Most users of OVSDB react to whatever is currently in their view of the
database, as opposed to keeping track of changes and reacting to those
changes individually. The interface to conditional monitoring was
different, in that it expected the client to say what to add or remove from
monitoring instead of what to monitor. This seemed reasonable at the time,
but in practice it turns out that the usual approach actually works better,
because the condition is generally a function of the data visible in the
database. This commit changes the approach.
This commit also changes the meaning of an empty condition for a table.
Previously, an empty condition meant to replicate every row. Now, an empty
condition means to replicate no rows. This is more convenient for code
that gradually constructs conditions, because it does not need special
cases for replicating nothing.
This commit also changes the internal implementation of conditions from
linked lists to arrays. I just couldn't see an advantage to using linked
lists.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Liran Schour <lirans@il.ibm.com>
This sset has always just contained the names of logical ports that are
local to the current hypervisor, but the name 'all_lports' implied that it
contained the name of every logical port.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
Until now, ovn-controller has implemented OVN logical patch ports and
l3gateway ports in terms of OVS patch ports. It is a hassle to create and
destroy ports, and it is also wasteful compared to what the patch ports
actually buy us: the ability to "save and restore" a packet around a
recursive trip through the flow table. The "clone" action can do that too,
without the need to create a port. This commit takes advantage of the
clone action for that purpose, getting rid of most of the patch ports
previously created by ovn-controller.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
These functions will have an additional user in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
On a particular hypervisor, ovn-controller only needs to handle ports
and datapaths that have some relationship with it, that is, the
ports that actually reside on the hypervisor, plus all the other ports on
those ports' datapaths, plus all of the ports and datapaths that are
reachable from those via logical patch ports. Until now, ovn-controller
has done a poor job of limiting what it deals with to this set. This
commit improves the situation.
This commit gets rid of the concept of a "patched_datapath" which until now
was used to represent any datapath that contained a logical patch port.
Previously, the concept of a "local_datapath" meant a datapath with a VIF
that resides on the local hypervisor. This commit extends that concept to
include any other datapath that can be reached from a VIF on the local
hypervisor, which is a simplification that makes the code easier to
understand in a few places.
CC: Gurucharan Shetty <guru@ovn.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
The coding style says to do this.
The actual caller doesn't pass a null pointer.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
It seems like a good idea to check for and warn about all kinds of
duplicates, and to avoid segfaulting if a datapath column is empty.
(However, the database schema should prevent both issues.)
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
This will allow binding_run() to use them in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
This patch adds OpenFlow clone action with syntax as below:
"clone([action][,action...])". The clone() action makes a copy of the
current packet and executes the list of actions against the packet,
without affecting the packet after the "clone(...)" action. In other
word, the packet before the clone() and after the clone() is the same,
no matter what actions executed inside the clone().
Use case 1:
Set different fields and output to different ports without unset
actions=
clone(mod_dl_src:<mac1>, output:1), clone(mod_dl_dst:<mac2>, output:2), output:3
Since each clone() has independent packet, output:1 has only dl_src modified,
output:2 has only dl_dst modified, output:3 has original packet.
Similar to case1
actions=
push_vlan(...), output:2, pop_vlan, push_vlan(...), output:3
can be changed to
actions=
clone(push_vlan(...), output:2),clone(push_vlan(...), output:3)
without having to add pop_vlan.
case 2: resubmit to another table without worrying packet being modified
actions=clone(resubmit(1,2)), ...
Signed-off-by: William Tu <u9012063@gmail.com>
[blp@ovn.org revised this to omit the "sample" action]
Signed-off-by: Ben Pfaff <blp@ovn.org>
A few Open vSwitch extension actions have no fixed arguments but do have
variable-length options that follow the header, and an upcoming commit will
add another such action. There is little value in having individual
structures for these actions, since they all have the same form, so this
commit makes all of them use the existing struct ext_action_header.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
The 'tc' member of struct ovsdb_idl_condition was written but never read,
so remove it.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
IDL tracking has a cost and nothing in ovn-controller was getting any value
for that cost, so disable it.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
In OvsTunnelPortTx() function, for packets coming from the
VIF port, the srcVportNo, srcPortId and srcNicIndex were
getting modified for the original NBL prior to creation
of newNbl. This is not correct since modifying the original
packet's forwarding detail can cause completion issues.
Instead, we should keep the forwarding detail of the original
packet as is, and only update the forwarding detail for the
newNbl.
Signed-off-by: Shashank Ram <rams@vmware.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
On RHEL 7.3, test cases that use vxlan, gre, and geneve tunnels fail because
traffic is blocked by default firewall configuration. This commit detects the
status of firewalld, and skips the tests if firewalld is on.
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
Test cases that use netcat will fail if netcat is not installed. This patch
detects if netcat is present, and skips those test cases if netcat is not there.
Singed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
RHEL 7.3 provides upstream tunnel but it does not support name_assign_type
attribute in net-device. This patch fixes the build problem by backporting
functions with name_assign_type, and using proper flags in acinclude.m4 to
invoke backport functions.
Tested on RHEL 7.3 with kernel 3.10.0-514.el7.x86_64
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
Rework the logo to remove much of the white background and increase
resolution.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This was included only in the contents page.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Reported-by: Russell Bryant <russell@ovn.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Some of the variables were getting re-defined in the function. This causes
compiler warning in Windows SDK 10.
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
The order of the options in the packet generated by ovs-controller
depends on the hash function. I believe that murmur hash (our default)
produces different outputs depending on the endianness of the system.
Also, if SSE4.2 is enabled at build time, we use CRC32 for hashing which
gives different results even on x86.
This causes one unit test to fail on big endian or with SSE4.2:
ovn -- dhcpv4 : 1 HV, 2 LS, 2 LSPs/LS
This commit fixes the problem in ovn-northd by always sorting dhcp
options inside the logical flow put_dhcp(v6)_opts action.
Reported-at: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840770
Suggested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Ben Pfaff <blp@ovn.org>
According to RFC 791, every internet module must be
able to forward a datagram of 68 octets without further
fragmentation. This is because an internet header may
be up to 60 octets, and the minimum fragment is 8 octets.
The maximum size of IP packets is 65535 bytes. The range
of MTU values allowes for the MTU configuration parameter
is 68 to 65535.
Signed-off-by: nickcooper-zhangtonghao <nic@opencloud.tech>
[blp@ovn.org changed this to just a documentation patch]
Signed-off-by: Ben Pfaff <blp@ovn.org>
The ovs-sandbox runs in the "dummy mode" by default.
In this mode of testing, no packets travel across
physical or virtual networks. But sometimes, we may
create veth network devices and add them to ovs bridge
for developing and testing. It's necessary to add an option.
Signed-off-by: nickcooper-zhangtonghao <nic@opencloud.tech>
Signed-off-by: Ben Pfaff <blp@ovn.org>
The do_handshake() function throws the exception OpenSSL.SSL.SysCallError
when the peer's SSL connection is closed, And the recv() function also
throws the exception OpenSSL.SSL.SysCallError when the peer's SSL
connection is abnormally closed, This commit catches the exception and
return error's errno.
Similarly, the recv() function also throws the exception
OpenSSL.SSL.ZeroReturnError when the peer's SSL connection is closed. This
exception refers to TCP connection normal closed, return (0, "")
Signed-off-by: Guoshuai Li <ligs@dtdream.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Numan Siddique <nusiddiq@redhat.com>
-Wnull-dereference is also new in GCC 6 but upon testing it produces far
too many false positives to be usable for OVS.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
GCC 6.1 warns that -Wformat-security has no effect without -Wformat, so
this commit fixes the problem.
The change to _OVS_CHECK_CC_OPTION is needed so that the cache variable
name doesn't end up with a space in it, which obviously doesn't work.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
AC_LANG_PROGRAM(,) uses a program like this:
int main() { return 0; }
but that triggers warnings for -Wstrict-prototypes and for
-Wold-style-definition, since this definition of main() lacks a prototype
and is therefore old-style. This meant that -Wstrict-prototypes and
-Wold-style-definition weren't being turned on for new-enough GCC. This
commit fixes the problem by changing the program that is test-compiled to:
int x;
which doesn't make any compilers mad, as far as I know.
I recently upgraded to GCC 6.1 and just now noticed the issue, so I think
that GCC somewhere between version 4.9 and version 6.1 must have started
warning about main() when it's declared this way.
Also, fix a few functions that lacked prototypes.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
The packet in userdata generated by ovn-controller when translating the
put_dhcpv6_opt action includes 16-bit integers.
Currently these 16-bit integers are encoded with native endianness.
This is ok becase the only consumer of that userdata is ovn-controller
itself, but it means that the OpenFlow action we're generating might
not really be the same on different hosts.
I think it's better to encode the userdata as big-endian, like the rest
of OpenFlow messages.
This fixes a test failure on big-endian platforms, because the generated
OpenFlow bytes were different than expected (the expectation was
generated on a little endian machine).
Now 'struct dhcp_opt6_header' is identical to 'struct
dhcpv6_opt_header', but I chose to keep them separate, because they
have different purposes. I also renamed the members to avoid confusion.
I haven't tested this on a real setup.
CC: Numan Siddique <nusiddiq@redhat.com>
Reported-at: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840770
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Numan Siddique <nusiddiq@redhat.com>
The DPDK EAL library intents that all argc/argv arguments passed on the
command line will be in the form:
progname dpdk arguments program arguments
This means the argv array will look something like:
argv[0] = progname
argv[1..x] = dpdk arguments
argv[x..y] = program arguments
When the eal initialization routine completes, it will modify the argv array
to set argv[ret] = progname, such that the arguments can then be passed to
something like getopts for further processing.
When the dpdk arguments rework was initially added, the assignment mentioned
above was not considered. This means two errors were introduced:
1. Leak of the element at argv[ret]
2. Double-free of the element at argv[0]
Reported-by: Ilya Maximets <i.maximets@samsung.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2016-November/325442.html
Fixes: bab6940971 ("netdev-dpdk: Convert initialization from cmdline to db")
Signed-off-by: Aaron Conole <aconole@redhat.com>
Two more packages are needed to build ovs package on RHEL.
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
[joe@ovn.org added fedora doc]
Signed-off-by: Joe Stringer <joe@ovn.org>
Previously, the IP Helper thread would wait for an event
but with a timeout of 0, which resulted in the thread
busy waiting causing high CPU usage by the kernel.
Since the IP Helper thread is only required based on
certain events, it makes sense to wait indefinitely
till we receieve such an event notification to wake up
the thread. This change aims to address this issue.
When OvsEnqueueIpHelperRequest() or OvsInternalAdapterUp()
is called, the ovsNumIpHelperRequests counter is incremented,
but upon consumption of the request, is not decremented.
Since the wakeup logic for the thread is determined by this
counter value, we need to reset the counter back correctly
once the request has been consumed by the IP Helper thread.
Signed-off-by: Shashank Ram <rams@vmware.com>
Acked-by: Yin Lin <linyi@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
The put_dhcp_opts(v6) logical action didn't really work because ovn-trace
didn't handle DHCP options. This fixes the problem.
This also makes the put_dhcp_opts(v6) logical provide useful tracing output
showing what's happening and the assumptions.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Basic Sphinx integration is now complete. Remove the documentation
aspects of the 'dist-docs' target in favor of the htmldocs target.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This is mostly the exact same contents, albeit broken up into multiple
files.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This is moved separately due to the sheer number of references to this
file in the codebase.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Rename 'tutorial' to 'ovs-advanced' and 'ovn-tutorial' to 'ovn-basics'.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
There are many docs that don't need to kept at the top level, along
with many more hidden in random folders. Move them all.
This also allows us to add the '-W' flag to Sphinx, ensuring unindexed
docs result in build failures.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
There are a couple of references to these for various build systems.
The website is going to be our "one true resource" for all docs, so
simply remove these references.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This is a dumb move of all 'INSTALL*' docs, with very little
refactoring (mostly updating links and making the titles a little more
consistent. Additional refactoring will be done in subsequent changes.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This is a simple table with links to the manpages published on
openvswitch.org. Something fancier can be done in the future.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
