask) { + struct nf_conntrack_ecache *cache = nf_ct_ecache_find(ct); + + if (cache) + cache->ctmask = info->eventmask; + } + /* Apply changes before confirming the connection so that the initial * conntrack NEW netlink event carries the values given in the CT * action. @@ -1277,6 +1293,8 @@ static const struct ovs_ct_len_tbl ovs_ct_attr_lens[OVS_CT_ATTR_MAX + 1] = { /* NAT length is checked when parsing the nested attributes. */ [OVS_CT_ATTR_NAT] = { .minlen = 0, .maxlen = INT_MAX }, #endif + [OVS_CT_ATTR_EVENTMASK] = { .minlen = sizeof(u32), + .maxlen = sizeof(u32) }, }; static int parse_ct(const struct nlattr *attr, struct ovs_conntrack_info *info, @@ -1355,6 +1373,11 @@ static int parse_ct(const struct nlattr *attr, struct ovs_conntrack_info *info, break; } #endif + case OVS_CT_ATTR_EVENTMASK: + info->have_eventmask = true; + info->eventmask = nla_get_u32(a); + break; + default: OVS_NLERR(log, "Unknown conntrack attr (%d)", type); @@ -1558,6 +1581,10 @@ int ovs_ct_action_to_attr(const struct ovs_conntrack_info *ct_info, ct_info->helper->name)) return -EMSGSIZE; } + if (ct_info->have_eventmask && + nla_put_u32(skb, OVS_CT_ATTR_EVENTMASK, ct_info->eventmask)) + return -EMSGSIZE; + #ifdef CONFIG_NF_NAT_NEEDED if (ct_info->nat && !ovs_ct_nat_to_attr(ct_info, skb)) return -EMSGSIZE; diff --git a/datapath/linux/compat/include/linux/openvswitch.h b/datapath/linux/compat/include/linux/openvswitch.h index 8a6b729..72627f9 100644 --- a/datapath/linux/compat/include/linux/openvswitch.h +++ b/datapath/linux/compat/include/linux/openvswitch.h @@ -739,6 +739,17 @@ struct ovs_action_push_tnl { * nothing if the connection is already committed will check that the current * packet is in conntrack entry's original direction. If directionality does * not match, will delete the existing conntrack entry and create a new one. + * @OVS_CT_ATTR_EVENTMASK:
[ovs-dev] [PATCH 1/2] datapath: Typo fix.
Upstream commit: commit abd0a4f2b41812e9ba334945e256909e3d28da57 Author: Jarno RajahalmeDate: Fri Apr 21 16:48:05 2017 -0700 openvswitch: Typo fix. Fix typo in a comment. Signed-off-by: Jarno Rajahalme Acked-by: Greg Rose Signed-off-by: David S. Miller Signed-off-by: Jarno Rajahalme --- datapath/conntrack.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/datapath/conntrack.c b/datapath/conntrack.c index 4c42a48..f911fe8 100644 --- a/datapath/conntrack.c +++ b/datapath/conntrack.c @@ -383,7 +383,7 @@ static int ovs_ct_init_labels(struct nf_conn *ct, struct sw_flow_key *key, } /* Labels are included in the IPCTNL_MSG_CT_NEW event only if the -* IPCT_LABEL bit it set in the event cache. +* IPCT_LABEL bit is set in the event cache. */ nf_conntrack_event_cache(IPCT_LABEL, ct); -- 2.1.4 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [RFC 2/4] doc: Convert ovs-vlan-test to rST
On Mon, Apr 24, 2017 at 3:57 PM, Ben Pfaffwrote: > On Mon, Apr 24, 2017 at 03:52:53PM -0400, Leif Madsen wrote: > > I think this change might have broken packaging :) > > > > I just tested, and with the removal / renaming of the man8 pages for > > ovs-test and ovs-vlan-test, the RPM fails to build because of missing > files > > that no longer match the glob. > > > > These two lines need to be removed from the build: > > > > 471 %{_mandir}/man8/ovs-test.8* > > 472 %{_mandir}/man8/ovs-vlan-test.8* > > > > > > I'll submit a patch shortly. > > OK, I'm confused then. There was no removal or renaming of the > installed man8 pages, only of the source files. So, when I run "make > install DESTDIR=$PWD/inst", I get a file > inst/usr/share/man/man8/ovs-test.8 installed, and that should be the > same as before. > > Any idea what's going on? > Huh, well then I'm very confused as well :) I just did a test, and things seem to build fine when I remove those two lines. Otherwise, the RPM will fail to build with the following: Processing files: openvswitch-test-2.7.90.14191.git3570f7e4-1.el7.centos.noarch error: File not found by glob: /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-test.8* error: File not found by glob: /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-vlan-test.8* RPM build errors: File not found by glob: /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-test.8* File not found by glob: /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-vlan-test.8* So I'm not entirely sure why my build isn't resulting in those files. I have everything being built from a script and done in mock, so things should be quite reproducable. I see the same failure both on my COPR repo, and in my local build environment. Thoughts? Leif. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] [packaging] Remove unneeded manpage globs
On Mon, Apr 24, 2017 at 04:00:30PM -0400, Leif Madsen wrote: > Remove unneeded manpage globs from the RPM spec file since they > are no longer being generated. > --- > rhel/openvswitch-fedora.spec.in | 2 -- > 1 file changed, 2 deletions(-) > > diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in > index dbcab00..1095cd0 100644 > --- a/rhel/openvswitch-fedora.spec.in > +++ b/rhel/openvswitch-fedora.spec.in > @@ -468,8 +468,6 @@ fi > %{_bindir}/ovs-pcap > %{_bindir}/ovs-tcpdump > %{_bindir}/ovs-tcpundump > -%{_mandir}/man8/ovs-test.8* > -%{_mandir}/man8/ovs-vlan-test.8* > %{_mandir}/man8/ovs-l3ping.8* > %{_mandir}/man1/ovs-pcap.1* > %{_mandir}/man8/ovs-tcpdump.8* I'm confused. There was no removal or renaming of the installed man8 pages, only of the source files. So, when I run "make install DESTDIR=$PWD/inst", I get a file inst/usr/share/man/man8/ovs-test.8 installed, and that should be the same as before. Any idea what's going on? Thanks, Ben. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] [packaging] Remove unneeded manpage globs
Remove unneeded manpage globs from the RPM spec file since they are no longer being generated. --- rhel/openvswitch-fedora.spec.in | 2 -- 1 file changed, 2 deletions(-) diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in index dbcab00..1095cd0 100644 --- a/rhel/openvswitch-fedora.spec.in +++ b/rhel/openvswitch-fedora.spec.in @@ -468,8 +468,6 @@ fi %{_bindir}/ovs-pcap %{_bindir}/ovs-tcpdump %{_bindir}/ovs-tcpundump -%{_mandir}/man8/ovs-test.8* -%{_mandir}/man8/ovs-vlan-test.8* %{_mandir}/man8/ovs-l3ping.8* %{_mandir}/man1/ovs-pcap.1* %{_mandir}/man8/ovs-tcpdump.8* -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] ovs-ofctl: Document group selection algorithm.
Thanks! I applied this to master. On Mon, Apr 24, 2017 at 12:52:33PM -0700, Jarno Rajahalme wrote: > Acked-by: Jarno Rajahalme> > > On Apr 24, 2017, at 9:06 AM, Ben Pfaff wrote: > > > > Signed-off-by: Ben Pfaff > > --- > > utilities/ovs-ofctl.8.in | 10 ++ > > 1 file changed, 6 insertions(+), 4 deletions(-) > > > > diff --git a/utilities/ovs-ofctl.8.in b/utilities/ovs-ofctl.8.in > > index 96232a5003e4..2e6679ebe98c 100644 > > --- a/utilities/ovs-ofctl.8.in > > +++ b/utilities/ovs-ofctl.8.in > > @@ -1960,10 +1960,12 @@ other commands. The following keywords designated > > the allowed types: > > .IP \fBall\fR > > Execute all buckets in the group. > > .IP \fBselect\fR > > -Execute one bucket in the group. > > -The switch should select the bucket in such a way that should implement > > -equal load sharing is achieved. The switch may optionally select the > > -bucket based on bucket weights. > > +Execute one bucket in the group, balancing across the buckets > > +according to their weights. To select a bucket, for each live bucket, > > +Open vSwitch hashes flow data with the bucket ID and multiplies by the > > +bucket weight to obtain a ``score,'' and then selects the bucket with > > +the highest score. Use \fBselection_method\fR to control the flow > > +data used for selection. > > .IP \fBindirect\fR > > Executes the one bucket in the group. > > .IP \fBff\fR > > -- > > 2.10.2 > > > > ___ > > dev mailing list > > d...@openvswitch.org > > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [RFC 2/4] doc: Convert ovs-vlan-test to rST
On Mon, Apr 24, 2017 at 03:52:53PM -0400, Leif Madsen wrote: > I think this change might have broken packaging :) > > I just tested, and with the removal / renaming of the man8 pages for > ovs-test and ovs-vlan-test, the RPM fails to build because of missing files > that no longer match the glob. > > These two lines need to be removed from the build: > > 471 %{_mandir}/man8/ovs-test.8* > > > > 472 %{_mandir}/man8/ovs-vlan-test.8* > > > I'll submit a patch shortly. OK, I'm confused then. There was no removal or renaming of the installed man8 pages, only of the source files. So, when I run "make install DESTDIR=$PWD/inst", I get a file inst/usr/share/man/man8/ovs-test.8 installed, and that should be the same as before. Any idea what's going on? Thanks, Ben. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] ovn: SFC Patch V3
From: John McDowallFixed changes from Mickey's last review. Changes 1) Fixed re-circulation rules 2) Fixed match statement - match is only applied to beginnning of chain in each direction. 3) Fixed array length of chain of VNFs. I have tested thi sup to three VNFs in a chain and it looks like it works in both directions. Areas to review 1) The logic now supports hair-pinnign the flow back to the original source to ensure that the MAC learnign problem is addressed. I tested this using ovn-trace - any better testing that I should do? Current todo list 1) I have standalone tests need to add tests to ovs/ovn framework. 2) Load-balancing support for port-pair-groups 3) Publish more detailed examples. 4) Submit suggestions to change and shorted the CLI names. Simple example using ovn-trace #!/bin/sh # clear ovn-nbctl ls-add swt1 ovn-nbctl lsp-add swt1 swt1-appc ovn-nbctl lsp-add swt1 swt1-apps ovn-nbctl lsp-add swt1 swt1-vnfp1 ovn-nbctl lsp-add swt1 swt1-vnfp2 ovn-nbctl lsp-set-addresses swt1-appc "00:00:00:00:00:01 192.168.33.1" ovn-nbctl lsp-set-addresses swt1-apps "00:00:00:00:00:02 192.168.33.2" ovn-nbctl lsp-set-addresses swt1-vnfp1 00:00:00:00:00:03 ovn-nbctl lsp-set-addresses swt1-vnfp2 00:00:00:00:00:04 # # Configure Service chain # ovn-nbctl lsp-pair-add swt1 swt1-vnfp1 swt1-vnfp2 pp1 ovn-nbctl lsp-chain-add swt1 pc1 ovn-nbctl lsp-pair-group-add pc1 ppg1 ovn-nbctl lsp-pair-group-add-port-pair ppg1 pp1 ovn-nbctl lsp-chain-classifier-add swt1 pc1 swt1-appc "entry-lport" "bi-directional" pcc1 # ovn-sbctl dump-flows # # Run trace command printf "\n-Flow 1 -\n\n" ovn-trace --detailed swt1 'inport == "swt1-appc" && eth.src == 00:00:00:00:00:01 && eth.dst == 00:00:00:00:00:02' printf "\n-Flow 2 -\n\n" ovn-trace --detailed swt1 'inport == "swt1-vnfp1" && eth.src == 00:00:00:00:00:01 && eth.dst == 00:00:00:00:00:02' printf "\n-Flow 3 -\n\n" ovn-trace --detailed swt1 'inport == "swt1-apps" && eth.dst == 00:00:00:00:00:01 && eth.src == 00:00:00:00:00:02' printf "\n-Flow 4 -\n\n" ovn-trace --detailed swt1 'inport == "swt1-vnfp2" && eth.dst == 00:00:00:00:00:01 && eth.src == 00:00:00:00:00:02' # # Cleanup # ovn-nbctl lsp-chain-classifier-del pcc1 ovn-nbctl lsp-pair-group-del ppg1 ovn-nbctl lsp-chain-del pc1 ovn-nbctl lsp-pair-del pp1 ovn-nbctl ls-del swt1 Reported at: https://mail.openvswitch.org/pipermail/ovs-discuss/2016-March/040381.html Reported at: https://mail.openvswitch.org/pipermail/ovs-discuss/2016-May/041359.html Signed-off-by: John McDowall Signed-off-by: Flavio Fernandes Co-authored-by: Flavio Fernandes --- ovn/northd/ovn-northd.8.xml | 69 ++- ovn/northd/ovn-northd.c | 382 - ovn/ovn-architecture.7.xml| 91 ovn/ovn-nb.ovsschema | 87 ++- ovn/ovn-nb.xml| 188 ++- ovn/utilities/ovn-nbctl.8.xml | 231 ovn/utilities/ovn-nbctl.c | 1208 + 7 files changed, 2227 insertions(+), 29 deletions(-) diff --git ovn/northd/ovn-northd.8.xml ovn/northd/ovn-northd.8.xml index ab8fd88..7788311 100644 --- ovn/northd/ovn-northd.8.xml +++ ovn/northd/ovn-northd.8.xml @@ -362,7 +362,62 @@ -Ingress Table 7: from-lport QoS marking + Ingress Table 7: from-lport Port Chaining + + + Logical flows in this table closely reproduce those in the + QoS table in the OVN_Northbound database + for the from-lport direction. + + + + +For every port-chain a set of rules will be added to direct traffic +through the port pairs defined in the port-chain. A port chain +is composed of an ordered set of port-pair-groups that contain one or +more port-pairs. Traffic is directed into the port-chain by creating a +port-chain-classifier. A port-chain can be reused by different +port-chain-classifier instances allowing a port chain to be +applied to multiple traffic paths and application traffic types. + +The port-chain-classifier defines a starting port or ending port and +a direction for the traffic, either uni-directional or bi-directional. +In addition a match expression can be defined to further filter +traffic. + +Service insertion is implemented by adding 4 new flow rules into the +OVN northbound database for each VNF inserted. The service +insertion rules have a higher priority than the standard forwarding +rules. This means that they override the existing forwarding rules. +There are four new rules added for each insertion. Two ingress and two +egress, The first ingress rule sends all traffic destined for the +application into the VNF ingress port and the second rule takes all +traffic destined
Re: [ovs-dev] [PATCH v3 0/7] create tunnel devices using rtnetlink interface
On Mon, Apr 24, 2017 at 12:25:30PM -0700, Joe Stringer wrote: > On 24 April 2017 at 11:54, Ben Pfaffwrote: > > Joe, it looks like you've reviewed at least some patches in previous > > versions of this series. Are you planning to resume review? > > Yes, I shall dig into that.. Thanks! ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [RFC 2/4] doc: Convert ovs-vlan-test to rST
I think this change might have broken packaging :) I just tested, and with the removal / renaming of the man8 pages for ovs-test and ovs-vlan-test, the RPM fails to build because of missing files that no longer match the glob. These two lines need to be removed from the build: 471 %{_mandir}/man8/ovs-test.8* 472 %{_mandir}/man8/ovs-vlan-test.8* I'll submit a patch shortly. Thanks, Leif. On Fri, Apr 14, 2017 at 4:18 PM, Ben Pfaffwrote: > I understand now. > > I think that this change should be invisible to the Debian and RHEL > packaging, because both kinds of packaging use "make install > DESTDIR=..." to install the manpages into a staging tree, then package > them from that staging tree. With this change, "make install" behaves > the same way as before: both before and after the change, "make install" > puts nroff versions of the manpages into $(DESTDIR)/usr/share/man/man#/ > (or wherever they are configured to go). > > (I have not actually tested either kind of packaging.) -- Leif Madsen | Partner Engineer - NFV & CI NFV Partner Engineering Red Hat GPG: (D670F846) BEE0 336E 5406 42BA 6194 6831 B38A 291E D670 F846 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] ovs-ofctl: Document group selection algorithm.
Acked-by: Jarno Rajahalme> On Apr 24, 2017, at 9:06 AM, Ben Pfaff wrote: > > Signed-off-by: Ben Pfaff > --- > utilities/ovs-ofctl.8.in | 10 ++ > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/utilities/ovs-ofctl.8.in b/utilities/ovs-ofctl.8.in > index 96232a5003e4..2e6679ebe98c 100644 > --- a/utilities/ovs-ofctl.8.in > +++ b/utilities/ovs-ofctl.8.in > @@ -1960,10 +1960,12 @@ other commands. The following keywords designated the > allowed types: > .IP \fBall\fR > Execute all buckets in the group. > .IP \fBselect\fR > -Execute one bucket in the group. > -The switch should select the bucket in such a way that should implement > -equal load sharing is achieved. The switch may optionally select the > -bucket based on bucket weights. > +Execute one bucket in the group, balancing across the buckets > +according to their weights. To select a bucket, for each live bucket, > +Open vSwitch hashes flow data with the bucket ID and multiplies by the > +bucket weight to obtain a ``score,'' and then selects the bucket with > +the highest score. Use \fBselection_method\fR to control the flow > +data used for selection. > .IP \fBindirect\fR > Executes the one bucket in the group. > .IP \fBff\fR > -- > 2.10.2 > > ___ > dev mailing list > d...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] debian, xenserver: Update logrotate config to match RHEL.
On Mon, Apr 24, 2017 at 12:25:51PM -0700, Guru Shetty wrote: > On 13 April 2017 at 10:47, Ben Pfaffwrote: > > > Commit 618a5b45ae8b ("rhel: Avoid logrotate error if /var/run/openvswitch > > does not exist") updated the RHEL logrotate configuration. This commit > > makes similar changes for Debian, by synchronizing with the RHEL version. > > > > In particular: > > > > - Indent to match logrotate.conf(5) examples. > > > > - Use "sharedscripts" flag, because the postrotate script only needs to > > run once regardless of the number of rotations. > > > > - Drop "delaycompress", because the postrotate script does make daemons > > reopen their log files. > > > > - Ignore errors calling vlog/reopen. > > > > Also make similar changes to the xenserver logrotate script. I really > > don't know if anyone uses the xenserver packaging anymore though. > > > > CC: Timothy Redaelli > > Signed-off-by: Ben Pfaff > > > > Acked-by: Gurucharan Shetty Thanks! I applied this to master. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] debian, xenserver: Update logrotate config to match RHEL.
On 13 April 2017 at 10:47, Ben Pfaffwrote: > Commit 618a5b45ae8b ("rhel: Avoid logrotate error if /var/run/openvswitch > does not exist") updated the RHEL logrotate configuration. This commit > makes similar changes for Debian, by synchronizing with the RHEL version. > > In particular: > > - Indent to match logrotate.conf(5) examples. > > - Use "sharedscripts" flag, because the postrotate script only needs to > run once regardless of the number of rotations. > > - Drop "delaycompress", because the postrotate script does make daemons > reopen their log files. > > - Ignore errors calling vlog/reopen. > > Also make similar changes to the xenserver logrotate script. I really > don't know if anyone uses the xenserver packaging anymore though. > > CC: Timothy Redaelli > Signed-off-by: Ben Pfaff > Acked-by: Gurucharan Shetty > --- > debian/openvswitch-switch.logrotate | 14 +++--- > xenserver/etc_logrotate.d_openvswitch | 22 -- > 2 files changed, 19 insertions(+), 17 deletions(-) > > diff --git a/debian/openvswitch-switch.logrotate > b/debian/openvswitch-switch.logrotate > index a7a71bdd90ad..7752af90cfed 100644 > --- a/debian/openvswitch-switch.logrotate > +++ b/debian/openvswitch-switch.logrotate > @@ -1,16 +1,16 @@ > /var/log/openvswitch/*.log { > daily > compress > +sharedscripts > create 640 root adm > -delaycompress > missingok > rotate 30 > postrotate > -# Tell Open vSwitch daemons to reopen their log files > -if [ -d /var/run/openvswitch ]; then > -for pidfile in `cd /var/run/openvswitch && echo *.pid`; do > -ovs-appctl -t "${pidfile%%.pid}" vlog/reopen > -done > -fi > + # Tell Open vSwitch daemons to reopen their log files > + if [ -d /var/run/openvswitch ]; then > + for pidfile in `cd /var/run/openvswitch && echo *.pid`; do > + ovs-appctl -t "${pidfile%%.pid}" vlog/reopen 2>/dev/null > || : > + done > + fi > endscript > } > diff --git a/xenserver/etc_logrotate.d_openvswitch > b/xenserver/etc_logrotate.d_openvswitch > index 73751d4578b0..cd7b3a9d569d 100644 > --- a/xenserver/etc_logrotate.d_openvswitch > +++ b/xenserver/etc_logrotate.d_openvswitch > @@ -1,4 +1,4 @@ > -# Copyright (C) 2009, 2010, 2011, 2012 Nicira, Inc. > +# Copyright (C) 2009, 2010, 2011, 2012, 2017 Nicira, Inc. > # > # Copying and distribution of this file, with or without modification, > # are permitted in any medium without royalty provided the copyright > @@ -6,14 +6,16 @@ > # without warranty of any kind. > > /var/log/openvswitch/*.log { > - daily > - compress > - sharedscripts > - missingok > - postrotate > +daily > +compress > +sharedscripts > +missingok > +postrotate > # Tell Open vSwitch daemons to reopen their log files > -for pidfile in `cd /var/run/openvswitch && echo *.pid`; do > -ovs-appctl -t "${pidfile%%.pid}" vlog/reopen > -done > - endscript > +if [ -d /var/run/openvswitch ]; then > + for pidfile in `cd /var/run/openvswitch && echo *.pid`; do > + ovs-appctl -t "${pidfile%%.pid}" vlog/reopen 2>/dev/null > || : > + done > + fi > +endscript > } > -- > 2.10.2 > > ___ > dev mailing list > d...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v3 0/7] create tunnel devices using rtnetlink interface
On 24 April 2017 at 11:54, Ben Pfaffwrote: > Joe, it looks like you've reviewed at least some patches in previous > versions of this series. Are you planning to resume review? Yes, I shall dig into that.. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 0/7] Add OVS DPDK keep-alive functionality
>> > Agree that Latency is indeed important. I would collect the latency >> > stats and will share the results in this thread. >> >> Awesome. Even better would be to put those informations in the cover >> letter of v2. Just a short summary of the tests and what the results >> were for latency / throughput would be good. > >I think it'd be even better to include measurements in one of the commit >messages, because those are available in the repository after the patches are >applied. It's harder to find cover letters because they're only on the mailing >list. That's a good point, I will do this when I send on the v2 for this patch series. Also we will follow this for our other patches targeting performance! - Bhanuprakash. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] ofproto-dpif-xlate: Fix the memory leak in netflow.
On Fri, Mar 24, 2017 at 07:37:18AM +, zhangsha (A) wrote: > From c4066ad97d4f9e39cd80f6d43f0592092423e0b6 Mon Sep 17 00:00:00 2001 > From: Sha Zhang> Date: Sat, 25 Mar 2017 04:43:56 +0800 > Subject: [PATCH] ofproto-dpif-xlate: Fix the memory leak in netflow. > > The memory leak was triggered each time on > creating a netflow and subsequently deleting it. > > Signed-off-by: Sha Zhang Thanks. The formatting was still not ideal, but I fixed it up and applied it to master and then backported as far as branch-2.5. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 0/7] Add OVS DPDK keep-alive functionality
On Mon, Apr 03, 2017 at 11:16:47AM -0400, Aaron Conole wrote: > "Bodireddy, Bhanuprakash"writes: > > > Thanks Aaron for reviewing this patch series. My comments inline. > > > >> > >>Hi Bhanu, > >> > >>Bhanuprakash Bodireddy writes: > >> > >>> This patch is aimed at achieving Fastpath Service Assurance in > >>> OVS-DPDK deployments. This commit adds support for monitoring the > >>> packet processing cores(pmd thread cores) by dispatching heartbeats at > >>> regular intervals. Incase of heartbeat miss the failure shall be > >>> detected & reported to higher level fault management > >>systems/frameworks. > >>> > >>> The implementation uses POSIX shared memory object for storing the > >>> events that will be read by monitoring framework. keep-alive feature > >>> can be enabled through below OVSDB settings. > >>> > >>> keepalive=true > >>>- Keepalive feature is disabled by default > >>> > >>> keepalive-interval="50" > >>>- Timer interval in milliseconds for monitoring the packet > >>> processing cores. > >>> > >>> keepalive-shm-name="/dpdk_keepalive_shm_name" > >>>- Shared memory block name where the events shall be updated. > >>> > >>> When KA is enabled, 'ovs-keepalive' thread shall be spawned that wakes > >>> up at regular intervals to update the timestamp and status of pmd > >>> cores in shared memory region. > >>> > >>> An external monitoring framework like collectd(with dpdk plugin > >>> support) can read the status updates from shared memory. On a missing > >>> heartbeat, the collectd shall relay the status to ceilometer service > >>> running in the controller. Below is the high level overview of deployment > >>model. > >> > >>Given this runs in-line in the fastpath, can you tell me what kind of > >>impact it is > >>to throughput (and possibly latency) that this series implies? > > > > This feature has very minimal impact on the throughput. > > As you know, there is a significant drop on the current master due to > > commit: daf4d3c18da4("odp: Support conntrack orig tuple key."). > > I folded in the RFC patch by Daniele that fixes the memset and measured the > > throughput with and without KA feature and see no significant difference in > > throughput. > > > > Agree that Latency is indeed important. I would collect the latency > > stats and will share > > the results in this thread. > > Awesome. Even better would be to put those informations in the cover > letter of v2. Just a short summary of the tests and what the results > were for latency / throughput would be good. I think it'd be even better to include measurements in one of the commit messages, because those are available in the repository after the patches are applied. It's harder to find cover letters because they're only on the mailing list. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH v2 3/3] ovn-controller: document command-line options in man page
Signed-off-by: Lance Richardson--- ovn/controller/ovn-controller.8.xml | 64 + 1 file changed, 23 insertions(+), 41 deletions(-) diff --git a/ovn/controller/ovn-controller.8.xml b/ovn/controller/ovn-controller.8.xml index f9cbbfe..d1fcd8a 100644 --- a/ovn/controller/ovn-controller.8.xml +++ b/ovn/controller/ovn-controller.8.xml @@ -20,6 +20,26 @@ machine-local and do not run over a physical network. +Options + +Daemon Options +http://www.w3.org/2003/XInclude"/> + +Logging Options +http://www.w3.org/2003/XInclude"/> + +PKI Options + + PKI configuration is required in order to use SSL for the connections to + the Northbound and Southbound databases. + +http://www.w3.org/2003/XInclude"/> + +Other Options + +http://www.w3.org/2003/XInclude"/> + + Configuration ovn-controller retrieves most of its configuration @@ -28,47 +48,9 @@ vSwitch's "run" directory. It may be overridden by specifying the ovs-database argument in one of the following forms: - - - - ssl:ip:port - - - The specified SSL port on the host at the given - ip, which must be expressed as an IP address (not a DNS - name) in IPv4 or IPv6 address format. If ip is an IPv6 - address, then wrap ip with square brackets, e.g.: - ssl:[::1]:6640. The --private-key, - --certificate and either of --ca-cert - or --bootstrap-ca-cert options are mandatory when this - form is used. - - - - - tcp:ip:port - - - Connect to the given TCP port on ip, where - ip can be IPv4 or IPv6 address. If ip is an - IPv6 address, then wrap ip with square brackets, e.g.: - tcp:[::1]:6640. - - - - - unix:file - - - On POSIX, connect to the Unix domain server socket named - file. - - - On Windows, connect to a localhost TCP port whose value is written - in file. - - - +http://www.w3.org/2003/XInclude"/> +http://www.w3.org/2003/XInclude"/> + ovn-controller assumes it gets configuration information from the following keys in the Open_vSwitch -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH v2 2/3] northd: document command-line options in man page
Signed-off-by: Lance Richardson--- ovn/northd/ovn-northd.8.xml | 101 1 file changed, 36 insertions(+), 65 deletions(-) diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml index ab8fd88..8021e2a 100644 --- a/ovn/northd/ovn-northd.8.xml +++ b/ovn/northd/ovn-northd.8.xml @@ -18,75 +18,46 @@ ovn-sb(5)) below it. -Configuration +Options + + --ovnnb-db=database + +The OVSDB database containing the OVN Northbound Database. If the +OVN_NB_DB environment variable is set, its value is used +as the default. Otherwise, the default is +unix:@RUNDIR@/ovnnb_db.sock. + + --ovnsb-db=database + +The OVSDB database containing the OVN Southbound Database. If the +OVN_SB_DB environment variable is set, its value is used +as the default. Otherwise, the default is +unix:@RUNDIR@/ovnsb_db.sock. + + - ovn-northd requires a connection to the Northbound - and Southbound databases. The defaults are ovnnb_db.sock - and ovnsb_db.sock respectively - in the local Open vSwitch's "run" directory. This may be - overridden with the following commands: + database in the above options must take one of the following + forms: - - - - --ovnnb-db=database - - - The database containing the OVN Northbound Database. - - - - - --ovnsb-db=database - - - The database containing the OVN Southbound Database. - - - +http://www.w3.org/2003/XInclude"/> +http://www.w3.org/2003/XInclude"/> + +Daemon Options +http://www.w3.org/2003/XInclude"/> + +Logging Options +http://www.w3.org/2003/XInclude"/> + +PKI Options - The database argument must take one of the following forms: + PKI configuration is required in order to use SSL for the connections to + the Northbound and Southbound databases. - - - - ssl:ip:port - - - The specified SSL port on the host at the given - ip, which must be expressed as an IP address (not a DNS - name) in IPv4 or IPv6 address format. If ip is an IPv6 - address, then wrap ip with square brackets, e.g.: - ssl:[::1]:6640. The --private-key, - --certificate, and --ca-cert options are - mandatory when this form is used. - - - - - tcp:ip:port - - - Connect to the given TCP port on ip, where - ip can be IPv4 or IPv6 address. If ip is an - IPv6 address, then wrap ip with square brackets, e.g.: - tcp:[::1]:6640. - - - - - unix:file - - - On POSIX, connect to the Unix domain server socket named - file. - - - On Windows, connect to a localhost TCP port whose value is written - in file. - - - +http://www.w3.org/2003/XInclude"/> + +Other Options + +http://www.w3.org/2003/XInclude"/> Runtime Management Commands -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH v2 1/3] ovsdb: add xml equivalents of remote man page fragments
Add XML equivalents for remote-active.man and remote-passive.man for inclusion by man pages using XML format. Signed-off-by: Lance Richardson--- ovsdb/automake.mk| 4 ovsdb/remote-active.xml | 30 ++ ovsdb/remote-passive.xml | 36 3 files changed, 70 insertions(+) create mode 100644 ovsdb/remote-active.xml create mode 100644 ovsdb/remote-passive.xml diff --git a/ovsdb/automake.mk b/ovsdb/automake.mk index 33d04f8..8850b06 100644 --- a/ovsdb/automake.mk +++ b/ovsdb/automake.mk @@ -48,6 +48,10 @@ MAN_FRAGMENTS += \ ovsdb/replication.man \ ovsdb/replication-syn.man +EXTRA_DIST += \ + ovsdb/remote-active.xml \ + ovsdb/remote-passive.xml + # ovsdb-tool bin_PROGRAMS += ovsdb/ovsdb-tool ovsdb_ovsdb_tool_SOURCES = ovsdb/ovsdb-tool.c diff --git a/ovsdb/remote-active.xml b/ovsdb/remote-active.xml new file mode 100644 index 000..fe4801c --- /dev/null +++ b/ovsdb/remote-active.xml @@ -0,0 +1,30 @@ + + + ssl:ip:port + +The specified SSL port on the host at the given ip, +which must be expressed as an IP address (not a DNS name) in IPv4 or IPv6 +address format. If ip is an IPv6 address, then wrap +ip with square brackets, e.g.: ssl:[::1]:6640. +The --private-key, --certificate, and +--ca-cert options are mandatory when this form is used. + + tcp:ip:port + +Connect to the given TCP port on ip, where +ip can be an IPv4 or IPv6 address. If ip is an +IPv6 address, then wrap ip with square brackets, e.g.: +tcp:[::1]:6640. + + unix:file + + +On POSIX, connect to the Unix domain server socket named file. + + +On Windows, connect to a local named pipe that is represented by a file +created in the path file to mimic the behavior of a Unix domain +socket. + + + diff --git a/ovsdb/remote-passive.xml b/ovsdb/remote-passive.xml new file mode 100644 index 000..6056b1e --- /dev/null +++ b/ovsdb/remote-passive.xml @@ -0,0 +1,36 @@ + + + pssl:port:ip + +Listen on the given SSL port for a connection. By default, +connections are not bound to a particular local IP address and +it listens only on IPv4 (but not IPv6) addresses, but +specifying ip limits connections to those from the given +ip, either IPv4 or IPv6 address. If ip is +an IPv6 address, then wrap ip with square brackets, e.g.: +pssl:6640:[::1]. The --private-key, +--certificate, and --ca-cert options are +mandatory when this form is used. + + ptcp:port:ip + +Listen on the given TCP port for a connection. By default, +connections are not bound to a particular local IP address and +it listens only on IPv4 (but not IPv6) addresses, but +ip may be specified to listen only for connections to the given +ip, either IPv4 or IPv6 address. If ip is +an IPv6 address, then wrap ip with square brackets, e.g.: +ptcp:6640:[::1]. + + punix:file + + +On POSIX, listen on the Unix domain server socket named \fIfile\fR for a +connection. + + +On Windows, listen on a local named pipe. A file is created in the +path file to mimic the behavior of a Unix domain socket. + + + -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH v2 0/3] document command-line options in ovn man pages
Add command-line option documentation to ovn-northd and ovn-controller man pages. v2: - Account for added files in dist-check (build error) - Fix trailing whitespace complaints from "git am" Lance Richardson (3): ovsdb: add xml equivalents of remote man page fragments northd: document command-line options in man page ovn-controller: document command-line options in man page ovn/controller/ovn-controller.8.xml | 64 --- ovn/northd/ovn-northd.8.xml | 101 +--- ovsdb/automake.mk | 4 ++ ovsdb/remote-active.xml | 30 +++ ovsdb/remote-passive.xml| 36 + 5 files changed, 129 insertions(+), 106 deletions(-) create mode 100644 ovsdb/remote-active.xml create mode 100644 ovsdb/remote-passive.xml -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 6/8] pinctrl: Fix memory leak in consider_nat_address()
Thanks! I applied this to master. I don't think it needs a backport but let me know if I'm wrong. On Mon, Apr 24, 2017 at 10:54:30AM -0700, Yi-Hung Wei wrote: > LGTM, thanks! > > -Yi-Hung > > On Mon, Apr 24, 2017 at 9:44 AM, Ben Pfaffwrote: > > On Fri, Apr 07, 2017 at 02:43:44PM -0700, Yi-Hung Wei wrote: > >> In testcase "ovn -- send gratuitous arp for NAT rules on distributed > >> router", > >> valgrind reports memory leaks as following. > >> xrealloc (util.c:123) > >> add_ipv4_netaddr.isra.0 (ovn-util.c:28) > >> extract_addresses (ovn-util.c:128) > >> extract_addresses_with_port.constprop.17 (pinctrl.c:1257) > >> consider_nat_address.isra.15 (pinctrl.c:1318) > >> get_nat_addresses_and_keys (pinctrl.c:1361) > >> send_garp_run (pinctrl.c:1402) > >> pinctrl_run (pinctrl.c:796) > >> main (ovn-controller.c:619) > >> > >> Signed-off-by: Yi-Hung Wei > >> --- > >> ovn/controller/pinctrl.c | 2 ++ > >> 1 file changed, 2 insertions(+) > >> > >> diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c > >> index 9b408ea6c253..8063e6487b2a 100644 > >> --- a/ovn/controller/pinctrl.c > >> +++ b/ovn/controller/pinctrl.c > >> @@ -1317,6 +1317,7 @@ consider_nat_address(const char *nat_address, > >> char *lport = NULL; > >> if (!extract_addresses_with_port(nat_address, laddrs, ) > >> || (!lport && !strcmp(pb->type, "patch"))) { > >> +destroy_lport_addresses(laddrs); > >> free(laddrs); > >> if (lport) { > >> free(lport); > >> @@ -1324,6 +1325,7 @@ consider_nat_address(const char *nat_address, > >> return; > >> } else if (lport) { > >> if (!pinctrl_is_chassis_resident(lports, chassis, lport)) { > >> +destroy_lport_addresses(laddrs); > >> free(laddrs); > >> free(lport); > >> return; > > > > Thanks for fixing the memory leak! > > > > This function has quite a lot of redundant code. What do you think of > > this version? > > > > --8<--cut here-->8-- > > > > From: Yi-Hung Wei > > Date: Fri, 7 Apr 2017 14:43:44 -0700 > > Subject: [PATCH] pinctrl: Fix memory leak in consider_nat_address() > > > > In testcase "ovn -- send gratuitous arp for NAT rules on distributed > > router", > > valgrind reports memory leaks as following. > > xrealloc (util.c:123) > > add_ipv4_netaddr.isra.0 (ovn-util.c:28) > > extract_addresses (ovn-util.c:128) > > extract_addresses_with_port.constprop.17 (pinctrl.c:1257) > > consider_nat_address.isra.15 (pinctrl.c:1318) > > get_nat_addresses_and_keys (pinctrl.c:1361) > > send_garp_run (pinctrl.c:1402) > > pinctrl_run (pinctrl.c:796) > > main (ovn-controller.c:619) > > > > Signed-off-by: Yi-Hung Wei > > Signed-off-by: Ben Pfaff > > --- > > ovn/controller/pinctrl.c | 16 +--- > > 1 file changed, 5 insertions(+), 11 deletions(-) > > > > diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c > > index 9b408ea6c253..8c5042a590ee 100644 > > --- a/ovn/controller/pinctrl.c > > +++ b/ovn/controller/pinctrl.c > > @@ -1316,20 +1316,14 @@ consider_nat_address(const char *nat_address, > > struct lport_addresses *laddrs = xmalloc(sizeof *laddrs); > > char *lport = NULL; > > if (!extract_addresses_with_port(nat_address, laddrs, ) > > -|| (!lport && !strcmp(pb->type, "patch"))) { > > +|| (!lport && !strcmp(pb->type, "patch")) > > +|| (lport && !pinctrl_is_chassis_resident(lports, chassis, > > lport))) { > > +destroy_lport_addresses(laddrs); > > free(laddrs); > > -if (lport) { > > -free(lport); > > -} > > -return; > > -} else if (lport) { > > -if (!pinctrl_is_chassis_resident(lports, chassis, lport)) { > > -free(laddrs); > > -free(lport); > > -return; > > -} > > free(lport); > > +return; > > } > > +free(lport); > > > > int i; > > for (i = 0; i < laddrs->n_ipv4_addrs; i++) { > > -- > > 2.10.2 > > ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v3 0/7] create tunnel devices using rtnetlink interface
Joe, it looks like you've reviewed at least some patches in previous versions of this series. Are you planning to resume review? On Thu, Apr 13, 2017 at 04:47:25PM -0400, Eric Garver wrote: > This series adds support for the creation of tunnels using the rtnetlink > interface. This will open the possibility for new features and flags on those > vports without the need to change vport compatibility code. > > Support for STT and LISP have not been added because these are not upstream > yet, > so we don't know how the interface will be like upstream. And there are no > features in the current drivers right now we could make use of. > > Note: This work originally started by Thadeu Lima de Souza Cascardo. > > Testing: > - kernel 4.9.22, in-tree datapath > - rtnetlink successfully creates devices > - kernel 4.2.8, in-tree datapath > - rtnetlink is tried, but fails due to no COLLECT_METADATA support > - genetlink successfully creates devices > - kernel 4.2.8, out-of-tree datapath > - rtnetlink is not tried > - genetlink successfully creates devices > > v3: > - commonzie code to get port data to verify port > - eliminate dpif_netlink_rtnl_vxlan_destroy() and alike > - minor changes for coding style guidelines > - add ACKs from previous reviews > > Eric Garver (6): > dpif-netlink: break up code that creates compat ports > dpif-netlink: code to create/destroy tunnel ports via rtnetlink > dpif-netlink-rtnl: add VXLAN creation support > dpif-netlink-rtnl: add GRE creation support > dpif-netlink-rtnl: add GENEVE creation support > dpif-netlink: Probe for out-of-tree tunnels, decides used interface > > Thadeu Lima de Souza Cascardo (1): > netdev: get device type from vport prefix if it uses one > > NEWS| 3 + > lib/automake.mk | 3 + > lib/dpif-netlink-rtnl.c | 488 > > lib/dpif-netlink-rtnl.h | 54 ++ > lib/dpif-netlink.c | 210 ++--- > lib/dpif-netlink.h | 2 + > lib/netdev.c| 26 ++- > 7 files changed, 712 insertions(+), 74 deletions(-) > create mode 100644 lib/dpif-netlink-rtnl.c > create mode 100644 lib/dpif-netlink-rtnl.h > > -- > 2.12.0 > > ___ > dev mailing list > d...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] docs: Add some detail about dpdk-socket-mem.
On Mon, Apr 24, 2017 at 06:48:34PM +0100, Kevin Traynor wrote: > Using dpdk-socket-mem to allocate memory for some NUMA nodes > but leaving blank for subsequent ones is equivalent of assigning > 0 MB memory to those subsequent nodes. Document this behavior. > > Signed-off-by: Kevin TraynorApplied to master. Thank you for working on the documentation! (Let me know if this should be applied to any release branches.) ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] OpenFlow: Enable OpenFlow 1.4 by default.
Open vSwitch now supports all OpenFlow 1.4 required features, so enable it by default. Signed-off-by: Ben Pfaff--- Documentation/faq/openflow.rst | 28 +--- NEWS | 3 +++ include/openvswitch/ofp-util.h | 3 ++- lib/ofp-version.man| 22 ++ tests/test-vconn.c | 14 +++--- utilities/ovs-ofctl.8.in | 4 +++- vswitchd/vswitch.xml | 6 +++--- 7 files changed, 45 insertions(+), 35 deletions(-) diff --git a/Documentation/faq/openflow.rst b/Documentation/faq/openflow.rst index d21bb4459395..7cd6161ddefb 100644 --- a/Documentation/faq/openflow.rst +++ b/Documentation/faq/openflow.rst @@ -34,29 +34,19 @@ Q: What versions of OpenFlow does Open vSwitch support? Open vSwitchOF1.0 OF1.1 OF1.2 OF1.3 OF1.4 OF1.5 OF1.6 === = = = = = = = 1.9 and earlier yes --- --- --- --- --- --- -1.10 yes --- (*) (*) --- --- --- -1.11 yes --- (*) (*) --- --- --- -2.0 yes (*) (*) (*) --- --- --- -2.1 yes (*) (*) (*) --- --- --- +1.10, 1.11 yes --- (*) (*) --- --- --- +2.0, 2.1 yes (*) (*) (*) --- --- --- 2.2 yes (*) (*) (*) (%) (*) --- -2.3 yes yes yes yes (*) (*) --- -2.4 yes yes yes yes (*) (*) --- -2.5 yes yes yes yes (*) (*) (*) +2.3, 2.4 yes yes yes yes (*) (*) --- +2.5, 2.6, 2.7yes yes yes yes (*) (*) (*) +2.8 yes yes yes yes yes (*) (*) === = = = = = = = -(*) Supported, with one or more missing features. +--- Not supported. +yes Supported and enabled by default +(*) Supported, but missing features, and must be enabled by user. (%) Experimental, unsafe implementation. -Open vSwitch 2.3 enables OpenFlow 1.0, 1.1, 1.2, and 1.3 by default in -ovs-vswitchd. In Open vSwitch 1.10 through 2.2, OpenFlow 1.1, 1.2, and 1.3 -must be enabled manually in ovs-vswitchd. - -Some versions of OpenFlow are supported with missing features and therefore -not enabled by default: OpenFlow 1.4 and 1.5, in Open vSwitch 2.3 and -later, as well as OpenFlow 1.6 in Open vSwitch 2.5 and later. Also, the -OpenFlow 1.6 specification is still under development and thus subject to -change. - In any case, the user may override the default: - To enable OpenFlow 1.0, 1.1, 1.2, and 1.3 on bridge br0:: @@ -83,7 +73,7 @@ Q: What versions of OpenFlow does Open vSwitch support? could cause crashes. We don't recommend enabling it.) :doc:`/topics/openflow` tracks support for OpenFlow 1.1 and later features. -When support for OpenFlow 1.4 and 1.5 is solidly implemented, Open vSwitch +When support for OpenFlow 1.5 and 1.6 is solidly implemented, Open vSwitch will enable those version by default. Q: Does Open vSwitch support MPLS? diff --git a/NEWS b/NEWS index ea97d84a2dea..4632b80df698 100644 --- a/NEWS +++ b/NEWS @@ -22,6 +22,9 @@ Post-v2.7.0 * ovn-trace now has basic support for tracing distributed firewalls. - Add the command 'ovs-appctl stp/show' (see ovs-vswitchd(8)). - OpenFlow: + * All features required by OpenFlow 1.4 are now implemented, so + ovs-vswitchd now enables OpenFlow 1.4 by default (in addition to + OpenFlow 1.0 to 1.3). * Increased support for OpenFlow 1.6 (draft). * Bundles now support hashing by just nw_src or nw_dst. * The "learn" action now supports a "limit" option (see ovs-ofctl(8)). diff --git a/include/openvswitch/ofp-util.h b/include/openvswitch/ofp-util.h index f664055c3939..f37d181599b2 100644 --- a/include/openvswitch/ofp-util.h +++ b/include/openvswitch/ofp-util.h @@ -189,7 +189,8 @@ enum ofputil_protocol ofputil_protocols_from_version_bitmap(uint32_t bitmap); #define OFPUTIL_SUPPORTED_VERSIONS ((1u << OFP10_VERSION) | \ (1u << OFP11_VERSION) | \ (1u << OFP12_VERSION) | \ -(1u << OFP13_VERSION)) +(1u << OFP13_VERSION) | \ +(1u << OFP14_VERSION)) #define OFPUTIL_DEFAULT_VERSIONS OFPUTIL_SUPPORTED_VERSIONS enum ofputil_protocol ofputil_protocols_from_string(const char *s); diff --git a/lib/ofp-version.man b/lib/ofp-version.man index 54fa1664e5f8..0ab70891d270 100644 --- a/lib/ofp-version.man +++ b/lib/ofp-version.man @@ -9,7 +9,6 @@ Sets the OpenFlow protocol versions that are allowed when establishing an OpenFlow session. . .IP -The following versions are considered to be ready for general use. These protocol
Re: [ovs-dev] [PATCH] debian, xenserver: Update logrotate config to match RHEL.
On Thu, Apr 13, 2017 at 10:47:55AM -0700, Ben Pfaff wrote: > Commit 618a5b45ae8b ("rhel: Avoid logrotate error if /var/run/openvswitch > does not exist") updated the RHEL logrotate configuration. This commit > makes similar changes for Debian, by synchronizing with the RHEL version. > > In particular: > > - Indent to match logrotate.conf(5) examples. > > - Use "sharedscripts" flag, because the postrotate script only needs to > run once regardless of the number of rotations. > > - Drop "delaycompress", because the postrotate script does make daemons > reopen their log files. > > - Ignore errors calling vlog/reopen. > > Also make similar changes to the xenserver logrotate script. I really > don't know if anyone uses the xenserver packaging anymore though. > > CC: Timothy Redaelli> Signed-off-by: Ben Pfaff This still needs a review. Thanks, Ben. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] ovn: Bump ovn-nb schema version.
On Wed, Apr 19, 2017 at 12:41:37PM -0400, Russell Bryant wrote: > Commit b89d25e5694b made the "router" DHCPv4 option optional instead of > mandatory. This did not actually change the schema, but there's no good > way for a client of the northbound database to know if this change is > present without bumping the schema version. This is needed for a client to > work with versions before and after this change. > > Reported-at: https://bugs.launchpad.net/networking-ovn/+bug/1670666 > Fixes: b89d25e5694b ("ovn: Modify the DHCPv4 router option to optional") > Signed-off-by: Russell BryantAcked-by: Ben Pfaff However, keep in mind that this version distinction is only useful if ovn-northd and the OVSDB schema are upgraded almost simultaneously. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [RFC v3 4/6] ovsdb: add support for role-based access controls
On Wed, Apr 19, 2017 at 05:38:50PM -0400, Lance Richardson wrote: > - Original Message - > > From: "Lance Richardson"> > > > +struct ovsdb_error *ovsdb_perm_error(const char *details, ...) > > +{ > > +struct ovsdb_error *error; > > +va_list args; > > + > > +va_start(args, details); > > +error = ovsdb_error_valist("permission error", details, args); > > +va_end(args); > > + > > +return error; > > +} > > + > > + > > I had been assuming that these errors would be logged by the client, but > this doesn't seem to be the case (other than in ovsdb-client, anyway). > > At the moment, there are no logs produced when a transaction by ovn-controller > is denied due to RBAC checks. I'm wondering if this is something that should > be done by the idl/jsonrpc infrastructure or informational logs in > ovsdb-server. > Ideally (I think) the client should be logging these, but it's not clear > whether > there's any way currently for e.g. the ovn-controller idl loop to report > transaction errors. > > Any suggestions for how to handle reporting RBAC failures or pointers to > existing examples where transaction failures are reported would be > appreciated. The ovsdb-idl client should probably log JSON-RPC errors in response to transactions. Until now, they've been pretty rare. But, I would have it log errors that it thinks it understands only at DBG level, if at all. I think that other errors, that it doesn't think it understands, are already passed to ovsdb_idl_txn_set_error_json(), so probably that would be a good point at which to log them. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 6/8] pinctrl: Fix memory leak in consider_nat_address()
LGTM, thanks! -Yi-Hung On Mon, Apr 24, 2017 at 9:44 AM, Ben Pfaffwrote: > On Fri, Apr 07, 2017 at 02:43:44PM -0700, Yi-Hung Wei wrote: >> In testcase "ovn -- send gratuitous arp for NAT rules on distributed router", >> valgrind reports memory leaks as following. >> xrealloc (util.c:123) >> add_ipv4_netaddr.isra.0 (ovn-util.c:28) >> extract_addresses (ovn-util.c:128) >> extract_addresses_with_port.constprop.17 (pinctrl.c:1257) >> consider_nat_address.isra.15 (pinctrl.c:1318) >> get_nat_addresses_and_keys (pinctrl.c:1361) >> send_garp_run (pinctrl.c:1402) >> pinctrl_run (pinctrl.c:796) >> main (ovn-controller.c:619) >> >> Signed-off-by: Yi-Hung Wei >> --- >> ovn/controller/pinctrl.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c >> index 9b408ea6c253..8063e6487b2a 100644 >> --- a/ovn/controller/pinctrl.c >> +++ b/ovn/controller/pinctrl.c >> @@ -1317,6 +1317,7 @@ consider_nat_address(const char *nat_address, >> char *lport = NULL; >> if (!extract_addresses_with_port(nat_address, laddrs, ) >> || (!lport && !strcmp(pb->type, "patch"))) { >> +destroy_lport_addresses(laddrs); >> free(laddrs); >> if (lport) { >> free(lport); >> @@ -1324,6 +1325,7 @@ consider_nat_address(const char *nat_address, >> return; >> } else if (lport) { >> if (!pinctrl_is_chassis_resident(lports, chassis, lport)) { >> +destroy_lport_addresses(laddrs); >> free(laddrs); >> free(lport); >> return; > > Thanks for fixing the memory leak! > > This function has quite a lot of redundant code. What do you think of > this version? > > --8<--cut here-->8-- > > From: Yi-Hung Wei > Date: Fri, 7 Apr 2017 14:43:44 -0700 > Subject: [PATCH] pinctrl: Fix memory leak in consider_nat_address() > > In testcase "ovn -- send gratuitous arp for NAT rules on distributed router", > valgrind reports memory leaks as following. > xrealloc (util.c:123) > add_ipv4_netaddr.isra.0 (ovn-util.c:28) > extract_addresses (ovn-util.c:128) > extract_addresses_with_port.constprop.17 (pinctrl.c:1257) > consider_nat_address.isra.15 (pinctrl.c:1318) > get_nat_addresses_and_keys (pinctrl.c:1361) > send_garp_run (pinctrl.c:1402) > pinctrl_run (pinctrl.c:796) > main (ovn-controller.c:619) > > Signed-off-by: Yi-Hung Wei > Signed-off-by: Ben Pfaff > --- > ovn/controller/pinctrl.c | 16 +--- > 1 file changed, 5 insertions(+), 11 deletions(-) > > diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c > index 9b408ea6c253..8c5042a590ee 100644 > --- a/ovn/controller/pinctrl.c > +++ b/ovn/controller/pinctrl.c > @@ -1316,20 +1316,14 @@ consider_nat_address(const char *nat_address, > struct lport_addresses *laddrs = xmalloc(sizeof *laddrs); > char *lport = NULL; > if (!extract_addresses_with_port(nat_address, laddrs, ) > -|| (!lport && !strcmp(pb->type, "patch"))) { > +|| (!lport && !strcmp(pb->type, "patch")) > +|| (lport && !pinctrl_is_chassis_resident(lports, chassis, lport))) { > +destroy_lport_addresses(laddrs); > free(laddrs); > -if (lport) { > -free(lport); > -} > -return; > -} else if (lport) { > -if (!pinctrl_is_chassis_resident(lports, chassis, lport)) { > -free(laddrs); > -free(lport); > -return; > -} > free(lport); > +return; > } > +free(lport); > > int i; > for (i = 0; i < laddrs->n_ipv4_addrs; i++) { > -- > 2.10.2 > ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] URGENT :
Dear Friend, I have an urgent mail for you please write back through this email:: mrsannch...@gmail.com Visite https://www.cablevisionfibertel.com.ar__ Este mensaje es confidencial. Puede contener informacion amparada por el secreto comercial.Si usted ha recibido este e-mail por error, debera eliminarlo de su sistema.No debera copiar el mensaje ni divulgar su contenido a ninguna persona.Muchas gracias.This message is confidential. It may also contain information that is privileged or not authorized to be disclosed. If you have received it by mistake, delete it from your system.You should not copy the messsage nor disclose its contents to anyone.Many thanks.__ ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] docs: Add some detail about dpdk-socket-mem.
Using dpdk-socket-mem to allocate memory for some NUMA nodes but leaving blank for subsequent ones is equivalent of assigning 0 MB memory to those subsequent nodes. Document this behavior. Signed-off-by: Kevin Traynor--- Documentation/intro/install/dpdk.rst | 7 ++- vswitchd/vswitch.xml | 5 +++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/Documentation/intro/install/dpdk.rst b/Documentation/intro/install/dpdk.rst index f29ac05..d1c0e65 100644 --- a/Documentation/intro/install/dpdk.rst +++ b/Documentation/intro/install/dpdk.rst @@ -227,9 +227,14 @@ listed below. Defaults will be provided for all values not explicitly set. If allocating more than one GB hugepage, you can configure the amount of memory used from any given NUMA nodes. For example, to use 1GB from -NUMA node 0, run:: +NUMA node 0 and 0GB for all other NUMA nodes, run:: $ ovs-vsctl --no-wait set Open_vSwitch . \ other_config:dpdk-socket-mem="1024,0" +or:: + +$ ovs-vsctl --no-wait set Open_vSwitch . \ +other_config:dpdk-socket-mem="1024" + Similarly, if you wish to better scale the workloads across cores, then multiple pmd threads can be created and pinned to CPU cores by explicity diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml index 870c813..02980b1 100644 --- a/vswitchd/vswitch.xml +++ b/vswitchd/vswitch.xml @@ -260,6 +260,7 @@ The specifier is a comma-separated string, in ascending order of CPU - socket (ex: 1024,2048,4096,8192 would set socket 0 to preallocate - 1024MB, socket 1 to preallocate 2048MB, etc.) + socket. E.g. On a four socket system 1024,0,2048 would set socket 0 + to preallocate 1024MB, socket 1 to preallocate 0MB, socket 2 to + preallocate 2048MB and socket 3 (no value given) to preallocate 0MB. -- 1.8.3.1 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] Wrong ovsdb update after "switch s1 stop/start" and role request message.
Hi : ) I'm facing an weird behavior regarding on role change. When I send a role message to change the role of one specific switch, all switches change to this role. I think the problem is when open vSwitch mount the transaction message to send to ovsdb. A simple test is, start a mininet network with 4 switches, linear topo. stop s1, and start it again. Look Controller table, before and after stop and start switch s1. Before Stop: sudo ovsdb-client dump tcp:192.168.1.200:5000 Controller Controller table 2ab2e756-cc3a-47d6-9421-1b69ae035be0 [] [] [][] {} [] true [][] []1000{} master {*sec_since_connect="40"*, state=ACTIVE} "tcp:192.168.1.215:6653" 333dc741-daa2-472c-9c9d-8337dead0318 [] [] [][] {} [] true [][] []1000{} master {*sec_since_connect="40"*, state=ACTIVE} "tcp:192.168.1.215:6653" bcb46630-8509-485e-a7c0-c5df7cfa8141 [] [] [][] {} [] true [][] []1000{} master {*sec_since_connect="40",* state=ACTIVE} "tcp:192.168.1.215:6653" dc0e199a-cd0c-4077-93b8-3b5d265f4b25 [] [] [][] {} [] true [][] []1000{} master {*sec_since_connect="40"*, state=ACTIVE} "tcp:192.168.1.215:6653" After stop and start switch S1: 2ab2e756-cc3a-47d6-9421-1b69ae035be0 [] [] [][] {} [] true [][] []1000{} master {*sec_since_connect="200"*, state=ACTIVE} "tcp:192.168.1.215:6653" 333dc741-daa2-472c-9c9d-8337dead0318 [] [] [][] {} [] true [][] []1000{} master {*sec_since_connect="200"*, state=ACTIVE} "tcp:192.168.1.215:6653" bcb46630-8509-485e-a7c0-c5df7cfa8141 [] [] [][] {} [] true [][] []1000{} master {*sec_since_connect="200"*, state=ACTIVE} "tcp:192.168.1.215:6653" dc0e199a-cd0c-4077-93b8-3b5d265f4b25 [] [] [][] {} [] true [][] []1000{} master {*sec_since_connect="200"*, state=ACTIVE} "tcp:192.168.1.215:6653" The sec_since_connection of S1 should differs from the others, right? As you can see they are all the same. Here I'll show when I use different roles. S1:master, S2:slave, S3:master and S4 slave. 2017-04-25T05:59:50.947Z|44091|vconn|DBG|tcp:192.168.1.215:6653: received: OFPT_ROLE_REQUEST (OF1.4) (xid=0x26):*role=master* generation_id=0 2017-04-25T05:59:50.953Z|44092|vconn|DBG|tcp:192.168.1.215:6653: sent (Success): OFPT_ROLE_REPLY (OF1.4) (xid=0x26): role=master generation_id=0 2017-04-25T05:59:50.953Z|44093|vconn|DBG|tcp:192.168.1.215:6653: received: OFPT_ROLE_REQUEST (OF1.4) (xid=0x24): *role=slave* generation_id=0 2017-04-25T05:59:50.954Z|44094|vconn|DBG|tcp:192.168.1.215:6653: sent (Success): OFPT_ROLE_REPLY (OF1.4) (xid=0x24): role=slave generation_id=0 2017-04-25T05:59:50.954Z|44097|vconn|DBG|tcp:192.168.1.215:6653: received: OFPT_ROLE_REQUEST (OF1.4) (xid=0x22): *role=master* generation_id=0 2017-04-25T05:59:50.955Z|44098|vconn|DBG|tcp:192.168.1.215:6653: sent (Success): OFPT_ROLE_REPLY (OF1.4) (xid=0x22): role=master generation_id=0 2017-04-25T05:59:50.955Z|44099|vconn|DBG|tcp:192.168.1.215:6653: received: OFPT_ROLE_REQUEST (OF1.4) (xid=0x28):*role=slave *generation_id=0 2017-04-25T05:59:50.955Z|44100|vconn|DBG|tcp:192.168.1.215:6653: sent (Success): OFPT_ROLE_REPLY (OF1.4) (xid=0x28): role=slave generation_id=0 2017-04-25T05:59:53.906Z|44179|jsonrpc|DBG|tcp:192.168.1.200:5000: send request, method="transact", params=["Open_vSwitch",{"lock":"ovs_vswitchd","op":"assert"},{"where":[["_uuid","==",["uuid","bcb46630-8509-485e-a7c0-c5df7cfa8141"]]],"row":{"is_connected":true,"status":["map",[["last_error","Connection refused"],["sec_since_connect","3"],["sec_since_disconnect","4"],["state","ACTIVE"]]]*,"role":"master"*},"op":"update","table":"Controller"},{"where":[["_uuid","==",["uuid","333dc741-daa2-472c-9c9d-8337dead0318"]]],"row":{"is_connected":true,"status":["map",[["last_error","Connection
[ovs-dev] Avaya
Hi, Are you looking to target companies using Avaya? We provide contacts based in any target vertical and across globe. I have mentioned the information fields that you will receive in the list for each contact within the company. You can also select the industry you would like to target. Information Fields: Name, Title, Email, Phone, Company Name, Physical Address, City, State, Zip Code, Country, Web Address, Employee Size, Revenue Size and Industry. Industry: Healthcare, Telecom, manufacturing, Oil & Gas, Pharmacy, Software, Retail, Real Estate, Construction, Energy, Government, Banking, Legal, Transportation, Wholesale, Agriculture, Business Service, Marketing, Education, Hospitality And Media Internet. Let me know if you are interested and I will get back to you with the counts, sample and pricing. Await for your response. Regards, Paul Kelly Data Consultant To opt out, please reply with Leave Out in the Subject Line. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 1/2] connmgr: Fix internal packet-in reason code mask
On Mon, Apr 17, 2017 at 02:11:29PM -0700, Yi-Hung Wei wrote: > Starting from OpenFlow 1.4+, OFPR_ACTION is split into four more descriptive > reasons, OFPR_APPLY_ACTION, OFPR_ACTION_SET, OFPR_GROUP, and OFPR_PACKET_OUT. > OVS maintains the new reason code internally, and it currently supports the > first three reason code. If the version of an established OpenFlow connection > is less than 1.4, OVS coverts the internal reason code back to OFPR_ACTION to > be backward compatible. However, the internal packet-in reason code mask is > not properly maintained for the older OpenFlow version that may omit the > packet-in messages wth the new reason code. It is because OVS does not enable > the new reason code internally in the reason code mask for older OpenFlow > version. This commit tries to address the aforementioned issue. > > Signed-off-by: Yi-Hung WeiThanks a lot. I applied both of these to master. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v5 2/3] ovn-controller: Add 'dns_lookup' action
On Mon, Apr 24, 2017 at 10:04 PM, Guru Shettywrote: > > > On 17 April 2017 at 08:13, wrote: > >> From: Numan Siddique >> >> This patch adds a new OVN action 'dns_lookup' to support native DNS. >> ovn-controller parses this action and adds a NXT_PACKET_IN2 >> OF flow with 'pause' flag set. >> >> A new table 'DNS' is added in the SB DB to look up and resolve >> the DNS queries. When a valid DNS packet is received by >> ovn-controller, it looks up the DNS name in the 'DNS' table >> and if successful, it frames a DNS reply, resumes the packet >> and stores 1 in the 1-bit subfield. If the packet is invalid >> or cannot be resolved, it resumes the packet without any >> modifications and stores 0 in the 1-bit subfield. >> >> reg0[4] = dns_lookup(); next; >> >> An upcoming patch will use this action and adds logical flows. >> >> Signed-off-by: Numan Siddique >> > > Acked-by: Gurucharan Shetty > > This needs a rebase as it does not apply on the tip of master. > > One comment inline. > > >> >> >> + >> + >> + Each row in this table stores the DNS records. The OVN action >> + dns_lookup uses this table for DNS resolution. >> + >> + >> + >> + Key-value pair of DNS records with hostname as the key >> + and a string of IP address(es) separated by comma or space as the >> + value. >> > > "hostname" feels like a misnomer as even LB VIPs can be programmed in the > DNS table. A better option is to use "DNS name"? > Thanks for the review. I will rebase, update the key to "dnsname". Hope this name is fine Numan > > >> + >> + Example: "vm1.ovn.org" = "10.0.0.4 aef0::4" >> + >> + >> + >> + The DNS records defined in the column will >> be >> + applied only to the DNS queries originating from the datapaths >> defined >> + in this column. >> + >> + >> + >> + >> +See External IDs at the beginning of this document. >> + >> + >> + >> >> diff --git a/ovn/utilities/ovn-sbctl.c b/ovn/utilities/ovn-sbctl.c >> index ffa931a..79a51e9 100644 >> --- a/ovn/utilities/ovn-sbctl.c >> +++ b/ovn/utilities/ovn-sbctl.c >> @@ -1056,6 +1056,9 @@ static const struct ctl_table_class >> tables[SBREC_N_TABLES] = { >> >> [SBREC_TABLE_SSL].row_ids[0] = >> {_table_sb_global, NULL, _sb_global_col_ssl}, >> + >> +[SBREC_TABLE_DNS].row_ids[0] = >> +{_table_dns, NULL, _dns_col_records}, >> }; >> >> >> diff --git a/ovn/utilities/ovn-trace.c b/ovn/utilities/ovn-trace.c >> index 66844b1..b141203 100644 >> --- a/ovn/utilities/ovn-trace.c >> +++ b/ovn/utilities/ovn-trace.c >> @@ -1428,6 +1428,18 @@ execute_next(const struct ovnact_next *next, >> trace__(dp, uflow, next->ltable, next->pipeline, super); >> } >> >> + >> +static void >> +execute_dns_lookup(const struct ovnact_dns_lookup *dl, struct flow >> *uflow, >> + struct ovs_list *super) >> +{ >> +struct mf_subfield sf = expr_resolve_field(>dst); >> +union mf_subvalue sv = { .u8_val = 0 }; >> +mf_write_subfield_flow(, , uflow); >> +ovntrace_node_append(super, OVNTRACE_NODE_ERROR, >> + "*** dns_lookup action not implemented"); >> +} >> + >> static void >> trace_actions(const struct ovnact *ovnacts, size_t ovnacts_len, >>const struct ovntrace_datapath *dp, struct flow *uflow, >> @@ -1542,6 +1554,10 @@ trace_actions(const struct ovnact *ovnacts, size_t >> ovnacts_len, >> * though, it would be easy enough to track the queue >> information >> * by adjusting uflow->skb_priority. */ >> break; >> + >> +case OVNACT_DNS_LOOKUP: >> +execute_dns_lookup(ovnact_get_DNS_LOOKUP(a), uflow, super); >> +break; >> } >> >> } >> diff --git a/tests/ovn.at b/tests/ovn.at >> index af77c19..53a2dd5 100644 >> --- a/tests/ovn.at >> +++ b/tests/ovn.at >> @@ -1027,6 +1027,13 @@ set_queue(61440); >> set_queue(65535); >> Queue ID 65535 for set_queue is not in valid range 0 to 61440. >> >> +# dns_lookup >> +reg1[0] = dns_lookup(); >> +encodes as controller(userdata=00.00.00.0 >> 6.00.00.00.00.00.01.de.10.00.00.00.40,pause) >> +has prereqs udp >> +reg1[0] = dns_lookup("hostname"); >> +dns_lookup doesn't take any parameters >> + >> # Contradictionary prerequisites (allowed but not useful): >> ip4.src = ip6.src[0..31]; >> encodes as move:NXM_NX_IPV6_SRC[0..31]->NXM_OF_IP_SRC[] >> -- >> 2.9.3 >> >> ___ >> dev mailing list >> d...@openvswitch.org >> https://mail.openvswitch.org/mailman/listinfo/ovs-dev >> > > ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v5 2/3] ovn-controller: Add 'dns_lookup' action
On 17 April 2017 at 08:13,wrote: > From: Numan Siddique > > This patch adds a new OVN action 'dns_lookup' to support native DNS. > ovn-controller parses this action and adds a NXT_PACKET_IN2 > OF flow with 'pause' flag set. > > A new table 'DNS' is added in the SB DB to look up and resolve > the DNS queries. When a valid DNS packet is received by > ovn-controller, it looks up the DNS name in the 'DNS' table > and if successful, it frames a DNS reply, resumes the packet > and stores 1 in the 1-bit subfield. If the packet is invalid > or cannot be resolved, it resumes the packet without any > modifications and stores 0 in the 1-bit subfield. > > reg0[4] = dns_lookup(); next; > > An upcoming patch will use this action and adds logical flows. > > Signed-off-by: Numan Siddique > Acked-by: Gurucharan Shetty This needs a rebase as it does not apply on the tip of master. One comment inline. > > > + > + > + Each row in this table stores the DNS records. The OVN action > + dns_lookup uses this table for DNS resolution. > + > + > + > + Key-value pair of DNS records with hostname as the key > + and a string of IP address(es) separated by comma or space as the > + value. > "hostname" feels like a misnomer as even LB VIPs can be programmed in the DNS table. A better option is to use "DNS name"? > + > + Example: "vm1.ovn.org" = "10.0.0.4 aef0::4" > + > + > + > + The DNS records defined in the column will > be > + applied only to the DNS queries originating from the datapaths > defined > + in this column. > + > + > + > + > +See External IDs at the beginning of this document. > + > + > + > > diff --git a/ovn/utilities/ovn-sbctl.c b/ovn/utilities/ovn-sbctl.c > index ffa931a..79a51e9 100644 > --- a/ovn/utilities/ovn-sbctl.c > +++ b/ovn/utilities/ovn-sbctl.c > @@ -1056,6 +1056,9 @@ static const struct ctl_table_class > tables[SBREC_N_TABLES] = { > > [SBREC_TABLE_SSL].row_ids[0] = > {_table_sb_global, NULL, _sb_global_col_ssl}, > + > +[SBREC_TABLE_DNS].row_ids[0] = > +{_table_dns, NULL, _dns_col_records}, > }; > > > diff --git a/ovn/utilities/ovn-trace.c b/ovn/utilities/ovn-trace.c > index 66844b1..b141203 100644 > --- a/ovn/utilities/ovn-trace.c > +++ b/ovn/utilities/ovn-trace.c > @@ -1428,6 +1428,18 @@ execute_next(const struct ovnact_next *next, > trace__(dp, uflow, next->ltable, next->pipeline, super); > } > > + > +static void > +execute_dns_lookup(const struct ovnact_dns_lookup *dl, struct flow *uflow, > + struct ovs_list *super) > +{ > +struct mf_subfield sf = expr_resolve_field(>dst); > +union mf_subvalue sv = { .u8_val = 0 }; > +mf_write_subfield_flow(, , uflow); > +ovntrace_node_append(super, OVNTRACE_NODE_ERROR, > + "*** dns_lookup action not implemented"); > +} > + > static void > trace_actions(const struct ovnact *ovnacts, size_t ovnacts_len, >const struct ovntrace_datapath *dp, struct flow *uflow, > @@ -1542,6 +1554,10 @@ trace_actions(const struct ovnact *ovnacts, size_t > ovnacts_len, > * though, it would be easy enough to track the queue > information > * by adjusting uflow->skb_priority. */ > break; > + > +case OVNACT_DNS_LOOKUP: > +execute_dns_lookup(ovnact_get_DNS_LOOKUP(a), uflow, super); > +break; > } > > } > diff --git a/tests/ovn.at b/tests/ovn.at > index af77c19..53a2dd5 100644 > --- a/tests/ovn.at > +++ b/tests/ovn.at > @@ -1027,6 +1027,13 @@ set_queue(61440); > set_queue(65535); > Queue ID 65535 for set_queue is not in valid range 0 to 61440. > > +# dns_lookup > +reg1[0] = dns_lookup(); > +encodes as controller(userdata=00.00.00. > 06.00.00.00.00.00.01.de.10.00.00.00.40,pause) > +has prereqs udp > +reg1[0] = dns_lookup("hostname"); > +dns_lookup doesn't take any parameters > + > # Contradictionary prerequisites (allowed but not useful): > ip4.src = ip6.src[0..31]; > encodes as move:NXM_NX_IPV6_SRC[0..31]->NXM_OF_IP_SRC[] > -- > 2.9.3 > > ___ > dev mailing list > d...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 5/8] tests-ovsdb: Fix memory leak
On Fri, Apr 07, 2017 at 02:43:43PM -0700, Yi-Hung Wei wrote: > Fix memory leaks reported by valgrind. > > Signed-off-by: Yi-Hung WeiThanks, applied to master. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v2] dpif-netdev: Assign ports to pmds on non-local numa node.
> Previously if there is no available (non-isolated) pmd on the numa node > for a port then the port is not polled at all. This can result in a non- > operational system until such time as nics are physically repositioned. It > is preferable to operate with a pmd on the 'wrong' numa node albeit with > lower performance. Local pmds are still chosen when available. > > Signed-off-by: Billy O'MahonyThanks for the patch Billy, few comments below. > --- > Documentation/intro/install/dpdk.rst | 10 ++ > lib/dpif-netdev.c| 36 > > 2 files changed, 42 insertions(+), 4 deletions(-) > > diff --git a/Documentation/intro/install/dpdk.rst > b/Documentation/intro/install/dpdk.rst > index b947bd5..0e0b9f0 100644 > --- a/Documentation/intro/install/dpdk.rst > +++ b/Documentation/intro/install/dpdk.rst > @@ -450,6 +450,16 @@ affinitized accordingly. > pmd thread on a NUMA node is only created if there is at least one > DPDK > interface from that NUMA node added to OVS. > > + .. note:: > + On NUMA systems PCI devices are also local to a NUMA node. Rx queues > for > + PCI device will assigned to a pmd on it's local NUMA node if pmd-cpu- > mask > + has created a pmd thread on that NUMA node. If not the queue will be > + assigned to a pmd on a remote NUMA node. This will result in reduced > + maximum throughput on that device. In the case such a queue > assingment Typo in assignment. > + is made a warning message will be logged: "There's no available > + (non isolated) pmd thread on numa node N. Queue Q on port P will be > assigned > + to a pmd on numa node M. Expect reduced performance." > + > - QEMU vCPU thread Affinity > >A VM performing simple packet forwarding or running complex packet > pipelines diff --git a/lib/dpif-netdev.c b/lib/dpif-netdev.c index > a14a2eb..c6570ba 100644 > --- a/lib/dpif-netdev.c > +++ b/lib/dpif-netdev.c > @@ -3149,10 +3149,13 @@ rr_numa_list_lookup(struct rr_numa_list *rr, int > numa_id) } > > static void > -rr_numa_list_populate(struct dp_netdev *dp, struct rr_numa_list *rr) > +rr_numa_list_populate(struct dp_netdev *dp, struct rr_numa_list *rr, > + int *all_numa_ids, unsigned all_numa_ids_sz, > + int *num_ids_written) > { > struct dp_netdev_pmd_thread *pmd; > struct rr_numa *numa; > +unsigned idx = 0; > > hmap_init(>numas); > > @@ -3170,7 +3173,11 @@ rr_numa_list_populate(struct dp_netdev *dp, struct > rr_numa_list *rr) > numa->n_pmds++; > numa->pmds = xrealloc(numa->pmds, numa->n_pmds * sizeof *numa- > >pmds); > numa->pmds[numa->n_pmds - 1] = pmd; > + > +all_numa_ids[idx % all_numa_ids_sz] = pmd->numa_id; > +idx++; > } > +*num_ids_written = idx; > } > > static struct dp_netdev_pmd_thread * > @@ -3202,8 +3209,15 @@ rxq_scheduling(struct dp_netdev *dp, bool pinned) > OVS_REQUIRES(dp->port_mutex) { > struct dp_netdev_port *port; > struct rr_numa_list rr; > +int all_numa_ids [64]; > +int all_numa_ids_sz = sizeof all_numa_ids / sizeof all_numa_ids[0]; > +unsigned all_numa_ids_idx = 0; > +int all_numa_ids_max_idx = 0; > +int num_numa_ids = 0; > > -rr_numa_list_populate(dp, ); > +rr_numa_list_populate(dp, , all_numa_ids, all_numa_ids_sz, > + _numa_ids); > +all_numa_ids_max_idx = MIN(num_numa_ids - 1, all_numa_ids_sz - 1); > > HMAP_FOR_EACH (port, node, >ports) { > struct rr_numa *numa; > @@ -3234,10 +3248,24 @@ rxq_scheduling(struct dp_netdev *dp, bool pinned) > OVS_REQUIRES(dp->port_mutex) > } > } else if (!pinned && q->core_id == OVS_CORE_UNSPEC) { > if (!numa) { > +if (all_numa_ids_max_idx < 0) { > +VLOG_ERR("There are no pmd threads. " > + "Is pmd-cpu-mask set to zero?"); The VLOG_ERR is a bit general and misleading. A user could set a PMD on a numa node, add a DPDK device local to that node, isolate the PMD for that DPDK port, then add a second DPDK port that is local to the same numa node. This will trigger the ERR above. Strictly speaking there is a PMD thread set on the numa node but it has been isolated. I would change the message above to include isolation. I would also add the name of the port searching for a PMD to the message so it is clear which port could not find a thread. Something like below if (all_numa_ids_max_idx < 0) { VLOG_ERR("There are no available pmd threads for %s. " "Is pmd-cpu-mask set to zero or isolated?", netdev_get_name(port->netdev)); > +continue; > +} > VLOG_WARN("There's no available (non isolated) pmd > thread " >"on numa node %d. Queue %d on port \'%s\' > will " > -
Re: [ovs-dev] [PATCH] ovn-detrace: Add ovn-detrace to fedora rpm package.
On Mon, Apr 24, 2017 at 12:33:51PM +0800, Guoshuai Li wrote: > Otherwise, through the "make rpm-fedora" build fedora package will be error: > error: Installed (but unpackaged) file(s) found: >/usr/bin/ovn-detrace >/usr/share/man/man1/ovn-detrace.1.gz > > Signed-off-by: Guoshuai LiThank you! I applied this to master. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 4/8] ovsdb-idl: Fix memory leak
On Fri, Apr 07, 2017 at 02:43:42PM -0700, Yi-Hung Wei wrote: > In testcase "simple idl, conditional, multiple clauses in condition - C", > valgrind reports a memory leak with the following call stack. > xmalloc (util.c:112) > resize (hmap.c:100) > ovsdb_idl_condition_clone (ovsdb-idl.c:1075) > ovsdb_idl_set_condition (ovsdb-idl.c:1095) > update_conditions (test-ovsdb.c:2299) > do_idl (test-ovsdb.c:2388) > ovs_cmdl_run_command__ (command-line.c:115) > main (test-ovsdb.c:73) > > Signed-off-by: Yi-Hung WeiThanks, I applied this to master, branch-2.7, and branch-2.6. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 3/8] bridge: Fix memory leak in port_configure()
On Fri, Apr 07, 2017 at 02:43:41PM -0700, Yi-Hung Wei wrote: > In testcase "ofproto-dpif - VLAN handling", valgrind reports a memory > leak with the following call stack. > xcalloc (util.c:95) > bitmap_allocate (bitmap.h:51) > vlan_bitmap_from_array (vlan-bitmap.c:32) > port_configure (bridge.c:983) > bridge_reconfigure (bridge.c:682) > bridge_run (bridge.c:2993) > main (ovs-vswitchd.c:111) > > Signed-off-by: Yi-Hung WeiThanks, I applied this to master. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 3/7] netdev-dpdk: Add support for keepalive functionality.
>>> The relay function is called by 'ovs_keepalive' thread. I didn't >>> completely understand your concerns here. I would be happy to verify >>> if you have any scenarios in mind that you think pose problems. >> >>My concern stems from this: >> "is relayed to monitoring framework by unlocking the semaphore." >> >>Assume the OvS vswitchd crashes while another process is pended on this >>locked semaphore. Since you do a shm_unlink, I think the pended >>process waiting on that semaphore will be stuck. Even worse, since we >>do have a process left with a handle, the name will be unlinked, and >>the memory and reading process (which may be ceilometer, but may be >>something else) will be left orphaned waiting for an update so that they can >destroy it. >> >>There's a lot of coordination that needs to be added here, and it's >>likely not portable. I'm not even sure if there are examples where it >>has been shown to work 100% on specific systems. >> >>A much better design is to use a socket to share state. Since it is >>tied to the lifetime of a process, and cleanup is guaranteed by POSIX >>(and all sane OSes, >>anyway) you can rely on it. It is a much better mechanism for >>signaling changes, and a message based interface means you can make >>this dump information to _any_ interested subscriber - even those who >>are off system if you choose. >> Hello Aaron, I got a chance to talk to collectd team and understood that the 'dpdkevents' plugin of collectd implementation changed a bit which I wasn't aware of when I posted v1 of this patch. In the new implementation semaphore isn't needed. How it works is: - DPDK primary process(OvS-DPDK in our case) initializes the shared memory during startup and keeps writing the events. - dpdkevents plugin of collectd would read the events from SHM block and in case of change in 'core state' notify the ceilometer. - when the OvS crashes, it would automatically be restarted(ovs-vswitchd --monitor ) and as part of initialization the shared memory would be reinitialized(flags=O_CREAT | O_TRUNC | O_RDWR, 0666). - dpdkevents plugin will call "dpdk_events_read()" at every predefined interval and shall open the SHM block and get the file descriptor. It goes on to check if there is any change in 'inode'. If there is no change in 'inode' it means the OvS is intact and healthy. In case of change in inode(OvS has restarted), it would immediately unmap the memory, close the stale file descriptor and memory map the shared memory using the new file descriptor and read the updated events. In this way we can avoid semaphore and also make sure the collectd would detect the primary application crashes. I tested this and found to be working in different scenarios. Please note that I was sending SIGABRT to OvS and started OvS using 'ovs-vswitch --monitor' option to restart the OvS automatically. Sorry for taking so long to reply, some of the above mentioned changes in collectd are still WIP and are in the process of getting upstreamed. Regards, Bhanuprakash. > >Thanks Aaron for clarifying this and appreciate all your feedback on this patch >series. >I shall try out the scenarios leading to unexpected crashes and see how well >the applications recover on a restart and check for any further shortcomings. > >- Bhanuprakash. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH 2/8] learn: Fix memory leak in learn_parse_sepc()
On Sun, Apr 23, 2017 at 11:22:03AM -0700, Yi-Hung Wei wrote: > On Sun, Apr 23, 2017 at 9:56 AM, Ben Pfaffwrote: > > On Fri, Apr 07, 2017 at 02:43:40PM -0700, Yi-Hung Wei wrote: > >> In testcase "ofproto-dpif - fragment handling - actions", valgrind reports > >> memeory leaks with the following call stack. > >> xmalloc (util.c:112) > >> xvasprintf (util.c:176) > >> xasprintf (util.c:272) > >> mf_parse_subfield__ (nx-match.c:1939) > >> mf_parse_subfield (nx-match.c:1991) > >> learn_parse_spec (learn.c:242) > >> learn_parse__ (learn.c:436) > >> learn_parse (learn.c:464) > >> parse_LEARN (ofp-actions.c:4670) > >> ofpact_parse (ofp-actions.c:8231) > >> ofpacts_parse__ (ofp-actions.c:8278) > >> ofpacts_parse (ofp-actions.c:8350) > >> ofpacts_parse_copy (ofp-actions.c:8368) > >> parse_ofp_str__ (ofp-parse.c:543) > >> parse_ofp_str (ofp-parse.c:596) > >> parse_ofp_flow_mod_str (ofp-parse.c:1024) > >> ofctl_flow_mod (ovs-ofctl.c:1496) > >> ovs_cmdl_run_command__ (command-line.c:115) > >> main (ovs-ofctl.c:147) > >> > >> Signed-off-by: Yi-Hung Wei > >> --- > >> lib/learn.c | 4 > >> 1 file changed, 4 insertions(+) > >> > >> diff --git a/lib/learn.c b/lib/learn.c > >> index b7b70ac3d4e2..1c88b8fa402a 100644 > >> --- a/lib/learn.c > >> +++ b/lib/learn.c > >> @@ -322,6 +322,7 @@ learn_parse_spec(const char *orig, char *name, char > >> *value, > >> char *tail; > >> char *dst_value = strstr(value, "->"); > >> > >> +free(error); > >> if (dst_value == value) { > >> return xasprintf("%s: missing source before `->' in `%s'", > >> name, > >> value); > >> @@ -358,6 +359,8 @@ learn_parse_spec(const char *orig, char *name, char > >> *value, > >> spec->dst = move.dst; > >> } > >> } else if (!strcmp(name, "output")) { > >> +free(error); > >> + > >> char *error = mf_parse_subfield(>src, value); > >> if (error) { > >> return error; > >> @@ -367,6 +370,7 @@ learn_parse_spec(const char *orig, char *name, char > >> *value, > >> spec->src_type = NX_LEARN_SRC_FIELD; > >> spec->dst_type = NX_LEARN_DST_OUTPUT; > >> } else { > >> +free(error); > >> return xasprintf("%s: unknown keyword %s", orig, name); > >> } > > > > Thank you for the fix! That introduces a lot of code duplication. What > > do you think of this version? > > > > --8<--cut here-->8-- > > > > From: Yi-Hung Wei > > Date: Fri, 7 Apr 2017 14:43:40 -0700 > > Subject: [PATCH] learn: Fix memory leak in learn_parse_sepc() > > > > In testcase "ofproto-dpif - fragment handling - actions", valgrind reports > > memeory leaks with the following call stack. > > xmalloc (util.c:112) > > xvasprintf (util.c:176) > > xasprintf (util.c:272) > > mf_parse_subfield__ (nx-match.c:1939) > > mf_parse_subfield (nx-match.c:1991) > > learn_parse_spec (learn.c:242) > > learn_parse__ (learn.c:436) > > learn_parse (learn.c:464) > > parse_LEARN (ofp-actions.c:4670) > > ofpact_parse (ofp-actions.c:8231) > > ofpacts_parse__ (ofp-actions.c:8278) > > ofpacts_parse (ofp-actions.c:8350) > > ofpacts_parse_copy (ofp-actions.c:8368) > > parse_ofp_str__ (ofp-parse.c:543) > > parse_ofp_str (ofp-parse.c:596) > > parse_ofp_flow_mod_str (ofp-parse.c:1024) > > ofctl_flow_mod (ovs-ofctl.c:1496) > > ovs_cmdl_run_command__ (command-line.c:115) > > main (ovs-ofctl.c:147) > > > > Signed-off-by: Yi-Hung Wei > > Signed-off-by: Ben Pfaff > > --- > > lib/learn.c | 10 ++ > > 1 file changed, 6 insertions(+), 4 deletions(-) > > > > diff --git a/lib/learn.c b/lib/learn.c > > index b7b70ac3d4e2..ebbc210c71ce 100644 > > --- a/lib/learn.c > > +++ b/lib/learn.c > > @@ -1,5 +1,5 @@ > > /* > > - * Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc. > > + * Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016, 2017 Nicira, Inc. > > * > > * Licensed under the Apache License, Version 2.0 (the "License"); > > * you may not use this file except in compliance with the License. > > @@ -237,10 +237,12 @@ learn_parse_spec(const char *orig, char *name, char > > *value, > > { > > /* Parse destination and check prerequisites. */ > > struct mf_subfield dst; > > -char *error; > > > > -error = mf_parse_subfield(, name); > > -if (!error) { > > +char *error = mf_parse_subfield(, name); > > +bool parse_error = error != NULL; > > +free(error); > > + > > +if (parse_error) { > > Thanks, it looks much better. It seems like there is a typo here. > " if (!parse_error) { " You're right. Thanks, I fixed that and I applied this to master and branch-2.7. ___ dev
[ovs-dev] [PATCH] ovs-ofctl: Document group selection algorithm.
Signed-off-by: Ben Pfaff--- utilities/ovs-ofctl.8.in | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/utilities/ovs-ofctl.8.in b/utilities/ovs-ofctl.8.in index 96232a5003e4..2e6679ebe98c 100644 --- a/utilities/ovs-ofctl.8.in +++ b/utilities/ovs-ofctl.8.in @@ -1960,10 +1960,12 @@ other commands. The following keywords designated the allowed types: .IP \fBall\fR Execute all buckets in the group. .IP \fBselect\fR -Execute one bucket in the group. -The switch should select the bucket in such a way that should implement -equal load sharing is achieved. The switch may optionally select the -bucket based on bucket weights. +Execute one bucket in the group, balancing across the buckets +according to their weights. To select a bucket, for each live bucket, +Open vSwitch hashes flow data with the bucket ID and multiplies by the +bucket weight to obtain a ``score,'' and then selects the bucket with +the highest score. Use \fBselection_method\fR to control the flow +data used for selection. .IP \fBindirect\fR Executes the one bucket in the group. .IP \fBff\fR -- 2.10.2 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] B2b Email Marketing List
Hi There, Hope this email finds you well. Would you like to acquire the below mentioned technologies users with *Verified Email List?* We are a Global Technology User’s List Provider’s with *250 Million Plus *data and counting. *Technology Users* *CRM Users* *Business Intelligence* *Cloud Computing Users* *Other Technology Users* Accounting Software User Sugar CRM SAP BI Amazon Web Services SAP Users QuickBooks Zoho CRM IBM Cognos Cloud Bees IBM Users Acumatica Web CRM ApeSoft Rack Space Oracle Users AME Accounting Software Sales force CRM Birst Google Apps Jd Edwards Users Financial Force SAP CRM Data Applied Go grid Cisco Users Open Systems Accounting Software Microsoft Dynamic CRM Dimensional Insight Right Scale Citrix Users NOSA XP and more Sage CRM and more. Dynamic AI and more Sales force and more. Virtualization Users and more Kindly let us know based on the below data fields to provide you with detailed information for your review. Target Technology: Target Titles: Target Geography: Await your response! Thanks, Becky Smith *Marketing Analyst* To Opt out Response Unsubscribe in subjectline ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] ovn-detrace: add generated files to .gitignore.
On Mon, Apr 24, 2017 at 11:23:34AM +0200, Timothy Redaelli wrote: > Signed-off-by: Timothy RedaelliThanks! I applied this to master. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] gitignore: Ignore /docs-check instead of /htmldocs-check
On Mon, Apr 24, 2017 at 10:21:21AM +0100, Stephen Finucane wrote: > On Mon, 2017-04-24 at 11:17 +0200, Timothy Redaelli wrote: > > Fixes: fd0837a76f4c ("doc: Convert ovs-vlan-test to rST") > > CC: Stephen Finucane> > Signed-off-by: Timothy Redaelli > > Oops - good spot. > > Acked-by: Stephen Finucane Thanks Timothy and Stephen, I applied this to master. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v3 2/8] userspace: Support for push_eth and pop_eth actions
On Mon, Apr 24, 2017 at 09:43:27AM +, Zoltán Balogh wrote: > > > I am very disappointed that, apparently, 7 people from 6 different > > companies have contributed to this code without ever using a simple > > build tool, recommended by the OVS documentation, that finds real bugs. > > Please install sparse and use it. Then, after you fix the bugs that > > sparse finds automatically for you, please resubmit the series. > > > > Thanks, > > > > Ben. > > Hi Ben, > > This was my fault, my build script did not pass "C=1" to make. I'm sorry. > I'm fixing the warnings, rebasing the code to latest master and sending a new > patch set to the list. Thank you! ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] Be Surprised Now!
Your Dreams Come True! Here is the chance to reach your unachievable dream! Surprise yourself with a gift, which is impressive, extremely prestigious and hardly available anywhere. Your business partners’ and friends will value it. Appearance does matter everywhere and unfamiliar people form their opinion by the first impression of you. They will remember you as you are, so exude confidence because it is the secret for success in your business! You can afford it now for a fraction of the original price. Why would you pay unnecessarily more, if it wasn’t needed? You can surprise your loved one, friend, business partner, boss and they will certainly remember you and your gift for a lifetime. Have a look, you will not be disappointed, I guarantee you ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] Be Surprised Now!
Your Dreams Come True! Here is the chance to reach your unachievable dream! Surprise yourself with a gift, which is impressive, extremely prestigious and hardly available anywhere. Your business partners’ and friends will value it. Appearance does matter everywhere and unfamiliar people form their opinion by the first impression of you. They will remember you as you are, so exude confidence because it is the secret for success in your business! You can afford it now for a fraction of the original price. Why would you pay unnecessarily more, if it wasn’t needed? You can surprise your loved one, friend, business partner, boss and they will certainly remember you and your gift for a lifetime. Have a look, you will not be disappointed, I guarantee you ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] Be Surprised Now!
Your Dreams Come True! Here is the chance to reach your unachievable dream! Surprise yourself with a gift, which is impressive, extremely prestigious and hardly available anywhere. Your business partners’ and friends will value it. Appearance does matter everywhere and unfamiliar people form their opinion by the first impression of you. They will remember you as you are, so exude confidence because it is the secret for success in your business! You can afford it now for a fraction of the original price. Why would you pay unnecessarily more, if it wasn’t needed? You can surprise your loved one, friend, business partner, boss and they will certainly remember you and your gift for a lifetime. Have a look, you will not be disappointed, I guarantee you ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] Be Surprised Now!
Your Dreams Come True! Here is the chance to reach your unachievable dream! Surprise yourself with a gift, which is impressive, extremely prestigious and hardly available anywhere. Your business partners’ and friends will value it. Appearance does matter everywhere and unfamiliar people form their opinion by the first impression of you. They will remember you as you are, so exude confidence because it is the secret for success in your business! You can afford it now for a fraction of the original price. Why would you pay unnecessarily more, if it wasn’t needed? You can surprise your loved one, friend, business partner, boss and they will certainly remember you and your gift for a lifetime. Have a look, you will not be disappointed, I guarantee you ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH ovs V7 02/24] netdev: Adding a new netdev api to be used for offloading flows
On Tue, Apr 18, 2017 at 03:18:55PM +0300, Roi Dayan wrote: > > > On 14/04/2017 04:11, Joe Stringer wrote: > >On 7 April 2017 at 06:12, Roi Dayanwrote: > >>From: Paul Blakey > >> > >>Signed-off-by: Paul Blakey > >>Reviewed-by: Roi Dayan > >>Reviewed-by: Simon Horman > >>--- > > > > > > > >>diff --git a/lib/netdev.h b/lib/netdev.h > >>index d6c07c1..6d2db7d 100644 > >>--- a/lib/netdev.h > >>+++ b/lib/netdev.h > >>@@ -156,6 +156,29 @@ int netdev_send(struct netdev *, int qid, struct > >>dp_packet_batch *, > >> bool may_steal, bool concurrent_txq); > >> void netdev_send_wait(struct netdev *, int qid); > >> > >>+/* Flow offloading. */ > >>+struct offload_info { > >>+const void *port_hmap_obj; /* To query ports info from netdev port map > >>*/ > >>+ovs_be16 tp_dst_port; /* Destination port for tunnel in SET action */ > > > >Is this assuming there is only ever one tunnel destination port? What > >about multiple output? > > > > Yes. we currently only support single dst port output. if there is more than > 1 we fail with EOPNOTSUPP and fallback to OVS datapath. > the check is done in dpif-netlink.c parse_flow_put() FWIW, from my PoV this is a shortcoming of the feature-set provided by this patch-set and is something I would like to see lifted at some point in the future - I would be interested in doing so if it isn't on anyone else's todo list. Perhaps it would be useful to formally list what offloads are supported by the API? The above notwithstanding, I would expect that output to a single tunnel vport covers a lot of use-cases. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH v3 2/8] userspace: Support for push_eth and pop_eth actions
> I am very disappointed that, apparently, 7 people from 6 different > companies have contributed to this code without ever using a simple > build tool, recommended by the OVS documentation, that finds real bugs. > Please install sparse and use it. Then, after you fix the bugs that > sparse finds automatically for you, please resubmit the series. > > Thanks, > > Ben. Hi Ben, This was my fault, my build script did not pass "C=1" to make. I'm sorry. I'm fixing the warnings, rebasing the code to latest master and sending a new patch set to the list. Best regards, Zoltan ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] ovn-detrace: add generated files to .gitignore.
Signed-off-by: Timothy Redaelli--- ovn/utilities/.gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ovn/utilities/.gitignore b/ovn/utilities/.gitignore index 2c06825..dbc3719 100644 --- a/ovn/utilities/.gitignore +++ b/ovn/utilities/.gitignore @@ -5,3 +5,5 @@ /ovn-sbctl.8 /ovn-trace /ovn-trace.8 +/ovn-detrace +/ovn-detrace.1 -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] gitignore: Ignore /docs-check instead of /htmldocs-check
Fixes: fd0837a76f4c ("doc: Convert ovs-vlan-test to rST") CC: Stephen FinucaneSigned-off-by: Timothy Redaelli --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index df75b40..cc864ec 100644 --- a/.gitignore +++ b/.gitignore @@ -51,7 +51,7 @@ /distfiles /dist-docs /flake8-check -/htmldocs-check +/docs-check /install-sh /libtool /manpage-check -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] Tweede kwartaal Employee Screening
Fra: Anne-Karin Frisk Sendt: 24. april 2017 10:24 Til: Anne-Karin Frisk Emne: Tweede kwartaal Employee Screening Beste collega. Uw Q2-screening is begonnen. Klik hierom te beginnen HR management ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] ovn: Document limitation in the L3HA plan
Anil Venkata and I were talking about this last week and we realised we had this limitation. It's not uncommon to other mechanisms like VRRP or CARP, but we thought that it was good to make sure everyone was on the same page, and that having gateways across multiple L2 domains with routing in the middle could be problematic. At a minimum it would require less strict tuning of the BFD pinging intervals. On Mon, Apr 24, 2017 at 10:21 AM,wrote: > From: Miguel Angel Ajo > > The intergateway monitoring covers host failure well, but > it doesn't cover path failure which is a more complicated > problem. > > By this change I don't mean we should implement something > to cover path failure right away, but that we should > keep the limitation in mind. > > Signed-off-by: Miguel Angel Ajo > --- > Documentation/topics/high-availability.rst | 8 > 1 file changed, 8 insertions(+) > > diff --git a/Documentation/topics/high-availability.rst > b/Documentation/topics/high-availability.rst > index 5b21b6469..7ee9357c0 100644 > --- a/Documentation/topics/high-availability.rst > +++ b/Documentation/topics/high-availability.rst > @@ -288,6 +288,14 @@ which are alive, and therefore whether or not that > gateway happens to be the > leader. If leading, the gateway forwards traffic normally, otherwise it > drops > all traffic. > > +We should note that this method works well under the assumption that there > +are no inter-gateway connectivity failures, in such case this method > would fail > +to elect a single master. The simplest example is two gateways which stop > seeing > +each other but can still reach the hypervisors. Protocols like VRRP or > CARP > +have the same issue. A mitigation for this type of failure mode could be > +achieved by having all network elements (hypervisors and gateways) > periodically > +share their link status to other endpoints. > + > Gateway Leadership Resignation > ++ > > -- > 2.11.0 (Apple Git-81) > > ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] ovn: Document limitation in the L3HA plan
From: Miguel Angel AjoThe intergateway monitoring covers host failure well, but it doesn't cover path failure which is a more complicated problem. By this change I don't mean we should implement something to cover path failure right away, but that we should keep the limitation in mind. Signed-off-by: Miguel Angel Ajo --- Documentation/topics/high-availability.rst | 8 1 file changed, 8 insertions(+) diff --git a/Documentation/topics/high-availability.rst b/Documentation/topics/high-availability.rst index 5b21b6469..7ee9357c0 100644 --- a/Documentation/topics/high-availability.rst +++ b/Documentation/topics/high-availability.rst @@ -288,6 +288,14 @@ which are alive, and therefore whether or not that gateway happens to be the leader. If leading, the gateway forwards traffic normally, otherwise it drops all traffic. +We should note that this method works well under the assumption that there +are no inter-gateway connectivity failures, in such case this method would fail +to elect a single master. The simplest example is two gateways which stop seeing +each other but can still reach the hypervisors. Protocols like VRRP or CARP +have the same issue. A mitigation for this type of failure mode could be +achieved by having all network elements (hypervisors and gateways) periodically +share their link status to other endpoints. + Gateway Leadership Resignation ++ -- 2.11.0 (Apple Git-81) ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] OVS installation issue with NSH patch
Hi, Kiruthiga As I told you, please check your kernel version. https://github.com/yyang13/ovs_nsh_patches also included patches for ovs 2.6.1, if you have kernel version higher than v4.3, please use patches for 2.6.1. ovs 2.5 only can be built on kernel 3.10 to 4.3. -Original Message- From: ovs-dev-boun...@openvswitch.org [mailto:ovs-dev-boun...@openvswitch.org] On Behalf Of Kiruthiga R Sent: Monday, April 24, 2017 11:50 AM To: Ben PfaffCc: ovs-dev@openvswitch.org Subject: Re: [ovs-dev] OVS installation issue with NSH patch Hi, Please find the attachment. Regards, Kiruthiga -Original Message- From: Ben Pfaff [mailto:b...@ovn.org] Sent: Friday, April 21, 2017 9:35 PM To: Kiruthiga R Cc: ovs-dev@openvswitch.org Subject: Re: [ovs-dev] OVS installation issue with NSH patch On Fri, Apr 21, 2017 at 05:40:57AM +, Kiruthiga R wrote: > Hi Team, > > I am trying to install OVS 2.5 with the NSH patch available in > https://github.com/yyang13/ovs_nsh_patches > I am facing error while doing "make". Attached the screenshot of error > message. I don't see any attachment. ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
Re: [ovs-dev] [PATCH] ovn.at: Fix "ovn -- 1 LR with distributed router gateway port" test
On Mon, Apr 24, 2017 at 9:48 AM, Mickey Spiegelwrote: > > On Thu, Apr 20, 2017 at 6:32 PM, YAMAMOTO Takashi > wrote: > >> NetBSD implementation of wc command outputs extra whitespaces >> like the following. Tweak the test to success on such environments. >> >> % echo hoge|wc -l|hexdump -C >> 20 20 20 20 20 20 20 31 0a | >> 1.| >> 0009 >> % >> >> The failing test was introduced by >> commit 41a15b71ed1ef35aa612a1128082219fbfc3f327 >> (ovn: Introduce distributed gateway port and "chassisredirect" port >> binding) >> >> Signed-off-by: YAMAMOTO Takashi >> > > There are three more in one of the tests in system-ovn.at, affecting make > check-kernel. > sure. but those tests seem heavily linux-centric anyway for other reasons. > > Acked-by: Mickey Spiegel > > > >> --- >> tests/ovn.at | 18 ++ >> 1 file changed, 6 insertions(+), 12 deletions(-) >> >> diff --git a/tests/ovn.at b/tests/ovn.at >> index af77c19..1bffc4c 100644 >> --- a/tests/ovn.at >> +++ b/tests/ovn.at >> @@ -6567,20 +6567,14 @@ as hv3 ovs-ofctl dump-flows br-int >> echo "--" >> >> # Check that redirect mapping is programmed only on hv2 >> -AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=33 | grep >> =0x3,metadata=0x1 | wc -l], [0], [0 >> -]) >> -AT_CHECK([as hv2 ovs-ofctl dump-flows br-int table=33 | grep >> =0x3,metadata=0x1 | grep load:0x2- | wc -l], [0], [1 >> -]) >> +AT_CHECK([test `as hv1 ovs-ofctl dump-flows br-int table=33 | grep >> =0x3,metadata=0x1 | wc -l` -eq 0]) >> +AT_CHECK([test `as hv2 ovs-ofctl dump-flows br-int table=33 | grep >> =0x3,metadata=0x1 | grep load:0x2- | wc -l` -eq 1]) >> # Check that hv1 sends chassisredirect port traffic to hv2 >> -AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=32 | grep >> =0x3,metadata=0x1 | grep output | wc -l], [0], [1 >> -]) >> -AT_CHECK([as hv2 ovs-ofctl dump-flows br-int table=32 | grep >> =0x3,metadata=0x1 | wc -l], [0], [0 >> -]) >> +AT_CHECK([test `as hv1 ovs-ofctl dump-flows br-int table=32 | grep >> =0x3,metadata=0x1 | grep output | wc -l` -eq 1]) >> +AT_CHECK([test `as hv2 ovs-ofctl dump-flows br-int table=32 | grep >> =0x3,metadata=0x1 | wc -l` -eq 0]) >> # Check that arp reply on distributed gateway port is only programmed on >> hv2 >> -AT_CHECK([as hv1 ovs-ofctl dump-flows br-int | grep arp | grep >> =0x2,metadata=0x1 | wc -l], [0], [0 >> -]) >> -AT_CHECK([as hv2 ovs-ofctl dump-flows br-int | grep arp | grep >> =0x2,metadata=0x1 | wc -l], [0], [1 >> -]) >> +AT_CHECK([test `as hv1 ovs-ofctl dump-flows br-int | grep arp | grep >> =0x2,metadata=0x1 | wc -l` -eq 0]) >> +AT_CHECK([test `as hv2 ovs-ofctl dump-flows br-int | grep arp | grep >> =0x2,metadata=0x1 | wc -l` -eq 1]) >> >> >> ip_to_hex() { >> -- >> 2.5.4 (Apple Git-61) >> >> ___ >> dev mailing list >> d...@openvswitch.org >> https://mail.openvswitch.org/mailman/listinfo/ovs-dev >> > > ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev