Jesse Gross [Tue, 12 Mar 2013 18:34:29 +0000 (11:34 -0700)]
datapath: Check for Centos 6.4 backports.
Centos 6.4 backported a number of additional functions so our existing
versions started causing conflicts.
Reported-by: Denis Iskandarov <d.iskandarov@gmail.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Tue, 12 Mar 2013 19:36:03 +0000 (12:36 -0700)]
datapath: Reduce loop limit by one to 4.
We currently allow five trips through the kernel datapath
before dropping the packet to protect the stack. However, there
have been a few reports recently involving tunneling that this is
still too much. Although it's not a complete solution, this reduces
the limit by one to balance safety in common situations with
flexibility.
Bug #15477
Reported-by: Paul Ingram <paul@nicira.com>
Reported-by: 謝秉融 <faithfulman@gmail.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Ben Pfaff [Fri, 18 Jan 2013 23:17:15 +0000 (15:17 -0800)]
connmgr: Fix memory leak in ofconn monitor table.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 24 Jan 2013 19:33:35 +0000 (11:33 -0800)]
ovsdb: Fix memory leak.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Jesse Gross [Wed, 6 Mar 2013 08:10:01 +0000 (00:10 -0800)]
datapath: Fix circular dependency between bug.h and kernel.h.
In Linux 3.4 the definition for BUILD_BUG_ON_NOT_POWER_OF_2 was
moved from kernel.h to bug.h. On various kernels these header
files include each other in various orders (often through a
long chain of other header files), which can create circular
dependency issues. Since we not longer need this definition,
this simply removes the backport.
Reported-by: Palo Andi <andi@dis.uniroma1.it>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Conflicts:
datapath/linux/Modules.mk
Ben Pfaff [Tue, 26 Feb 2013 20:35:40 +0000 (12:35 -0800)]
netdev-linux: Fix netdev_linux_send() return value in corner case.
A negative 'sock' means there was an error but netdev_linux_send() returns
a positive errno value on error.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Wed, 27 Feb 2013 07:12:16 +0000 (16:12 +0900)]
nx-match: Correct writing of value and length in set_field_to_ofast()
ofpbuf_put_* may reallocate the underlying buffer of the ofpbuf and
thus writing data after a ofpbuf_put_* call must write to memory
relative to the pointer returned by the call.
Prior to this change the length and trailing value would not be written to
the set_field action if ofpbuf_put_* may reallocated the underlying buffer.
Also make use of ofpbuf_put_zero() to avoid calling memset() directly.
Tested-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Tue, 26 Feb 2013 19:24:20 +0000 (11:24 -0800)]
Set dates for 1.9.0 release.
This also sets the dates for 1.8.0, even though it was an internal-only
release.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Cong Wang [Sat, 23 Feb 2013 03:22:41 +0000 (19:22 -0800)]
datapath: fix the calculation of checksum for vlan header
In vlan_insert_tag(), we insert a 4-byte VLAN header _after_
mac header:
memmove(skb->data, skb->data + VLAN_HLEN, 2 * ETH_ALEN);
...
veth->h_vlan_proto = htons(ETH_P_8021Q);
...
veth->h_vlan_TCI = htons(vlan_tci);
so after it, we should recompute the checksum to include these 4 bytes.
skb->data still points to the mac header, therefore VLAN header is at
(2 * ETH_ALEN = 12) bytes after it, not (ETH_HLEN = 14) bytes.
This can also be observed via tcpdump:
0x0000: ffff ffff ffff 5254 005d 6f6e 8100 000a
0x0010: 0806 0001 0800 0604 0001 5254 005d 6f6e
0x0020: c0a8 026e 0000 0000 0000 c0a8 0282
Similar for __pop_vlan_tci(), the vlan header we remove is the one
overwritten in:
memmove(skb->data + VLAN_HLEN, skb->data, 2 * ETH_ALEN);
Therefore the VLAN_HLEN = 4 bytes after 2 * ETH_ALEN is the part
we want to sub from checksum.
Cc: David S. Miller <davem@davemloft.net>
Cc: Jesse Gross <jesse@nicira.com>
Signed-off-by: Cong Wang <amwang@redhat.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 12 Feb 2013 23:49:12 +0000 (15:49 -0800)]
ofp-msgs: ensure that l2 is set in ofpmp_reserve()
Ensure that the buffer returned by ofpmp_reserve() has buf->l2 set
as this may be required by nxm_reg_load_to_nxast() when generating
the reply to an stats request
This problem was observed when dumping a large number of flows
with set_field actions using ovs-ofctl dump-flows.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Co-authored-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Simon Horman <horms@verge.net.au>
Rich Lane [Fri, 8 Feb 2013 17:11:28 +0000 (09:11 -0800)]
datapath: Fix ovs_vport_cmd_del return value on success
If the pointer does not represent an error then the PTR_ERR macro may still
return a nonzero value. The fix is the same as in ovs_vport_cmd_set.
Signed-off-by: Rich Lane <rlane@bigswitch.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Justin Pettit [Tue, 5 Feb 2013 08:02:16 +0000 (00:02 -0800)]
NEWS: Rearrange announcements related to 1.9.
Suggested-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Jesse Gross [Fri, 1 Feb 2013 23:34:10 +0000 (15:34 -0800)]
tunneling: Don't send ICMP messages if no tunnel port is found.
Some tunnel code in OVS (for example, CAPWAP) uses the skb->cb to
store information while processing packets. However, if we don't
find an appropriate tunnel port on receive, then we send an ICMP
port unreachable message, which calls back into the IP stack. The
stack assumes that skb->cb will still contain valid information
about from the IP layer, including any IP options. As a result,
icmp_echo_options() can read the garbage values from OVS and
overwrite data on the stack, panicing the machine.
This simply stops sending ICMP messages when ports are not found.
Many people find them confusing and flow based tunneling will
never send them (since it always finds a port) so it solves both
problems at once.
Bug #14880
Reported-by: Deepesh Govindan <dgovindan@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Conflicts:
datapath/vport-vxlan.c
Justin Pettit [Fri, 1 Feb 2013 08:11:32 +0000 (00:11 -0800)]
ofp-parse: Ignore "idle_age" and "hard_age" when parsing a flow string.
It should be possible to feed to output of "ovs-ofctl dump-flows" to
"ovs-ofctl add-flows". However, some of the metadata needs to be
ignored. "idle_age" and "hard_age" was recently added to the output of
"ovs-ofctl dump-flows", but they were not ignored like the other
metadata. This commit ignores them.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Thu, 24 Jan 2013 22:23:45 +0000 (14:23 -0800)]
ovsdb-tool: Fix memory leak on error path in "show-log" implementation.
Found by Coverity.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 24 Jan 2013 22:19:20 +0000 (14:19 -0800)]
ovsdb-idl: Fix memory leak on error path.
Found by Coverity.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 24 Jan 2013 21:41:10 +0000 (13:41 -0800)]
meta-flow: Add missing "break" to mf_set_wild().
Found by Coverity.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Thu, 24 Jan 2013 21:39:23 +0000 (13:39 -0800)]
meta-flow: Avoid null pointer dereference in mf_format_frag_string().
The 'maskp' parameter to this function can be NULL, but the function
always dereferenced it. This commit fixes the problem.
This commit also fixes the order in which the value and mask were adjusted
to correctly discard 1-bits outside of FLOW_NW_FRAG_MASK.
Found by Coverity.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Justin Pettit [Sat, 26 Jan 2013 02:12:01 +0000 (18:12 -0800)]
worker: Don't have worker abort when parent dies.
Depending on how forcefully the parent process is killed, the worker
could abort when trying to read or write on their shared socket. This
changes those errors from VLOG_ABORT to VLOG_FATAL so that a core isn't
generated.
Bug #14821
Reported-by: Amey Bhide <abhide@nicira.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Fri, 25 Jan 2013 23:07:36 +0000 (15:07 -0800)]
ofproto: Properly refresh rule modified time when nothing else changes.
In Open vSwitch, a "modify" or "modify_strict" flow_mod is supposed to
refresh the flow's last-modified time even if nothing else changes, because
this interpretation makes the "learn" action more useful. As commit
308881afb (ofproto: Reinterpret meaning of OpenFlow hard timeouts with
OFPFC_MODIFY.) notes:
I finally found a good use for hard timeouts in OpenFlow, but they
require a slight reinterpretation of the meaning of hard timeouts.
Until now, a hard timeout meant that a flow would be removed the
specified number of seconds after a flow was created. Intervening
modifications with OFPFC_MODIFY(_STRICT) had no effect on the hard
timeout; the flow would still be deleted the specified number of
seconds after its original creation.
This commit changes the effect of OFPFC_MODIFY(_STRICT). Now,
modifying a flow resets its hard timeout counter. A flow will time out
the specified number of seconds after creation or after the last time
it is modified, whichever comes later.
However, commit
080437614b (ofproto: Represent flow cookie changes as
operations too.) broke this behavior because it incorrectly optimized out
"modify" operations that didn't change the flow's actions or flow cookie.
This commit fixes the problem, and adds a test to prevent future
regression.
Thanks to Amar Padmanabhan <amar@nicira.com> for helping to track this
down.
Bug #14841.
Reported-by: Hiroshi Tanaka <htanaka@vmware.com>
CC: Amar Padmanabhan <amar@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Sat, 26 Jan 2013 02:09:07 +0000 (18:09 -0800)]
datapath: Clear struct ovs_key_ipv4_tunnel padding.
Following patch memset ovs_key_ipv4_tunnel padding area so that
packets from a flow would be mapped to same flow in kernel datapath
flow table.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #14843
Thomas Graf [Fri, 25 Jan 2013 19:13:55 +0000 (20:13 +0100)]
linux: Increase accuracy of ingress_policing_rate at low rates
The current method of calculating the ingress policer rate
can lead to inaccuracy if ingress_policing_rate is set to
a smallish values because the rate is divided by 8 first
which causes rounding errors.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Graf [Fri, 25 Jan 2013 16:31:56 +0000 (17:31 +0100)]
rhel: Add OVSREQUIRES to automatically bring up OpenFlow interface dependencies
The use of OpenFlow controllers may require for a subset of
the network (typically the management network intrerface) to be
brought up before the openvswitch service is started.
The newly introduced key "OVSREQUIRES" allows to specify a
list of interfaces that need the be brought up before the
openvswitch service is autostarted. It is also possible to
build a chain of bridge dependencies.
TYPE=OVSBridge
OVSREQURIES="em1"
[...]
A special UPPEDSTACK var that is passed along avoids getting
lost in dependency loops.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Graf [Fri, 25 Jan 2013 14:06:57 +0000 (15:06 +0100)]
rhel: Automatically start openvswitch service before bringing an ovs interface up or down
This patch modifies the ifup/ifdown scripts to automatically
start the openvswitch service before ovs-vsctl is invoked thus
not making it mandatory to auto-start openvswitch on boot.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Fri, 25 Jan 2013 22:29:41 +0000 (14:29 -0800)]
dpif-linux: Report dropped lost messages at WARN level.
Messages about packets being lost are logged at level WARN, but when
they were generated at a high rate, those consolidated messages were
logged at ERR. This changes to consolidated messages to be logged at
WARN, too.
Thanks to Ben Pfaff for quickly suggesting the culprit.
Bug #14783
Reported-by: James Schmidt <jschmidt@nicira.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Thu, 24 Jan 2013 20:27:53 +0000 (12:27 -0800)]
ovsdb: Fix double-free in ovsdb_jsonrpc_session_close().
ovsdb_session_destroy() was called twice but it should only be called once.
This double-free is unlikely to cause problems in practice because it only
triggers if there were ever more than two outstanding requests in the
session at a time (because the only data being freed is an hmap, which
does not allocate any heap memory unless the hmap has more than two
elements).
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 14 Dec 2012 21:43:54 +0000 (13:43 -0800)]
hash: Correct implementation of mhash_finish().
With rotates instead of shifts, the upper and lower 16 bits of the returned
hash are always the same.
I noticed this while working on replacing Jenkins hash by murmurhash,
because some of the database unit tests started failing, e.g. "row
hashing (scalars)".
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Jesse Gross [Mon, 21 Jan 2013 11:59:17 +0000 (03:59 -0800)]
datapath: Return correct error code when dumping flow actions.
Currently, if there isn't enough space to store the actions in a
flow during a dump we return -ENOMEM. However, the standard error
in this situation is -EMSGSIZE so this changes the behavior to match.
This issue was introduced in
354d4c98a8cdaae3525848f564e58a9016bcd3af
(datapath: Fix nelink attribute size for flow.).
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 21 Jan 2013 11:59:16 +0000 (03:59 -0800)]
datapath: Don't dump partial action lists in flows.
After commit
9b405f1aa8d175dc63ad3ffe5d0fe05d5ee09162 (datapath: More
flexible kernel/userspace tunneling attribute.), it was possible for a
flow dump to return a partial action list. It's better to return no
action list at all in this situation since then userspace will know
that it should request the full thing if it wants rather than have
incorrect results. Therefore, this prevents those partial lists in
situations where we have a very large number of actions.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Mon, 21 Jan 2013 13:23:32 +0000 (05:23 -0800)]
Revert "datapath: Avoid null deref when GSO is for verifying header integrity only."
This reverts commit
00c7faf3e5b7d4020e995a1429cf94313f197171.
In general, it should not be possible have a NULL return value from
skb_gso_segment() since we're not actually trying to verify the
header integrity. No other callers with similar needs have NULL
checks. The actual cause of the problem was LRO packets, which
OVS isn't equipped to handle. The commit
33e031e99cc630baf1b0cb9256710dee7d9ab66d (datapath: Move LRO check
from transmit to receive.) solves that problem by fixing the LRO
check. In order to avoid possibly masking any other problems, this
reverts the GSO check which should no longer be needed.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Mon, 21 Jan 2013 13:13:32 +0000 (05:13 -0800)]
datapath: Move LRO check from transmit to receive.
Commit
24b019f808211a95078efd916064af0975ca5733 (datapath: Disable
LRO from userspace instead of the kernel.) accidentally moved the
check for LRO packets from the receive path to transmit. Since
this check is supposed to protect OVS (and other parts of the system)
from packets that it cannot handle it is obviously not useful on
egress. Therefore, this commit moves it back to the receive side.
The primary problem that this caused is upcalls to userspace tried
to segment the packet even though no segmentation information is
available. This would later cause NULL pointer dereferences when
skb_gso_segment() did nothing.
Bug #14772
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 21 Jan 2013 22:29:15 +0000 (14:29 -0800)]
datapath: Avoid null deref when GSO is for verifying header integrity only.
skb_gso_segment() has the following comment:
* It may return NULL if the skb requires no segmentation. This is
* only possible when GSO is used for verifying header integrity.
Somehow queue_gso_packets() has never hit this case before, but some
failures have suddenly been reported. This commit should fix the problem.
Additional commentary by Jesse: We shouldn't normally be hitting this case
because we're actually trying to do GSO, not header validation. However, I
guess the guest/backend must be generating a packet with an MSS, which
tricks us into thinking that it's GSO, but no GSO is actually requested.
In the case of the bridge, header validation does take place so the
situation is handled already. It seems not ideal that the network backend
doesn't sanitize these packets but it's probably good that we handle
it in any case.
Bug #14772.
Reported-by: Deepesh Govindan <dgovindan@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Mon, 21 Jan 2013 07:15:07 +0000 (23:15 -0800)]
datapath: Fix nelink attribute size for flow.
Following patch fixes flow buffer size calculation to allocate
sufficient memory for all nested attributes in new tunnel
attribute.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Bug #14767
Pravin B Shelar [Mon, 21 Jan 2013 07:14:36 +0000 (23:14 -0800)]
datapath: Fix Flow dump operation.
Following patch adds null check while inserting new netlink attribute.
This was introduced by commit
9b405f1aa8d175d (datapath: More
flexible kernel/userspace tunneling attribute.)
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Bug #14767
Pravin B Shelar [Sat, 19 Jan 2013 02:03:15 +0000 (18:03 -0800)]
datapath: More flexible kernel/userspace tunneling attribute.
Following patch breaks down single ipv4_tunnel netlink attribute into
individual member attributes. It will help when we extend tunneling
parameters in future.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #14611
James Page [Wed, 16 Jan 2013 11:19:21 +0000 (11:19 +0000)]
datapath: support Linux 3.8 kernel
Add Linux 3.8 kernel to the range of supported kernel versions.
Signed-off-by: James Page <james.page@ubuntu.com>
[jesse: Update NEWS and FAQ]
Signed-off-by: Jesse Gross <jesse@nicira.com>
Conflicts:
FAQ
Isaku Yamahata [Fri, 7 Dec 2012 03:37:02 +0000 (12:37 +0900)]
linux/Makefile.main.in, acinclude: preparation for linux 3.7.0+
The version.h is moved from include/linux/version.h to
include/generated/uapi/linux/version.h.
So check both pathes.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Fri, 11 Jan 2013 01:22:24 +0000 (17:22 -0800)]
worker: Do not use poll_block() in worker_send_iovec().
The following call stack was possible:
poll_block()
-> vlog
-> worker_send_iovec()
-> poll_block()
which caused corruption because poll_block() is not reentrant.
Bug #14616.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 11 Jan 2013 01:14:03 +0000 (17:14 -0800)]
vlog: Avoid calling worker_request() reentrantly.
The following call stack was possible:
vlog
-> worker_request()
-> poll_block()
-> vlog
-> worker_request()
which caused problems because worker_request() is not reentrant. In a
little more detail, the second worker_request() shoves its RPC protocol
data into the middle of the first. This means that, first, you get
some binary crud in the log (the header for the second RPC). And,
second, text from the first RPC log message gets treated by the worker
as the subsequent RPC's header. That, in turn, typically causes the
worker to try to xmalloc() a huge number of bytes (0x20000000 or more,
since "space" has ASCII value 0x20), which causes the worker to die
with "virtual memory exhausted". The main process then dies because
the worker's death closes the socket it uses to communicate with it
("connection reset").
Bug #14616.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Wed, 26 Dec 2012 20:32:34 +0000 (12:32 -0800)]
ofproto-dpif-governor: Fix small memory leak.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 21 Dec 2012 22:11:29 +0000 (14:11 -0800)]
ofp-util: Fix uninitialized bytes in OF1.0 and OF1.1 table stats replies.
Also, use ovs_strlcpy() instead of strcpy() just to be a teensy bit safer.
Found by valgrind.
Bug #14357.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 21 Dec 2012 22:01:43 +0000 (14:01 -0800)]
meta-flow: Fix uninitialized data parsing tnl_flags in mf_parse().
Also, add an assertion that the field is the expected size.
This bug was introduced in commit
2fdf762a006f (vswitchd: Log all tunnel
parameters of given flow.)
Found by valgrind.
Bug #14357.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ben Pfaff [Fri, 4 Jan 2013 21:48:19 +0000 (13:48 -0800)]
rconn: Avoid memory leak in rconn_send_with_limit() on queue overflow.
Bug #14357.
Reported-by: Luca Giraudo <lgiraudo@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Sat, 29 Dec 2012 06:58:40 +0000 (08:58 +0200)]
Make OVS_TUNNEL_ATTR_DST_IPV4 optional to allow configuration of null_ports.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
[jesse: correct return type of get_u32_or_zero()]
Signed-off-by: Jesse Gross <jesse@nicira.com>
Conflicts:
datapath/tunnel.c
include/openvswitch/tunnel.h
lib/netdev-vport.c
Jesse Gross [Mon, 31 Dec 2012 20:28:41 +0000 (12:28 -0800)]
datapath: Initialize tunnel_key pad member.
When a packet is received on a tunnel the pad member is currently
left uninitialized. This didn't previously cause problems because
userspace didn't interprete the IPV4_TUNNEL attribute and blindly
copied back the uninitialized data. However, now that userspace
knows how to serialize this attribute it was zeroing it out, which
prevented flows that had been previously installed from being
deleted. In addition to zeroing out the padding on packet reception,
it also does the same thing on flow setup since we should be ignoring
the value.
Reported-by: Anand Krishnamurthy <krishnamurt4@wisc.edu>
Reported-by: Saul St. John <sstjohn@cs.wisc.edu>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Conflicts:
datapath/flow.c
Pravin B Shelar [Thu, 27 Dec 2012 21:30:59 +0000 (13:30 -0800)]
brcompat: Mark ovs-brcompat as deprecated.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
bug #14341
Ben Pfaff [Wed, 26 Dec 2012 20:45:34 +0000 (12:45 -0800)]
ovs-ctl: Exit, instead of resuming, after handling fatal signals.
When I wrote the "trap" calls in ovs-ctl, I had the mistaken notion that
"trap $cmd $signal" would execute $cmd and then exit when $signal was
caught. This is incorrect. Instead, it executes $cmd and then resumes
executing the shell script.
On the other hand, "trap $cmd 0" does by itself what I wanted: it causes
the shell to execute $cmd and then exits due to the signal. So this commit
changes the offending traps to use this form.
Bug #14290.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Isaku Yamahata [Wed, 19 Dec 2012 08:43:10 +0000 (17:43 +0900)]
datapath: linux2.7 s/pid/portid/g
the following up of
15e473046cb6e5d18a4d0057e61d76315230382b
This patch replaces pid with portid under datapath/linux/compat
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Isaku Yamahata [Wed, 19 Dec 2012 08:43:09 +0000 (17:43 +0900)]
datapath: support Linux 3.7
datapath: backport
15e473046cb6e5d18a4d0057e61d76315230382b
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
[jesse: fix kernel version in error message]
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 18 Dec 2012 23:54:29 +0000 (15:54 -0800)]
meta-flow: Correctly byteswap skb_priority/skb_mark for mf_value.
Fixes the following sparse warnings:
meta-flow.c:947:21: warning: incorrect type in assignment (different base types)
meta-flow.c:947:21: expected restricted __be32 [usertype] be32
meta-flow.c:947:21: got unsigned int const [unsigned] [usertype] skb_priority
meta-flow.c:951:21: warning: incorrect type in assignment (different base types)
meta-flow.c:951:21: expected restricted __be32 [usertype] be32
meta-flow.c:951:21: got unsigned int const [unsigned] [usertype] skb_mark
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ansis Atteka [Thu, 29 Nov 2012 22:36:49 +0000 (14:36 -0800)]
vswitchd: log skb_mark and skb_priority
This patch adds logging support for skb_mark and skb_priority.
Acked-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Conflicts:
lib/ofp-util.c
tests/ofproto-dpif.at
Ben Pfaff [Tue, 18 Dec 2012 17:45:02 +0000 (09:45 -0800)]
meta-flow: Fix and simplify mf_get_mask().
This function can be implemented as a trivial wrapper around
mf_get_value(), which I hadn't noticed before, so it's better to do it
that way. Also, examining the code that is removed, it had some bugs in
it (for example, all MFF_TUN_* fields were treated as if they were
MFF_TUN_ID) which mf_get_value() does not have, so this fixes bugs too.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Mon, 17 Dec 2012 20:07:07 +0000 (12:07 -0800)]
datapath: Zero out key when looking up null ports.
When we are searching for a tunnel port to receive traffic on,
everything should be zeroed out by the time that we get to null
ports since they are wildcarded. However, if certain other ports
also exist (primarily multicast ports with keys) then this might
not be the case and the key can be set.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Justin Pettit [Fri, 14 Dec 2012 00:22:55 +0000 (16:22 -0800)]
meta-flow: Don't allow negative port numbers.
If a negative number is supplied, the parsing code used to convert it
into a signed one. We ran into an incident where a third-party script
was attempting to get the OpenFlow port number for an interface, but got
-1 from the database, since the number had not yet been assigned. This
was converted to 65535, which maps to OFPP_NONE and all flows with
ingress port OFPP_NONE were modified. This commit disallows negative
port numbers to help prevent broken integration scripts from disturbing
the flow table.
Issue #14036
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Justin Pettit [Thu, 13 Dec 2012 22:41:36 +0000 (14:41 -0800)]
ofp-util: Fix typo in invalid port range error message.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Thu, 13 Dec 2012 22:01:23 +0000 (14:01 -0800)]
daemon: Start monitor process, not daemon process, in new session.
To keep control+C and other signals in the initiating session from killing
the monitor process, we need to put the monitor process into its own
session. However, until this point, we've only done that for the daemon
processes that the monitor started, which means that control+C would kill
the monitor but not the daemons that it launched.
I don't know of a benefit to putting the monitor and daemon processes in
different sessions, as opposed to one new session for both of them, so
this change does the latter.
daemonize_post_detach() is called from one additional context where we'd
want to be in a new session, the worker_start() function, but that function
is documented as to be called after daemonize_start(), in which case we
will (after this commit) already have called setsid(), so no additional
change is required there.
Bug #14280.
Reported-by: Gordon Good <ggood@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Sat, 1 Dec 2012 02:58:09 +0000 (18:58 -0800)]
ovs-ctl: Don't run "ovs-save save-flows" on fake bridges.
Previously, ovs-ctl would determine which bridges to run "ovs-save
save-flows" on by running "ovs-vsctl list-br". In addition to real
bridges, that command also returns fake bridges. An error is returned
when "ovs-save save-flows" is run on a fake bridge. By using the newly
added "--real" flag to "ovs-vsctl list-br", we can get rid of that
unnecessary warning.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Justin Pettit [Sat, 1 Dec 2012 02:50:18 +0000 (18:50 -0800)]
ovs-vsctl: Add "--real" and "--fake" options to "list-br".
By default, "ovs-vsctl list-br" returns all bridges, real or fake. This
commit adds "--real" and "--fake" options that limit the output to only
bridges of that type. This will be useful in a future commit that needs
to perform actions only on bridges of a particular type.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Ben Pfaff [Thu, 29 Nov 2012 17:32:28 +0000 (09:32 -0800)]
bond: Fix segfault sending learning packets with LACP disabled.
It is essentially an invalid configuration to disable LACP but request TCP
balancing: in this configuration, the bond drops all packets. But
may_send_learning_packets() would still indicate that learning packets
should be sent, so bond_compose_learning_packet() would try to choose an
output slave for those packets, which would be NULL (because all packets
are dropped), which would cause a segfault upon dereference.
This commit fixes the problem by making may_send_learning_packets() no
longer indicate that learning packets should be sent.
I tested this issue by modifying bond_should_send_learning_packets() to
always return true if may_send_learning_packets() returns true, and then
introducing the invalid configuration described above. Without this comit,
ovs-vswitchd segfaults quickly; with this commit, it does not.
Bug #14090.
Reported-by: Kiran Shanbhog <kiran@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 28 Nov 2012 20:15:49 +0000 (12:15 -0800)]
datapath: Use RCU callback when detaching netdevices.
Currently, each time a device is detached from an OVS datapath
we call synchronize RCU before freeing associated data structures.
However, if a bridge is deleted (which detaches all ports) when
many devices are connected then there can be a long delay. This
switches to use call_rcu() to group the cost together.
Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ansis Atteka [Mon, 26 Nov 2012 23:40:48 +0000 (15:40 -0800)]
flow: use rule priority in match_format() function
The flow_format() function was incorrectly passing skb_priority
to the match_format() function. match_format() function instead
expects rule priority.
This issue was introduced with
aa6c9932f2937fa9a2140ec1737668eb9105b0b5
(Change logging format for flows to that accepted by ofproto/trace).
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Conflicts:
tests/ofp-print.at
tests/ofproto-dpif.at
tests/ofproto.at
Ben Pfaff [Thu, 22 Nov 2012 06:09:55 +0000 (22:09 -0800)]
python/ovs/stream: Fix Stream.connect() retval for incomplete connection.
If the loop condition in Stream.connect() was false, which is especially
likely for TCP connections, then Stream.connect() would return None,
which violates its documented behavior. This commit fixes the problem.
Reported-by: Isaku Yamahata <yamahata@valinux.co.jp>
Tested-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Thu, 22 Nov 2012 03:11:35 +0000 (19:11 -0800)]
vswitchd: Log all tunnel parameters of given flow.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Ansis Atteka [Tue, 13 Nov 2012 17:19:36 +0000 (19:19 +0200)]
datapath: add skb mark matching and set action
This patch adds support for skb mark matching and set action.
Acked-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Conflicts:
datapath/flow.c
lib/dpif-netdev.c
lib/flow.h
lib/odp-util.c
ofproto/ofproto-dpif.c
Ansis Atteka [Tue, 20 Nov 2012 21:40:12 +0000 (13:40 -0800)]
ovs-appctl: fix help message for ofproto/trace command
The usage message for this command was wrong, because it did not
specify priority as one of its arguments.
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Cong Wang [Wed, 14 Nov 2012 12:58:18 +0000 (20:58 +0800)]
ovs-ctl.in: increase the limit of fd
We can't create more than 248 bridges with the current limit 5000,
so increase it to 6000 so that at least 256+ bridges could be created.
Cc: Ben Pfaff <blp@nicira.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Thu, 15 Nov 2012 05:10:54 +0000 (21:10 -0800)]
odp-utils: Print human readable ipv4-tunnel-key flags.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Thu, 15 Nov 2012 05:10:22 +0000 (21:10 -0800)]
odp-utils: Refactor slow_path_reason parse and format functions.
These functions are used in next patch.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Wed, 14 Nov 2012 01:20:22 +0000 (17:20 -0800)]
vswitchd: Fix function prototype of packet_set_ipv6()
Follwoing patch fixes sparse error:
lib/packets.c:643:1: error: symbol 'packet_set_ipv6' redeclared
with different type (originally declared at lib/packets.h:493)
- incompatible argument 6 (different base types)
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Ansis Atteka [Mon, 5 Nov 2012 13:53:32 +0000 (15:53 +0200)]
datapath: add ipv6 'set' action
This patch adds ipv6 set action functionality. It allows to change
traffic class, flow label, hop-limit, ipv6 source and destination
address fields.
Acked-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Ansis Atteka [Wed, 7 Nov 2012 17:14:34 +0000 (19:14 +0200)]
sparse: Add ip6_rthdr struct to the ip6.h
Acked-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Ben Pfaff [Fri, 9 Nov 2012 21:38:19 +0000 (13:38 -0800)]
ofp-msgs: Accept all versions of OpenFlow "hello" messages.
Since the ofp-msgs code was introduced, only "hello" messages for versions
of OpenFlow actually understood (to some extent) by Open vSwitch could be
decoded correctly. This commit corrects that, by making every version of
OpenFlow immutable messages acceptable.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 7 Nov 2012 01:55:43 +0000 (17:55 -0800)]
tunnel: Zero keys if marked as not present.
If a key used to find a port then we mark it as being not present
(previously this was accomplished by setting it to zero). However,
we also still pass the key to userspace which could lead to an
inconsistent state. This also zeros out the key as before in order
to make our reported results consistent.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Jesse Gross [Tue, 6 Nov 2012 21:22:28 +0000 (13:22 -0800)]
datapath: Allow GRE64 to use flow based tunneling.
There's no reason why GRE64 can't be configured using flow based
tunneling. Since that's the direction we are moving, everything
should support that. Once this special casing is removed, it's
possible to unify the tunnel parameter parsing code since both
GRE and CAPWAP are the same.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Jesse Gross [Tue, 6 Nov 2012 20:45:19 +0000 (12:45 -0800)]
datapath: Shorten flow tunneling flags.
The names for the flags used by flow based tunneling are pretty long.
This shortens them a little by removing the word FLOW, which is a
distinction that won't be meaningful in the near future.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Jesse Gross [Mon, 5 Nov 2012 23:47:41 +0000 (15:47 -0800)]
datapath: Don't allow flows installed with only TUN_ID.
Tunnel ports now always include full outer IP information, even if
userspace can't understand it. Since our flows our exact match this
information must also be provided when setting up flows. Since flows
with only OVS_KEY_ATTR_TUN_ID keys don't contain all of this information
they can never be hit and we should just reject them at setup time.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Jesse Gross [Mon, 5 Nov 2012 19:30:35 +0000 (11:30 -0800)]
datapath: Don't write into IPV4_TUNNEL data when using TUN_ID.
When the IPV4_TUNNEL action is executed, a pointer in the skb is
directly assigned the address of the action, which is protected by
RCU. If a TUN_ID action is later executed it will write into the
action, which is not allowed by RCU. This avoids the problem by
making a copy of the data and writing into the copy.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Jesse Gross [Mon, 5 Nov 2012 19:08:47 +0000 (11:08 -0800)]
datapath: Include OVS_KEY_ATTR_IPV4_TUNNEL in upstream range.
During development it was preferable to keep OVS_KEY_ATTR_IPV4_TUNNEL
in the non-upstream range of identifiers to avoid conflicts or
compatibility issues as it evolved. However, since the intention is
to get it upstream, it makes sense to move it down now to avoid issues
with compatibility when upgrading.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Ben Pfaff [Wed, 7 Nov 2012 20:55:53 +0000 (12:55 -0800)]
socket-util: Report fd of -1 on error in inet_open_active().
inet_open_active() is documented to report a fd of -1 when an error occurs.
All three of its callers rely on this, by checking only the fd to determine
whether there was an error. This means that if the call to
set_nonblocking() or set_dscp() or connect() failed, then the callers would
try to use a fd that had already been closed, wreaking havoc.
This fixes a bug introduced in commit
a4efa3fc5d (socket-util: Close socket
on failed dscp modification.)
Bug #13750.
Reported-by: Scott Hendricks <shendricks@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Tue, 6 Nov 2012 02:26:52 +0000 (18:26 -0800)]
netdev-vport: Fix warning due to new GRE type.
This patch fixes the following warning caused by a switch case
which was not handled.
lib/netdev-vport.c:144:5: error: enumeration value
‘OVS_VPORT_TYPE_FT_GRE’ not handled in switch
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Pravin B Shelar [Mon, 5 Nov 2012 23:12:59 +0000 (15:12 -0800)]
datapath: Add missing bug.h file
Commit
51f4701be1 (datapath: Fix sparse warning for symbol
'BUILD_BUG_ON_NOT_POWER_OF_2') missed file bug.h. Commiting it now.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Ansis Atteka [Tue, 6 Nov 2012 15:12:38 +0000 (17:12 +0200)]
datapath: improve ipv6_find_hdr() function for IPv6 'set' action
This patch prepares ipv6_find_hdr() function so that it could be
able to skip routing headers, where segements_left is 0. This is
required for us to handle multiple routing header case correctly.
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Ansis Atteka [Tue, 6 Nov 2012 11:39:58 +0000 (13:39 +0200)]
datapath: Add ipv6_find_hdr() compatibility function.
Implementation of the IPv6 'set' action depends on ipv6_find_exthdr()
function to find routing header. By looking at the routing headers,
it is possible to tell, whether L4 checksums will need to be
recalculated, whenever the destination address is changed in
the main IPv6 header.
This function will need to be customized so that it would skip all
routing headers, where segements_left is equal to 0.
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Jesse Gross [Tue, 30 Oct 2012 23:34:50 +0000 (16:34 -0700)]
datapath: Remove flow refcount functionality.
Header caching previously required the ability to maintain the lifetime
of flows across RCU boundaries. However, now that header caching is
gone we can simplfy the code and make it match the upstream version.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Mon, 5 Nov 2012 22:13:20 +0000 (14:13 -0800)]
datapath: Add support for 3.6 kernel.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Mon, 5 Nov 2012 22:13:02 +0000 (14:13 -0800)]
datapath: Remove tunnel header caching.
Tunnel caching was added to reduce CPU utilization on TX path
by caching packet header, So performance gain is directly proportional
to number of skbs transferred. But with help of offloads skb are getting
larger. So there are less number of skbs. Therefore header caching does
not shows similar gains we seen in past. And now kernel 3.6 has removed
dst caching from networking which makes header caching even more tricky.
So this commit removes header caching from OVS tunnelling.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Mon, 5 Nov 2012 21:41:02 +0000 (13:41 -0800)]
datapath: Fix sparse warning for symbol 'BUILD_BUG_ON_NOT_POWER_OF_2'
BUILD_BUG_ON_NOT_POWER_OF_2 symbol is moved from kernel.h to
bug.h in 3.4. Therefore sparse is giving warning:
include/linux/bug.h:15:9: warning: preprocessor token
BUILD_BUG_ON_NOT_POWER_OF_2 redefined
ovs/datapath/linux/compat/include/linux/kernel.h:44:9:
this was the original definition
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Mon, 5 Nov 2012 21:40:17 +0000 (13:40 -0800)]
netdev: Deprecate CAPWAP support.
The CAPWAP implementation is just the encapsulation format and
therefore really not the full protocol. While there were some
uses of it (primarily hardware support and UDP transport). But
these are most likely better provided by VXLAN. As a result,
CAPWAP will be removed no earlier than February 2013.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Mon, 5 Nov 2012 21:39:00 +0000 (13:39 -0800)]
datapath: enable encap for capwap.
kernel 3.5 added a switch to turn on UDP encap, capwap needs
to enable it.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Pravin B Shelar [Mon, 5 Nov 2012 21:38:34 +0000 (13:38 -0800)]
datapath: Add Upstream id for GRE type.
Once GRE is upstream it will have new type to have continuous sequence
of ids for vport type. Following patch adds this ID to have
compatibility with it.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Mehak Mahajan [Mon, 5 Nov 2012 21:28:25 +0000 (13:28 -0800)]
Process RARP packets with ethertype 0x8035 similar to ARP packets.
With this commit, OVS will match the data in the RARP packets having
ethertype 0x8035, in the same way as the data in the ARP packets.
Signed-off-by: Mehak Mahajan <mmahajan@nicira.com>
Jesse Gross [Thu, 1 Nov 2012 22:50:16 +0000 (15:50 -0700)]
odp: Enable parsing ipv4_tunnel key.
We can format ipv4_tunnel keys from the kernel but can't currently
parse them. Userspace doesn't know how to do anything with this
information but this support enables utilities like ovs-dpctl and
ovs-appctl ofproto/trace to show useful information.
Bug #13785
Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Thu, 1 Nov 2012 20:54:20 +0000 (13:54 -0700)]
Makefile: Allow "make modules_install" to work from top-level directory.
INSTALL recommends running "make modules_install" but it didn't mention
that this has to be done from datapath/linux. This commit makes this work
from the top-level build directory.
(Another solution would be to update INSTALL, but this approach seems a
little easier for the user.)
Signed-off-by: Ben Pfaff <blp@nicira.com>
Ansis Atteka [Mon, 29 Oct 2012 16:12:03 +0000 (18:12 +0200)]
netdev-vport: Warn users that pmtud is deprecated
This is a complementary patch to the other one I sent out previously.
The purpose of it is to make it more obvious that tunnel pmtud is
deprecated and will be removed soon.
Requested-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Ansis Atteka [Mon, 22 Oct 2012 07:04:28 +0000 (10:04 +0300)]
netdev-vport: Disable Path MTU Discovery by default
In near future we will switch to the flow-based tunneling and drop path
MTU discovery support. This patch prepares for that by changing the default
PMTUD value from 'enabled' to 'disabled'.
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Ben Pfaff [Wed, 24 Oct 2012 23:11:38 +0000 (16:11 -0700)]
Prepare for 1.9.0.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Wed, 24 Oct 2012 22:47:59 +0000 (15:47 -0700)]
datapath: Fix zero key tunnels.
Datapath tunneling check for flag OVS_FLOW_TNL_F_KEY is failing,
causing it to drop packet. This only happens on tunnels with
zero key as vswitchd does not generate set-tunnel action. Set
tunnel action sets this flags for given action. To fix this issue
the check is dropped.
Bug #13666
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Mehak Mahajan [Wed, 24 Oct 2012 02:00:02 +0000 (19:00 -0700)]
Allow processing of RARP packets.
With this commit, the datapath will process the ARP header for
RARP packets. It also fixes a bug whereby if the ARP opcode is
something other than ARP request or reply, the key_len is not
adjusted to include ARP info.
Signed-off-by: Mehak Mahajan <mmahajan@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Gurucharan Shetty [Thu, 18 Oct 2012 22:44:37 +0000 (15:44 -0700)]
ovs-ctl.in: Ability to save flows and kernel datapath config.
Add a new command - "restart" to ovs-ctl. Calling this command
will save and restore the Openflow flows on each bridge while
stopping and starting the userspace daemons respectively.
Also, during a force-reload-kmod, save the flows and kernel datapath
configuration. Use the saved datapath configuration while readding
the kernel module and the flows while starting the userspace daemons.
Feature #13555.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Kyle Mestery [Mon, 22 Oct 2012 20:12:43 +0000 (16:12 -0400)]
Update INSTALL.Fedora to mention Fedora 17 instead of Fedora 15
Reflect the fact Fedora RPM support was recently implemented
on Fedora 17 instead of Fedora 15.
Signed-off-by: Kyle Mestery <kmestery@cisco.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>