for l3gw that
are sitting on different chassis.
Signed-off-by: Ales Musil
Reported-at: https://bugzilla.redhat.com/2062580
---
controller/pinctrl.c | 2 +-
tests/ovn.at | 103 +++
2 files changed, 104 insertions(+), 1 deletion(-)
diff --git
n new actions for lb affinity")
Reported-at: https://bugzilla.redhat.com/2224260
Signed-off-by: Ales Musil
Signed-off-by: Dumitru Ceara
(cherry picked from commit 0f4df76)
---
northd/northd.c | 20 +++-
tests/ovn-northd.at | 19 +++
2 files changed, 34
;ports, >dp_node);
> -sbrec_port_binding_delete(op->sb);
> - delete_fdb_entry(ni->sbrec_fdb_by_dp_and_port,
> od->tunnel_key,
> - op->tunnel_key);
> -}
> -}
> -
> -/* Check if
OMPUTE
> @@ -9995,7 +10015,7 @@ CHECK_NO_CHANGE_AFTER_RECOMPUTE
>
> check as northd ovn-appctl -t NORTHD_TYPE inc-engine/clear-stats
> check ovn-nbctl add logical_switch sw0 load_balancer_group $lbg1_uuid
> -check_engine_stats lb_data norecompute nocompute
> +check_en
On Wed, Aug 30, 2023 at 1:03 PM Dumitru Ceara wrote:
>
> On 7/20/23 14:57, Ales Musil wrote:
> > The affinity code was differentiating between force_snat
> > and skip snat. However, if both parameters were set at the
> > same time the force_snat would be preferred, which s
n new actions for lb affinity")
Reported-at: https://bugzilla.redhat.com/2224260
Signed-off-by: Ales Musil
Signed-off-by: Dumitru Ceara
(cherry picked from commit 0f4df76)
---
northd/northd.c | 20 +++-
tests/ovn-northd.at | 19 +++
2 files changed, 34
On Fri, Aug 18, 2023 at 10:59 AM wrote:
> From: Numan Siddique
>
> When a logical router gets updated due to load balancer or load balancer
> groups changes, it is now incrementally handled first in 'lb_data'
> engine node similar to how logical switch changes are handled. The
> tracking data
> +add_router_port_garp = true;
> +}
> +
> +if (add_router_port_garp) {
> +struct ds garp_info = DS_EMPTY_INITIALIZER;
> +ds_put_format(_info, "%s",
> op->peer->lrp_networks.ea_s);
> +
&
AT_SETUP([sync_to_sb_lb incremental processing])
> +ovn_start
> +
> +check ovn-nbctl ls-add sw
> +check ovn-nbctl lsp-add sw p1
> +
> +check ovn-nbctl --wait=sb sync
> +check as northd ovn-appctl -t NORTHD_TYPE inc-engine/clear-stats
> +
> +check ovn-nbctl --wait=sb lsp-set-options p1 foo=bar
> +sb_lb_recomp=$(as northd ovn-appctl -t NORTHD_TYPE inc-engine/show-stats
> sync_to_sb_lb recompute)
> +AT_CHECK([test x$sb_lb_recomp = x0])
> +
> +check ovn-nbctl --wait=sb lsp-set-type p1 external
> +sb_lb_recomp=$(as northd ovn-appctl -t NORTHD_TYPE inc-engine/show-stats
> sync_to_sb_lb recompute)
> +AT_CHECK([test x$sb_lb_recomp != x0])
> +
> +AT_CLEANUP
> +])
> +
> OVN_FOR_EACH_NORTHD_NO_HV([
> AT_SETUP([LSP incremental processing])
> ovn_start
> --
> 2.40.1
>
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
Looks good to me, thanks.
Reviewed-by: Ales Musil
--
Ales Musil
Senior Software Engineer - OVN Core
Red Hat EMEA
amu...@redhat.comIM: amusil
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
On Fri, Aug 18, 2023 at 10:58 AM wrote:
> From: Numan Siddique
>
> Any changes to load balancers and load balancer groups
> are handled incrementally in the newly added 'lb_data'
> engine node. 'lb_data' is input to 'northd' node
> and the handler - northd_lb_data_handler in 'northd'
> node
ocompute
> +check_engine_stats northd norecompute compute
> check_engine_stats lflow recompute nocompute
> CHECK_NO_CHANGE_AFTER_RECOMPUTE
>
> @@ -10046,7 +10058,7 @@ CHECK_NO_CHANGE_AFTER_RECOMPUTE
> check as northd ovn-appctl -t NORTHD_TYPE inc-engine/clear-stats
> check o
On Fri, Aug 18, 2023 at 10:57 AM wrote:
> From: Numan Siddique
>
> This patch separates out the 'lbs' and 'lb_groups' from the 'northd' engine
> node data into a new engine node 'lb_data'. This new node becomes
> an input to the 'northd' node.
>
> This makes handling the NB load balancer and
) and we can also remove 6 jobs from the CI pipeline.
The time reduction is very noticeable going down from ~30 min
to ~20 min.
Signed-off-by: Ales Musil
---
.github/workflows/test.yml | 30 --
tests/ovn-macros.at| 14 +-
tests/ovs-macros.at| 6
,nd_tll=00:00:00:00:00:00
> actions=load:0->NXM_NX_REG10[[12]]
> + table=74,
> priority=90,icmp6,reg14=0x$sw0p2_key,metadata=0x1,nw_ttl=255,icmp_type=136,icmp_code=0,nd_target=fe80::200:ff:fe00:13,nd_tll=00:00:00:00:00:13
> actions=load:0->NXM_NX_REG10[[12]]
> + table=74,
> priority=90,icmp6,reg14=0x$sw0p2_key,metadata=
onntrack.c, which is
> a userspace conntrack inplementation, or maybe the common conntrack changes
> that applies to either implementation. 'netlink-conntrack' makes more
> sense
> in the current case.
>
> On 8/2/23 11:40, Ales Musil wrote:
> > The SCTP protocol ports were exc
ovn-sbctl dump-flows sw1 | tee sbflows11 | grep backends | grep
> priority=120 | sed 's/table=..//' | sort],
>0, [dnl
> - (ls_in_lb ), priority=120 , match=(ct.new && ip4.dst ==
> 10.0.0.10 && tcp.dst == 80), action=(reg0[[1]] = 0; ct_lb(bac
_for_lb = 1; next;)
>table=7 (lr_in_dnat ), priority=70 , match=(ct.est && !ct.rel
> && !ct.new && ct_label.natted && ct_label.skip_snat == 1),
> action=(flags.skip_snat_for_lb = 1; next;)
>table=7 (lr_in_dnat ), priority=50 ,
them as part of the one gcc cycle? Either with -jemalloc
or without (arguably we wouldn't cover the sanitizer case). The unfortunate
thing about weekly runs and such is the propagation of the flag and the
whole pipeline is more complex. I'll wait for some other suggestions before
I'll put out v2.
his option is false.
> +
> +
> +
>
> Configure a given OUI to be used as prefix when L2 address is
> dynamically assigned, e.g. 00:11:22
> --
> 2.38.1
>
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
Looks good to me, thanks.
Acked-by: Ales Musil
--
Ales Musil
Senior Software Engineer - OVN Core
Red Hat EMEA
amu...@redhat.comIM: amusil
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
On Sat, Sep 9, 2023 at 12:33 AM Ilya Maximets wrote:
> On 8/10/23 14:48, Ales Musil wrote:
> > Add support for setting CT zone limit via ovs-vswitchd
> > database CT_Zone entry. The limit is propagated
> > into corresponding datapath.
>
Hi Ilya,
>
> Thank
ified.
[0] https://www.ietf.org/rfc/rfc2461.txt
Reported-at: https://issues.redhat.com/browse/FDP-43
Signed-off-by: Ales Musil
---
controller/pinctrl.c | 6 ++
tests/ovn.at | 230 +--
2 files changed, 116 insertions(+), 120 deletions(-)
diff --git a/
that is bigger than allowed size is OVN
bug, and it should be fixed.
Reported-at: https://bugzilla.redhat.com/1955167
Signed-off-by: Ales Musil
---
v2: Fix the formatting error.
v3: Rebase on top of current main.
Add coverage counter for the too long error.
---
controller/ofctrl.c | 45
=conjunction(1,1/2), conjunction(1,1/2)
Make sure that we add only conjunctions that are not present
in the already existing flow.
Reported-at: https://bugzilla.redhat.com/2175928
Acked-by: Mark Michelson
Signed-off-by: Ales Musil
---
v3: Rebase on top of current main.
---
controller/ofctrl.c | 56
ist nur für
> die Verwertung durch den vorgesehenen Empfänger bestimmt.
> Sollten Sie nicht der vorgesehene Empfänger sein, setzen Sie den Absender
> bitte unverzüglich in Kenntnis und löschen diese E Mail.
>
> Hinweise zum Datenschutz finden Sie hier<http
be useful. We need custom backport
patches anyway for every branch except 23.06.
Thanks,
Ales
>
> On 8/31/23 03:27, Ales Musil wrote:
> > Bump submodule to branch-3.2 mainly for:
> > 759a29dc2d97 ("backtrace: Extend the backtrace functionality.")
> > 1d78a3f3164a (&
From: Ihar Hrachyshka
This function will later be used to handle port binding updates for
postponed (throttled) bindings.
Conflicts:
controller/binding.c
Signed-off-by: Ihar Hrachyshka
Acked-by: Mark Michelson
Signed-off-by: Numan Siddique
(cherry picked from commit
From: Ihar Hrachyshka
When multiple chassis are fighting for the same port (requested-chassis
is not set, e.g. for gateway ports), they may produce an unreasonable
number of chassis field updates in a very short time frame (hundreds of
updates in several seconds). This puts unnecessary load on
he Inhalte und ist nur für
> die Verwertung durch den vorgesehenen Empfänger bestimmt.
> Sollten Sie nicht der vorgesehene Empfänger sein, setzen Sie den Absender
> bitte unverzüglich in Kenntnis und löschen diese E Mail.
>
> Hinweise zum Datenschutz finden Sie hier<https://www.datensch
2
> AT_CHECK([ovn_as az2 ovn-nbctl lr-route-list lr22 | grep 192.168 |
> grep learned | awk '{print $1, $2}' | sort ], [0], [dnl
> 192.168.0.0/24 169.254.10.11
> +192.168.1.0/24 169.254.10.21
> ])
>
> OVN_CLEANUP_IC([az1], [az2])
> --
> 2.42.0
>
> Diese
On Wed, Sep 6, 2023 at 8:05 PM Han Zhou wrote:
>
>
>
> On Wed, Sep 6, 2023 at 12:55 AM Ales Musil wrote:
> >
> > On Wed, Sep 6, 2023 at 9:42 AM Xavier Simonart wrote:
> >
> > > Hi Ales
> > >
> >
> > Hi Xavier,
> >
>
inport ==
> "lr0-public" && ip4.src == 1.0.0.1), action=(reg9[[5]] = chk_ecmp_nh_mac();
> ct_next;)
> - table=??(lr_in_defrag ), priority=100 , match=(reg7 == 0 &&
> ip4.dst == 1.0.0.1/32), action=(reg9[[5]] = chk_ecmp_nh(); ct_next;)
> +AT_CHE
-off-by: Ales Musil
---
.github/workflows/test.yml | 28 +++-
tests/ovn-macros.at| 15 +++
tests/ovn-northd.at| 20 ++--
3 files changed, 32 insertions(+), 31 deletions(-)
diff --git a/.github/workflows/test.yml b/.github
ld_helpers.")
Reported-at: https://bugzilla.redhat.com/2164058
Signed-off-by: Ales Musil
---
Makefile.am | 2 +-
build-aux/sodepends.py| 2 +-
build-aux/soexpand.py | 2 +-
build-aux/xml2nroff | 14 +++---
c
t
> index bb5cbf0b9..72420f2bb 100644
> --- a/tests/ovn.at
> +++ b/tests/ovn.at
> @@ -9098,6 +9098,7 @@ AT_CLEANUP
>
> OVN_FOR_EACH_NORTHD([
> AT_SETUP([send gratuitous arp for l3gateway only on selected chassis])
> +AT_SKIP_IF([test $HAVE_TCPDUMP = no])
> ovn_start
>
> # Create logical switch
> @@ -9187,6 +9188,21 @@ sleep 2
> OVN_CHECK_PACKETS_CONTAIN([hv2/snoopvif-tx.pcap], [arp_expected])
> OVN_CHECK_PACKETS([hv1/snoopvif-tx.pcap], [empty_expected])
>
> +# Temporarily remove lr0 chassis
> +AT_CHECK([ovn-nbctl --wait=hv remove logical_router lr0 options chassis])
> +
> +as hv1 reset_pcap_file snoopvif hv1/snoopvif
> +as hv2 reset_pcap_file snoopvif hv2/snoopvif
> +
> +AT_CHECK([ovn-nbctl --wait=hv set logical_router lr0 options:chassis=hv1])
> +# set garp max timeout to 2s
> +AT_CHECK([as hv1 ovs-vsctl set Open_vSwitch .
> external-ids:garp-max-timeout-sec=2])
> +
> +OVS_WAIT_UNTIL([
> +n_arp=$(tcpdump -c 10 -ner hv1/snoopvif-tx.pcap arp | wc -l)
> +test "$n_arp" = 10
> +])
> +
> OVN_CLEANUP([hv1],[hv2])
>
> AT_CLEANUP
> --
> 2.41.0
>
Looks good to me, thanks.
Acked-by: Ales Musil
--
Ales Musil
Senior Software Engineer - OVN Core
Red Hat EMEA
amu...@redhat.comIM: amusil
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
olumn "sw1.1" sb:Port_Group ports name="${sw1_key}_pg1"
> +AT_CHECK([fetch_column sb:Port_Group ports name="${sw2_key}_pg1"], [0], [
> +])
> +check_column "sw1.2" sb:Port_Group ports name="${sw1_key}_pg2"
> +AT_CHECK([fetch_column sb:Port
On Thu, Sep 14, 2023 at 6:48 PM Numan Siddique wrote:
> On Fri, Sep 8, 2023 at 8:12 AM Ales Musil wrote:
> >
> > The release message indicates that the address is
> > no longer in use. Simply reply with status code success
> > without any special handling as we do no
..75611c1d5 100644
> --- a/tests/system-ovn.at
> +++ b/tests/system-ovn.at
> @@ -6630,6 +6630,28 @@ AT_CHECK([ovn-nbctl set Logical_Switch_Port ext
> options:qos_min_rate=40])
> AT_CHECK([ovn-nbctl set Logical_Switch_Port ext options:qos_max_rate=60])
> AT_CHECK([ovn-nbct
"", 0, 0, exit, None)
> +ovs.unixctl.command_register("payload", "", 1, 1, payload, None)
> +ovs.daemon.daemonize_complete()
> +
> +poller = ovs.poller.Poller()
> +while not exiting:
> +server.run()
> +server.wait(p
in during partial match. This should still be considered
a bug, because OvS currently supports SCTP CT entries,
and it should also support partial flush for them the same
way it supports partial flush for TCP/UDP.
Reported-at: https://bugzilla.redhat.com/2228037
Signed-off-by: Ales Musil
---
v2
The release message indicates that the address is
no longer in use. Simply reply with status code success
without any special handling as we do not store the
information about address being in use.
Reported-at: https://bugzilla.redhat.com/2237855
Signed-off-by: Ales Musil
---
controller
On Tue, Oct 17, 2023 at 7:08 AM Ales Musil wrote:
> On Mon, Oct 16, 2023 at 10:20 PM Mark Michelson
> wrote:
> >
> > Hi Ales,
> >
> > The patch makes sense to me. Is there something that guarantees that
> > clang >= 16 is installed when running CI?
>
Mark Michelson
>
> On 10/16/23 04:08, Ales Musil wrote:
> > The clang from version 16 and further fixes
> > the issue which was causing the slowness.
> > Remove the workaround which allows
> > the leak sanitizers to run on ARM64 as well.
> >
> > Signed-off-b
The clang from version 16 and further fixes
the issue which was causing the slowness.
Remove the workaround for version with the fix
applied which allows the leak sanitizers to
run on ARM64 as well.
Signed-off-by: Ales Musil
---
v2: Check the clang version instead of removing the whole
The -i option is not portable and doesn't work
on all platforms. Use -m instead.
Fixes: 87f3c2364a5b ("utilities: Add simple container automation")
Signed-off-by: Ales Musil
---
v2: Add Fixes tag.
---
.ci/ci.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.ci/c
On Wed, Oct 25, 2023 at 12:25 AM Ilya Maximets wrote:
> On 10/18/23 08:28, Ales Musil wrote:
> > Extend the current NX_CT_FLUSH with four additional fields,
> > that allow to match on CT entry "mark" or "labels". This
> > is encoded as separat
On Fri, Oct 20, 2023 at 10:46 PM Ihar Hrachyshka
wrote:
> On 10/6/23 3:02 AM, Ales Musil wrote:
> > The unixctl exit command would receive reply immediately
> > which is confusing and can cause some issues in some tests
> > if the cleanup takes longer than expected. To avo
The series exposes CT limit via DB, adding
user friendly ovs-vsctl interface. The DB value
has priority before the dpctl interface, this is
achieved by storing which datapath is protected.
The dpctl will return an error if the limit is
already set in DB for that datapath.
Ales Musil (6):
ct
Propagate the CT limit that is present in the DB into
datapath. The limit is currently only propagated on change
and can be overwritten by the dpctl commands.
Signed-off-by: Ales Musil
---
v6: Rebase on top of current master.
Address comments from Ilya:
- Update the comments and names
Make sure that if any zone limit was set via DB
all zones are forced to be set there also. This
is done by tracking which datapath has zone limit
protection and it is reflected in the dpctl command.
If the datapath is protected the dpctl command will
return permission error.
Signed-off-by: Ales
en-std.org/jtc1/sc22/wg14/www/docs/n3054.pdf
Signed-off-by: Ales Musil
---
controller/ovn-controller.c | 2 +-
controller/pinctrl.c| 4 ++--
lib/actions.c | 6 +++---
northd/ovn-northd.c | 4 ++--
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/controlle
Add optional argument to dpctl ct-del-limits called
"default", which allows to remove the default limit
making it effectively system default.
Signed-off-by: Ales Musil
---
v6: Rebase on top of current master.
Address comments from Ilya:
- Adjust the log message so it does
Add limit to the CT zone DB table with ovs-vsctl
helper methods. The limit has two special values
besides any number, 0 is unlimited and empty limit
is to leave the value untouched in the datapath.
This is preparation step and the value is not yet
propagated to the datapath.
Signed-off-by: Ales
The zone 0 is default system zone, do not use this
zone for the test because it might contain some
entries already which could cause flakiness during
the check.
In order to still have the zone 0 parsing coverage
add simple unit tests for dpctl.
Signed-off-by: Ales Musil
---
v6: Rebase on top
.
Signed-off-by: Ales Musil
---
v6: Rebase on top of current master.
Address comments from Ilya:
- Add assert to conntrack.h for the zone numbers.
- Some minot cosmetic changes.
v5: Rebase on top of current master.
Address comments from Ilya:
- Fix some typos.
- Use
On Wed, Oct 25, 2023 at 1:35 PM Ilya Maximets wrote:
> On 10/18/23 09:56, Ales Musil wrote:
> > Internally handle default CT zone limit as other limits that
> > can be passed via the list with special value -1. Currently,
> > the -1 is treated by both datapaths as default, a
On Wed, Oct 25, 2023 at 1:39 PM Ilya Maximets wrote:
>
> On 10/18/23 09:56, Ales Musil wrote:
> > Add optional argument to dpctl ct-del-limits called
> > "default", which allows to remove the default limit
> > making it effectively system default.
> >
>
On Wed, Oct 25, 2023 at 2:52 PM Ilya Maximets wrote:
> On 10/18/23 09:56, Ales Musil wrote:
> > Make sure that if any zone limit was set via DB
> > all zones are forced to be set there also. This
> > is done by tracking which datapath has zone limit
> > pro
On Wed, Oct 25, 2023 at 2:33 PM Ilya Maximets wrote:
>
> On 10/18/23 09:56, Ales Musil wrote:
> > Propagate the CT limit that is present in the DB into
> > datapath. The limit is currently only propagated on change
> > and can be overwritten by the dpctl commands.
>
On Wed, Oct 25, 2023 at 2:00 PM Ilya Maximets wrote:
> On 10/18/23 09:56, Ales Musil wrote:
> > Add limit to the CT zone DB table with ovs-vsctl
> > helper methods. The limit has two special values
> > besides any number, 0 is unlimited and empty limit
> > is t
@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
>
The whole series looks good to me, thanks.
Acked-by: Ales Musil
--
Ales Musil
Senior Software Engineer - OVN Core
Red Hat EMEA <https://www.redhat.com>
amu...@redhat.com
<https:/
gt; + */
> +poll_immediate_wake();
> +}
> } else {
> /* ovn-ic is paused
> *- we still want to handle any db updates and update the
> --
> 2.31.1
>
> _
[0], [dnl
> OVN_CLEANUP([hv1])
> AT_CLEANUP
> ])
> +
> +OVN_FOR_EACH_NORTHD([
> +AT_SETUP([multicast group buffer split])
> +AT_KEYWORDS([ovn-mc-split])
> +AT_SKIP_IF([test $HAVE_SCAPY = no])
> +ovn_start
> +
> +net_add n
> +sim_add
ts_name = t_sw->name;
> icnbrec_transit_switch_index_destroy_row(key);
> routes_ad = shash_find_data(routes_ad_by_ts, ts_name);
> if (!routes_ad) {
> --
> 2.31.1
>
> ___
> dev mailing list
> d...@openvswitc
-- lsp-set-options $lsp router-port=$lrp
>
> ovn_as az2
> +OVS_WAIT_UNTIL([ovn-nbctl show | grep switch | grep ts1])
> for i in 1 2; do
> lr=lr2$i
> ovn-nbctl lr-add $lr
> @@ -1242,7 +1250,7 @@ ovn_as az2 ovn-nbctl lrp-add lr21 lrp-lr21
> aa:aa:aa:aa:bc:01 "192.168.1.1/24"
2 ext2 65 # belong to 192.168.10.64/26
> +
> +OVS_WAIT_UNTIL([ovn-sbctl list mac_binding | grep -q "192.168.10.10"])
> +OVS_WAIT_UNTIL([ovn-sbctl list mac_binding | grep -q "192.168.10.20"])
> +OVS_WAIT_UNTIL([ovn-sbctl list mac_binding | grep -q "192.168.10.65
> ovn_start
>
> net_add n1
> @@ -30047,6 +30056,7 @@ AT_CLEANUP
> # It is to cover a corner case when flows are re-processed in the I-P
> # iteration, combined with the scenario of conflicting ACLs.
> AT_SETUP([conflict ACLs with address set])
> +TAG_UNSTABLE
> ovn_st
options:router-port=lr-ls \
> + addresses=router \
> + -- lrp-set-gateway-chassis lr-ls hv1
> +
> +sleep_controller hv1
> +
> +check ovn-nbctl --wait=sb set Logical_Switch ls
> other_config:requested-tnl-key=1000
> +check ovn-nbctl --wait=sb ls-del l
On Sat, Nov 4, 2023 at 5:45 AM Han Zhou wrote:
>
>
> On Fri, Nov 3, 2023 at 1:08 AM Ales Musil wrote:
> >
> >
> >
> > On Tue, Oct 24, 2023 at 9:36 PM Han Zhou wrote:
> >>
> >> Enhance MAC_Binding aging to allow CIDR-based threshold configurat
this issue use outport IP address as source instead
of the inport one for the ICMP error message. This will
lead to SNAT for the packet which will result in correct
addresses on the sw1 side.
Reported-at: https://issues.redhat.com/browse/FDP-39
Signed-off-by: Ales Musil
---
northd/northd.c
vn-k8s-cni-overlay
> --
> 2.39.3
>
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
Looks good to me, thanks!
Acked-by: Ales Musil
--
Ales Musil
Senior Software Engineer
On Wed, Sep 20, 2023 at 8:21 AM Ales Musil wrote:
> Considering following topology:
> client - sw0 - lrp0 - lr - lrp1 - sw1 - server
> sw0 in subnet 192.168.0.0/24
> sw1 in subnet 172.168.0.0/24
> SNAT configured for sw0 subnet
> gateway_mtu=1400 configured for lrp0
>
>
To avoid any warning spam in the northd.log remove
the "hosting-chassis" status only if it was previously
specified.
Fixes: 19164b030404 ("Expose distributed gateway port information in NB DB")
Reported-at: https://issues.redhat.com/browse/FDP-54
Signed-off-by: Ales Musil
On Thu, Sep 28, 2023 at 9:35 AM Simon Horman wrote:
> On Tue, Sep 26, 2023 at 12:03:51PM +0200, Ales Musil wrote:
> > Progpagate the CT limit that is present in the DB into
> > datapath. The limit is currently only propagated on change
> > and can be overwritten
Progpagate the CT limit that is present in the DB into
datapath. The limit is currently only propagated on change
and can be overwritten by the dpctl commands.
Signed-off-by: Ales Musil
Acked-by: Simon Horman
---
v3: Rebase on top of current master.
Add ack from Simon and fix the missing
Enforce the CT limit protection, it ensures that
any CT limit value that was set by forced operation,
currently the DB CT limit, will be protected against
overwrite from other sources, e.g. the dpctl command.
Signed-off-by: Ales Musil
Acked-by: Simon Horman
---
v3: Rebase on top of current
Add limit to the CT zone DB table with ovs-vsctl
helper methods. The limit has two special values
besides any number, 0 is unlimited and empty limit
is to leave the value untouched in the datapath.
This is preparation step and the value is not yet
propagated to the datapath.
Signed-off-by: Ales
The series exposes CT limit via DB, adding
user friendly ovs-vsctl interface. The DB value
has priority before the dpctl interface, this is
achieved by storing which CT limit is protected.
The dpctl will return an error if the limit is
already set in DB for that zone.
Ales Musil (3):
ovs-vsctl
l command line tools with
option to specify those two matching parameters for the "ct-flush"
command.
Reported-at: https://issues.redhat.com/browse/FDP-55
Signed-off-by: Ales Musil
---
include/openflow/nicira-ext.h | 4 +
include/openvswitch/ofp-ct.h | 14 ++-
lib/ct-dpif.c
Add helper methods that allow us to store and parse the
ovs_u128 type.
Signed-off-by: Ales Musil
---
include/openvswitch/ofp-prop.h | 3 +++
lib/ofp-prop.c | 30 ++
2 files changed, 33 insertions(+)
diff --git a/include/openvswitch/ofp-prop.h b
On Tue, Oct 3, 2023 at 10:14 AM Simon Horman wrote:
> On Tue, Oct 03, 2023 at 07:56:30AM +0200, Ales Musil wrote:
> > Extend the current NX_CT_FLUSH with four additional fields,
> > that allow to match on CT entry "mark" or "labels". This
> > is encoded
Add limit to the CT zone DB table with ovs-vsctl
helper methods. The limit has two special values
besides any number, 0 is unlimited and empty limit
is to leave the value untouched in the datapath.
This is preparation step and the value is not yet
propagated to the datapath.
Signed-off-by: Ales
The series exposes CT limit via DB, adding
user friendly ovs-vsctl interface. The DB value
has priority before the dpctl interface, this is
achieved by storing which CT limit is protected.
The dpctl will return an error if the limit is
already set in DB for that zone.
Ales Musil (3):
ovs-vsctl
Enforce the CT limit protection, it ensures that
any CT limit value that was set by forced operation,
currently the DB CT limit, will be protected against
overwrite from other sources, e.g. the dpctl command.
Signed-off-by: Ales Musil
---
lib/conntrack.c | 51
Progpagate the CT limit that is present in the DB into
datapath. The limit is currently only propagated on change
and can be overwritten by the dpctl commands.
Signed-off-by: Ales Musil
---
ofproto/ofproto-dpif.c | 39
ofproto/ofproto-dpif.h | 5
s the wait was
taking ~2 second. As a bonus it speeds up the system-tests
execution by ~2 minutes.
Signed-off-by: Ales Musil
---
tests/system-common-macros.at | 5 +-
tests/system-ovn-kmod.at | 12 +--
tests/system-ovn.at | 136 +++---
3 files changed, 49
@@ -365,6 +365,7 @@ const struct ovn_datapath *northd_get_datapath_for_port(
> const struct hmap *ls_ports, const char *port_name);
> void sync_lbs(struct ovsdb_idl_txn *, const struct sbrec_load_balancer_table
> *,
> struct ovn_datapaths *ls_datapaths, struct hmap *
Add helper methods that allow us to store and parse the
ovs_u128 type.
Signed-off-by: Ales Musil
---
v2: Add missing ofpprop_parse_be128() function.
---
include/openvswitch/ofp-prop.h | 5
lib/ofp-prop.c | 44 ++
2 files changed, 49
l command line tools with
option to specify those two matching parameters for the "ct-flush"
command.
Reported-at: https://issues.redhat.com/browse/FDP-55
Signed-off-by: Ales Musil
---
v2: Make sure that the mask decoding matches the dpctl/ovs-ofctl interface.
---
include/openflow
In order to make the command extensible unify the arguments
parsing into single function. This will be later on used
for the mark and labels arguments.
Signed-off-by: Ales Musil
---
include/openvswitch/ofp-ct.h | 5 ++--
lib/dpctl.c | 41 ---
lib
;
> This series tries to address both problems. In an ideal world
> ovn-kubernetes would also use tagged releases allowing us to pin
> the ovn-kubernetes version we're testing against to the latest
> stable version. That's not the case currently though.
>
> Ales Musil (2):
>
On Wed, Oct 4, 2023 at 8:45 AM Ales Musil wrote:
> In order to make the command extensible unify the arguments
> parsing into single function. This will be later on used
> for the mark and labels arguments.
>
> Signed-off-by: Ales Musil
> ---
> include/openvswitch/ofp-
On Tue, Oct 3, 2023 at 3:01 PM Ilya Maximets wrote:
>
> On 10/3/23 07:56, Ales Musil wrote:
> > Add helper methods that allow us to store and parse the
> > ovs_u128 type.
> >
> > Signed-off-by: Ales Musil
> > ---
> > include/openvswit
On Tue, Oct 3, 2023 at 3:40 PM Ilya Maximets wrote:
> On 10/3/23 07:56, Ales Musil wrote:
> > Extend the current NX_CT_FLUSH with four additional fields,
> > that allow to match on CT entry "mark" or "labels". This
> > is encoded as separate TLV values w
On Tue, Oct 3, 2023 at 2:28 PM Ilya Maximets wrote:
> On 10/3/23 10:33, Simon Horman wrote:
> > On Tue, Oct 03, 2023 at 10:18:45AM +0200, Ales Musil wrote:
> >> On Tue, Oct 3, 2023 at 10:14 AM Simon Horman wrote:
> >>
> >>> On Tue, Oct 03, 202
t; +AT_CLEANUP
> +])
> diff --git a/tests/ovn.at b/tests/ovn.at
> index dfe535f36..5658918cf 100644
> --- a/tests/ovn.at
> +++ b/tests/ovn.at
> @@ -36996,3 +36996,57 @@ AT_CHECK([grep -c "NXT_CT_FLUSH_ZONE"
> hv1/ovs-vswitchd.log], [0], [dnl
> OVN_CLEANUP
rver.py:10:1: F401 'socket.*' imported but unused
tests/scapy-server.py:10:21: E261 at least two spaces before inline comment
tests/scapy-server.py:10:22: E262 inline comment should start with '# '
> from scapy.all import * # noqa: F401,F403
> from scapy.all import raw
&
On Thu, Oct 5, 2023 at 2:49 PM Aaron Conole wrote:
> Ales Musil writes:
>
> > Progpagate the CT limit that is present in the DB into
> > datapath. The limit is currently only propagated on change
> > and can be overwritten by the dpctl commands.
> >
> >
On Thu, Oct 5, 2023 at 8:49 PM Ilya Maximets wrote:
> On 10/2/23 12:33, Ales Musil wrote:
> > Enforce the CT limit protection, it ensures that
> > any CT limit value that was set by forced operation,
> > currently the DB CT limit, will be protected against
> > overwr
-controller
and northd, so it can be easily extended as needed.
This is inspired by OvS commit that was solving similar issue:
24520a401e06 ("vswitchd: Wait for a bridge exit before replying to exit
unixctl.")
Signed-off-by: Ales Musil
---
controller/ovn-control
On Mon, Oct 16, 2023 at 9:09 PM Ilya Maximets wrote:
> On 10/10/23 16:12, Ales Musil wrote:
> > Add limit to the CT zone DB table with ovs-vsctl
> > helper methods. The limit has two special values
> > besides any number, 0 is unlimited and empty limit
> > is t
1 - 100 of 1438 matches
Mail list logo