Re: [ovs-dev] [patch v1] conntrack: Support global drop statistics.

On Tue, Jul 10, 2018 at 10:38 AM, Ben Pfaff wrote: > On Tue, Jun 26, 2018 at 04:16:42PM -0700, Darrell Ball wrote: > > Signed-off-by: Darrell Ball > > I wonder whether coverage counters would be a better alternative? They > use thread-local data so incrementing them is cheaper than atomic >

Re: [ovs-dev] [RFC 00/14] ovn-controller incremental processing.

On Mon, Aug 6, 2018 at 3:13 AM, Mark Michelson wrote: > > Hi Han, > > I thought about this more over the weekend, and I was hoping I'd get to respond to my own e-mail before you saw it, because I realized I had a fundamental misunderstanding of the scope and nature of change handlers. I'll reply

[ovs-dev] [PATCH 3/3] ovn-trace: Fix warnings when port is found but not in current datapath.

When port group is used, ovn-trace may print warnings like this: $ ovn-trace ls1 'inport == "lp111" && eth.src == f0:00:00:00:01:11 && eth.dst == f0:00:00:00:01:12 && ip4.src == 192.168.11.1 && ip4.dst == 192.168.11.2 && ip.ttl == 10' 2018-08-02T01:43:23Z|1|ovntrace|WARN|lp211: not in

[ovs-dev] [PATCH 2/3] ovn-northd: Improve efficiency of stateful checking for ACLs on port groups.

Currently in has_stateful_acl(), to check if a datapath has stateful ACLs, it needs to iterate all port groups and check if the current datapath is related to each port group, and then iterate the ACLs on the port group. This is inefficient if there are a lot of port groups. A typical scenario is

[ovs-dev] [PATCH 1/3] ovn-northd: Simplify struct ovn_port_group.

Remove the redundant members that's already in nb_pg. Signed-off-by: Han Zhou --- ovn/northd/ovn-northd.c | 12 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c index 067d52d..d2a777f 100644 ---

[ovs-dev] [PATCH 0/3] Port group related enhancements.

These patches are related to port groups, but the patch 3/3 is independent from the others. Han Zhou (3): ovn-northd: Simplify struct ovn_port_group. ovn-northd: Improve efficiency of stateful checking for ACLs on port groups. ovn-trace: Fix warnings when port is found but not in

Re: [ovs-dev] [patch v4] dpctl: Make opt_dpif_open() more general.

On 8/6/18, 4:15 PM, "ovs-dev-boun...@openvswitch.org on behalf of Ben Pfaff" wrote: On Mon, Aug 06, 2018 at 03:55:55PM -0700, Darrell Ball wrote: > By making opt_dpif_open() more general, it can be used effectively > by all potential callers. Also, the error handling is improved

[ovs-dev] [patch v5] dpctl: Make opt_dpif_open() more general.

By making opt_dpif_open() more general, it can be used effectively by all potential callers and avoids trying to open potentially bogus datapaths provided by the user. Also, the error handling is improved by having more specific errors. Signed-off-by: Darrell Ball --- lib/dpctl.c |

Re: [ovs-dev] [ovs-dev,v3] tests: Test for ovs-ofctl snoop command

Bleep bloop. Greetings Ashish Varma, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. git-am: Failed to merge in the changes. Patch failed at 0001 tests: Test for ovs-ofctl snoop command The

Re: [ovs-dev] project idea for someone: hash function sensitivity

Bleep bloop. Greetings Ben Pfaff, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. checkpatch: ERROR: No signatures found. Lines checked: 101, Warnings: 0, Errors: 1 Please check this out.

Re: [ovs-dev] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

Bleep bloop. Greetings Ben Pfaff, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. git-am: Failed to merge in the changes. Patch failed at 0001 stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL

Re: [ovs-dev] [ovs-dev, v2] stream-ssl: Tweak recent change to fix travis builds.

Bleep bloop. Greetings Darrell Ball, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. git-am: Failed to merge in the changes. Patch failed at 0001 stream-ssl: Tweak recent change to fix travis

[ovs-dev] [PATCH v1] ovs-testcontroller: Added section for runtime managment commands

Even though there are no runtime management commands supported by ovs-testcontroller, the '--unixctl' section of the man page refers to 'RUNTIME MANAGEMENT COMMANDS'. This message which refers to the runtime management commands section is common for all '--unixctl' option. (via 'lib/unixctl.man')

Re: [ovs-dev] [PATCH 1/2] ofp-port: Fix buffer overread parsing Intel custom statistics.

On Fri, Jul 27, 2018 at 11:14:43AM -0700, Ben Pfaff wrote: > CC: Michal Weglicki > Fixes: 971f4b394c6e ("netdev: Custom statistics.") > Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9445 > Signed-off-by: Ben Pfaff Still needs a review. Thanks, Ben.

Re: [ovs-dev] [PATCH] checkpatch: warn on possible bare return

On Tue, Jul 31, 2018 at 04:37:38PM -0400, Bala Sankaran wrote: > void functions do not need to have a return statement, because > such statements are redundant. Warn the user of such instances. > > An interim line check is added to allow gathering additional > context for each line that is being

Re: [ovs-dev] [PATCH] ofproto: Return error codes for Rule insertions

On Wed, Aug 01, 2018 at 07:29:06AM +0530, Aravind Prasad wrote: > > > Currently, rule_insert() API does not have return value. There are > some possible > > > scenarios where rule insertions can fail at run-time even though the > static > > > checks during rule_construct() had passed previously.

Re: [ovs-dev] [PATCH] ovs-vtep: Pass log level arguments to underlying utils.

On Wed, Aug 01, 2018 at 06:54:22PM +0300, Ilya Maximets wrote: > Control utils should be called with the same verbose level > at least to manage output to system logs. For example, to > disable unwanted syslog messages in unit tests or to enable > higher debug levels if needed. > New arguments

Re: [ovs-dev] [PATCH] json: Use unnamed embedded union.

On Thu, Aug 02, 2018 at 06:52:55PM -0300, Flavio Leitner wrote: > On Thu, Aug 02, 2018 at 06:44:10PM -0300, Flavio Leitner wrote: > > Otherwise the code does not build. > > > > Fixes: fa37affad362 ("Embrace anonymous unions.") > > Signed-off-by: Flavio Leitner > > This needs to go in

Re: [ovs-dev] 答复: [PATCH v2] netlink-notifier: support blacklist

What is the cost of the notification? On Sat, Aug 04, 2018 at 03:58:57AM +, Linhaifeng wrote: > > @@ -1015,6 +1016,8 @@ dpdk_eth_dev_init(struct netdev_dpdk *dev) > > rte_eth_dev_info_get(dev->port_id, ); > > +rtnetlink_blacklist_add(dev->up.name); // add a

Re: [ovs-dev] [PATCH v3] tests: Test for ovs-ofctl snoop command

On Mon, Aug 06, 2018 at 03:53:37PM -0700, Ashish Varma wrote: > Added test for snoop command to check for the initial handshake messages > when a bridge connects to a controller via 'unix' connection method. > > Signed-off-by: Ashish Varma > --- > v2-v3: > > Moved 'on_exit kill" command before

Re: [ovs-dev] [PATCH v5 6/9] Documentation: IPsec tunnel tutorial and documentation.

Yes. This describes the real situation. I will apply this to the next series. Thanks, Qiuyu On Mon, Aug 6, 2018 at 4:25 PM, Ben Pfaff wrote: > On Mon, Aug 06, 2018 at 11:04:36AM -0700, Qiuyu Xiao wrote: >> tutorials/index.rst gives a step-by-setp guide to set up OVS IPsec >> tunnel. >> >>

Re: [ovs-dev] [PATCH v2] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

On Mon, Aug 06, 2018 at 04:07:03PM -0700, Darrell Ball wrote: > On Mon, Aug 6, 2018 at 3:53 PM, Ben Pfaff wrote: > > > On Mon, Aug 06, 2018 at 12:47:39PM -1000, Han Zhou wrote: > > > On Mon, Aug 6, 2018 at 12:39 PM, Ben Pfaff wrote: > > > > > > > > 10 of the travis builds are failing such as >

Re: [ovs-dev] [ACL Meters 7/7] ovn: Add rate-limiting for ACL logs.

On Mon, Jul 30, 2018 at 8:12 PM, Justin Pettit wrote: > > > > On Jul 30, 2018, at 5:58 PM, Justin Pettit wrote: > > > > Thanks for the review! I've pushed this series to master. > > I also just pushed this to branch-2.10. > > The rate-limiting is implemented using meters. Unfortunately,

Re: [ovs-dev] [PATCH v5 6/9] Documentation: IPsec tunnel tutorial and documentation.

On Mon, Aug 06, 2018 at 11:04:36AM -0700, Qiuyu Xiao wrote: > tutorials/index.rst gives a step-by-setp guide to set up OVS IPsec > tunnel. > > tutorials/ipsec.rst gives detailed explanation on the IPsec tunnel > configuration methods and forwarding modes. > > Signed-off-by: Qiuyu Xiao >

Re: [ovs-dev] [patch v4] dpctl: Make opt_dpif_open() more general.

On Mon, Aug 06, 2018 at 03:55:55PM -0700, Darrell Ball wrote: > By making opt_dpif_open() more general, it can be used effectively > by all potential callers. Also, the error handling is improved by > having more specific errors. > > Signed-off-by: Darrell Ball I'm not sure I understand the

Re: [ovs-dev] [PATCH v2] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

On Mon, Aug 6, 2018 at 3:53 PM, Ben Pfaff wrote: > On Mon, Aug 06, 2018 at 12:47:39PM -1000, Han Zhou wrote: > > On Mon, Aug 6, 2018 at 12:39 PM, Ben Pfaff wrote: > > > > > > 10 of the travis builds are failing such as > > > TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. > > > > > > Fixes:

[ovs-dev] [patch v4] dpctl: Make opt_dpif_open() more general.

By making opt_dpif_open() more general, it can be used effectively by all potential callers. Also, the error handling is improved by having more specific errors. Signed-off-by: Darrell Ball --- lib/dpctl.c | 71 +

[ovs-dev] [PATCH v3] tests: Test for ovs-ofctl snoop command

Added test for snoop command to check for the initial handshake messages when a bridge connects to a controller via 'unix' connection method. Signed-off-by: Ashish Varma --- v2-v3: Moved 'on_exit kill" command before the start of the command to avoid the race condition between start of the

Re: [ovs-dev] [PATCH v2] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

On Mon, Aug 06, 2018 at 12:47:39PM -1000, Han Zhou wrote: > On Mon, Aug 6, 2018 at 12:39 PM, Ben Pfaff wrote: > > > > 10 of the travis builds are failing such as > > TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. > > > > Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by >

[ovs-dev] project idea for someone: hash function sensitivity

In theory, all the OVS tests should pass if we change the hash function. In practice, some of them fail because changing the hash function changes ordering of some of the output of the tests. Currently I see the following failures: 805: tunnel.at:512 tunnel - ERSPAN v1/v2 metadata 1038:

Re: [ovs-dev] [PATCH v2] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

On Mon, Aug 6, 2018 at 12:39 PM, Ben Pfaff wrote: > > 10 of the travis builds are failing such as > TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. > > Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default") > CC: Timothy Redaelli > Signed-off-by: Darrell Ball >

Re: [ovs-dev] ofctl: Fixup compare_flows function

Bleep bloop. Greetings Alin Gabriel Serdean, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. checkpatch: ERROR: Too many signoffs; are you missing Co-authored-by lines? ERROR:

[ovs-dev] [PATCH v2] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

10 of the travis builds are failing such as TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default") CC: Timothy Redaelli Signed-off-by: Darrell Ball Signed-off-by: Ben Pfaff --- v1->v2: Add SSL_OP_NO_SSLv2 (thanks Han!).

Re: [ovs-dev] [PATCH] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

On Mon, Aug 06, 2018 at 12:23:27PM -1000, Han Zhou wrote: > On Mon, Aug 6, 2018 at 12:07 PM, Ben Pfaff wrote: > > > > 10 of the travis builds are failing such as > > TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. > > > > I don't know why SSL_OP_NO_SSL_MASK doesn't include SSL_OP_NO_SSLv2, > > but

Re: [ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

On Mon, Aug 6, 2018 at 3:18 PM, Han Zhou wrote: > > > On Mon, Aug 6, 2018 at 12:03 PM, Darrell Ball wrote: > >> >> >> On Mon, Aug 6, 2018 at 1:37 PM, Han Zhou wrote: >> >>> >>> >>> On Mon, Aug 6, 2018 at 9:59 AM, Darrell Ball wrote: >>> > >>> > Sure, and probably s/chamge/change/ would be

Re: [ovs-dev] [patch v2] stream-ssl: Tweak recent change to fix travis builds.

On Mon, Aug 6, 2018 at 3:07 PM, Ben Pfaff wrote: > On Mon, Aug 06, 2018 at 02:54:12PM -0700, Darrell Ball wrote: > > 10 of the travis builds are failing such as > > TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. > > > > Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by >

Re: [ovs-dev] [PATCH] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

On Mon, Aug 6, 2018 at 12:07 PM, Ben Pfaff wrote: > > 10 of the travis builds are failing such as > TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. > > I don't know why SSL_OP_NO_SSL_MASK doesn't include SSL_OP_NO_SSLv2, > but it doesn't in my copy of the appropriate header file. > > Fixes:

Re: [ovs-dev] [PATCH] utilities: Launch ovsdb-tool without using PAM

On Mon, Aug 06, 2018 at 08:33:46AM -0400, Aaron Conole wrote: > Timothy Redaelli writes: > > > When ovsdb-server is starting, it performs some DB steps such as > > creating and upgrading the OvS DB. When we are running as > > 'non-root' user, the 'runuser' tool is used to manage the privileges.

Re: [ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

On Mon, Aug 6, 2018 at 12:03 PM, Darrell Ball wrote: > > > On Mon, Aug 6, 2018 at 1:37 PM, Han Zhou wrote: > >> >> >> On Mon, Aug 6, 2018 at 9:59 AM, Darrell Ball wrote: >> > >> > Sure, and probably s/chamge/change/ would be good >> > >> > On 8/6/18, 12:32 PM, "ovs-dev-boun...@openvswitch.org

Re: [ovs-dev] [PATCH] ovs-ofctl: Better validate OpenFlow message length in "ofp-parse-pcap".

On Mon, Aug 06, 2018 at 08:52:12AM -0400, Aaron Conole wrote: > Ben Pfaff writes: > > > Reported-by: Oscar Wilde > > Reported-at: > > https://mail.openvswitch.org/pipermail/ovs-discuss/2018-July/047070.html > > Signed-off-by: Ben Pfaff > > --- > > Acked-by: Aaron Conole Thanks, applied to

Re: [ovs-dev] [PATCH v2] tests: Test for ovs-ofctl snoop command

On Mon, Aug 06, 2018 at 02:06:09PM -0700, Ashish Varma wrote: > Added test for snoop command to check for the initial handshake messages > when a bridge connects to a controller via 'unix' connection method. > > Signed-off-by: Ashish Varma > --- > v1-v2: > > Removed the sleep and added

[ovs-dev] [PATCH] stream-ssl: Define SSL_OP_NO_SSL_MASK for OpenSSL versions that lack it.

10 of the travis builds are failing such as TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. I don't know why SSL_OP_NO_SSL_MASK doesn't include SSL_OP_NO_SSLv2, but it doesn't in my copy of the appropriate header file. Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default")

Re: [ovs-dev] [patch v2] stream-ssl: Tweak recent change to fix travis builds.

On Mon, Aug 06, 2018 at 02:54:12PM -0700, Darrell Ball wrote: > 10 of the travis builds are failing such as > TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. > > Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default") > CC: Timothy Redaelli > Signed-off-by: Darrell Ball > ---

Re: [ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

On Mon, Aug 6, 2018 at 1:37 PM, Han Zhou wrote: > > > On Mon, Aug 6, 2018 at 9:59 AM, Darrell Ball wrote: > > > > Sure, and probably s/chamge/change/ would be good > > > > On 8/6/18, 12:32 PM, "ovs-dev-boun...@openvswitch.org on behalf of Ben > Pfaff" wrote: > > > > On Mon, Aug 06, 2018 at

Re: [ovs-dev] [PATCH] rhel: Add gcc and gcc-c++ to BuildRequires

On Mon, Aug 06, 2018 at 08:21:32PM +0200, Timothy Redaelli wrote: > Starting from Fedora 29, gcc and gcc-c++ won't be installed by default in > buildroot and so it's necessary to specify them explicitly in the spec file. > > https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot > >

Re: [ovs-dev] [patch v3 2/2] dpctl: Make opt_dpif_open() more general.

Doh, I’ll fix it up; thanks On 8/6/18, 2:57 PM, "ovs-dev-boun...@openvswitch.org on behalf of Ben Pfaff" wrote: On Mon, Aug 06, 2018 at 10:55:27AM -0700, Darrell Ball wrote: > By making opt_dpif_open() more general, it can be used effectively > by all potential callers. Also, the

Re: [ovs-dev] [patch v3 2/2] dpctl: Make opt_dpif_open() more general.

On Mon, Aug 06, 2018 at 10:55:27AM -0700, Darrell Ball wrote: > By making opt_dpif_open() more general, it can be used effectively > by all potential callers. Also, the error handling is improved by > having more specific errors. > > Signed-off-by: Darrell Ball > --- > lib/dpctl.c |

Re: [ovs-dev] [patch v3 1/2] dpctl: Simplify dpctl_flush_conntrack.

On Mon, Aug 06, 2018 at 10:55:26AM -0700, Darrell Ball wrote: > The function dpctl_flush_conntrack() and other such new functions with > multiple optional arguments can be simplified by reodering the checks > for optional parameters, where the datapath argument is checked for > last. > >

[ovs-dev] [patch v2] stream-ssl: Tweak recent change to fix travis builds.

10 of the travis builds are failing such as TESTSUITE=1 KERNEL=3.16.54 for gcc and clang. Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default") CC: Timothy Redaelli Signed-off-by: Darrell Ball --- lib/stream-ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

[ovs-dev] [PATCH v3 3/3] ovn-nbctl: Make daemon mode more transparent.

This makes ovn-nbctl transparently use daemon mode if an appropriate environment variable is set. It also transforms ovn-nbctl.at so that it runs each ovn-nbctl test in "direct" mode and in daemon mode. It uses a combination of m4 macros and shell functions to keep from expanding the generated

[ovs-dev] [PATCH v3 2/3] ovn-nbctl: Separate command-line options parsing and interpretation.

This will allow selected options to be interpreted locally and others to be passed to the daemon, when the daemon is in use. Signed-off-by: Ben Pfaff --- lib/command-line.c| 108 ++ lib/command-line.h| 10 +

[ovs-dev] [PATCH v3 1/3] unixctl: Make path to unixctl_server socket available to the client.

Acked-by: Alin Gabriel Serdean Acked-by: Mark Michelson Signed-off-by: Ben Pfaff --- lib/unixctl.c | 52 lib/unixctl.h | 2 ++ tests/daemon.at | 4 ++-- 3 files changed, 32 insertions(+), 26 deletions(-) diff --git a/lib/unixctl.c

[ovs-dev] [PATCH v3 0/3] Transparent use of daemon for ovn-nbctl

v1->v2: - Applied patches 1 and 2; added ack for patch 3 (thanks Alin!) - Polished up the daemon mode so that it works actually quite well and added tests that show that it behaves equivalently. v2->v3: - Fix bug in patch 2 pointed out by Mark Michelson (thanks!) and add his acks.

Re: [ovs-dev] [PATCH v2 2/3] ovn-nbctl: Separate command-line options parsing and interpretation.

On Mon, Aug 06, 2018 at 04:39:13PM -0400, Mark Michelson wrote: > On 08/03/2018 01:54 PM, Ben Pfaff wrote: > >This will allow selected options to be interpreted locally and others to > >be passed to the daemon, when the daemon is in use. > > > >Signed-off-by: Ben Pfaff > >+default: > >+

Re: [ovs-dev] [PATCH] ofctl: Fixup compare_flows function

On Tue, Aug 07, 2018 at 12:34:45AM +0300, Alin Gabriel Serdean wrote: > In the case there was no sorting criteria the flows on Windows were being > rearranged because it was always returning zero. > > Also check if there we need sorting to save a few cycles. > > CC: Ben Pfaff > Co-authored-by:

Re: [ovs-dev] [ovs-discuss] ovsdb-server core dump and ovsdb corruption using raft cluster

With Guru's help, I believe I have fixed it: https://patchwork.ozlabs.org/patch/954247/ On Wed, Aug 01, 2018 at 11:46:38AM -0700, Guru Shetty wrote: > I was able to reproduce it. I will work with Ben to get this fixed. > > On 26 July 2018 at 23:14, Girish Moodalbail wrote: > > > Hello

[ovs-dev] [PATCH] ovsdb-client: Make "wait" command logging more sensible.

The "wait" command in ovsdb-client (which was introduced as part of the clustering support) fairly often logs things that are normal for it but in other circumstances might be cause for concern, for example messages about being unable to connect to a remote. Until now, it has tried to suppress

[ovs-dev] [PATCH] raft: Fix use-after-free error in raft_store_snapshot().

raft_store_snapshot() constructs a new snapshot in a local variable then destroys the current snapshot and replaces it by the new one. Until now, it has not cloned the data in the new snapshot until it did the replacement. This led to the unexpected consequence that, if 'servers' in the old and

[ovs-dev] [PATCH] ofctl: Fixup compare_flows function

In the case there was no sorting criteria the flows on Windows were being rearranged because it was always returning zero. Also check if there we need sorting to save a few cycles. CC: Ben Pfaff Co-authored-by: Ben Pfaff Signed-off-by: Alin Gabriel Serdean --- utilities/ovs-ofctl.c | 6

Re: [ovs-dev] [PATCH v2 0/9] tests: Clean up syslog.

On Mon, Aug 06, 2018 at 06:18:19PM +0300, Ilya Maximets wrote: > On 04.08.2018 03:17, Ben Pfaff wrote: > > On Wed, Aug 01, 2018 at 05:00:09PM +0300, Ilya Maximets wrote: > >> Each run of the testsuite produces millions lines in a system > >> log. This is completely unnecessary and makes it

[ovs-dev] [PATCH v2] tests: Test for ovs-ofctl snoop command

Added test for snoop command to check for the initial handshake messages when a bridge connects to a controller via 'unix' connection method. Signed-off-by: Ashish Varma --- v1-v2: Removed the sleep and added OVS_WAIT_UNTIL. Added comment on why we are adding an exception for the 'connection

Re: [ovs-dev] [PATCH v2 1/3] unixctl: Make path to unixctl_server socket available to the client.

Acked-by: Mark Michelson On 08/03/2018 01:54 PM, Ben Pfaff wrote: Acked-by: Alin Gabriel Serdean Signed-off-by: Ben Pfaff --- lib/unixctl.c | 52 lib/unixctl.h | 2 ++ tests/daemon.at | 4 ++-- 3 files changed, 32 insertions(+),

Re: [ovs-dev] [PATCH v2 3/3] ovn-nbctl: Make daemon mode more transparent.

Acked-by: Mark Michelson On 08/03/2018 01:54 PM, Ben Pfaff wrote: This makes ovn-nbctl transparently use daemon mode if an appropriate environment variable is set. It also transforms ovn-nbctl.at so that it runs each ovn-nbctl test in "direct" mode and in daemon mode. It uses a combination

Re: [ovs-dev] [PATCH v2 2/3] ovn-nbctl: Separate command-line options parsing and interpretation.

On 08/03/2018 01:54 PM, Ben Pfaff wrote: This will allow selected options to be interpreted locally and others to be passed to the daemon, when the daemon is in use. Signed-off-by: Ben Pfaff --- lib/command-line.c| 108 ++

Re: [ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

On Mon, Aug 6, 2018 at 9:59 AM, Darrell Ball wrote: > > Sure, and probably s/chamge/change/ would be good > > On 8/6/18, 12:32 PM, "ovs-dev-boun...@openvswitch.org on behalf of Ben Pfaff" wrote: > > On Mon, Aug 06, 2018 at 12:02:42PM -0700, Darrell Ball wrote: > > Fixes: ab16d2c2871b

Re: [ovs-dev] infiniband (IPoIB) support

пн, 6 авг. 2018 г. в 17:34, Vasiliy Tolstov : > > And if IPoIB device cant't be added to openvswitch bridge, how can i > connect virtual network with physical in such setup: > > i have logical switch extnet with vm ports, each vm via ovn dhcp have > ip address from external network. > I want to

Re: [ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

Sure, and probably s/chamge/change/ would be good On 8/6/18, 12:32 PM, "ovs-dev-boun...@openvswitch.org on behalf of Ben Pfaff" wrote: On Mon, Aug 06, 2018 at 12:02:42PM -0700, Darrell Ball wrote: > Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default") > CC:

Re: [ovs-dev] [ovs-dev, v5, 9 of 9] Documentation: OVN RBAC and IPsec tutorial

Bleep bloop. Greetings Qiuyu Xiao, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. checkpatch: WARNING: Line is 81 characters long (recommended limit is 79) #159 FILE:

Re: [ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

On Mon, Aug 06, 2018 at 12:02:42PM -0700, Darrell Ball wrote: > Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default") > CC: Timothy Redaelli > Signed-off-by: Darrell Ball It'd be nice to cite one of the failing builds in the commit message. Timothy, do you want to

Re: [ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

if this applied, pls remove the extra newline On Mon, Aug 6, 2018 at 12:02 PM, Darrell Ball wrote: > Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by > default") > CC: Timothy Redaelli > Signed-off-by: Darrell Ball > --- > lib/stream-ssl.c | 4 +++- > 1 file changed, 3

Re: [ovs-dev] [PATCH v7 4/4] Replace router internal MAC with gateway MAC for reply packets

On 08/06/2018 01:58 PM, Anil Venkata wrote: Thanks Mark. Kindly look at my comment inline. On Fri, Aug 3, 2018 at 2:17 AM, Mark Michelson > wrote: On 08/01/2018 08:16 AM, vkomm...@redhat.com wrote: From: venkata anil

[ovs-dev] Waiting to hear from you

Attention Please, We are surprised as you have not responded to our previous notification concerning your \$650,000, United Nations has decided to compensate you as part of the empowerment program to reinstate those who have lost money to scammers in the past. To commence facilitating your

[ovs-dev] [patch v1] stream-ssl: Revert recent chamge to fix travis builds.

Fixes: ab16d2c2871b ("stream-ssl: Don't enable new TLS versions by default") CC: Timothy Redaelli Signed-off-by: Darrell Ball --- lib/stream-ssl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c index f3d623c..03aa972 100644 ---

[ovs-dev] [PATCH] rhel: Add gcc and gcc-c++ to BuildRequires

Starting from Fedora 29, gcc and gcc-c++ won't be installed by default in buildroot and so it's necessary to specify them explicitly in the spec file. https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot Signed-off-by: Timothy Redaelli --- rhel/openvswitch-fedora.spec.in | 1 + 1

[ovs-dev] [PATCH v5 8/9] OVN: native support for tunnel encryption

This patch adds IPsec support for OVN tunnel. Basically, OVN offers a binary option to its user for encryption configuration. If the IPsec option is turned on, all tunnels will be encrypted. Otherwise, no tunnel will be encrypted. The changes are summarized as below: 1) Added a ipsec column on

[ovs-dev] [PATCH v5 9/9] Documentation: OVN RBAC and IPsec tutorial

This patch adds step-by-step guide for configuring OVN Role-Based Access Control and IPsec. Signed-off-by: Qiuyu Xiao --- Documentation/automake.mk | 2 + Documentation/index.rst | 4 +- Documentation/tutorials/index.rst | 2 +

[ovs-dev] [PATCH v5 6/9] Documentation: IPsec tunnel tutorial and documentation.

tutorials/index.rst gives a step-by-setp guide to set up OVS IPsec tunnel. tutorials/ipsec.rst gives detailed explanation on the IPsec tunnel configuration methods and forwarding modes. Signed-off-by: Qiuyu Xiao Signed-off-by: Ansis Atteka Co-authored-by: Ansis Atteka ---

[ovs-dev] [PATCH v5 7/9] ovs-pki: generate x.509 v3 certificate

This patch modifies ovs-pki to generate x.509 version 3 certificate. Compared with the x.509 v1 certificate generated by ovs-pki, version 3 certificate adds subjectAltName field and sets its value the same as common name (CN). The main reason for this change is to enable strongSwan IKE daemon to

[ovs-dev] [PATCH v5 5/9] debian and rhel: Create IPsec package.

Added rules and files to create debian and rpm ovs-ipsec packages. Signed-off-by: Qiuyu Xiao Signed-off-by: Ansis Atteka Co-authored-by: Ansis Atteka --- debian/automake.mk| 3 + debian/control| 21 ++

[ovs-dev] [PATCH v5 4/9] ipsec: reintroduce IPsec support for tunneling

This patch reintroduces ovs-monitor-ipsec daemon that was previously removed by commit 2b02d770 ("openvswitch: Allow external IPsec tunnel management.") After this patch, there are no IPsec flavored tunnels anymore. IPsec is enabled by setting up the right values in: 1. OVSDB:Interface:options

[ovs-dev] [PATCH v5 3/9] datapath: add transport ports in route lookup for stt

This patch adds transport ports information for route lookup so that IPsec can select stt tunnel traffic to do encryption. Signed-off-by: Qiuyu Xiao Reviewed-by: Greg Rose Tested-by: Greg Rose --- datapath/linux/compat/stt.c | 15 ++- 1 file changed, 10 insertions(+), 5

[ovs-dev] [PATCH v5 2/9] datapath: add transport ports in route lookup for vxlan

This patch adds transport ports information for route lookup so that IPsec can select vxlan tunnel traffic to do encryption. Signed-off-by: Qiuyu Xiao Reviewed-by: Greg Rose Tested-by: Greg Rose --- datapath/linux/compat/vxlan.c | 14 -- 1 file changed, 12 insertions(+), 2

[ovs-dev] [PATCH v5 1/9] datapath: add transport ports in route lookup for geneve

This patch adds transport ports information for route lookup so that IPsec can select geneve tunnel traffic to do encryption. Signed-off-by: Qiuyu Xiao Reviewed-by: Greg Rose Tested-by: Greg Rose --- datapath/linux/compat/geneve.c | 29 +++-- 1 file changed, 19

[ovs-dev] [PATCH v5 0/9] IPsec support for tunneling

This patch series reintroduce IPsec support for OVS tunneling and enable OVN to use IPsec tunnels. GRE, VXLAN, GENEVE, and STT IPsec tunnels are supported. StrongSwan and LibreSwan IKE daemons are supported. Changes from v1 to v2 - 1. Merge the ovs-monitor-ipsec code to a

Re: [ovs-dev] [patch v2] dpctl: Simplify dpctl_flush_conntrack.

thanks for checking that; I thought the system tests has full coverage for these aspects. The proposed change would cause inappropriate log entries. Anyways, I rethought the approach to make it more general and sent a V3. On 8/3/18, 5:36 PM, "ovs-dev-boun...@openvswitch.org on behalf of Ben

Re: [ovs-dev] [PATCH v7 4/4] Replace router internal MAC with gateway MAC for reply packets

Thanks Mark. Kindly look at my comment inline. On Fri, Aug 3, 2018 at 2:17 AM, Mark Michelson wrote: > On 08/01/2018 08:16 AM, vkomm...@redhat.com wrote: > >> From: venkata anil >> >> Previous patches in the series doesn't address issue 1 explained in [1] >> i.e >> 1) removal of router gateway

[ovs-dev] [patch v3 1/2] dpctl: Simplify dpctl_flush_conntrack.

The function dpctl_flush_conntrack() and other such new functions with multiple optional arguments can be simplified by reodering the checks for optional parameters, where the datapath argument is checked for last. Signed-off-by: Darrell Ball --- lib/dpctl.c | 58

[ovs-dev] (no subject)

___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v2 0/9] tests: Clean up syslog.

On 04.08.2018 03:17, Ben Pfaff wrote: > On Wed, Aug 01, 2018 at 05:00:09PM +0300, Ilya Maximets wrote: >> Each run of the testsuite produces millions lines in a system >> log. This is completely unnecessary and makes it difficult to >> use system logs on test / build servers. >> >> This series is

Re: [ovs-dev] [PATCH v2 2/9] tests: Set default timeout for utils in subshell.

On 06.08.2018 16:47, Timothy Redaelli wrote: > On Wed, 01 Aug 2018 17:00:11 +0300 > Ilya Maximets wrote: > >> Aliases are not inheritable. To add a default options for utils >> executed in subshell we may try to catch them here and append >> options explicitly. >> >> There are still few cases

Re: [ovs-dev] infiniband (IPoIB) support

And if IPoIB device cant't be added to openvswitch bridge, how can i connect virtual network with physical in such setup: i have logical switch extnet with vm ports, each vm via ovn dhcp have ip address from external network. I want to route all traffic from this extnet via last ip address from

[ovs-dev] infiniband (IPoIB) support

Hi. I know about dpdk, but i have mellanox connectx-2 card with IPoIB in linux. And i want to add it to openvswitch bridge. I found topics (7 years ago) that says about no plans to add support for IPoIB devices. How can i add to ovs bridge IPoIB device? -- Vasiliy Tolstov, e-mail:

Re: [ovs-dev] [PATCH v2 2/9] tests: Set default timeout for utils in subshell.

On Wed, 01 Aug 2018 17:00:11 +0300 Ilya Maximets wrote: > Aliases are not inheritable. To add a default options for utils > executed in subshell we may try to catch them here and append > options explicitly. > > There are still few cases with utils invocation in subshell inside > the functions

Re: [ovs-dev] [RFC 00/14] ovn-controller incremental processing.

Hi Han, I thought about this more over the weekend, and I was hoping I'd get to respond to my own e-mail before you saw it, because I realized I had a fundamental misunderstanding of the scope and nature of change handlers. I'll reply to your comments in-line below. On 08/05/2018 03:11 PM,

Re: [ovs-dev] [PATCH] ovs-ofctl: Better validate OpenFlow message length in "ofp-parse-pcap".

Ben Pfaff writes: > Reported-by: Oscar Wilde > Reported-at: > https://mail.openvswitch.org/pipermail/ovs-discuss/2018-July/047070.html > Signed-off-by: Ben Pfaff > --- Acked-by: Aaron Conole ___ dev mailing list d...@openvswitch.org

Re: [ovs-dev] [PATCH] utilities: Launch ovsdb-tool without using PAM

Timothy Redaelli writes: > When ovsdb-server is starting, it performs some DB steps such as > creating and upgrading the OvS DB. When we are running as > 'non-root' user, the 'runuser' tool is used to manage the privileges. > However, when this happens during systemd boot, we observe the

Re: [ovs-dev] utilities: Launch ovsdb-tool without using PAM

Bleep bloop. Greetings Timothy Redaelli, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. checkpatch: ERROR: Too many signoffs; are you missing Co-authored-by lines? ERROR:

Re: [ovs-dev] [PATCH] utilities: Launch ovsdb-tool without using PAM

Hello Timothy, On 08/06/2018 01:03 PM, Timothy Redaelli wrote: > When ovsdb-server is starting, it performs some DB steps such as > creating and upgrading the OvS DB. When we are running as > 'non-root' user, the 'runuser' tool is used to manage the privileges. > However, when this happens during

[ovs-dev] [PATCH] utilities: Launch ovsdb-tool without using PAM

When ovsdb-server is starting, it performs some DB steps such as creating and upgrading the OvS DB. When we are running as 'non-root' user, the 'runuser' tool is used to manage the privileges. However, when this happens during systemd boot, we observe the following errors in journald: Jun 21

[ovs-dev] Contact my secretary.

Hello, I am pleased to inform you about my success in getting those funds transferred with the cooperation of a new partner from Vietnam. Currently, i am with him for investment projects with my share of the total sum. However, i did not forget your past efforts and attempts to assist me in

  1   2   >