Re: [ovs-dev] [PATCH] xlate: Use OVS_CT_ATTR_EVENTMASK.

[Ben Pfaff]

OK, I understand now.  Thank you!

On Mon, Apr 24, 2017 at 07:00:38PM -0700, Jarno Rajahalme wrote:
> Ben,
> 
> The visible effect is that listeners of conntrack update events do not get L4 
> state transition events but still get the mark and label change 
> notifications. A simple way of seeing the difference is to run “conntrack -E” 
> while running a test case both before and after this change. For example:
> 
> System testsuite test:
> 
>  65: conntrack - FTP NAT postrecirc seqadj   ok
> 
> 
> Before:
> 
> root@debian-jr:/home/jrajahalme# conntrack -E
> [NEW] tcp  6 120 SYN_SENT src=10.1.1.1 dst=10.1.1.2 sport=40013 
> dport=21 [UNREPLIED] src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 
> helper=ftp
>  [UPDATE] tcp  6 60 SYN_RECV src=10.1.1.1 dst=10.1.1.2 sport=40013 
> dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 helper=ftp
>  [UPDATE] tcp  6 432000 ESTABLISHED src=10.1.1.1 dst=10.1.1.2 sport=40013 
> dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] helper=ftp
> [NEW] tcp  6 120 SYN_SENT src=10.1.1.2 dst=10.1.1.240 sport=52549 
> dport=48972 [UNREPLIED] src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549
>  [UPDATE] tcp  6 60 SYN_RECV src=10.1.1.2 dst=10.1.1.240 sport=52549 
> dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549
>  [UPDATE] tcp  6 432000 ESTABLISHED src=10.1.1.2 dst=10.1.1.240 
> sport=52549 dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 
> [ASSURED]
>  [UPDATE] tcp  6 120 FIN_WAIT src=10.1.1.2 dst=10.1.1.240 sport=52549 
> dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 [ASSURED]
>  [UPDATE] tcp  6 30 LAST_ACK src=10.1.1.2 dst=10.1.1.240 sport=52549 
> dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 [ASSURED]
>  [UPDATE] tcp  6 120 TIME_WAIT src=10.1.1.2 dst=10.1.1.240 sport=52549 
> dport=48972 src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 [ASSURED]
>  [UPDATE] tcp  6 120 FIN_WAIT src=10.1.1.1 dst=10.1.1.2 sport=40013 
> dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] helper=ftp
>  [UPDATE] tcp  6 30 LAST_ACK src=10.1.1.1 dst=10.1.1.2 sport=40013 
> dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] helper=ftp
>  [UPDATE] tcp  6 120 TIME_WAIT src=10.1.1.1 dst=10.1.1.2 sport=40013 
> dport=21 src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED] helper=ftp
> [DESTROY] tcp  6 src=10.1.1.1 dst=10.1.1.2 sport=40013 dport=21 
> src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40013 [ASSURED]
> [DESTROY] tcp  6 src=10.1.1.2 dst=10.1.1.240 sport=52549 dport=48972 
> src=10.1.1.1 dst=10.1.1.2 sport=48972 dport=52549 [ASSURED]
> 
> After:
> 
> [NEW] tcp  6 120 SYN_SENT src=10.1.1.1 dst=10.1.1.2 sport=40014 
> dport=21 [UNREPLIED] src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40014 
> helper=ftp
> [NEW] tcp  6 120 SYN_SENT src=10.1.1.2 dst=10.1.1.240 sport=53008 
> dport=50987 [UNREPLIED] src=10.1.1.1 dst=10.1.1.2 sport=50987 dport=53008
> [DESTROY] tcp  6 src=10.1.1.1 dst=10.1.1.2 sport=40014 dport=21 
> src=10.1.1.2 dst=10.1.1.240 sport=21 dport=40014 [ASSURED]
> [DESTROY] tcp  6 src=10.1.1.2 dst=10.1.1.240 sport=53008 dport=50987 
> src=10.1.1.1 dst=10.1.1.2 sport=50987 dport=53008 [ASSURED]
> 
> 
> System testsuite tests (HTTP GET tests):
> 
>  27: conntrack - ct_mark bit-fiddlingok
>  30: conntrack - ct_label bit-fiddling   ok
> 
> Before:
> 
> [NEW] tcp  6 120 SYN_SENT src=10.1.1.1 dst=10.1.1.2 sport=44270 
> dport=80 [UNREPLIED] src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 mark=5
>  [UPDATE] tcp  6 60 SYN_RECV src=10.1.1.1 dst=10.1.1.2 sport=44270 
> dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 mark=3
>  [UPDATE] tcp  6 432000 ESTABLISHED src=10.1.1.1 dst=10.1.1.2 sport=44270 
> dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3
>  [UPDATE] tcp  6 120 FIN_WAIT src=10.1.1.1 dst=10.1.1.2 sport=44270 
> dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3
>  [UPDATE] tcp  6 30 LAST_ACK src=10.1.1.1 dst=10.1.1.2 sport=44270 
> dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3
>  [UPDATE] tcp  6 120 TIME_WAIT src=10.1.1.1 dst=10.1.1.2 sport=44270 
> dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3
> [DESTROY] tcp  6 src=10.1.1.1 dst=10.1.1.2 sport=44270 dport=80 
> src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44270 [ASSURED] mark=3
> 
> 
> [NEW] tcp  6 120 SYN_SENT src=10.1.1.1 dst=10.1.1.2 sport=44271 
> dport=80 [UNREPLIED] src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44271 labels=0,2
>  [UPDATE] tcp  6 60 SYN_RECV src=10.1.1.1 dst=10.1.1.2 sport=44271 
> dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44271 labels=0,33
>  [UPDATE] tcp  6 432000 ESTABLISHED src=10.1.1.1 dst=10.1.1.2 sport=44271 
> dport=80 src=10.1.1.2 dst=10.1.1.1 sport=80 dport=44271 [ASSURED]
>  [UPDATE] tcp  6 432000 src=10.1.1.1 

Re: [ovs-dev] ovn: SFC Patch V3

[Mickey Spiegel]

On Mon, Apr 24, 2017 at 12:56 PM,  wrote:

> From: John McDowall 
>
>
> Fixed changes from Mickey's last review.
>
> Changes
>
> 1) Fixed re-circulation rules
>

Still a few modifications required. See comments inline. I just typed some
stuff out, have not run, built, or tested anything.


> 2) Fixed match statement - match is only applied to beginnning of chain in
>each direction.
> 3) Fixed array length of chain of VNFs. I have tested thi sup to three VNFs
>in a chain and it looks like it works in both directions.
>
> Areas to review
>
> 1) The logic now supports hair-pinnign the flow back to the original
> source to
>ensure that the MAC learnign problem is addressed. I tested this using
>ovn-trace - any better testing that I should do?
>
> Current todo list
>
> 1) I have standalone tests need to add tests to ovs/ovn framework.
> 2) Load-balancing support for port-pair-groups
> 3) Publish more detailed examples.
> 4) Submit suggestions to change and shorted the CLI names.
>
> Simple example using ovn-trace
>
> #!/bin/sh
> #
> clear
> ovn-nbctl ls-add swt1
>
> ovn-nbctl lsp-add swt1 swt1-appc
> ovn-nbctl lsp-add swt1 swt1-apps
> ovn-nbctl lsp-add swt1 swt1-vnfp1
> ovn-nbctl lsp-add swt1 swt1-vnfp2
>
> ovn-nbctl lsp-set-addresses swt1-appc "00:00:00:00:00:01 192.168.33.1"
> ovn-nbctl lsp-set-addresses swt1-apps "00:00:00:00:00:02 192.168.33.2"
> ovn-nbctl lsp-set-addresses swt1-vnfp1 00:00:00:00:00:03
> ovn-nbctl lsp-set-addresses swt1-vnfp2 00:00:00:00:00:04
> #
> # Configure Service chain
> #
> ovn-nbctl lsp-pair-add swt1 swt1-vnfp1 swt1-vnfp2 pp1
> ovn-nbctl lsp-chain-add swt1 pc1
> ovn-nbctl lsp-pair-group-add pc1 ppg1
> ovn-nbctl lsp-pair-group-add-port-pair ppg1 pp1
> ovn-nbctl lsp-chain-classifier-add swt1 pc1 swt1-appc "entry-lport"
> "bi-directional" pcc1
> #
> ovn-sbctl dump-flows
> #
> # Run trace command
> printf "\n-Flow 1 -\n\n"
> ovn-trace --detailed  swt1 'inport == "swt1-appc" && eth.src ==
> 00:00:00:00:00:01 && eth.dst == 00:00:00:00:00:02'
> printf "\n-Flow 2 -\n\n"
> ovn-trace --detailed  swt1 'inport == "swt1-vnfp1" && eth.src ==
> 00:00:00:00:00:01 && eth.dst == 00:00:00:00:00:02'
> printf "\n-Flow 3 -\n\n"
> ovn-trace --detailed  swt1 'inport == "swt1-apps" && eth.dst ==
> 00:00:00:00:00:01 && eth.src == 00:00:00:00:00:02'
> printf "\n-Flow 4 -\n\n"
> ovn-trace --detailed  swt1 'inport == "swt1-vnfp2" && eth.dst ==
> 00:00:00:00:00:01 && eth.src == 00:00:00:00:00:02'
> #
> # Cleanup
> #
> ovn-nbctl lsp-chain-classifier-del pcc1
> ovn-nbctl lsp-pair-group-del ppg1
> ovn-nbctl lsp-chain-del pc1
> ovn-nbctl lsp-pair-del pp1
> ovn-nbctl ls-del swt1
>
> Reported at: https://mail.openvswitch.org/pipermail/ovs-discuss/2016-
> March/040381.html
> Reported at: https://mail.openvswitch.org/pipermail/ovs-discuss/2016-
> May/041359.html
>
> Signed-off-by: John McDowall 
> Signed-off-by: Flavio Fernandes 
> Co-authored-by: Flavio Fernandes 
> ---
>  ovn/northd/ovn-northd.8.xml   |   69 ++-
>  ovn/northd/ovn-northd.c   |  382 -
>  ovn/ovn-architecture.7.xml|   91 
>  ovn/ovn-nb.ovsschema  |   87 ++-
>  ovn/ovn-nb.xml|  188 ++-
>  ovn/utilities/ovn-nbctl.8.xml |  231 
>  ovn/utilities/ovn-nbctl.c | 1208 ++
> +++
>  7 files changed, 2227 insertions(+), 29 deletions(-)
>
>



>
> diff --git ovn/northd/ovn-northd.c ovn/northd/ovn-northd.c
> index d0a5ba2..090f768 100644
> --- ovn/northd/ovn-northd.c
> +++ ovn/northd/ovn-northd.c
> @@ -106,13 +106,14 @@ enum ovn_stage {
>  PIPELINE_STAGE(SWITCH, IN,  PRE_LB, 4, "ls_in_pre_lb")
> \
>  PIPELINE_STAGE(SWITCH, IN,  PRE_STATEFUL,   5, "ls_in_pre_stateful")
> \
>  PIPELINE_STAGE(SWITCH, IN,  ACL,6, "ls_in_acl")
>  \
> -PIPELINE_STAGE(SWITCH, IN,  QOS_MARK,   7, "ls_in_qos_mark")
> \
> -PIPELINE_STAGE(SWITCH, IN,  LB, 8, "ls_in_lb")
> \
> -PIPELINE_STAGE(SWITCH, IN,  STATEFUL,   9, "ls_in_stateful")
> \
> -PIPELINE_STAGE(SWITCH, IN,  ARP_ND_RSP,10, "ls_in_arp_rsp")
>  \
> -PIPELINE_STAGE(SWITCH, IN,  DHCP_OPTIONS,  11, "ls_in_dhcp_options")
> \
> -PIPELINE_STAGE(SWITCH, IN,  DHCP_RESPONSE, 12, "ls_in_dhcp_response")
> \
> -PIPELINE_STAGE(SWITCH, IN,  L2_LKUP,   13, "ls_in_l2_lkup")
>  \
> +PIPELINE_STAGE(SWITCH, IN,  CHAIN,  7, "ls_in_chain")\
> +PIPELINE_STAGE(SWITCH, IN,  QOS_MARK,   8, "ls_in_qos_mark")\
> +PIPELINE_STAGE(SWITCH, IN,  LB, 9, "ls_in_lb")
> \
> +PIPELINE_STAGE(SWITCH, IN,  STATEFUL,  10, "ls_in_stateful")
> \
> +PIPELINE_STAGE(SWITCH, IN,  ARP_ND_RSP,11, "ls_in_arp_rsp")
>  \
> +PIPELINE_STAGE(SWITCH, IN,  DHCP_OPTIONS,  12, "ls_in_dhcp_options")
> \
> +

[ovs-dev] 高效挖掘外国客户买家信息采购信息

[sales2]

您是否觉得阿里巴巴过去被动，展会价格高效果却不明显。

百分之90的优质客户可以通过搜索引擎接触到，主动联系国外终端买家，

绕开活跃在中国的中间商，是目前最好的客户开发方法。

您可以没有使用，但是不能没有了解。

抢先一步，快人一路，客户开发不再被动等待，主动出击


咨询QQ：2955317800
联系电话：13316847219
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] xlate: Use OVS_CT_ATTR_EVENTMASK.

[Ben Pfaff]

What's the visible effect of this change?  I am not sure, based on the
patch description.  One or two more sentences of context would help.

Thanks,

Ben.

On Mon, Apr 24, 2017 at 02:58:49PM -0700, Jarno Rajahalme wrote:
> Specify the event mask with CT commit including bits for CT features
> exposed at the OVS interface (mark and label changes in addition to
> basic creation and destruction of conntrack entries).
> 
> VMware-BZ: #1837218
> Signed-off-by: Jarno Rajahalme 
> ---
> This patch depends on the following other patches currently in review:
> - "datapath-windows: Add missing IPCT_LABEL."
> - "datapath: Add eventmask support to CT action."
> 
> build-aux/extract-odp-netlink-h | 2 ++
>  ofproto/ofproto-dpif-xlate.c| 3 +++
>  2 files changed, 5 insertions(+)
> 
> diff --git a/build-aux/extract-odp-netlink-h b/build-aux/extract-odp-netlink-h
> index 907a70a..7fb6ce8 100755
> --- a/build-aux/extract-odp-netlink-h
> +++ b/build-aux/extract-odp-netlink-h
> @@ -19,6 +19,8 @@ $i\
>  #ifdef _WIN32\
>  #include "OvsDpInterfaceExt.h"\
>  #include "OvsDpInterfaceCtExt.h"\
> +#else\
> +#include "linux/netfilter/nf_conntrack_common.h"\
>  #endif\
>  
>  # Use OVS's own struct eth_addr instead of a 6-byte char array.
> diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c
> index d8c6a7c..21f2f7a 100644
> --- a/ofproto/ofproto-dpif-xlate.c
> +++ b/ofproto/ofproto-dpif-xlate.c
> @@ -5351,6 +5351,9 @@ compose_conntrack_action(struct xlate_ctx *ctx, struct 
> ofpact_conntrack *ofc)
>  if (ofc->flags & NX_CT_F_COMMIT) {
>  nl_msg_put_flag(ctx->odp_actions, ofc->flags & NX_CT_F_FORCE ?
>  OVS_CT_ATTR_FORCE_COMMIT : OVS_CT_ATTR_COMMIT);
> +nl_msg_put_u32(ctx->odp_actions, OVS_CT_ATTR_EVENTMASK,
> +   1 << IPCT_NEW | 1 << IPCT_RELATED | 1 << IPCT_DESTROY 
> |
> +   1 << IPCT_MARK | 1 << IPCT_LABEL);
>  }
>  nl_msg_put_u16(ctx->odp_actions, OVS_CT_ATTR_ZONE, zone);
>  put_ct_mark(>xin->flow, ctx->odp_actions, ctx->wc);
> -- 
> 2.1.4
> 
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] xlate: Use OVS_CT_ATTR_EVENTMASK.

[Jarno Rajahalme]

Specify the event mask with CT commit including bits for CT features
exposed at the OVS interface (mark and label changes in addition to
basic creation and destruction of conntrack entries).

VMware-BZ: #1837218
Signed-off-by: Jarno Rajahalme 
---
This patch depends on the following other patches currently in review:
- "datapath-windows: Add missing IPCT_LABEL."
- "datapath: Add eventmask support to CT action."

build-aux/extract-odp-netlink-h | 2 ++
 ofproto/ofproto-dpif-xlate.c| 3 +++
 2 files changed, 5 insertions(+)

diff --git a/build-aux/extract-odp-netlink-h b/build-aux/extract-odp-netlink-h
index 907a70a..7fb6ce8 100755
--- a/build-aux/extract-odp-netlink-h
+++ b/build-aux/extract-odp-netlink-h
@@ -19,6 +19,8 @@ $i\
 #ifdef _WIN32\
 #include "OvsDpInterfaceExt.h"\
 #include "OvsDpInterfaceCtExt.h"\
+#else\
+#include "linux/netfilter/nf_conntrack_common.h"\
 #endif\
 
 # Use OVS's own struct eth_addr instead of a 6-byte char array.
diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c
index d8c6a7c..21f2f7a 100644
--- a/ofproto/ofproto-dpif-xlate.c
+++ b/ofproto/ofproto-dpif-xlate.c
@@ -5351,6 +5351,9 @@ compose_conntrack_action(struct xlate_ctx *ctx, struct 
ofpact_conntrack *ofc)
 if (ofc->flags & NX_CT_F_COMMIT) {
 nl_msg_put_flag(ctx->odp_actions, ofc->flags & NX_CT_F_FORCE ?
 OVS_CT_ATTR_FORCE_COMMIT : OVS_CT_ATTR_COMMIT);
+nl_msg_put_u32(ctx->odp_actions, OVS_CT_ATTR_EVENTMASK,
+   1 << IPCT_NEW | 1 << IPCT_RELATED | 1 << IPCT_DESTROY |
+   1 << IPCT_MARK | 1 << IPCT_LABEL);
 }
 nl_msg_put_u16(ctx->odp_actions, OVS_CT_ATTR_ZONE, zone);
 put_ct_mark(>xin->flow, ctx->odp_actions, ctx->wc);
-- 
2.1.4

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 2/2] datapath: Add eventmask support to CT action.

[Joe Stringer]

On 24 April 2017 at 14:03, Greg Rose  wrote:
> On Mon, 2017-04-24 at 13:50 -0700, Jarno Rajahalme wrote:
>> Upstream commit:
>>
>> commit 120645513f55a4ac5543120d9e79925d30a0156f
>> Author: Jarno Rajahalme 
>> Date:   Fri Apr 21 16:48:06 2017 -0700
>>
>> openvswitch: Add eventmask support to CT action.
>>
>> Add a new optional conntrack action attribute OVS_CT_ATTR_EVENTMASK,
>> which can be used in conjunction with the commit flag
>> (OVS_CT_ATTR_COMMIT) to set the mask of bits specifying which
>> conntrack events (IPCT_*) should be delivered via the Netfilter
>> netlink multicast groups.  Default behavior depends on the system
>> configuration, but typically a lot of events are delivered.  This can be
>> very chatty for the NFNLGRP_CONNTRACK_UPDATE group, even if only some
>> types of events are of interest.
>>
>> Netfilter core init_conntrack() adds the event cache extension, so we
>> only need to set the ctmask value.  However, if the system is
>> configured without support for events, the setting will be skipped due
>> to extension not being found.
>>
>> Signed-off-by: Jarno Rajahalme 
>> Reviewed-by: Greg Rose 
>> Acked-by: Joe Stringer 
>> Signed-off-by: David S. Miller 
>>
>> Signed-off-by: Jarno Rajahalme 
>
> On patches that have already been reviewed, accepted by the community
> and pushed upstream do we still ACK those here on the OVS dev list?

It's worth a last round of review just in case something was missed
upstream, but particularly if there are any changes within
datapath/linux/compat/* or outside datapath/, as those may not have
received review. The datapath backport compatibility
changes need to work across a variety of different kernels so
that's an easy vector to introduce bugs.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 2/2] datapath: Add eventmask support to CT action.

[Greg Rose]

On Mon, 2017-04-24 at 13:50 -0700, Jarno Rajahalme wrote:
> Upstream commit:
> 
> commit 120645513f55a4ac5543120d9e79925d30a0156f
> Author: Jarno Rajahalme 
> Date:   Fri Apr 21 16:48:06 2017 -0700
> 
> openvswitch: Add eventmask support to CT action.
> 
> Add a new optional conntrack action attribute OVS_CT_ATTR_EVENTMASK,
> which can be used in conjunction with the commit flag
> (OVS_CT_ATTR_COMMIT) to set the mask of bits specifying which
> conntrack events (IPCT_*) should be delivered via the Netfilter
> netlink multicast groups.  Default behavior depends on the system
> configuration, but typically a lot of events are delivered.  This can be
> very chatty for the NFNLGRP_CONNTRACK_UPDATE group, even if only some
> types of events are of interest.
> 
> Netfilter core init_conntrack() adds the event cache extension, so we
> only need to set the ctmask value.  However, if the system is
> configured without support for events, the setting will be skipped due
> to extension not being found.
> 
> Signed-off-by: Jarno Rajahalme 
> Reviewed-by: Greg Rose 
> Acked-by: Joe Stringer 
> Signed-off-by: David S. Miller 
> 
> Signed-off-by: Jarno Rajahalme 

On patches that have already been reviewed, accepted by the community
and pushed upstream do we still ACK those here on the OVS dev list?

Just want to keep noise down if they're not considered necessary.

Thanks,

- Greg

> ---
>  datapath/conntrack.c  | 27 
> +++
>  datapath/linux/compat/include/linux/openvswitch.h | 12 ++
>  lib/dpif-netdev.c |  4 
>  3 files changed, 43 insertions(+)
> 
> diff --git a/datapath/conntrack.c b/datapath/conntrack.c
> index f911fe8..95c3739 100644
> --- a/datapath/conntrack.c
> +++ b/datapath/conntrack.c
> @@ -73,7 +73,9 @@ struct ovs_conntrack_info {
>   u8 nat : 3; /* enum ovs_ct_nat */
>   u8 random_fully_compat : 1; /* bool */
>   u8 force : 1;
> + u8 have_eventmask : 1;
>   u16 family;
> + u32 eventmask;  /* Mask of 1 << IPCT_*. */
>   struct md_mark mark;
>   struct md_labels labels;
>  #ifdef CONFIG_NF_NAT_NEEDED
> @@ -1041,6 +1043,20 @@ static int ovs_ct_commit(struct net *net, struct 
> sw_flow_key *key,
>   if (!ct)
>   return 0;
>  
> + /* Set the conntrack event mask if given.  NEW and DELETE events have
> +  * their own groups, but the NFNLGRP_CONNTRACK_UPDATE group listener
> +  * typically would receive many kinds of updates.  Setting the event
> +  * mask allows those events to be filtered.  The set event mask will
> +  * remain in effect for the lifetime of the connection unless changed
> +  * by a further CT action with both the commit flag and the eventmask
> +  * option. */
> + if (info->have_eventmask) {
> + struct nf_conntrack_ecache *cache = nf_ct_ecache_find(ct);
> +
> + if (cache)
> + cache->ctmask = info->eventmask;
> + }
> +
>   /* Apply changes before confirming the connection so that the initial
>* conntrack NEW netlink event carries the values given in the CT
>* action.
> @@ -1277,6 +1293,8 @@ static const struct ovs_ct_len_tbl 
> ovs_ct_attr_lens[OVS_CT_ATTR_MAX + 1] = {
>   /* NAT length is checked when parsing the nested attributes. */
>   [OVS_CT_ATTR_NAT]   = { .minlen = 0, .maxlen = INT_MAX },
>  #endif
> + [OVS_CT_ATTR_EVENTMASK] = { .minlen = sizeof(u32),
> + .maxlen = sizeof(u32) },
>  };
>  
>  static int parse_ct(const struct nlattr *attr, struct ovs_conntrack_info 
> *info,
> @@ -1355,6 +1373,11 @@ static int parse_ct(const struct nlattr *attr, struct 
> ovs_conntrack_info *info,
>   break;
>   }
>  #endif
> + case OVS_CT_ATTR_EVENTMASK:
> + info->have_eventmask = true;
> + info->eventmask = nla_get_u32(a);
> + break;
> +
>   default:
>   OVS_NLERR(log, "Unknown conntrack attr (%d)",
> type);
> @@ -1558,6 +1581,10 @@ int ovs_ct_action_to_attr(const struct 
> ovs_conntrack_info *ct_info,
>  ct_info->helper->name))
>   return -EMSGSIZE;
>   }
> + if (ct_info->have_eventmask &&
> + nla_put_u32(skb, OVS_CT_ATTR_EVENTMASK, ct_info->eventmask))
> + return -EMSGSIZE;
> +
>  #ifdef CONFIG_NF_NAT_NEEDED
>   if (ct_info->nat && !ovs_ct_nat_to_attr(ct_info, skb))
>   return -EMSGSIZE;
> diff --git a/datapath/linux/compat/include/linux/openvswitch.h 
> b/datapath/linux/compat/include/linux/openvswitch.h
> index 8a6b729..72627f9 100644
> --- 

Re: [ovs-dev] [RFC 2/4] doc: Convert ovs-vlan-test to rST

[Ben Pfaff]

On Mon, Apr 24, 2017 at 04:37:51PM -0400, Leif Madsen wrote:
> On Mon, Apr 24, 2017 at 3:57 PM, Ben Pfaff  wrote:
> 
> > On Mon, Apr 24, 2017 at 03:52:53PM -0400, Leif Madsen wrote:
> > > I think this change might have broken packaging :)
> > >
> > > I just tested, and with the removal / renaming of the man8 pages for
> > > ovs-test and ovs-vlan-test, the RPM fails to build because of missing
> > files
> > > that no longer match the glob.
> > >
> > > These two lines need to be removed from the build:
> > >
> > > 471 %{_mandir}/man8/ovs-test.8*
> > > 472 %{_mandir}/man8/ovs-vlan-test.8*
> > >
> > >
> > > I'll submit a patch shortly.
> >
> > OK, I'm confused then.  There was no removal or renaming of the
> > installed man8 pages, only of the source files.  So, when I run "make
> > install DESTDIR=$PWD/inst", I get a file
> > inst/usr/share/man/man8/ovs-test.8 installed, and that should be the
> > same as before.
> >
> > Any idea what's going on?
> >
> 
> Huh, well then I'm very confused as well :)
> 
> I just did a test, and things seem to build fine when I remove those two
> lines. Otherwise, the RPM will fail to build with the following:
> 
> Processing files:
> openvswitch-test-2.7.90.14191.git3570f7e4-1.el7.centos.noarch
> error: File not found by glob:
> /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-test.8*
> error: File not found by glob:
> /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-vlan-test.8*
> 
> 
> RPM build errors:
> File not found by glob:
> /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-test.8*
> File not found by glob:
> /builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-vlan-test.8*
> 
> 
> 
> So I'm not entirely sure why my build isn't resulting in those files. I
> have everything being built from a script and done in mock, so things
> should be quite reproducable. I see the same failure both on my COPR repo,
> and in my local build environment.

I don't really have a RPM build environment (my main distro is Debian),
but can I suggest an experiment?  Something like this:

diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in
index dbcab00cd428..1d43ebe50a69 100644
--- a/rhel/openvswitch-fedora.spec.in
+++ b/rhel/openvswitch-fedora.spec.in
@@ -228,6 +228,7 @@ make -f %{_datadir}/selinux/devel/Makefile
 %install
 rm -rf $RPM_BUILD_ROOT
 make install DESTDIR=$RPM_BUILD_ROOT
+find $RPM_BUILD_ROOT -name 'ovs-test*'
 
 install -d -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/openvswitch
 
to find out whether the ovs-test manpage is being installed at all and
if so where.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH 2/2] datapath: Add eventmask support to CT action.

[Jarno Rajahalme]

Upstream commit:

commit 120645513f55a4ac5543120d9e79925d30a0156f
Author: Jarno Rajahalme 
Date:   Fri Apr 21 16:48:06 2017 -0700

openvswitch: Add eventmask support to CT action.

Add a new optional conntrack action attribute OVS_CT_ATTR_EVENTMASK,
which can be used in conjunction with the commit flag
(OVS_CT_ATTR_COMMIT) to set the mask of bits specifying which
conntrack events (IPCT_*) should be delivered via the Netfilter
netlink multicast groups.  Default behavior depends on the system
configuration, but typically a lot of events are delivered.  This can be
very chatty for the NFNLGRP_CONNTRACK_UPDATE group, even if only some
types of events are of interest.

Netfilter core init_conntrack() adds the event cache extension, so we
only need to set the ctmask value.  However, if the system is
configured without support for events, the setting will be skipped due
to extension not being found.

Signed-off-by: Jarno Rajahalme 
Reviewed-by: Greg Rose 
Acked-by: Joe Stringer 
Signed-off-by: David S. Miller 

Signed-off-by: Jarno Rajahalme 
---
 datapath/conntrack.c  | 27 +++
 datapath/linux/compat/include/linux/openvswitch.h | 12 ++
 lib/dpif-netdev.c |  4 
 3 files changed, 43 insertions(+)

diff --git a/datapath/conntrack.c b/datapath/conntrack.c
index f911fe8..95c3739 100644
--- a/datapath/conntrack.c
+++ b/datapath/conntrack.c
@@ -73,7 +73,9 @@ struct ovs_conntrack_info {
u8 nat : 3; /* enum ovs_ct_nat */
u8 random_fully_compat : 1; /* bool */
u8 force : 1;
+   u8 have_eventmask : 1;
u16 family;
+   u32 eventmask;  /* Mask of 1 << IPCT_*. */
struct md_mark mark;
struct md_labels labels;
 #ifdef CONFIG_NF_NAT_NEEDED
@@ -1041,6 +1043,20 @@ static int ovs_ct_commit(struct net *net, struct 
sw_flow_key *key,
if (!ct)
return 0;
 
+   /* Set the conntrack event mask if given.  NEW and DELETE events have
+* their own groups, but the NFNLGRP_CONNTRACK_UPDATE group listener
+* typically would receive many kinds of updates.  Setting the event
+* mask allows those events to be filtered.  The set event mask will
+* remain in effect for the lifetime of the connection unless changed
+* by a further CT action with both the commit flag and the eventmask
+* option. */
+   if (info->have_eventmask) {
+   struct nf_conntrack_ecache *cache = nf_ct_ecache_find(ct);
+
+   if (cache)
+   cache->ctmask = info->eventmask;
+   }
+
/* Apply changes before confirming the connection so that the initial
 * conntrack NEW netlink event carries the values given in the CT
 * action.
@@ -1277,6 +1293,8 @@ static const struct ovs_ct_len_tbl 
ovs_ct_attr_lens[OVS_CT_ATTR_MAX + 1] = {
/* NAT length is checked when parsing the nested attributes. */
[OVS_CT_ATTR_NAT]   = { .minlen = 0, .maxlen = INT_MAX },
 #endif
+   [OVS_CT_ATTR_EVENTMASK] = { .minlen = sizeof(u32),
+   .maxlen = sizeof(u32) },
 };
 
 static int parse_ct(const struct nlattr *attr, struct ovs_conntrack_info *info,
@@ -1355,6 +1373,11 @@ static int parse_ct(const struct nlattr *attr, struct 
ovs_conntrack_info *info,
break;
}
 #endif
+   case OVS_CT_ATTR_EVENTMASK:
+   info->have_eventmask = true;
+   info->eventmask = nla_get_u32(a);
+   break;
+
default:
OVS_NLERR(log, "Unknown conntrack attr (%d)",
  type);
@@ -1558,6 +1581,10 @@ int ovs_ct_action_to_attr(const struct 
ovs_conntrack_info *ct_info,
   ct_info->helper->name))
return -EMSGSIZE;
}
+   if (ct_info->have_eventmask &&
+   nla_put_u32(skb, OVS_CT_ATTR_EVENTMASK, ct_info->eventmask))
+   return -EMSGSIZE;
+
 #ifdef CONFIG_NF_NAT_NEEDED
if (ct_info->nat && !ovs_ct_nat_to_attr(ct_info, skb))
return -EMSGSIZE;
diff --git a/datapath/linux/compat/include/linux/openvswitch.h 
b/datapath/linux/compat/include/linux/openvswitch.h
index 8a6b729..72627f9 100644
--- a/datapath/linux/compat/include/linux/openvswitch.h
+++ b/datapath/linux/compat/include/linux/openvswitch.h
@@ -739,6 +739,17 @@ struct ovs_action_push_tnl {
  * nothing if the connection is already committed will check that the current
  * packet is in conntrack entry's original direction.  If directionality does
  * not match, will delete the existing conntrack entry and create a new one.
+ * @OVS_CT_ATTR_EVENTMASK: 

[ovs-dev] [PATCH 1/2] datapath: Typo fix.

[Jarno Rajahalme]

Upstream commit:

commit abd0a4f2b41812e9ba334945e256909e3d28da57
Author: Jarno Rajahalme 
Date:   Fri Apr 21 16:48:05 2017 -0700

openvswitch: Typo fix.

Fix typo in a comment.

Signed-off-by: Jarno Rajahalme 
Acked-by: Greg Rose 
Signed-off-by: David S. Miller 

Signed-off-by: Jarno Rajahalme 
---
 datapath/conntrack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/datapath/conntrack.c b/datapath/conntrack.c
index 4c42a48..f911fe8 100644
--- a/datapath/conntrack.c
+++ b/datapath/conntrack.c
@@ -383,7 +383,7 @@ static int ovs_ct_init_labels(struct nf_conn *ct, struct 
sw_flow_key *key,
}
 
/* Labels are included in the IPCTNL_MSG_CT_NEW event only if the
-* IPCT_LABEL bit it set in the event cache.
+* IPCT_LABEL bit is set in the event cache.
 */
nf_conntrack_event_cache(IPCT_LABEL, ct);
 
-- 
2.1.4

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [RFC 2/4] doc: Convert ovs-vlan-test to rST

[Leif Madsen]

On Mon, Apr 24, 2017 at 3:57 PM, Ben Pfaff  wrote:

> On Mon, Apr 24, 2017 at 03:52:53PM -0400, Leif Madsen wrote:
> > I think this change might have broken packaging :)
> >
> > I just tested, and with the removal / renaming of the man8 pages for
> > ovs-test and ovs-vlan-test, the RPM fails to build because of missing
> files
> > that no longer match the glob.
> >
> > These two lines need to be removed from the build:
> >
> > 471 %{_mandir}/man8/ovs-test.8*
> > 472 %{_mandir}/man8/ovs-vlan-test.8*
> >
> >
> > I'll submit a patch shortly.
>
> OK, I'm confused then.  There was no removal or renaming of the
> installed man8 pages, only of the source files.  So, when I run "make
> install DESTDIR=$PWD/inst", I get a file
> inst/usr/share/man/man8/ovs-test.8 installed, and that should be the
> same as before.
>
> Any idea what's going on?
>

Huh, well then I'm very confused as well :)

I just did a test, and things seem to build fine when I remove those two
lines. Otherwise, the RPM will fail to build with the following:

Processing files:
openvswitch-test-2.7.90.14191.git3570f7e4-1.el7.centos.noarch
error: File not found by glob:
/builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-test.8*
error: File not found by glob:
/builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-vlan-test.8*


RPM build errors:
File not found by glob:
/builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-test.8*
File not found by glob:
/builddir/build/BUILDROOT/openvswitch-2.7.90.14191.git3570f7e4-1.el7.centos.x86_64/usr/share/man/man8/ovs-vlan-test.8*



So I'm not entirely sure why my build isn't resulting in those files. I
have everything being built from a script and done in mock, so things
should be quite reproducable. I see the same failure both on my COPR repo,
and in my local build environment.

Thoughts?

Leif.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] [packaging] Remove unneeded manpage globs

[Ben Pfaff]

On Mon, Apr 24, 2017 at 04:00:30PM -0400, Leif Madsen wrote:
> Remove unneeded manpage globs from the RPM spec file since they
> are no longer being generated.
> ---
>  rhel/openvswitch-fedora.spec.in | 2 --
>  1 file changed, 2 deletions(-)
> 
> diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in
> index dbcab00..1095cd0 100644
> --- a/rhel/openvswitch-fedora.spec.in
> +++ b/rhel/openvswitch-fedora.spec.in
> @@ -468,8 +468,6 @@ fi
>  %{_bindir}/ovs-pcap
>  %{_bindir}/ovs-tcpdump
>  %{_bindir}/ovs-tcpundump
> -%{_mandir}/man8/ovs-test.8*
> -%{_mandir}/man8/ovs-vlan-test.8*
>  %{_mandir}/man8/ovs-l3ping.8*
>  %{_mandir}/man1/ovs-pcap.1*
>  %{_mandir}/man8/ovs-tcpdump.8*

I'm confused.  There was no removal or renaming of the installed man8
pages, only of the source files.  So, when I run "make install
DESTDIR=$PWD/inst", I get a file inst/usr/share/man/man8/ovs-test.8
installed, and that should be the same as before.

Any idea what's going on?

Thanks,

Ben.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] [packaging] Remove unneeded manpage globs

[Leif Madsen]

Remove unneeded manpage globs from the RPM spec file since they
are no longer being generated.
---
 rhel/openvswitch-fedora.spec.in | 2 --
 1 file changed, 2 deletions(-)

diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in
index dbcab00..1095cd0 100644
--- a/rhel/openvswitch-fedora.spec.in
+++ b/rhel/openvswitch-fedora.spec.in
@@ -468,8 +468,6 @@ fi
 %{_bindir}/ovs-pcap
 %{_bindir}/ovs-tcpdump
 %{_bindir}/ovs-tcpundump
-%{_mandir}/man8/ovs-test.8*
-%{_mandir}/man8/ovs-vlan-test.8*
 %{_mandir}/man8/ovs-l3ping.8*
 %{_mandir}/man1/ovs-pcap.1*
 %{_mandir}/man8/ovs-tcpdump.8*
-- 
2.9.3

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] ovs-ofctl: Document group selection algorithm.

[Ben Pfaff]

Thanks!  I applied this to master.

On Mon, Apr 24, 2017 at 12:52:33PM -0700, Jarno Rajahalme wrote:
> Acked-by: Jarno Rajahalme 
> 
> > On Apr 24, 2017, at 9:06 AM, Ben Pfaff  wrote:
> > 
> > Signed-off-by: Ben Pfaff 
> > ---
> > utilities/ovs-ofctl.8.in | 10 ++
> > 1 file changed, 6 insertions(+), 4 deletions(-)
> > 
> > diff --git a/utilities/ovs-ofctl.8.in b/utilities/ovs-ofctl.8.in
> > index 96232a5003e4..2e6679ebe98c 100644
> > --- a/utilities/ovs-ofctl.8.in
> > +++ b/utilities/ovs-ofctl.8.in
> > @@ -1960,10 +1960,12 @@ other commands. The following keywords designated 
> > the allowed types:
> > .IP \fBall\fR
> > Execute all buckets in the group.
> > .IP \fBselect\fR
> > -Execute one bucket in the group.
> > -The switch should select the bucket in such a way that should implement
> > -equal load sharing is achieved.  The switch may optionally select the
> > -bucket based on bucket weights.
> > +Execute one bucket in the group, balancing across the buckets
> > +according to their weights.  To select a bucket, for each live bucket,
> > +Open vSwitch hashes flow data with the bucket ID and multiplies by the
> > +bucket weight to obtain a ``score,'' and then selects the bucket with
> > +the highest score.  Use \fBselection_method\fR to control the flow
> > +data used for selection.
> > .IP \fBindirect\fR
> > Executes the one bucket in the group.
> > .IP \fBff\fR
> > -- 
> > 2.10.2
> > 
> > ___
> > dev mailing list
> > d...@openvswitch.org
> > https://mail.openvswitch.org/mailman/listinfo/ovs-dev
> 
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [RFC 2/4] doc: Convert ovs-vlan-test to rST

[Ben Pfaff]

On Mon, Apr 24, 2017 at 03:52:53PM -0400, Leif Madsen wrote:
> I think this change might have broken packaging :)
> 
> I just tested, and with the removal / renaming of the man8 pages for
> ovs-test and ovs-vlan-test, the RPM fails to build because of missing files
> that no longer match the glob.
> 
> These two lines need to be removed from the build:
> 
> 471 %{_mandir}/man8/ovs-test.8*
> 
> 
> 
> 472 %{_mandir}/man8/ovs-vlan-test.8*
> 
> 
> I'll submit a patch shortly.

OK, I'm confused then.  There was no removal or renaming of the
installed man8 pages, only of the source files.  So, when I run "make
install DESTDIR=$PWD/inst", I get a file
inst/usr/share/man/man8/ovs-test.8 installed, and that should be the
same as before.

Any idea what's going on?

Thanks,

Ben.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] ovn: SFC Patch V3

[jmcdowall]

From: John McDowall 


Fixed changes from Mickey's last review.

Changes

1) Fixed re-circulation rules
2) Fixed match statement - match is only applied to beginnning of chain in
   each direction.
3) Fixed array length of chain of VNFs. I have tested thi sup to three VNFs
   in a chain and it looks like it works in both directions. 

Areas to review

1) The logic now supports hair-pinnign the flow back to the original source to
   ensure that the MAC learnign problem is addressed. I tested this using 
   ovn-trace - any better testing that I should do?

Current todo list

1) I have standalone tests need to add tests to ovs/ovn framework.
2) Load-balancing support for port-pair-groups
3) Publish more detailed examples.
4) Submit suggestions to change and shorted the CLI names.

Simple example using ovn-trace

#!/bin/sh
#
clear
ovn-nbctl ls-add swt1

ovn-nbctl lsp-add swt1 swt1-appc
ovn-nbctl lsp-add swt1 swt1-apps
ovn-nbctl lsp-add swt1 swt1-vnfp1
ovn-nbctl lsp-add swt1 swt1-vnfp2

ovn-nbctl lsp-set-addresses swt1-appc "00:00:00:00:00:01 192.168.33.1"
ovn-nbctl lsp-set-addresses swt1-apps "00:00:00:00:00:02 192.168.33.2"
ovn-nbctl lsp-set-addresses swt1-vnfp1 00:00:00:00:00:03
ovn-nbctl lsp-set-addresses swt1-vnfp2 00:00:00:00:00:04
#
# Configure Service chain
#
ovn-nbctl lsp-pair-add swt1 swt1-vnfp1 swt1-vnfp2 pp1
ovn-nbctl lsp-chain-add swt1 pc1
ovn-nbctl lsp-pair-group-add pc1 ppg1
ovn-nbctl lsp-pair-group-add-port-pair ppg1 pp1
ovn-nbctl lsp-chain-classifier-add swt1 pc1 swt1-appc "entry-lport" 
"bi-directional" pcc1
#
ovn-sbctl dump-flows
#
# Run trace command
printf "\n-Flow 1 -\n\n"
ovn-trace --detailed  swt1 'inport == "swt1-appc" && eth.src == 
00:00:00:00:00:01 && eth.dst == 00:00:00:00:00:02'
printf "\n-Flow 2 -\n\n"
ovn-trace --detailed  swt1 'inport == "swt1-vnfp1" && eth.src == 
00:00:00:00:00:01 && eth.dst == 00:00:00:00:00:02'
printf "\n-Flow 3 -\n\n"
ovn-trace --detailed  swt1 'inport == "swt1-apps" && eth.dst == 
00:00:00:00:00:01 && eth.src == 00:00:00:00:00:02'
printf "\n-Flow 4 -\n\n"
ovn-trace --detailed  swt1 'inport == "swt1-vnfp2" && eth.dst == 
00:00:00:00:00:01 && eth.src == 00:00:00:00:00:02'
#
# Cleanup
#
ovn-nbctl lsp-chain-classifier-del pcc1
ovn-nbctl lsp-pair-group-del ppg1
ovn-nbctl lsp-chain-del pc1
ovn-nbctl lsp-pair-del pp1
ovn-nbctl ls-del swt1

Reported at: 
https://mail.openvswitch.org/pipermail/ovs-discuss/2016-March/040381.html
Reported at: 
https://mail.openvswitch.org/pipermail/ovs-discuss/2016-May/041359.html

Signed-off-by: John McDowall 
Signed-off-by: Flavio Fernandes 
Co-authored-by: Flavio Fernandes 
---
 ovn/northd/ovn-northd.8.xml   |   69 ++-
 ovn/northd/ovn-northd.c   |  382 -
 ovn/ovn-architecture.7.xml|   91 
 ovn/ovn-nb.ovsschema  |   87 ++-
 ovn/ovn-nb.xml|  188 ++-
 ovn/utilities/ovn-nbctl.8.xml |  231 
 ovn/utilities/ovn-nbctl.c | 1208 +
 7 files changed, 2227 insertions(+), 29 deletions(-)

diff --git ovn/northd/ovn-northd.8.xml ovn/northd/ovn-northd.8.xml
index ab8fd88..7788311 100644
--- ovn/northd/ovn-northd.8.xml
+++ ovn/northd/ovn-northd.8.xml
@@ -362,7 +362,62 @@
   
 
 
-Ingress Table 7: from-lport QoS marking
+ Ingress Table 7: from-lport Port Chaining
+
+
+  Logical flows in this table closely reproduce those in the
+  QoS table in the OVN_Northbound database
+  for the from-lport direction.
+
+
+
+  
+For every port-chain a set of rules will be added to direct traffic
+through the port pairs defined in the port-chain. A port chain
+is composed of an ordered set of port-pair-groups that contain one or
+more port-pairs. Traffic is directed into the port-chain by creating a
+port-chain-classifier. A port-chain can be reused by different
+port-chain-classifier instances allowing a port chain to be
+applied to multiple traffic paths and application traffic types.
+
+The port-chain-classifier defines a starting port or ending port and
+a direction for the traffic, either uni-directional or bi-directional.
+In addition a match expression can be defined to further filter
+traffic.
+
+Service insertion is implemented by adding 4 new flow rules into the
+OVN northbound database for each VNF inserted. The service
+insertion rules have a higher priority than the standard forwarding
+rules. This means that they override the existing forwarding rules.
+There are four new rules added for each insertion. Two ingress and two
+egress, The first ingress rule sends all traffic destined for the
+application into the VNF ingress port and the second rule takes all
+traffic destined 

Re: [ovs-dev] [PATCH v3 0/7] create tunnel devices using rtnetlink interface

[Ben Pfaff]

On Mon, Apr 24, 2017 at 12:25:30PM -0700, Joe Stringer wrote:
> On 24 April 2017 at 11:54, Ben Pfaff  wrote:
> > Joe, it looks like you've reviewed at least some patches in previous
> > versions of this series.  Are you planning to resume review?
> 
> Yes, I shall dig into that..

Thanks!
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [RFC 2/4] doc: Convert ovs-vlan-test to rST

[Leif Madsen]

I think this change might have broken packaging :)

I just tested, and with the removal / renaming of the man8 pages for
ovs-test and ovs-vlan-test, the RPM fails to build because of missing files
that no longer match the glob.

These two lines need to be removed from the build:

471 %{_mandir}/man8/ovs-test.8*



472 %{_mandir}/man8/ovs-vlan-test.8*


I'll submit a patch shortly.

Thanks,
Leif.

On Fri, Apr 14, 2017 at 4:18 PM, Ben Pfaff  wrote:

> I understand now.
>
> I think that this change should be invisible to the Debian and RHEL
> packaging, because both kinds of packaging use "make install
> DESTDIR=..." to install the manpages into a staging tree, then package
> them from that staging tree.  With this change, "make install" behaves
> the same way as before: both before and after the change, "make install"
> puts nroff versions of the manpages into $(DESTDIR)/usr/share/man/man#/
> (or wherever they are configured to go).
>
> (I have not actually tested either kind of packaging.)


-- 
Leif Madsen | Partner Engineer - NFV & CI
NFV Partner Engineering
Red Hat
GPG: (D670F846) BEE0 336E 5406 42BA 6194 6831 B38A 291E D670 F846
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] ovs-ofctl: Document group selection algorithm.

[Jarno Rajahalme]

Acked-by: Jarno Rajahalme 

> On Apr 24, 2017, at 9:06 AM, Ben Pfaff  wrote:
> 
> Signed-off-by: Ben Pfaff 
> ---
> utilities/ovs-ofctl.8.in | 10 ++
> 1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/utilities/ovs-ofctl.8.in b/utilities/ovs-ofctl.8.in
> index 96232a5003e4..2e6679ebe98c 100644
> --- a/utilities/ovs-ofctl.8.in
> +++ b/utilities/ovs-ofctl.8.in
> @@ -1960,10 +1960,12 @@ other commands. The following keywords designated the 
> allowed types:
> .IP \fBall\fR
> Execute all buckets in the group.
> .IP \fBselect\fR
> -Execute one bucket in the group.
> -The switch should select the bucket in such a way that should implement
> -equal load sharing is achieved.  The switch may optionally select the
> -bucket based on bucket weights.
> +Execute one bucket in the group, balancing across the buckets
> +according to their weights.  To select a bucket, for each live bucket,
> +Open vSwitch hashes flow data with the bucket ID and multiplies by the
> +bucket weight to obtain a ``score,'' and then selects the bucket with
> +the highest score.  Use \fBselection_method\fR to control the flow
> +data used for selection.
> .IP \fBindirect\fR
> Executes the one bucket in the group.
> .IP \fBff\fR
> -- 
> 2.10.2
> 
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] debian, xenserver: Update logrotate config to match RHEL.

[Ben Pfaff]

On Mon, Apr 24, 2017 at 12:25:51PM -0700, Guru Shetty wrote:
> On 13 April 2017 at 10:47, Ben Pfaff  wrote:
> 
> > Commit 618a5b45ae8b ("rhel: Avoid logrotate error if /var/run/openvswitch
> > does not exist") updated the RHEL logrotate configuration.  This commit
> > makes similar changes for Debian, by synchronizing with the RHEL version.
> >
> > In particular:
> >
> > - Indent to match logrotate.conf(5) examples.
> >
> > - Use "sharedscripts" flag, because the postrotate script only needs to
> >   run once regardless of the number of rotations.
> >
> > - Drop "delaycompress", because the postrotate script does make daemons
> >   reopen their log files.
> >
> > - Ignore errors calling vlog/reopen.
> >
> > Also make similar changes to the xenserver logrotate script.  I really
> > don't know if anyone uses the xenserver packaging anymore though.
> >
> > CC: Timothy Redaelli 
> > Signed-off-by: Ben Pfaff 
> >
> 
> Acked-by: Gurucharan Shetty 

Thanks!  I applied this to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] debian, xenserver: Update logrotate config to match RHEL.

[Guru Shetty]

On 13 April 2017 at 10:47, Ben Pfaff  wrote:

> Commit 618a5b45ae8b ("rhel: Avoid logrotate error if /var/run/openvswitch
> does not exist") updated the RHEL logrotate configuration.  This commit
> makes similar changes for Debian, by synchronizing with the RHEL version.
>
> In particular:
>
> - Indent to match logrotate.conf(5) examples.
>
> - Use "sharedscripts" flag, because the postrotate script only needs to
>   run once regardless of the number of rotations.
>
> - Drop "delaycompress", because the postrotate script does make daemons
>   reopen their log files.
>
> - Ignore errors calling vlog/reopen.
>
> Also make similar changes to the xenserver logrotate script.  I really
> don't know if anyone uses the xenserver packaging anymore though.
>
> CC: Timothy Redaelli 
> Signed-off-by: Ben Pfaff 
>

Acked-by: Gurucharan Shetty 


> ---
>  debian/openvswitch-switch.logrotate   | 14 +++---
>  xenserver/etc_logrotate.d_openvswitch | 22 --
>  2 files changed, 19 insertions(+), 17 deletions(-)
>
> diff --git a/debian/openvswitch-switch.logrotate
> b/debian/openvswitch-switch.logrotate
> index a7a71bdd90ad..7752af90cfed 100644
> --- a/debian/openvswitch-switch.logrotate
> +++ b/debian/openvswitch-switch.logrotate
> @@ -1,16 +1,16 @@
>  /var/log/openvswitch/*.log {
>  daily
>  compress
> +sharedscripts
>  create 640 root adm
> -delaycompress
>  missingok
>  rotate 30
>  postrotate
> -# Tell Open vSwitch daemons to reopen their log files
> -if [ -d /var/run/openvswitch ]; then
> -for pidfile in `cd /var/run/openvswitch && echo *.pid`; do
> -ovs-appctl -t "${pidfile%%.pid}" vlog/reopen
> -done
> -fi
> +   # Tell Open vSwitch daemons to reopen their log files
> +   if [ -d /var/run/openvswitch ]; then
> +   for pidfile in `cd /var/run/openvswitch && echo *.pid`; do
> +   ovs-appctl -t "${pidfile%%.pid}" vlog/reopen 2>/dev/null
> || :
> +   done
> +   fi
>  endscript
>  }
> diff --git a/xenserver/etc_logrotate.d_openvswitch
> b/xenserver/etc_logrotate.d_openvswitch
> index 73751d4578b0..cd7b3a9d569d 100644
> --- a/xenserver/etc_logrotate.d_openvswitch
> +++ b/xenserver/etc_logrotate.d_openvswitch
> @@ -1,4 +1,4 @@
> -# Copyright (C) 2009, 2010, 2011, 2012 Nicira, Inc.
> +# Copyright (C) 2009, 2010, 2011, 2012, 2017 Nicira, Inc.
>  #
>  # Copying and distribution of this file, with or without modification,
>  # are permitted in any medium without royalty provided the copyright
> @@ -6,14 +6,16 @@
>  # without warranty of any kind.
>
>  /var/log/openvswitch/*.log {
> -   daily
> -   compress
> -   sharedscripts
> -   missingok
> -   postrotate
> +daily
> +compress
> +sharedscripts
> +missingok
> +postrotate
> # Tell Open vSwitch daemons to reopen their log files
> -for pidfile in `cd /var/run/openvswitch && echo *.pid`; do
> -ovs-appctl -t "${pidfile%%.pid}" vlog/reopen
> -done
> -   endscript
> +if [ -d /var/run/openvswitch ]; then
> +   for pidfile in `cd /var/run/openvswitch && echo *.pid`; do
> +   ovs-appctl -t "${pidfile%%.pid}" vlog/reopen 2>/dev/null
> || :
> +   done
> +   fi
> +endscript
>  }
> --
> 2.10.2
>
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v3 0/7] create tunnel devices using rtnetlink interface

[Joe Stringer]

On 24 April 2017 at 11:54, Ben Pfaff  wrote:
> Joe, it looks like you've reviewed at least some patches in previous
> versions of this series.  Are you planning to resume review?

Yes, I shall dig into that..
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 0/7] Add OVS DPDK keep-alive functionality

[Bodireddy, Bhanuprakash]

>> > Agree that Latency is indeed important. I would collect the latency
>> > stats and will share the results in this thread.
>>
>> Awesome.  Even better would be to put those informations in the cover
>> letter of v2.  Just a short summary of the tests and what the results
>> were for latency / throughput would be good.
>
>I think it'd be even better to include measurements in one of the commit
>messages, because those are available in the repository after the patches are
>applied.  It's harder to find cover letters because they're only on the mailing
>list.

That's a good point, I will do this when I send on the v2 for this patch 
series. 
Also we will follow this for our other patches targeting performance!

- Bhanuprakash.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] ofproto-dpif-xlate: Fix the memory leak in netflow.

[Ben Pfaff]

On Fri, Mar 24, 2017 at 07:37:18AM +, zhangsha (A) wrote:
> From c4066ad97d4f9e39cd80f6d43f0592092423e0b6 Mon Sep 17 00:00:00 2001
> From: Sha Zhang 
> Date: Sat, 25 Mar 2017 04:43:56 +0800
> Subject: [PATCH] ofproto-dpif-xlate: Fix the memory leak in netflow.
> 
> The memory leak was triggered each time on
> creating a netflow and subsequently deleting it.
> 
> Signed-off-by: Sha Zhang 

Thanks.  The formatting was still not ideal, but I fixed it up and
applied it to master and then backported as far as branch-2.5.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 0/7] Add OVS DPDK keep-alive functionality

[Ben Pfaff]

On Mon, Apr 03, 2017 at 11:16:47AM -0400, Aaron Conole wrote:
> "Bodireddy, Bhanuprakash"  writes:
> 
> > Thanks Aaron for reviewing this patch series.  My comments inline.
> >
> >>
> >>Hi Bhanu,
> >>
> >>Bhanuprakash Bodireddy  writes:
> >>
> >>> This patch is aimed at achieving Fastpath Service Assurance in
> >>> OVS-DPDK deployments. This commit adds support for monitoring the
> >>> packet processing cores(pmd thread cores) by dispatching heartbeats at
> >>> regular intervals. Incase of heartbeat miss the failure shall be
> >>> detected & reported to higher level fault management
> >>systems/frameworks.
> >>>
> >>> The implementation uses POSIX shared memory object for storing the
> >>> events that will be read by monitoring framework. keep-alive feature
> >>> can be enabled through below OVSDB settings.
> >>>
> >>> keepalive=true
> >>>- Keepalive feature is disabled by default
> >>>
> >>> keepalive-interval="50"
> >>>- Timer interval in milliseconds for monitoring the packet
> >>>  processing cores.
> >>>
> >>> keepalive-shm-name="/dpdk_keepalive_shm_name"
> >>>- Shared memory block name where the events shall be updated.
> >>>
> >>> When KA is enabled, 'ovs-keepalive' thread shall be spawned that wakes
> >>> up at regular intervals to update the timestamp and status of pmd
> >>> cores in shared memory region.
> >>>
> >>> An external monitoring framework like collectd(with dpdk plugin
> >>> support) can read the status updates from shared memory. On a missing
> >>> heartbeat, the collectd shall relay the status to ceilometer service
> >>> running in the controller. Below is the high level overview of deployment
> >>model.
> >>
> >>Given this runs in-line in the fastpath, can you tell me what kind of 
> >>impact it is
> >>to throughput (and possibly latency) that this series implies?
> >
> > This feature has very minimal impact on the throughput. 
> > As you know, there is a significant drop on the current master due to 
> > commit: daf4d3c18da4("odp: Support conntrack orig tuple key.").
> > I folded in the RFC patch  by Daniele that fixes the memset and measured the
> > throughput with and without KA feature and see no significant difference in 
> > throughput.
> >
> > Agree that Latency is indeed important. I would collect the latency
> > stats and will share
> > the results in this thread. 
> 
> Awesome.  Even better would be to put those informations in the cover
> letter of v2.  Just a short summary of the tests and what the results
> were for latency / throughput would be good.

I think it'd be even better to include measurements in one of the commit
messages, because those are available in the repository after the
patches are applied.  It's harder to find cover letters because they're
only on the mailing list.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v2 3/3] ovn-controller: document command-line options in man page

[Lance Richardson]

Signed-off-by: Lance Richardson 
---
 ovn/controller/ovn-controller.8.xml | 64 +
 1 file changed, 23 insertions(+), 41 deletions(-)

diff --git a/ovn/controller/ovn-controller.8.xml 
b/ovn/controller/ovn-controller.8.xml
index f9cbbfe..d1fcd8a 100644
--- a/ovn/controller/ovn-controller.8.xml
+++ b/ovn/controller/ovn-controller.8.xml
@@ -20,6 +20,26 @@
   machine-local and do not run over a physical network.
 
 
+Options
+
+Daemon Options
+http://www.w3.org/2003/XInclude"/>
+
+Logging Options
+http://www.w3.org/2003/XInclude"/>
+
+PKI Options
+
+  PKI configuration is required in order to use SSL for the connections to
+  the Northbound and Southbound databases.
+
+http://www.w3.org/2003/XInclude"/>
+
+Other Options
+
+http://www.w3.org/2003/XInclude"/>
+
+
 Configuration
 
   ovn-controller retrieves most of its configuration
@@ -28,47 +48,9 @@
   vSwitch's "run" directory.  It may be overridden by specifying the
   ovs-database argument in one of the following forms:
 
-
-  
-
-  ssl:ip:port
-
-
-  The specified SSL port on the host at the given
-  ip, which must be expressed as an IP address (not a DNS
-  name) in IPv4 or IPv6 address format.  If ip is an IPv6
-  address, then wrap ip with square brackets, e.g.:
-  ssl:[::1]:6640.  The --private-key,
-  --certificate and either of --ca-cert
-  or --bootstrap-ca-cert options are mandatory when this
-  form is used.
-
-  
-  
-
-  tcp:ip:port
-
-
-  Connect to the given TCP port on ip, where
-  ip can be IPv4 or IPv6 address. If ip is an
-  IPv6 address, then wrap ip with square brackets, e.g.:
-  tcp:[::1]:6640.
-
-  
-  
-
-  unix:file
-
-
-  On POSIX, connect to the Unix domain server socket named
-  file.
-
-
-  On Windows, connect to a localhost TCP port whose value is written
-  in file.
-
-  
-
+http://www.w3.org/2003/XInclude"/>
+http://www.w3.org/2003/XInclude"/>
+
 
   ovn-controller assumes it gets configuration
   information from the following keys in the Open_vSwitch
-- 
2.9.3

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v2 2/3] northd: document command-line options in man page

[Lance Richardson]

Signed-off-by: Lance Richardson 
---
 ovn/northd/ovn-northd.8.xml | 101 
 1 file changed, 36 insertions(+), 65 deletions(-)

diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml
index ab8fd88..8021e2a 100644
--- a/ovn/northd/ovn-northd.8.xml
+++ b/ovn/northd/ovn-northd.8.xml
@@ -18,75 +18,46 @@
   ovn-sb(5)) below it.
 
 
-Configuration
+Options
+
+  --ovnnb-db=database
+  
+The OVSDB database containing the OVN Northbound Database.  If the
+OVN_NB_DB environment variable is set, its value is used
+as the default.  Otherwise, the default is
+unix:@RUNDIR@/ovnnb_db.sock.
+  
+  --ovnsb-db=database
+  
+The OVSDB database containing the OVN Southbound Database.  If the
+OVN_SB_DB environment variable is set, its value is used
+as the default.  Otherwise, the default is
+unix:@RUNDIR@/ovnsb_db.sock.
+  
+
 
-  ovn-northd requires a connection to the Northbound
-  and Southbound databases.  The defaults are ovnnb_db.sock
-  and ovnsb_db.sock respectively
-  in the local Open vSwitch's "run" directory.  This may be
-  overridden with the following commands:
+  database in the above options must take one of the following
+  forms:
 
-
-  
-
-  --ovnnb-db=database
-
-
-  The database containing the OVN Northbound Database.
-
-  
-  
-
-  --ovnsb-db=database
-
-
-  The database containing the OVN Southbound Database.
-
-  
-
+http://www.w3.org/2003/XInclude"/>
+http://www.w3.org/2003/XInclude"/>
+
+Daemon Options
+http://www.w3.org/2003/XInclude"/>
+
+Logging Options
+http://www.w3.org/2003/XInclude"/>
+
+PKI Options
 
-  The database argument must take one of the following forms:
+  PKI configuration is required in order to use SSL for the connections to
+  the Northbound and Southbound databases.
 
-
-  
-
-  ssl:ip:port
-
-
-  The specified SSL port on the host at the given
-  ip, which must be expressed as an IP address (not a DNS
-  name) in IPv4 or IPv6 address format.  If ip is an IPv6
-  address, then wrap ip with square brackets, e.g.:
-  ssl:[::1]:6640.  The --private-key,
-  --certificate, and --ca-cert options are
-  mandatory when this form is used.
-
-  
-  
-
-  tcp:ip:port
-
-
-  Connect to the given TCP port on ip, where
-  ip can be IPv4 or IPv6 address. If ip is an
-  IPv6 address, then wrap ip with square brackets, e.g.:
-  tcp:[::1]:6640.
-
-  
-  
-
-  unix:file
-
-
-  On POSIX, connect to the Unix domain server socket named
-  file.
-
-
-  On Windows, connect to a localhost TCP port whose value is written
-  in file.
-
-  
-
+http://www.w3.org/2003/XInclude"/>
+
+Other Options
+
+http://www.w3.org/2003/XInclude"/>
 
 Runtime Management Commands
 
-- 
2.9.3

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v2 1/3] ovsdb: add xml equivalents of remote man page fragments

[Lance Richardson]

Add XML equivalents for remote-active.man and remote-passive.man
for inclusion by man pages using XML format.

Signed-off-by: Lance Richardson 
---
 ovsdb/automake.mk|  4 
 ovsdb/remote-active.xml  | 30 ++
 ovsdb/remote-passive.xml | 36 
 3 files changed, 70 insertions(+)
 create mode 100644 ovsdb/remote-active.xml
 create mode 100644 ovsdb/remote-passive.xml

diff --git a/ovsdb/automake.mk b/ovsdb/automake.mk
index 33d04f8..8850b06 100644
--- a/ovsdb/automake.mk
+++ b/ovsdb/automake.mk
@@ -48,6 +48,10 @@ MAN_FRAGMENTS += \
ovsdb/replication.man \
ovsdb/replication-syn.man
 
+EXTRA_DIST += \
+   ovsdb/remote-active.xml \
+   ovsdb/remote-passive.xml
+
 # ovsdb-tool
 bin_PROGRAMS += ovsdb/ovsdb-tool
 ovsdb_ovsdb_tool_SOURCES = ovsdb/ovsdb-tool.c
diff --git a/ovsdb/remote-active.xml b/ovsdb/remote-active.xml
new file mode 100644
index 000..fe4801c
--- /dev/null
+++ b/ovsdb/remote-active.xml
@@ -0,0 +1,30 @@
+
+
+  ssl:ip:port
+  
+The specified SSL port on the host at the given ip,
+which must be expressed as an IP address (not a DNS name) in IPv4 or IPv6
+address format.  If ip is an IPv6 address, then wrap
+ip with square brackets, e.g.: ssl:[::1]:6640.
+The --private-key, --certificate, and
+--ca-cert options are mandatory when this form is used.
+  
+  tcp:ip:port
+  
+Connect to the given TCP port on ip, where
+ip can be an IPv4 or IPv6 address.  If ip is an
+IPv6 address, then wrap ip with square brackets, e.g.:
+tcp:[::1]:6640.
+  
+  unix:file
+  
+
+On POSIX, connect to the Unix domain server socket named file.
+
+
+On Windows, connect to a local named pipe that is represented by a file
+created in the path file to mimic the behavior of a Unix domain
+socket.
+
+  
+
diff --git a/ovsdb/remote-passive.xml b/ovsdb/remote-passive.xml
new file mode 100644
index 000..6056b1e
--- /dev/null
+++ b/ovsdb/remote-passive.xml
@@ -0,0 +1,36 @@
+
+
+  pssl:port:ip
+  
+Listen on the given SSL port for a connection.  By default,
+connections are not bound to a particular local IP address and
+it listens only on IPv4 (but not IPv6) addresses, but
+specifying ip limits connections to those from the given
+ip, either IPv4 or IPv6 address.  If ip is
+an IPv6 address, then wrap ip with square brackets, e.g.:
+pssl:6640:[::1]. The --private-key,
+--certificate, and --ca-cert options are
+mandatory when this form is used.
+  
+  ptcp:port:ip
+  
+Listen on the given TCP port for a connection.  By default,
+connections are not bound to a particular local IP address and
+it listens only on IPv4 (but not IPv6) addresses, but
+ip may be specified to listen only for connections to the given
+ip, either IPv4 or IPv6 address.  If ip is
+an IPv6 address, then wrap ip with square brackets, e.g.:
+ptcp:6640:[::1].
+  
+  punix:file
+  
+
+On POSIX, listen on the Unix domain server socket named \fIfile\fR for a
+connection.
+
+
+On Windows, listen on a local named pipe.  A file is created in the
+path file to mimic the behavior of a Unix domain socket.
+
+  
+
-- 
2.9.3

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v2 0/3] document command-line options in ovn man pages

[Lance Richardson]

Add command-line option documentation to ovn-northd and ovn-controller
man pages.

v2:
  - Account for added files in dist-check (build error)
  - Fix trailing whitespace complaints from "git am"

Lance Richardson (3):
  ovsdb: add xml equivalents of remote man page fragments
  northd: document command-line options in man page
  ovn-controller: document command-line options in man page

 ovn/controller/ovn-controller.8.xml |  64 ---
 ovn/northd/ovn-northd.8.xml | 101 +---
 ovsdb/automake.mk   |   4 ++
 ovsdb/remote-active.xml |  30 +++
 ovsdb/remote-passive.xml|  36 +
 5 files changed, 129 insertions(+), 106 deletions(-)
 create mode 100644 ovsdb/remote-active.xml
 create mode 100644 ovsdb/remote-passive.xml

-- 
2.9.3

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 6/8] pinctrl: Fix memory leak in consider_nat_address()

[Ben Pfaff]

Thanks!  I applied this to master.  I don't think it needs a backport
but let me know if I'm wrong.

On Mon, Apr 24, 2017 at 10:54:30AM -0700, Yi-Hung Wei wrote:
> LGTM, thanks!
> 
> -Yi-Hung
> 
> On Mon, Apr 24, 2017 at 9:44 AM, Ben Pfaff  wrote:
> > On Fri, Apr 07, 2017 at 02:43:44PM -0700, Yi-Hung Wei wrote:
> >> In testcase "ovn -- send gratuitous arp for NAT rules on distributed 
> >> router",
> >> valgrind reports memory leaks as following.
> >> xrealloc (util.c:123)
> >> add_ipv4_netaddr.isra.0 (ovn-util.c:28)
> >> extract_addresses (ovn-util.c:128)
> >> extract_addresses_with_port.constprop.17 (pinctrl.c:1257)
> >> consider_nat_address.isra.15 (pinctrl.c:1318)
> >> get_nat_addresses_and_keys (pinctrl.c:1361)
> >> send_garp_run (pinctrl.c:1402)
> >> pinctrl_run (pinctrl.c:796)
> >> main (ovn-controller.c:619)
> >>
> >> Signed-off-by: Yi-Hung Wei 
> >> ---
> >>  ovn/controller/pinctrl.c | 2 ++
> >>  1 file changed, 2 insertions(+)
> >>
> >> diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c
> >> index 9b408ea6c253..8063e6487b2a 100644
> >> --- a/ovn/controller/pinctrl.c
> >> +++ b/ovn/controller/pinctrl.c
> >> @@ -1317,6 +1317,7 @@ consider_nat_address(const char *nat_address,
> >>  char *lport = NULL;
> >>  if (!extract_addresses_with_port(nat_address, laddrs, )
> >>  || (!lport && !strcmp(pb->type, "patch"))) {
> >> +destroy_lport_addresses(laddrs);
> >>  free(laddrs);
> >>  if (lport) {
> >>  free(lport);
> >> @@ -1324,6 +1325,7 @@ consider_nat_address(const char *nat_address,
> >>  return;
> >>  } else if (lport) {
> >>  if (!pinctrl_is_chassis_resident(lports, chassis, lport)) {
> >> +destroy_lport_addresses(laddrs);
> >>  free(laddrs);
> >>  free(lport);
> >>  return;
> >
> > Thanks for fixing the memory leak!
> >
> > This function has quite a lot of redundant code.  What do you think of
> > this version?
> >
> > --8<--cut here-->8--
> >
> > From: Yi-Hung Wei 
> > Date: Fri, 7 Apr 2017 14:43:44 -0700
> > Subject: [PATCH] pinctrl: Fix memory leak in consider_nat_address()
> >
> > In testcase "ovn -- send gratuitous arp for NAT rules on distributed 
> > router",
> > valgrind reports memory leaks as following.
> > xrealloc (util.c:123)
> > add_ipv4_netaddr.isra.0 (ovn-util.c:28)
> > extract_addresses (ovn-util.c:128)
> > extract_addresses_with_port.constprop.17 (pinctrl.c:1257)
> > consider_nat_address.isra.15 (pinctrl.c:1318)
> > get_nat_addresses_and_keys (pinctrl.c:1361)
> > send_garp_run (pinctrl.c:1402)
> > pinctrl_run (pinctrl.c:796)
> > main (ovn-controller.c:619)
> >
> > Signed-off-by: Yi-Hung Wei 
> > Signed-off-by: Ben Pfaff 
> > ---
> >  ovn/controller/pinctrl.c | 16 +---
> >  1 file changed, 5 insertions(+), 11 deletions(-)
> >
> > diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c
> > index 9b408ea6c253..8c5042a590ee 100644
> > --- a/ovn/controller/pinctrl.c
> > +++ b/ovn/controller/pinctrl.c
> > @@ -1316,20 +1316,14 @@ consider_nat_address(const char *nat_address,
> >  struct lport_addresses *laddrs = xmalloc(sizeof *laddrs);
> >  char *lport = NULL;
> >  if (!extract_addresses_with_port(nat_address, laddrs, )
> > -|| (!lport && !strcmp(pb->type, "patch"))) {
> > +|| (!lport && !strcmp(pb->type, "patch"))
> > +|| (lport && !pinctrl_is_chassis_resident(lports, chassis, 
> > lport))) {
> > +destroy_lport_addresses(laddrs);
> >  free(laddrs);
> > -if (lport) {
> > -free(lport);
> > -}
> > -return;
> > -} else if (lport) {
> > -if (!pinctrl_is_chassis_resident(lports, chassis, lport)) {
> > -free(laddrs);
> > -free(lport);
> > -return;
> > -}
> >  free(lport);
> > +return;
> >  }
> > +free(lport);
> >
> >  int i;
> >  for (i = 0; i < laddrs->n_ipv4_addrs; i++) {
> > --
> > 2.10.2
> >
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v3 0/7] create tunnel devices using rtnetlink interface

[Ben Pfaff]

Joe, it looks like you've reviewed at least some patches in previous
versions of this series.  Are you planning to resume review?

On Thu, Apr 13, 2017 at 04:47:25PM -0400, Eric Garver wrote:
> This series adds support for the creation of tunnels using the rtnetlink
> interface. This will open the possibility for new features and flags on those
> vports without the need to change vport compatibility code.
> 
> Support for STT and LISP have not been added because these are not upstream 
> yet,
> so we don't know how the interface will be like upstream. And there are no
> features in the current drivers right now we could make use of.
> 
> Note: This work originally started by Thadeu Lima de Souza Cascardo.
> 
> Testing:
>   - kernel 4.9.22, in-tree datapath
> - rtnetlink successfully creates devices
>   - kernel 4.2.8, in-tree datapath
> - rtnetlink is tried, but fails due to no COLLECT_METADATA support
> - genetlink successfully creates devices
>   - kernel 4.2.8, out-of-tree datapath
> - rtnetlink is not tried
> - genetlink successfully creates devices
> 
> v3:
>   - commonzie code to get port data to verify port
>   - eliminate dpif_netlink_rtnl_vxlan_destroy() and alike
>   - minor changes for coding style guidelines
>   - add ACKs from previous reviews
> 
> Eric Garver (6):
>   dpif-netlink: break up code that creates compat ports
>   dpif-netlink: code to create/destroy tunnel ports via rtnetlink
>   dpif-netlink-rtnl: add VXLAN creation support
>   dpif-netlink-rtnl: add GRE creation support
>   dpif-netlink-rtnl: add GENEVE creation support
>   dpif-netlink: Probe for out-of-tree tunnels, decides used interface
> 
> Thadeu Lima de Souza Cascardo (1):
>   netdev: get device type from vport prefix if it uses one
> 
>  NEWS|   3 +
>  lib/automake.mk |   3 +
>  lib/dpif-netlink-rtnl.c | 488 
> 
>  lib/dpif-netlink-rtnl.h |  54 ++
>  lib/dpif-netlink.c  | 210 ++---
>  lib/dpif-netlink.h  |   2 +
>  lib/netdev.c|  26 ++-
>  7 files changed, 712 insertions(+), 74 deletions(-)
>  create mode 100644 lib/dpif-netlink-rtnl.c
>  create mode 100644 lib/dpif-netlink-rtnl.h
> 
> -- 
> 2.12.0
> 
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] docs: Add some detail about dpdk-socket-mem.

[Ben Pfaff]

On Mon, Apr 24, 2017 at 06:48:34PM +0100, Kevin Traynor wrote:
> Using dpdk-socket-mem to allocate memory for some NUMA nodes
> but leaving blank for subsequent ones is equivalent of assigning
> 0 MB memory to those subsequent nodes. Document this behavior.
> 
> Signed-off-by: Kevin Traynor 

Applied to master.  Thank you for working on the documentation!

(Let me know if this should be applied to any release branches.)
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] OpenFlow: Enable OpenFlow 1.4 by default.

[Ben Pfaff]

Open vSwitch now supports all OpenFlow 1.4 required features, so enable
it by default.

Signed-off-by: Ben Pfaff 
---
 Documentation/faq/openflow.rst | 28 +---
 NEWS   |  3 +++
 include/openvswitch/ofp-util.h |  3 ++-
 lib/ofp-version.man| 22 ++
 tests/test-vconn.c | 14 +++---
 utilities/ovs-ofctl.8.in   |  4 +++-
 vswitchd/vswitch.xml   |  6 +++---
 7 files changed, 45 insertions(+), 35 deletions(-)

diff --git a/Documentation/faq/openflow.rst b/Documentation/faq/openflow.rst
index d21bb4459395..7cd6161ddefb 100644
--- a/Documentation/faq/openflow.rst
+++ b/Documentation/faq/openflow.rst
@@ -34,29 +34,19 @@ Q: What versions of OpenFlow does Open vSwitch support?
 Open vSwitchOF1.0 OF1.1 OF1.2 OF1.3 OF1.4 OF1.5 OF1.6
 === = = = = = = =
 1.9 and earlier  yes   ---   ---   ---   ---   ---   ---
-1.10 yes   ---   (*)   (*)   ---   ---   ---
-1.11 yes   ---   (*)   (*)   ---   ---   ---
-2.0  yes   (*)   (*)   (*)   ---   ---   ---
-2.1  yes   (*)   (*)   (*)   ---   ---   ---
+1.10, 1.11   yes   ---   (*)   (*)   ---   ---   ---
+2.0, 2.1 yes   (*)   (*)   (*)   ---   ---   ---
 2.2  yes   (*)   (*)   (*)   (%)   (*)   ---
-2.3  yes   yes   yes   yes   (*)   (*)   ---
-2.4  yes   yes   yes   yes   (*)   (*)   ---
-2.5  yes   yes   yes   yes   (*)   (*)   (*)
+2.3, 2.4 yes   yes   yes   yes   (*)   (*)   ---
+2.5, 2.6, 2.7yes   yes   yes   yes   (*)   (*)   (*)
+2.8  yes   yes   yes   yes   yes   (*)   (*)
 === = = = = = = =
 
-(*) Supported, with one or more missing features.
+--- Not supported.
+yes Supported and enabled by default
+(*) Supported, but missing features, and must be enabled by user.
 (%) Experimental, unsafe implementation.
 
-Open vSwitch 2.3 enables OpenFlow 1.0, 1.1, 1.2, and 1.3 by default in
-ovs-vswitchd.  In Open vSwitch 1.10 through 2.2, OpenFlow 1.1, 1.2, and 1.3
-must be enabled manually in ovs-vswitchd.
-
-Some versions of OpenFlow are supported with missing features and therefore
-not enabled by default: OpenFlow 1.4 and 1.5, in Open vSwitch 2.3 and
-later, as well as OpenFlow 1.6 in Open vSwitch 2.5 and later.  Also, the
-OpenFlow 1.6 specification is still under development and thus subject to
-change.
-
 In any case, the user may override the default:
 
 - To enable OpenFlow 1.0, 1.1, 1.2, and 1.3 on bridge br0::
@@ -83,7 +73,7 @@ Q: What versions of OpenFlow does Open vSwitch support?
 could cause crashes.  We don't recommend enabling it.)
 
 :doc:`/topics/openflow` tracks support for OpenFlow 1.1 and later features.
-When support for OpenFlow 1.4 and 1.5 is solidly implemented, Open vSwitch
+When support for OpenFlow 1.5 and 1.6 is solidly implemented, Open vSwitch
 will enable those version by default.
 
 Q: Does Open vSwitch support MPLS?
diff --git a/NEWS b/NEWS
index ea97d84a2dea..4632b80df698 100644
--- a/NEWS
+++ b/NEWS
@@ -22,6 +22,9 @@ Post-v2.7.0
  * ovn-trace now has basic support for tracing distributed firewalls.
- Add the command 'ovs-appctl stp/show' (see ovs-vswitchd(8)).
- OpenFlow:
+ * All features required by OpenFlow 1.4 are now implemented, so
+   ovs-vswitchd now enables OpenFlow 1.4 by default (in addition to
+   OpenFlow 1.0 to 1.3).
  * Increased support for OpenFlow 1.6 (draft).
  * Bundles now support hashing by just nw_src or nw_dst.
  * The "learn" action now supports a "limit" option (see ovs-ofctl(8)).
diff --git a/include/openvswitch/ofp-util.h b/include/openvswitch/ofp-util.h
index f664055c3939..f37d181599b2 100644
--- a/include/openvswitch/ofp-util.h
+++ b/include/openvswitch/ofp-util.h
@@ -189,7 +189,8 @@ enum ofputil_protocol 
ofputil_protocols_from_version_bitmap(uint32_t bitmap);
 #define OFPUTIL_SUPPORTED_VERSIONS ((1u << OFP10_VERSION) | \
 (1u << OFP11_VERSION) | \
 (1u << OFP12_VERSION) | \
-(1u << OFP13_VERSION))
+(1u << OFP13_VERSION) | \
+(1u << OFP14_VERSION))
 #define OFPUTIL_DEFAULT_VERSIONS OFPUTIL_SUPPORTED_VERSIONS
 
 enum ofputil_protocol ofputil_protocols_from_string(const char *s);
diff --git a/lib/ofp-version.man b/lib/ofp-version.man
index 54fa1664e5f8..0ab70891d270 100644
--- a/lib/ofp-version.man
+++ b/lib/ofp-version.man
@@ -9,7 +9,6 @@ Sets the OpenFlow protocol versions that are allowed when 
establishing
 an OpenFlow session.
 .
 .IP
-The following versions are considered to be ready for general use.
 These protocol 

Re: [ovs-dev] [PATCH] debian, xenserver: Update logrotate config to match RHEL.

[Ben Pfaff]

On Thu, Apr 13, 2017 at 10:47:55AM -0700, Ben Pfaff wrote:
> Commit 618a5b45ae8b ("rhel: Avoid logrotate error if /var/run/openvswitch
> does not exist") updated the RHEL logrotate configuration.  This commit
> makes similar changes for Debian, by synchronizing with the RHEL version.
> 
> In particular:
> 
> - Indent to match logrotate.conf(5) examples.
> 
> - Use "sharedscripts" flag, because the postrotate script only needs to
>   run once regardless of the number of rotations.
> 
> - Drop "delaycompress", because the postrotate script does make daemons
>   reopen their log files.
> 
> - Ignore errors calling vlog/reopen.
> 
> Also make similar changes to the xenserver logrotate script.  I really
> don't know if anyone uses the xenserver packaging anymore though.
> 
> CC: Timothy Redaelli 
> Signed-off-by: Ben Pfaff 

This still needs a review.

Thanks,

Ben.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] ovn: Bump ovn-nb schema version.

[Ben Pfaff]

On Wed, Apr 19, 2017 at 12:41:37PM -0400, Russell Bryant wrote:
> Commit b89d25e5694b made the "router" DHCPv4 option optional instead of
> mandatory.  This did not actually change the schema, but there's no good
> way for a client of the northbound database to know if this change is
> present without bumping the schema version.  This is needed for a client to
> work with versions before and after this change.
> 
> Reported-at: https://bugs.launchpad.net/networking-ovn/+bug/1670666
> Fixes: b89d25e5694b ("ovn: Modify the DHCPv4 router option to optional")
> Signed-off-by: Russell Bryant 

Acked-by: Ben Pfaff 

However, keep in mind that this version distinction is only useful if
ovn-northd and the OVSDB schema are upgraded almost simultaneously.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [RFC v3 4/6] ovsdb: add support for role-based access controls

[Ben Pfaff]

On Wed, Apr 19, 2017 at 05:38:50PM -0400, Lance Richardson wrote:
> - Original Message -
> > From: "Lance Richardson" 
> >  
> > +struct ovsdb_error *ovsdb_perm_error(const char *details, ...)
> > +{
> > +struct ovsdb_error *error;
> > +va_list args;
> > +
> > +va_start(args, details);
> > +error = ovsdb_error_valist("permission error", details, args);
> > +va_end(args);
> > +
> > +return error;
> > +}
> > +
> > +
> 
> I had been assuming that these errors would be logged by the client, but
> this doesn't seem to be the case (other than in ovsdb-client, anyway).
> 
> At the moment, there are no logs produced when a transaction by ovn-controller
> is denied due to RBAC checks. I'm wondering if this is something that should
> be done by the idl/jsonrpc infrastructure or informational logs in 
> ovsdb-server.
> Ideally (I think) the client should be logging these, but it's not clear 
> whether
> there's any way currently for e.g. the ovn-controller idl loop to report
> transaction errors.
> 
> Any suggestions for how to handle reporting RBAC failures or pointers to
> existing examples where transaction failures are reported would be 
> appreciated.

The ovsdb-idl client should probably log JSON-RPC errors in response to
transactions.  Until now, they've been pretty rare.  But, I would have
it log errors that it thinks it understands only at DBG level, if at
all.  I think that other errors, that it doesn't think it understands,
are already passed to ovsdb_idl_txn_set_error_json(), so probably that
would be a good point at which to log them.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 6/8] pinctrl: Fix memory leak in consider_nat_address()

[Yi-Hung Wei]

LGTM, thanks!

-Yi-Hung

On Mon, Apr 24, 2017 at 9:44 AM, Ben Pfaff  wrote:
> On Fri, Apr 07, 2017 at 02:43:44PM -0700, Yi-Hung Wei wrote:
>> In testcase "ovn -- send gratuitous arp for NAT rules on distributed router",
>> valgrind reports memory leaks as following.
>> xrealloc (util.c:123)
>> add_ipv4_netaddr.isra.0 (ovn-util.c:28)
>> extract_addresses (ovn-util.c:128)
>> extract_addresses_with_port.constprop.17 (pinctrl.c:1257)
>> consider_nat_address.isra.15 (pinctrl.c:1318)
>> get_nat_addresses_and_keys (pinctrl.c:1361)
>> send_garp_run (pinctrl.c:1402)
>> pinctrl_run (pinctrl.c:796)
>> main (ovn-controller.c:619)
>>
>> Signed-off-by: Yi-Hung Wei 
>> ---
>>  ovn/controller/pinctrl.c | 2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c
>> index 9b408ea6c253..8063e6487b2a 100644
>> --- a/ovn/controller/pinctrl.c
>> +++ b/ovn/controller/pinctrl.c
>> @@ -1317,6 +1317,7 @@ consider_nat_address(const char *nat_address,
>>  char *lport = NULL;
>>  if (!extract_addresses_with_port(nat_address, laddrs, )
>>  || (!lport && !strcmp(pb->type, "patch"))) {
>> +destroy_lport_addresses(laddrs);
>>  free(laddrs);
>>  if (lport) {
>>  free(lport);
>> @@ -1324,6 +1325,7 @@ consider_nat_address(const char *nat_address,
>>  return;
>>  } else if (lport) {
>>  if (!pinctrl_is_chassis_resident(lports, chassis, lport)) {
>> +destroy_lport_addresses(laddrs);
>>  free(laddrs);
>>  free(lport);
>>  return;
>
> Thanks for fixing the memory leak!
>
> This function has quite a lot of redundant code.  What do you think of
> this version?
>
> --8<--cut here-->8--
>
> From: Yi-Hung Wei 
> Date: Fri, 7 Apr 2017 14:43:44 -0700
> Subject: [PATCH] pinctrl: Fix memory leak in consider_nat_address()
>
> In testcase "ovn -- send gratuitous arp for NAT rules on distributed router",
> valgrind reports memory leaks as following.
> xrealloc (util.c:123)
> add_ipv4_netaddr.isra.0 (ovn-util.c:28)
> extract_addresses (ovn-util.c:128)
> extract_addresses_with_port.constprop.17 (pinctrl.c:1257)
> consider_nat_address.isra.15 (pinctrl.c:1318)
> get_nat_addresses_and_keys (pinctrl.c:1361)
> send_garp_run (pinctrl.c:1402)
> pinctrl_run (pinctrl.c:796)
> main (ovn-controller.c:619)
>
> Signed-off-by: Yi-Hung Wei 
> Signed-off-by: Ben Pfaff 
> ---
>  ovn/controller/pinctrl.c | 16 +---
>  1 file changed, 5 insertions(+), 11 deletions(-)
>
> diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c
> index 9b408ea6c253..8c5042a590ee 100644
> --- a/ovn/controller/pinctrl.c
> +++ b/ovn/controller/pinctrl.c
> @@ -1316,20 +1316,14 @@ consider_nat_address(const char *nat_address,
>  struct lport_addresses *laddrs = xmalloc(sizeof *laddrs);
>  char *lport = NULL;
>  if (!extract_addresses_with_port(nat_address, laddrs, )
> -|| (!lport && !strcmp(pb->type, "patch"))) {
> +|| (!lport && !strcmp(pb->type, "patch"))
> +|| (lport && !pinctrl_is_chassis_resident(lports, chassis, lport))) {
> +destroy_lport_addresses(laddrs);
>  free(laddrs);
> -if (lport) {
> -free(lport);
> -}
> -return;
> -} else if (lport) {
> -if (!pinctrl_is_chassis_resident(lports, chassis, lport)) {
> -free(laddrs);
> -free(lport);
> -return;
> -}
>  free(lport);
> +return;
>  }
> +free(lport);
>
>  int i;
>  for (i = 0; i < laddrs->n_ipv4_addrs; i++) {
> --
> 2.10.2
>
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] URGENT :

[Cassani, Alejandro]

Dear Friend,
I have an urgent mail for you please write back through this email:: 
mrsannch...@gmail.com































Visite 
https://www.cablevisionfibertel.com.ar__
Este mensaje es confidencial. Puede contener informacion amparada por el 
secreto comercial.Si usted ha recibido este e-mail por error, debera 
eliminarlo de su sistema.No debera copiar el mensaje ni divulgar su 
contenido a ninguna persona.Muchas gracias.This message is 
confidential. It may also contain information that is privileged or not 
authorized to be disclosed. If you have received it by mistake, delete it from 
your system.You should not copy the messsage nor disclose its contents to 
anyone.Many thanks.__
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] docs: Add some detail about dpdk-socket-mem.

[Kevin Traynor]

Using dpdk-socket-mem to allocate memory for some NUMA nodes
but leaving blank for subsequent ones is equivalent of assigning
0 MB memory to those subsequent nodes. Document this behavior.

Signed-off-by: Kevin Traynor 
---
 Documentation/intro/install/dpdk.rst | 7 ++-
 vswitchd/vswitch.xml | 5 +++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/Documentation/intro/install/dpdk.rst 
b/Documentation/intro/install/dpdk.rst
index f29ac05..d1c0e65 100644
--- a/Documentation/intro/install/dpdk.rst
+++ b/Documentation/intro/install/dpdk.rst
@@ -227,9 +227,14 @@ listed below. Defaults will be provided for all values not 
explicitly set.
 If allocating more than one GB hugepage, you can configure the
 amount of memory used from any given NUMA nodes. For example, to use 1GB from
-NUMA node 0, run::
+NUMA node 0 and 0GB for all other NUMA nodes, run::
 
 $ ovs-vsctl --no-wait set Open_vSwitch . \
 other_config:dpdk-socket-mem="1024,0"
 
+or::
+
+$ ovs-vsctl --no-wait set Open_vSwitch . \
+other_config:dpdk-socket-mem="1024"
+
 Similarly, if you wish to better scale the workloads across cores, then
 multiple pmd threads can be created and pinned to CPU cores by explicity
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index 870c813..02980b1 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -260,6 +260,7 @@
 
   The specifier is a comma-separated string, in ascending order of CPU
-  socket (ex: 1024,2048,4096,8192 would set socket 0 to preallocate
-  1024MB, socket 1 to preallocate 2048MB, etc.)
+  socket. E.g. On a four socket system 1024,0,2048 would set socket 0
+  to preallocate 1024MB, socket 1 to preallocate 0MB, socket 2 to
+  preallocate 2048MB and socket 3 (no value given) to preallocate 0MB.
 
 
-- 
1.8.3.1

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] Wrong ovsdb update after "switch s1 stop/start" and role request message.

[Tulio Ribeiro]

Hi : )

I'm facing an weird behavior regarding on role change.
When I send a role message to change the role of one specific switch, 
all switches change to this role.


I think the problem is when open vSwitch mount the transaction message 
to send to ovsdb.


A simple test is, start a mininet network with 4 switches, linear topo.
stop s1, and start it again.

Look Controller table, before and after stop and start switch s1.

Before Stop:
sudo ovsdb-client dump tcp:192.168.1.200:5000 Controller
Controller table
2ab2e756-cc3a-47d6-9421-1b69ae035be0 [] [] 
[][] {}   []   true 
[][] []1000{}   master 
{*sec_since_connect="40"*, state=ACTIVE} "tcp:192.168.1.215:6653"
333dc741-daa2-472c-9c9d-8337dead0318 [] [] 
[][] {}   []   true 
[][] []1000{}   master 
{*sec_since_connect="40"*, state=ACTIVE} "tcp:192.168.1.215:6653"
bcb46630-8509-485e-a7c0-c5df7cfa8141 [] [] 
[][] {}   []   true 
[][] []1000{}   master 
{*sec_since_connect="40",* state=ACTIVE} "tcp:192.168.1.215:6653"
dc0e199a-cd0c-4077-93b8-3b5d265f4b25 [] [] 
[][] {}   []   true 
[][] []1000{}   master 
{*sec_since_connect="40"*, state=ACTIVE} "tcp:192.168.1.215:6653"



After stop and start switch S1:
2ab2e756-cc3a-47d6-9421-1b69ae035be0 [] [] 
[][] {}   []   true 
[][] []1000{}   master 
{*sec_since_connect="200"*, state=ACTIVE} "tcp:192.168.1.215:6653"
333dc741-daa2-472c-9c9d-8337dead0318 [] [] 
[][] {}   []   true 
[][] []1000{}   master 
{*sec_since_connect="200"*, state=ACTIVE} "tcp:192.168.1.215:6653"
bcb46630-8509-485e-a7c0-c5df7cfa8141 [] [] 
[][] {}   []   true 
[][] []1000{}   master 
{*sec_since_connect="200"*, state=ACTIVE} "tcp:192.168.1.215:6653"
dc0e199a-cd0c-4077-93b8-3b5d265f4b25 [] [] 
[][] {}   []   true 
[][] []1000{}   master 
{*sec_since_connect="200"*, state=ACTIVE} "tcp:192.168.1.215:6653"



The sec_since_connection of S1 should differs from the others, right?
As you can see they are all the same.



Here I'll show when I use different roles. S1:master, S2:slave, 
S3:master and S4 slave.


2017-04-25T05:59:50.947Z|44091|vconn|DBG|tcp:192.168.1.215:6653: 
received: OFPT_ROLE_REQUEST (OF1.4) (xid=0x26):*role=master* generation_id=0
2017-04-25T05:59:50.953Z|44092|vconn|DBG|tcp:192.168.1.215:6653: sent 
(Success): OFPT_ROLE_REPLY (OF1.4) (xid=0x26): role=master generation_id=0
2017-04-25T05:59:50.953Z|44093|vconn|DBG|tcp:192.168.1.215:6653: 
received: OFPT_ROLE_REQUEST (OF1.4) (xid=0x24): *role=slave* generation_id=0
2017-04-25T05:59:50.954Z|44094|vconn|DBG|tcp:192.168.1.215:6653: sent 
(Success): OFPT_ROLE_REPLY (OF1.4) (xid=0x24): role=slave generation_id=0
2017-04-25T05:59:50.954Z|44097|vconn|DBG|tcp:192.168.1.215:6653: 
received: OFPT_ROLE_REQUEST (OF1.4) (xid=0x22): *role=master* 
generation_id=0
2017-04-25T05:59:50.955Z|44098|vconn|DBG|tcp:192.168.1.215:6653: sent 
(Success): OFPT_ROLE_REPLY (OF1.4) (xid=0x22): role=master generation_id=0
2017-04-25T05:59:50.955Z|44099|vconn|DBG|tcp:192.168.1.215:6653: 
received: OFPT_ROLE_REQUEST (OF1.4) (xid=0x28):*role=slave *generation_id=0
2017-04-25T05:59:50.955Z|44100|vconn|DBG|tcp:192.168.1.215:6653: sent 
(Success): OFPT_ROLE_REPLY (OF1.4) (xid=0x28): role=slave generation_id=0


2017-04-25T05:59:53.906Z|44179|jsonrpc|DBG|tcp:192.168.1.200:5000: send 
request, method="transact", 
params=["Open_vSwitch",{"lock":"ovs_vswitchd","op":"assert"},{"where":[["_uuid","==",["uuid","bcb46630-8509-485e-a7c0-c5df7cfa8141"]]],"row":{"is_connected":true,"status":["map",[["last_error","Connection 
refused"],["sec_since_connect","3"],["sec_since_disconnect","4"],["state","ACTIVE"]]]*,"role":"master"*},"op":"update","table":"Controller"},{"where":[["_uuid","==",["uuid","333dc741-daa2-472c-9c9d-8337dead0318"]]],"row":{"is_connected":true,"status":["map",[["last_error","Connection 

[ovs-dev] Avaya

[Paul Kelly]

Hi,


Are you looking to target companies using Avaya? We provide contacts based in 
any target vertical and across globe. I have mentioned the information fields 
that you will receive in the list for each contact within the company. You can 
also select the industry you would like to target.



Information Fields: Name, Title, Email, Phone, Company Name, Physical Address, 
City, State, Zip Code, Country, Web Address, Employee Size, Revenue Size and 
Industry.



Industry: Healthcare, Telecom, manufacturing, Oil & Gas, Pharmacy, Software, 
Retail, Real Estate, Construction, Energy, Government, Banking, Legal, 
Transportation, Wholesale, Agriculture, Business Service, Marketing, Education, 
Hospitality And Media Internet.

Let me know if you are interested and I will get back to you with the counts, 
sample and pricing.

Await for your response.

Regards,
Paul Kelly
Data Consultant

To opt out, please reply with Leave Out in the Subject Line.


___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 1/2] connmgr: Fix internal packet-in reason code mask

[Ben Pfaff]

On Mon, Apr 17, 2017 at 02:11:29PM -0700, Yi-Hung Wei wrote:
> Starting from OpenFlow 1.4+, OFPR_ACTION is split into four more descriptive
> reasons, OFPR_APPLY_ACTION, OFPR_ACTION_SET, OFPR_GROUP, and OFPR_PACKET_OUT.
> OVS maintains the new reason code internally, and it currently supports the
> first three reason code. If the version of an established OpenFlow connection
> is less than 1.4, OVS coverts the internal reason code back to OFPR_ACTION to
> be backward compatible. However, the internal packet-in reason code mask is
> not properly maintained for the older OpenFlow version that may omit the
> packet-in messages wth the new reason code. It is because OVS does not enable
> the new reason code internally in the reason code mask for older OpenFlow
> version. This commit tries to address the aforementioned issue.
> 
> Signed-off-by: Yi-Hung Wei 

Thanks a lot.  I applied both of these to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v5 2/3] ovn-controller: Add 'dns_lookup' action

[Numan Siddique]

On Mon, Apr 24, 2017 at 10:04 PM, Guru Shetty  wrote:

>
>
> On 17 April 2017 at 08:13,  wrote:
>
>> From: Numan Siddique 
>>
>> This patch adds a new OVN action 'dns_lookup' to support native DNS.
>> ovn-controller parses this action and adds a NXT_PACKET_IN2
>> OF flow with 'pause' flag set.
>>
>> A new table 'DNS' is added in the SB DB to look up and resolve
>> the DNS queries. When a valid DNS packet is received by
>> ovn-controller, it looks up the DNS name in the 'DNS' table
>> and if successful, it frames a DNS reply, resumes the packet
>> and stores 1 in the 1-bit subfield. If the packet is invalid
>> or cannot be resolved, it resumes the packet without any
>> modifications and stores 0 in the 1-bit subfield.
>>
>> reg0[4] = dns_lookup(); next;
>>
>> An upcoming patch will use this action and adds logical flows.
>>
>> Signed-off-by: Numan Siddique 
>>
>
> Acked-by: Gurucharan Shetty 
>
> This needs a rebase as it does not apply on the tip of master.
>
> One comment inline.
>
>
>>
>>
>> +  
>> +
>> +  Each row in this table stores the DNS records. The OVN action
>> +  dns_lookup uses this table for DNS resolution.
>> +
>> +
>> +
>> +  Key-value pair of DNS records with hostname as the key
>> +  and a string of IP address(es) separated by comma or space as the
>> +  value.
>>
>
> "hostname" feels like a misnomer as even LB VIPs can be programmed in the
> DNS table. A better option is to use "DNS name"?
>

Thanks for the review. I will rebase, update the key to "dnsname". Hope
this name is fine

Numan


>
>
>> +
>> +  Example:  "vm1.ovn.org" = "10.0.0.4 aef0::4"
>> +
>> +
>> +
>> +  The DNS records defined in the column  will
>> be
>> +  applied only to the DNS queries originating from the datapaths
>> defined
>> +  in this column.
>> +
>> +
>> +
>> +  
>> +See External IDs at the beginning of this document.
>> +  
>> +
>> +  
>>  
>> diff --git a/ovn/utilities/ovn-sbctl.c b/ovn/utilities/ovn-sbctl.c
>> index ffa931a..79a51e9 100644
>> --- a/ovn/utilities/ovn-sbctl.c
>> +++ b/ovn/utilities/ovn-sbctl.c
>> @@ -1056,6 +1056,9 @@ static const struct ctl_table_class
>> tables[SBREC_N_TABLES] = {
>>
>>  [SBREC_TABLE_SSL].row_ids[0] =
>>  {_table_sb_global, NULL, _sb_global_col_ssl},
>> +
>> +[SBREC_TABLE_DNS].row_ids[0] =
>> +{_table_dns, NULL, _dns_col_records},
>>  };
>>
>>
>> diff --git a/ovn/utilities/ovn-trace.c b/ovn/utilities/ovn-trace.c
>> index 66844b1..b141203 100644
>> --- a/ovn/utilities/ovn-trace.c
>> +++ b/ovn/utilities/ovn-trace.c
>> @@ -1428,6 +1428,18 @@ execute_next(const struct ovnact_next *next,
>>  trace__(dp, uflow, next->ltable, next->pipeline, super);
>>  }
>>
>> +
>> +static void
>> +execute_dns_lookup(const struct ovnact_dns_lookup *dl, struct flow
>> *uflow,
>> +   struct ovs_list *super)
>> +{
>> +struct mf_subfield sf = expr_resolve_field(>dst);
>> +union mf_subvalue sv = { .u8_val = 0 };
>> +mf_write_subfield_flow(, , uflow);
>> +ovntrace_node_append(super, OVNTRACE_NODE_ERROR,
>> + "*** dns_lookup action not implemented");
>> +}
>> +
>>  static void
>>  trace_actions(const struct ovnact *ovnacts, size_t ovnacts_len,
>>const struct ovntrace_datapath *dp, struct flow *uflow,
>> @@ -1542,6 +1554,10 @@ trace_actions(const struct ovnact *ovnacts, size_t
>> ovnacts_len,
>>   * though, it would be easy enough to track the queue
>> information
>>   * by adjusting uflow->skb_priority. */
>>  break;
>> +
>> +case OVNACT_DNS_LOOKUP:
>> +execute_dns_lookup(ovnact_get_DNS_LOOKUP(a), uflow, super);
>> +break;
>>  }
>>
>>  }
>> diff --git a/tests/ovn.at b/tests/ovn.at
>> index af77c19..53a2dd5 100644
>> --- a/tests/ovn.at
>> +++ b/tests/ovn.at
>> @@ -1027,6 +1027,13 @@ set_queue(61440);
>>  set_queue(65535);
>>  Queue ID 65535 for set_queue is not in valid range 0 to 61440.
>>
>> +# dns_lookup
>> +reg1[0] = dns_lookup();
>> +encodes as controller(userdata=00.00.00.0
>> 6.00.00.00.00.00.01.de.10.00.00.00.40,pause)
>> +has prereqs udp
>> +reg1[0] = dns_lookup("hostname");
>> +dns_lookup doesn't take any parameters
>> +
>>  # Contradictionary prerequisites (allowed but not useful):
>>  ip4.src = ip6.src[0..31];
>>  encodes as move:NXM_NX_IPV6_SRC[0..31]->NXM_OF_IP_SRC[]
>> --
>> 2.9.3
>>
>> ___
>> dev mailing list
>> d...@openvswitch.org
>> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>>
>
>
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v5 2/3] ovn-controller: Add 'dns_lookup' action

[Guru Shetty]

On 17 April 2017 at 08:13,  wrote:

> From: Numan Siddique 
>
> This patch adds a new OVN action 'dns_lookup' to support native DNS.
> ovn-controller parses this action and adds a NXT_PACKET_IN2
> OF flow with 'pause' flag set.
>
> A new table 'DNS' is added in the SB DB to look up and resolve
> the DNS queries. When a valid DNS packet is received by
> ovn-controller, it looks up the DNS name in the 'DNS' table
> and if successful, it frames a DNS reply, resumes the packet
> and stores 1 in the 1-bit subfield. If the packet is invalid
> or cannot be resolved, it resumes the packet without any
> modifications and stores 0 in the 1-bit subfield.
>
> reg0[4] = dns_lookup(); next;
>
> An upcoming patch will use this action and adds logical flows.
>
> Signed-off-by: Numan Siddique 
>

Acked-by: Gurucharan Shetty 

This needs a rebase as it does not apply on the tip of master.

One comment inline.


>
>
> +  
> +
> +  Each row in this table stores the DNS records. The OVN action
> +  dns_lookup uses this table for DNS resolution.
> +
> +
> +
> +  Key-value pair of DNS records with hostname as the key
> +  and a string of IP address(es) separated by comma or space as the
> +  value.
>

"hostname" feels like a misnomer as even LB VIPs can be programmed in the
DNS table. A better option is to use "DNS name"?


> +
> +  Example:  "vm1.ovn.org" = "10.0.0.4 aef0::4"
> +
> +
> +
> +  The DNS records defined in the column  will
> be
> +  applied only to the DNS queries originating from the datapaths
> defined
> +  in this column.
> +
> +
> +
> +  
> +See External IDs at the beginning of this document.
> +  
> +
> +  
>  
> diff --git a/ovn/utilities/ovn-sbctl.c b/ovn/utilities/ovn-sbctl.c
> index ffa931a..79a51e9 100644
> --- a/ovn/utilities/ovn-sbctl.c
> +++ b/ovn/utilities/ovn-sbctl.c
> @@ -1056,6 +1056,9 @@ static const struct ctl_table_class
> tables[SBREC_N_TABLES] = {
>
>  [SBREC_TABLE_SSL].row_ids[0] =
>  {_table_sb_global, NULL, _sb_global_col_ssl},
> +
> +[SBREC_TABLE_DNS].row_ids[0] =
> +{_table_dns, NULL, _dns_col_records},
>  };
>
>
> diff --git a/ovn/utilities/ovn-trace.c b/ovn/utilities/ovn-trace.c
> index 66844b1..b141203 100644
> --- a/ovn/utilities/ovn-trace.c
> +++ b/ovn/utilities/ovn-trace.c
> @@ -1428,6 +1428,18 @@ execute_next(const struct ovnact_next *next,
>  trace__(dp, uflow, next->ltable, next->pipeline, super);
>  }
>
> +
> +static void
> +execute_dns_lookup(const struct ovnact_dns_lookup *dl, struct flow *uflow,
> +   struct ovs_list *super)
> +{
> +struct mf_subfield sf = expr_resolve_field(>dst);
> +union mf_subvalue sv = { .u8_val = 0 };
> +mf_write_subfield_flow(, , uflow);
> +ovntrace_node_append(super, OVNTRACE_NODE_ERROR,
> + "*** dns_lookup action not implemented");
> +}
> +
>  static void
>  trace_actions(const struct ovnact *ovnacts, size_t ovnacts_len,
>const struct ovntrace_datapath *dp, struct flow *uflow,
> @@ -1542,6 +1554,10 @@ trace_actions(const struct ovnact *ovnacts, size_t
> ovnacts_len,
>   * though, it would be easy enough to track the queue
> information
>   * by adjusting uflow->skb_priority. */
>  break;
> +
> +case OVNACT_DNS_LOOKUP:
> +execute_dns_lookup(ovnact_get_DNS_LOOKUP(a), uflow, super);
> +break;
>  }
>
>  }
> diff --git a/tests/ovn.at b/tests/ovn.at
> index af77c19..53a2dd5 100644
> --- a/tests/ovn.at
> +++ b/tests/ovn.at
> @@ -1027,6 +1027,13 @@ set_queue(61440);
>  set_queue(65535);
>  Queue ID 65535 for set_queue is not in valid range 0 to 61440.
>
> +# dns_lookup
> +reg1[0] = dns_lookup();
> +encodes as controller(userdata=00.00.00.
> 06.00.00.00.00.00.01.de.10.00.00.00.40,pause)
> +has prereqs udp
> +reg1[0] = dns_lookup("hostname");
> +dns_lookup doesn't take any parameters
> +
>  # Contradictionary prerequisites (allowed but not useful):
>  ip4.src = ip6.src[0..31];
>  encodes as move:NXM_NX_IPV6_SRC[0..31]->NXM_OF_IP_SRC[]
> --
> 2.9.3
>
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 5/8] tests-ovsdb: Fix memory leak

[Ben Pfaff]

On Fri, Apr 07, 2017 at 02:43:43PM -0700, Yi-Hung Wei wrote:
> Fix memory leaks reported by valgrind.
> 
> Signed-off-by: Yi-Hung Wei 

Thanks, applied to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v2] dpif-netdev: Assign ports to pmds on non-local numa node.

[Stokes, Ian]

> Previously if there is no available (non-isolated) pmd on the numa node
> for a port then the port is not polled at all. This can result in a non-
> operational system until such time as nics are physically repositioned. It
> is preferable to operate with a pmd on the 'wrong' numa node albeit with
> lower performance. Local pmds are still chosen when available.
> 
> Signed-off-by: Billy O'Mahony 

Thanks for the patch Billy, few comments below.

> ---
>  Documentation/intro/install/dpdk.rst | 10 ++
>  lib/dpif-netdev.c| 36
> 
>  2 files changed, 42 insertions(+), 4 deletions(-)
> 
> diff --git a/Documentation/intro/install/dpdk.rst
> b/Documentation/intro/install/dpdk.rst
> index b947bd5..0e0b9f0 100644
> --- a/Documentation/intro/install/dpdk.rst
> +++ b/Documentation/intro/install/dpdk.rst
> @@ -450,6 +450,16 @@ affinitized accordingly.
>  pmd thread on a NUMA node is only created if there is at least one
> DPDK
>  interface from that NUMA node added to OVS.
> 
> +  .. note::
> +   On NUMA systems PCI devices are also local to a NUMA node.  Rx queues
> for
> +   PCI device will assigned to a pmd on it's local NUMA node if pmd-cpu-
> mask
> +   has created a pmd thread on that NUMA node.  If not the queue will be
> +   assigned to a pmd on a remote NUMA node.  This will result in reduced
> +   maximum throughput on that device.  In the case such a queue
> assingment

Typo in assignment.

> +   is made a warning message will be logged: "There's no available
> +   (non isolated) pmd thread on numa node N. Queue Q on port P will be
> assigned
> +   to a pmd on numa node M. Expect reduced performance."
> +
>  - QEMU vCPU thread Affinity
> 
>A VM performing simple packet forwarding or running complex packet
> pipelines diff --git a/lib/dpif-netdev.c b/lib/dpif-netdev.c index
> a14a2eb..c6570ba 100644
> --- a/lib/dpif-netdev.c
> +++ b/lib/dpif-netdev.c
> @@ -3149,10 +3149,13 @@ rr_numa_list_lookup(struct rr_numa_list *rr, int
> numa_id)  }
> 
>  static void
> -rr_numa_list_populate(struct dp_netdev *dp, struct rr_numa_list *rr)
> +rr_numa_list_populate(struct dp_netdev *dp, struct rr_numa_list *rr,
> +  int *all_numa_ids, unsigned all_numa_ids_sz,
> +  int *num_ids_written)
>  {
>  struct dp_netdev_pmd_thread *pmd;
>  struct rr_numa *numa;
> +unsigned idx = 0;
> 
>  hmap_init(>numas);
> 
> @@ -3170,7 +3173,11 @@ rr_numa_list_populate(struct dp_netdev *dp, struct
> rr_numa_list *rr)
>  numa->n_pmds++;
>  numa->pmds = xrealloc(numa->pmds, numa->n_pmds * sizeof *numa-
> >pmds);
>  numa->pmds[numa->n_pmds - 1] = pmd;
> +
> +all_numa_ids[idx % all_numa_ids_sz] = pmd->numa_id;
> +idx++;
>  }
> +*num_ids_written = idx;
>  }
> 
>  static struct dp_netdev_pmd_thread *
> @@ -3202,8 +3209,15 @@ rxq_scheduling(struct dp_netdev *dp, bool pinned)
> OVS_REQUIRES(dp->port_mutex)  {
>  struct dp_netdev_port *port;
>  struct rr_numa_list rr;
> +int all_numa_ids [64];
> +int all_numa_ids_sz = sizeof all_numa_ids / sizeof all_numa_ids[0];
> +unsigned all_numa_ids_idx = 0;
> +int all_numa_ids_max_idx = 0;
> +int num_numa_ids = 0;
> 
> -rr_numa_list_populate(dp, );
> +rr_numa_list_populate(dp, , all_numa_ids, all_numa_ids_sz,
> +  _numa_ids);
> +all_numa_ids_max_idx = MIN(num_numa_ids - 1, all_numa_ids_sz - 1);
> 
>  HMAP_FOR_EACH (port, node, >ports) {
>  struct rr_numa *numa;
> @@ -3234,10 +3248,24 @@ rxq_scheduling(struct dp_netdev *dp, bool pinned)
> OVS_REQUIRES(dp->port_mutex)
>  }
>  } else if (!pinned && q->core_id == OVS_CORE_UNSPEC) {
>  if (!numa) {
> +if (all_numa_ids_max_idx < 0) {
> +VLOG_ERR("There are no pmd threads. "
> + "Is pmd-cpu-mask set to zero?");

The VLOG_ERR is a bit general and misleading. A user could set a PMD on a numa 
node, add a DPDK device local to that node, isolate the PMD for that DPDK port, 
then add a second DPDK port that is local to the same numa node. This will 
trigger the ERR above.

Strictly speaking there is a PMD thread set on the numa node but it has been 
isolated. I would change the message above to include isolation. I would also 
add the name of the port searching for a PMD to the message so it is clear 
which port could not find a thread. Something like below

if (all_numa_ids_max_idx < 0) {
VLOG_ERR("There are no available pmd threads for %s. "
 "Is pmd-cpu-mask set to zero or isolated?", 
 netdev_get_name(port->netdev));

> +continue;
> +}
>  VLOG_WARN("There's no available (non isolated) pmd
> thread "
>"on numa node %d. Queue %d on port \'%s\'
> will "
> -  

Re: [ovs-dev] [PATCH] ovn-detrace: Add ovn-detrace to fedora rpm package.

[Ben Pfaff]

On Mon, Apr 24, 2017 at 12:33:51PM +0800, Guoshuai Li wrote:
> Otherwise, through the "make rpm-fedora" build fedora package will be error:
> error: Installed (but unpackaged) file(s) found:
>/usr/bin/ovn-detrace
>/usr/share/man/man1/ovn-detrace.1.gz
> 
> Signed-off-by: Guoshuai Li 

Thank you!  I applied this to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 4/8] ovsdb-idl: Fix memory leak

[Ben Pfaff]

On Fri, Apr 07, 2017 at 02:43:42PM -0700, Yi-Hung Wei wrote:
> In testcase "simple idl, conditional, multiple clauses in condition - C",
> valgrind reports a memory leak with the following call stack.
> xmalloc (util.c:112)
> resize (hmap.c:100)
> ovsdb_idl_condition_clone (ovsdb-idl.c:1075)
> ovsdb_idl_set_condition (ovsdb-idl.c:1095)
> update_conditions (test-ovsdb.c:2299)
> do_idl (test-ovsdb.c:2388)
> ovs_cmdl_run_command__ (command-line.c:115)
> main (test-ovsdb.c:73)
> 
> Signed-off-by: Yi-Hung Wei 

Thanks, I applied this to master, branch-2.7, and branch-2.6.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 3/8] bridge: Fix memory leak in port_configure()

[Ben Pfaff]

On Fri, Apr 07, 2017 at 02:43:41PM -0700, Yi-Hung Wei wrote:
> In testcase "ofproto-dpif - VLAN handling", valgrind reports a memory
> leak with the following call stack.
> xcalloc (util.c:95)
> bitmap_allocate (bitmap.h:51)
> vlan_bitmap_from_array (vlan-bitmap.c:32)
> port_configure (bridge.c:983)
> bridge_reconfigure (bridge.c:682)
> bridge_run (bridge.c:2993)
> main (ovs-vswitchd.c:111)
> 
> Signed-off-by: Yi-Hung Wei 

Thanks, I applied this to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 3/7] netdev-dpdk: Add support for keepalive functionality.

[Bodireddy, Bhanuprakash]

>>> The relay function is called by 'ovs_keepalive' thread. I didn't
>>> completely understand your concerns here. I would be happy to verify
>>> if you have any scenarios in mind that you think pose problems.
>>
>>My concern stems from this:
>>   "is relayed to monitoring framework by unlocking the semaphore."
>>
>>Assume the OvS vswitchd crashes while another process is pended on this
>>locked semaphore.  Since you do a shm_unlink, I think the pended
>>process waiting on that semaphore will be stuck.  Even worse, since we
>>do have a process left with a handle, the name will be unlinked, and
>>the memory and reading process (which may be ceilometer, but may be
>>something else) will be left orphaned waiting for an update so that they can
>destroy it.
>>
>>There's a lot of coordination that needs to be added here, and it's
>>likely not portable.  I'm not even sure if there are examples where it
>>has been shown to work 100% on specific systems.
>>
>>A much better design is to use a socket to share state.  Since it is
>>tied to the lifetime of a process, and cleanup is guaranteed by POSIX
>>(and all sane OSes,
>>anyway) you can rely on it.  It is a much better mechanism for
>>signaling changes, and a message based interface means you can make
>>this dump information to _any_ interested subscriber - even those who
>>are off system if you choose.
>>

Hello Aaron,

I got a chance to talk to collectd team and understood that the 'dpdkevents' 
plugin of collectd implementation changed a bit which I wasn't aware of when I 
posted v1 of this patch. In the new implementation semaphore isn't needed. How 
it works is: 
-  DPDK primary process(OvS-DPDK in our case) initializes the shared memory 
during startup and keeps writing the events.  
-  dpdkevents plugin of collectd would read the events from SHM block and in 
case of change in 'core state' notify the ceilometer.

- when the OvS crashes, it would automatically be restarted(ovs-vswitchd 
--monitor ) and as part of initialization the shared memory would be 
reinitialized(flags=O_CREAT | O_TRUNC | O_RDWR, 0666).
- dpdkevents plugin will call "dpdk_events_read()" at every predefined interval 
and shall open the SHM block and get the file descriptor. It goes on to check 
if there is any change in 'inode'. If there is no change in 'inode'  it means 
the OvS is intact and healthy. In case of change in inode(OvS has restarted), 
it would immediately unmap the memory, close the stale file descriptor and  
memory map the shared memory using the new file descriptor and read the updated 
events.

In this way we can avoid semaphore and also make sure the collectd would detect 
the primary application crashes. I tested this and found to be working in 
different scenarios. Please note that I was sending SIGABRT to OvS and started 
OvS using 'ovs-vswitch --monitor' option to restart the OvS automatically.

Sorry for taking so long to reply, some of the above mentioned changes in 
collectd are still WIP and are in the process of getting upstreamed.

Regards,
Bhanuprakash. 

>
>Thanks Aaron for clarifying this and appreciate all your feedback on this patch
>series.
>I shall try out the scenarios leading to unexpected crashes and see how well
>the applications recover on a restart and check for any further shortcomings.
>
>- Bhanuprakash.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 2/8] learn: Fix memory leak in learn_parse_sepc()

[Ben Pfaff]

On Sun, Apr 23, 2017 at 11:22:03AM -0700, Yi-Hung Wei wrote:
> On Sun, Apr 23, 2017 at 9:56 AM, Ben Pfaff  wrote:
> > On Fri, Apr 07, 2017 at 02:43:40PM -0700, Yi-Hung Wei wrote:
> >> In testcase "ofproto-dpif - fragment handling - actions", valgrind reports
> >> memeory leaks with the following call stack.
> >> xmalloc (util.c:112)
> >> xvasprintf (util.c:176)
> >> xasprintf (util.c:272)
> >> mf_parse_subfield__ (nx-match.c:1939)
> >> mf_parse_subfield (nx-match.c:1991)
> >> learn_parse_spec (learn.c:242)
> >> learn_parse__ (learn.c:436)
> >> learn_parse (learn.c:464)
> >> parse_LEARN (ofp-actions.c:4670)
> >> ofpact_parse (ofp-actions.c:8231)
> >> ofpacts_parse__ (ofp-actions.c:8278)
> >> ofpacts_parse (ofp-actions.c:8350)
> >> ofpacts_parse_copy (ofp-actions.c:8368)
> >> parse_ofp_str__ (ofp-parse.c:543)
> >> parse_ofp_str (ofp-parse.c:596)
> >> parse_ofp_flow_mod_str (ofp-parse.c:1024)
> >> ofctl_flow_mod (ovs-ofctl.c:1496)
> >> ovs_cmdl_run_command__ (command-line.c:115)
> >> main (ovs-ofctl.c:147)
> >>
> >> Signed-off-by: Yi-Hung Wei 
> >> ---
> >>  lib/learn.c | 4 
> >>  1 file changed, 4 insertions(+)
> >>
> >> diff --git a/lib/learn.c b/lib/learn.c
> >> index b7b70ac3d4e2..1c88b8fa402a 100644
> >> --- a/lib/learn.c
> >> +++ b/lib/learn.c
> >> @@ -322,6 +322,7 @@ learn_parse_spec(const char *orig, char *name, char 
> >> *value,
> >>  char *tail;
> >>  char *dst_value = strstr(value, "->");
> >>
> >> +free(error);
> >>  if (dst_value == value) {
> >>  return xasprintf("%s: missing source before `->' in `%s'", 
> >> name,
> >>   value);
> >> @@ -358,6 +359,8 @@ learn_parse_spec(const char *orig, char *name, char 
> >> *value,
> >>  spec->dst = move.dst;
> >>  }
> >>  } else if (!strcmp(name, "output")) {
> >> +free(error);
> >> +
> >>  char *error = mf_parse_subfield(>src, value);
> >>  if (error) {
> >>  return error;
> >> @@ -367,6 +370,7 @@ learn_parse_spec(const char *orig, char *name, char 
> >> *value,
> >>  spec->src_type = NX_LEARN_SRC_FIELD;
> >>  spec->dst_type = NX_LEARN_DST_OUTPUT;
> >>  } else {
> >> +free(error);
> >>  return xasprintf("%s: unknown keyword %s", orig, name);
> >>  }
> >
> > Thank you for the fix!  That introduces a lot of code duplication.  What
> > do you think of this version?
> >
> > --8<--cut here-->8--
> >
> > From: Yi-Hung Wei 
> > Date: Fri, 7 Apr 2017 14:43:40 -0700
> > Subject: [PATCH] learn: Fix memory leak in learn_parse_sepc()
> >
> > In testcase "ofproto-dpif - fragment handling - actions", valgrind reports
> > memeory leaks with the following call stack.
> > xmalloc (util.c:112)
> > xvasprintf (util.c:176)
> > xasprintf (util.c:272)
> > mf_parse_subfield__ (nx-match.c:1939)
> > mf_parse_subfield (nx-match.c:1991)
> > learn_parse_spec (learn.c:242)
> > learn_parse__ (learn.c:436)
> > learn_parse (learn.c:464)
> > parse_LEARN (ofp-actions.c:4670)
> > ofpact_parse (ofp-actions.c:8231)
> > ofpacts_parse__ (ofp-actions.c:8278)
> > ofpacts_parse (ofp-actions.c:8350)
> > ofpacts_parse_copy (ofp-actions.c:8368)
> > parse_ofp_str__ (ofp-parse.c:543)
> > parse_ofp_str (ofp-parse.c:596)
> > parse_ofp_flow_mod_str (ofp-parse.c:1024)
> > ofctl_flow_mod (ovs-ofctl.c:1496)
> > ovs_cmdl_run_command__ (command-line.c:115)
> > main (ovs-ofctl.c:147)
> >
> > Signed-off-by: Yi-Hung Wei 
> > Signed-off-by: Ben Pfaff 
> > ---
> >  lib/learn.c | 10 ++
> >  1 file changed, 6 insertions(+), 4 deletions(-)
> >
> > diff --git a/lib/learn.c b/lib/learn.c
> > index b7b70ac3d4e2..ebbc210c71ce 100644
> > --- a/lib/learn.c
> > +++ b/lib/learn.c
> > @@ -1,5 +1,5 @@
> >  /*
> > - * Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
> > + * Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016, 2017 Nicira, Inc.
> >   *
> >   * Licensed under the Apache License, Version 2.0 (the "License");
> >   * you may not use this file except in compliance with the License.
> > @@ -237,10 +237,12 @@ learn_parse_spec(const char *orig, char *name, char 
> > *value,
> >  {
> >  /* Parse destination and check prerequisites. */
> >  struct mf_subfield dst;
> > -char *error;
> >
> > -error = mf_parse_subfield(, name);
> > -if (!error) {
> > +char *error = mf_parse_subfield(, name);
> > +bool parse_error = error != NULL;
> > +free(error);
> > +
> > +if (parse_error) {
> 
> Thanks, it looks much better. It seems like there is a typo here.
> "  if (!parse_error) { "

You're right.  Thanks, I fixed that and I applied this to master and
branch-2.7.
___
dev 

[ovs-dev] [PATCH] ovs-ofctl: Document group selection algorithm.

[Ben Pfaff]

Signed-off-by: Ben Pfaff 
---
 utilities/ovs-ofctl.8.in | 10 ++
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/utilities/ovs-ofctl.8.in b/utilities/ovs-ofctl.8.in
index 96232a5003e4..2e6679ebe98c 100644
--- a/utilities/ovs-ofctl.8.in
+++ b/utilities/ovs-ofctl.8.in
@@ -1960,10 +1960,12 @@ other commands. The following keywords designated the 
allowed types:
 .IP \fBall\fR
 Execute all buckets in the group.
 .IP \fBselect\fR
-Execute one bucket in the group.
-The switch should select the bucket in such a way that should implement
-equal load sharing is achieved.  The switch may optionally select the
-bucket based on bucket weights.
+Execute one bucket in the group, balancing across the buckets
+according to their weights.  To select a bucket, for each live bucket,
+Open vSwitch hashes flow data with the bucket ID and multiplies by the
+bucket weight to obtain a ``score,'' and then selects the bucket with
+the highest score.  Use \fBselection_method\fR to control the flow
+data used for selection.
 .IP \fBindirect\fR
 Executes the one bucket in the group.
 .IP \fBff\fR
-- 
2.10.2

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] B2b Email Marketing List

[becky . smith]

Hi There,

Hope this email finds you well. Would you like to acquire the below
mentioned technologies users with *Verified Email List?* We are a Global
Technology User’s List Provider’s with *250 Million Plus *data and counting.

 *Technology Users*

*CRM Users*

*Business Intelligence*

*Cloud Computing Users*

*Other Technology Users*

Accounting Software User

Sugar CRM

SAP BI

Amazon Web Services

SAP Users

QuickBooks

Zoho CRM

IBM Cognos

Cloud Bees

IBM Users

Acumatica

Web CRM

ApeSoft

Rack Space

Oracle Users

AME Accounting Software

Sales force CRM

Birst

Google Apps

Jd Edwards Users

Financial Force

SAP CRM

Data Applied

Go grid

Cisco Users

Open Systems Accounting Software

Microsoft Dynamic CRM

Dimensional Insight

Right Scale

Citrix Users

NOSA XP and more

Sage CRM and more.

Dynamic AI and more

Sales force and more.

Virtualization Users and more

Kindly let us know based on the below data fields to provide you with
detailed information for your review.

Target Technology:

Target Titles:

Target Geography:

 Await your response!

Thanks,

Becky Smith

*Marketing Analyst*

To Opt out Response Unsubscribe in subjectline


___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] ovn-detrace: add generated files to .gitignore.

[Ben Pfaff]

On Mon, Apr 24, 2017 at 11:23:34AM +0200, Timothy Redaelli wrote:
> Signed-off-by: Timothy Redaelli 

Thanks!  I applied this to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] gitignore: Ignore /docs-check instead of /htmldocs-check

[Ben Pfaff]

On Mon, Apr 24, 2017 at 10:21:21AM +0100, Stephen Finucane wrote:
> On Mon, 2017-04-24 at 11:17 +0200, Timothy Redaelli wrote:
> > Fixes: fd0837a76f4c ("doc: Convert ovs-vlan-test to rST")
> > CC: Stephen Finucane 
> > Signed-off-by: Timothy Redaelli 
> 
> Oops - good spot.
> 
> Acked-by: Stephen Finucane 

Thanks Timothy and Stephen, I applied this to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v3 2/8] userspace: Support for push_eth and pop_eth actions

[Ben Pfaff]

On Mon, Apr 24, 2017 at 09:43:27AM +, Zoltán Balogh wrote:
>  
> > I am very disappointed that, apparently, 7 people from 6 different
> > companies have contributed to this code without ever using a simple
> > build tool, recommended by the OVS documentation, that finds real bugs.
> > Please install sparse and use it.  Then, after you fix the bugs that
> > sparse finds automatically for you, please resubmit the series.
> > 
> > Thanks,
> > 
> > Ben.
> 
> Hi Ben,
> 
> This was my fault, my build script did not pass "C=1" to make. I'm sorry.
> I'm fixing the warnings, rebasing the code to latest master and sending a new 
> patch set to the list.

Thank you!
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] Be Surprised Now!

[Tatar Nicole]

 





































 


Your 
Dreams Come True!

Here is 
the chance to reach your unachievable dream! Surprise yourself with a gift, 
which is impressive, extremely prestigious and hardly available anywhere. Your 
business partners’ and friends will value it. Appearance does matter everywhere 
and unfamiliar people form their opinion by the first impression of you. They 
will remember you as you are, so exude confidence because it is the secret for 
success in your business!

You can 
afford it now for a fraction of the original price. Why would you pay 
unnecessarily more, if it wasn’t needed? You can surprise your loved one, 
friend, business partner, boss and they will certainly remember you and your 
gift for a lifetime. Have a look, you will not be disappointed, I guarantee you

 











 



___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] Be Surprised Now!

[Tatar Nicole]

 





































 


Your 
Dreams Come True!

Here is 
the chance to reach your unachievable dream! Surprise yourself with a gift, 
which is impressive, extremely prestigious and hardly available anywhere. Your 
business partners’ and friends will value it. Appearance does matter everywhere 
and unfamiliar people form their opinion by the first impression of you. They 
will remember you as you are, so exude confidence because it is the secret for 
success in your business!

You can 
afford it now for a fraction of the original price. Why would you pay 
unnecessarily more, if it wasn’t needed? You can surprise your loved one, 
friend, business partner, boss and they will certainly remember you and your 
gift for a lifetime. Have a look, you will not be disappointed, I guarantee you

 











 



___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] Be Surprised Now!

[Tatar Nicole]

 





































 


Your 
Dreams Come True!

Here is 
the chance to reach your unachievable dream! Surprise yourself with a gift, 
which is impressive, extremely prestigious and hardly available anywhere. Your 
business partners’ and friends will value it. Appearance does matter everywhere 
and unfamiliar people form their opinion by the first impression of you. They 
will remember you as you are, so exude confidence because it is the secret for 
success in your business!

You can 
afford it now for a fraction of the original price. Why would you pay 
unnecessarily more, if it wasn’t needed? You can surprise your loved one, 
friend, business partner, boss and they will certainly remember you and your 
gift for a lifetime. Have a look, you will not be disappointed, I guarantee you

 











 



___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] Be Surprised Now!

[Temesi Nicole]

 





































 


Your 
Dreams Come True!

Here is 
the chance to reach your unachievable dream! Surprise yourself with a gift, 
which is impressive, extremely prestigious and hardly available anywhere. Your 
business partners’ and friends will value it. Appearance does matter everywhere 
and unfamiliar people form their opinion by the first impression of you. They 
will remember you as you are, so exude confidence because it is the secret for 
success in your business!

You can 
afford it now for a fraction of the original price. Why would you pay 
unnecessarily more, if it wasn’t needed? You can surprise your loved one, 
friend, business partner, boss and they will certainly remember you and your 
gift for a lifetime. Have a look, you will not be disappointed, I guarantee you

 











 



___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH ovs V7 02/24] netdev: Adding a new netdev api to be used for offloading flows

[Simon Horman]

On Tue, Apr 18, 2017 at 03:18:55PM +0300, Roi Dayan wrote:
> 
> 
> On 14/04/2017 04:11, Joe Stringer wrote:
> >On 7 April 2017 at 06:12, Roi Dayan  wrote:
> >>From: Paul Blakey 
> >>
> >>Signed-off-by: Paul Blakey 
> >>Reviewed-by: Roi Dayan 
> >>Reviewed-by: Simon Horman 
> >>---
> >
> >
> >
> >>diff --git a/lib/netdev.h b/lib/netdev.h
> >>index d6c07c1..6d2db7d 100644
> >>--- a/lib/netdev.h
> >>+++ b/lib/netdev.h
> >>@@ -156,6 +156,29 @@ int netdev_send(struct netdev *, int qid, struct 
> >>dp_packet_batch *,
> >> bool may_steal, bool concurrent_txq);
> >> void netdev_send_wait(struct netdev *, int qid);
> >>
> >>+/* Flow offloading. */
> >>+struct offload_info {
> >>+const void *port_hmap_obj; /* To query ports info from netdev port map 
> >>*/
> >>+ovs_be16 tp_dst_port; /* Destination port for tunnel in SET action */
> >
> >Is this assuming there is only ever one tunnel destination port? What
> >about multiple output?
> >
> 
> Yes. we currently only support single dst port output. if there is more than
> 1 we fail with EOPNOTSUPP and fallback to OVS datapath.
> the check is done in dpif-netlink.c parse_flow_put()

FWIW, from my PoV this is a shortcoming of the feature-set provided by
this patch-set and is something I would like to see lifted at some point in
the future - I would be interested in doing so if it isn't on anyone else's
todo list. Perhaps it would be useful to formally list what offloads are
supported by the API?

The above notwithstanding, I would expect that output to a single tunnel
vport covers a lot of use-cases.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v3 2/8] userspace: Support for push_eth and pop_eth actions

[Zoltán Balogh]

 
> I am very disappointed that, apparently, 7 people from 6 different
> companies have contributed to this code without ever using a simple
> build tool, recommended by the OVS documentation, that finds real bugs.
> Please install sparse and use it.  Then, after you fix the bugs that
> sparse finds automatically for you, please resubmit the series.
> 
> Thanks,
> 
> Ben.

Hi Ben,

This was my fault, my build script did not pass "C=1" to make. I'm sorry.
I'm fixing the warnings, rebasing the code to latest master and sending a new 
patch set to the list.

Best regards,
Zoltan
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] ovn-detrace: add generated files to .gitignore.

[Timothy Redaelli]

Signed-off-by: Timothy Redaelli 
---
 ovn/utilities/.gitignore | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ovn/utilities/.gitignore b/ovn/utilities/.gitignore
index 2c06825..dbc3719 100644
--- a/ovn/utilities/.gitignore
+++ b/ovn/utilities/.gitignore
@@ -5,3 +5,5 @@
 /ovn-sbctl.8
 /ovn-trace
 /ovn-trace.8
+/ovn-detrace
+/ovn-detrace.1
-- 
2.9.3

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] gitignore: Ignore /docs-check instead of /htmldocs-check

[Timothy Redaelli]

Fixes: fd0837a76f4c ("doc: Convert ovs-vlan-test to rST")
CC: Stephen Finucane 
Signed-off-by: Timothy Redaelli 
---
 .gitignore | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index df75b40..cc864ec 100644
--- a/.gitignore
+++ b/.gitignore
@@ -51,7 +51,7 @@
 /distfiles
 /dist-docs
 /flake8-check
-/htmldocs-check
+/docs-check
 /install-sh
 /libtool
 /manpage-check
-- 
2.9.3

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] Tweede kwartaal Employee Screening

[Anne-Karin Frisk]

Fra: Anne-Karin Frisk
Sendt: 24. april 2017 10:24
Til: Anne-Karin Frisk
Emne: Tweede kwartaal Employee Screening


Beste collega.

Uw Q2-screening is begonnen. Klik 
hier
 om te beginnen
HR management


___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] ovn: Document limitation in the L3HA plan

[Miguel Angel Ajo Pelayo]

Anil Venkata and I were talking about this last week and we
realised we had this limitation. It's not uncommon to other
mechanisms like VRRP or CARP, but we thought that it was
good to make sure everyone was on the same page, and
that having gateways across multiple L2 domains with routing
in the middle could be problematic. At a minimum it would require
less strict tuning of the BFD pinging intervals.



On Mon, Apr 24, 2017 at 10:21 AM,  wrote:

> From: Miguel Angel Ajo 
>
> The intergateway monitoring covers host failure well, but
> it doesn't cover path failure which is a more complicated
> problem.
>
> By this change I don't mean we should implement something
> to cover path failure right away, but that we should
> keep the limitation in mind.
>
> Signed-off-by: Miguel Angel Ajo 
> ---
>  Documentation/topics/high-availability.rst | 8 
>  1 file changed, 8 insertions(+)
>
> diff --git a/Documentation/topics/high-availability.rst
> b/Documentation/topics/high-availability.rst
> index 5b21b6469..7ee9357c0 100644
> --- a/Documentation/topics/high-availability.rst
> +++ b/Documentation/topics/high-availability.rst
> @@ -288,6 +288,14 @@ which are alive, and therefore whether or not that
> gateway happens to be the
>  leader.  If leading, the gateway forwards traffic normally, otherwise it
> drops
>  all traffic.
>
> +We should note that this method works well under the assumption that there
> +are no inter-gateway connectivity failures, in such case this method
> would fail
> +to elect a single master. The simplest example is two gateways which stop
> seeing
> +each other but can still reach the hypervisors. Protocols like VRRP or
> CARP
> +have the same issue. A mitigation for this type of failure mode could be
> +achieved by having all network elements (hypervisors and gateways)
> periodically
> +share their link status to other endpoints.
> +
>  Gateway Leadership Resignation
>  ++
>
> --
> 2.11.0 (Apple Git-81)
>
>
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] ovn: Document limitation in the L3HA plan

[majopela]

From: Miguel Angel Ajo 

The intergateway monitoring covers host failure well, but
it doesn't cover path failure which is a more complicated
problem.

By this change I don't mean we should implement something
to cover path failure right away, but that we should
keep the limitation in mind.

Signed-off-by: Miguel Angel Ajo 
---
 Documentation/topics/high-availability.rst | 8 
 1 file changed, 8 insertions(+)

diff --git a/Documentation/topics/high-availability.rst 
b/Documentation/topics/high-availability.rst
index 5b21b6469..7ee9357c0 100644
--- a/Documentation/topics/high-availability.rst
+++ b/Documentation/topics/high-availability.rst
@@ -288,6 +288,14 @@ which are alive, and therefore whether or not that gateway 
happens to be the
 leader.  If leading, the gateway forwards traffic normally, otherwise it drops
 all traffic.
 
+We should note that this method works well under the assumption that there
+are no inter-gateway connectivity failures, in such case this method would fail
+to elect a single master. The simplest example is two gateways which stop 
seeing
+each other but can still reach the hypervisors. Protocols like VRRP or CARP
+have the same issue. A mitigation for this type of failure mode could be
+achieved by having all network elements (hypervisors and gateways) periodically
+share their link status to other endpoints.
+
 Gateway Leadership Resignation
 ++
 
-- 
2.11.0 (Apple Git-81)

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] OVS installation issue with NSH patch

[Yang, Yi Y]

Hi, Kiruthiga

As I told you, please check your kernel version. 
https://github.com/yyang13/ovs_nsh_patches also included patches for ovs 2.6.1, 
if you have kernel version higher than v4.3, please use patches for 2.6.1. ovs 
2.5 only can be built on kernel 3.10 to 4.3.

-Original Message-
From: ovs-dev-boun...@openvswitch.org [mailto:ovs-dev-boun...@openvswitch.org] 
On Behalf Of Kiruthiga R
Sent: Monday, April 24, 2017 11:50 AM
To: Ben Pfaff 
Cc: ovs-dev@openvswitch.org
Subject: Re: [ovs-dev] OVS installation issue with NSH patch

Hi,

Please find the attachment.

Regards,
Kiruthiga

-Original Message-
From: Ben Pfaff [mailto:b...@ovn.org] 
Sent: Friday, April 21, 2017 9:35 PM
To: Kiruthiga R 
Cc: ovs-dev@openvswitch.org
Subject: Re: [ovs-dev] OVS installation issue with NSH patch

On Fri, Apr 21, 2017 at 05:40:57AM +, Kiruthiga R wrote:
> Hi Team,
> 
> I am trying to install OVS 2.5 with the NSH patch available in 
> https://github.com/yyang13/ovs_nsh_patches
> I am facing error while doing "make". Attached the screenshot of error 
> message.

I don't see any attachment.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] ovn.at: Fix "ovn -- 1 LR with distributed router gateway port" test

[Takashi YAMAMOTO]

On Mon, Apr 24, 2017 at 9:48 AM, Mickey Spiegel 
wrote:

>
> On Thu, Apr 20, 2017 at 6:32 PM, YAMAMOTO Takashi 
> wrote:
>
>> NetBSD implementation of wc command outputs extra whitespaces
>> like the following.  Tweak the test to success on such environments.
>>
>> % echo hoge|wc -l|hexdump -C
>>   20 20 20 20 20 20 20 31  0a   |
>>  1.|
>> 0009
>> %
>>
>> The failing test was introduced by
>> commit 41a15b71ed1ef35aa612a1128082219fbfc3f327
>> (ovn: Introduce distributed gateway port and "chassisredirect" port
>> binding)
>>
>> Signed-off-by: YAMAMOTO Takashi 
>>
>
> There are three more in one of the tests in system-ovn.at, affecting make
> check-kernel.
>

sure.
but those tests seem heavily linux-centric anyway for other reasons.


>
> Acked-by: Mickey Spiegel 
>
>
>
>> ---
>>  tests/ovn.at | 18 ++
>>  1 file changed, 6 insertions(+), 12 deletions(-)
>>
>> diff --git a/tests/ovn.at b/tests/ovn.at
>> index af77c19..1bffc4c 100644
>> --- a/tests/ovn.at
>> +++ b/tests/ovn.at
>> @@ -6567,20 +6567,14 @@ as hv3 ovs-ofctl dump-flows br-int
>>  echo "--"
>>
>>  # Check that redirect mapping is programmed only on hv2
>> -AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=33 | grep
>> =0x3,metadata=0x1 | wc -l], [0], [0
>> -])
>> -AT_CHECK([as hv2 ovs-ofctl dump-flows br-int table=33 | grep
>> =0x3,metadata=0x1 | grep load:0x2- | wc -l], [0], [1
>> -])
>> +AT_CHECK([test `as hv1 ovs-ofctl dump-flows br-int table=33 | grep
>> =0x3,metadata=0x1 | wc -l` -eq 0])
>> +AT_CHECK([test `as hv2 ovs-ofctl dump-flows br-int table=33 | grep
>> =0x3,metadata=0x1 | grep load:0x2- | wc -l` -eq 1])
>>  # Check that hv1 sends chassisredirect port traffic to hv2
>> -AT_CHECK([as hv1 ovs-ofctl dump-flows br-int table=32 | grep
>> =0x3,metadata=0x1 | grep output | wc -l], [0], [1
>> -])
>> -AT_CHECK([as hv2 ovs-ofctl dump-flows br-int table=32 | grep
>> =0x3,metadata=0x1 | wc -l], [0], [0
>> -])
>> +AT_CHECK([test `as hv1 ovs-ofctl dump-flows br-int table=32 | grep
>> =0x3,metadata=0x1 | grep output | wc -l` -eq 1])
>> +AT_CHECK([test `as hv2 ovs-ofctl dump-flows br-int table=32 | grep
>> =0x3,metadata=0x1 | wc -l` -eq 0])
>>  # Check that arp reply on distributed gateway port is only programmed on
>> hv2
>> -AT_CHECK([as hv1 ovs-ofctl dump-flows br-int | grep arp | grep
>> =0x2,metadata=0x1 | wc -l], [0], [0
>> -])
>> -AT_CHECK([as hv2 ovs-ofctl dump-flows br-int | grep arp | grep
>> =0x2,metadata=0x1 | wc -l], [0], [1
>> -])
>> +AT_CHECK([test `as hv1 ovs-ofctl dump-flows br-int | grep arp | grep
>> =0x2,metadata=0x1 | wc -l` -eq 0])
>> +AT_CHECK([test `as hv2 ovs-ofctl dump-flows br-int | grep arp | grep
>> =0x2,metadata=0x1 | wc -l` -eq 1])
>>
>>
>>  ip_to_hex() {
>> --
>> 2.5.4 (Apple Git-61)
>>
>> ___
>> dev mailing list
>> d...@openvswitch.org
>> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>>
>
>
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev