It is useful to set the mac address and gateway while using ADD_VETH
to connect a namespace to a OVN logical topology. Upcoming commits
use this enhancement.
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
Supporting multiple addresses is only mildly interesting for IPv4.
However, it is a requirement for IPv6, which will arrive in a future
commit.
This commit introduces the extract_lrp_networks() function to ovn-util.[ch].
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Extract port security and logical switch port addresses once and store
them as part of the ovn_port structure. Use the string representations
from the extracted addresses.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
With the addition of IPv6 routing, there won't be much need to
special-case not parsing IPv6 addresses.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
A future commit will reduce the amount of conversions used by the
existing users of 'lport_addresses'. This change will also make it
possible to use this structure for logical router port networks.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Reduce the amount of string conversions necessary. This will be
convenient when we want to start using IPv6 addresses, too.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Reduce the number of memory allocations and risk of introducing shadow
variables.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
With static routes, it's not necessary to have a separate default
gateway parameter. This also makes configuring router ports clearer
when IPv6 and IPv4 addresses may be assigned to the same port.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
IPv6 addresses use four standard OVS registers, so move the existing
named registers back to make room for using more logical registers.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
With eight 32-bit registers, we can only store two IPv6 addresses, which is
pretty tight.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
References to the specifc tables should probably be dropped, since
they'll continue to drift towards wrong. In the meantime, correct the
ones that are there.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Otherwise, errors are logged at "debug" level. Errors when pushing
flows can then seemingly be silently lost.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Fix python2-specific code in ovs-bugtool:
* python2 long() is the same as python2 int() and python3 int(). Convert
the long() to int().
* raw_input() was renamed to input(). Use python-six's input() on python2.
* Drop lambda tuple unpacking, we can go back to regular lambda syntax.
* file() can be replaced with open().
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
NC_EOF_OPT should always be passed to netcat in system-traffic tests
when invoking netcat to send a single packet that does not expect a
response. While on typical fedora/RH based distributions the default
behaviour is to send the packet then return, there are multiple other
implementations of netcat that do not do this (for example, those used
by Debian and Ubuntu by default). For these alternative implementations,
we provide $NC_EOF_OPT to ensure that netcat simply sends the packet
then returns immediately.
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
compat iptunnel_xmit is used in backported tunnel code. but
it was only defined for kernel older than 3.18, This patch fixes
it by compiling it for all kernel which needs to use backported
tunnel implementation.
Reported-by: Justin Pettit <jpettit@ovn.org>
Reported-by: Joe Stringer <joe@ovn.org>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Commit 263064aeaa (Convert binding_run to incremental processing.)
changed the way patched_datapaths were handled. Previously we would
destroy the datastructure in every run and re-create it fresh. The new
way causes problems with the way conntrack zones are allocated as now
we can have stale port_binding entries causing segmentation faults.
With this commit, we simply don't depend on port_binding records in
conntrack zone allocation and instead store the UUID as a string in
the patch_datapath datastructure.
(The test enhanced with this commit would fail without the changes
in the commit. i.e. ovn-controller would crash. )
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
Patched datapaths that are no longer referenced should be removed from
the patched_datapaths map; otherwise incorrect state references for a
patched datapath may be used and also datapaths that are absent will be
interpreted as present.
Signed-off-by: Darrell Ball <dlu998@gmail.com>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Upstream commit:
commit bc22a0e2ea03b75b51a1f722f93821744b5b5ff1
Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>
iptunnel: make rx/tx bytes counters consistent
This was already done a long time ago in
commit 64194c31a0b6 ("inet: Make tunnel RX/TX byte counters more consistent")
but tx path was broken (at least since 3.10).
Before the patch the gre header was included on tx.
After the patch:
$ ping -c1 192.168.0.121 ; ip -s l ls dev gre1
PING 192.168.0.121 (192.168.0.121) 56(84) bytes of data.
64 bytes from 192.168.0.121: icmp_req=1 ttl=64 time=2.95 ms
--- 192.168.0.121 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 2.955/2.955/2.955/0.000 ms
7: gre1@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1468 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/gre 10.16.0.249 peer 10.16.0.121
RX: bytes packets errors dropped overrun mcast
84 1 0 0 0 0
TX: bytes packets errors dropped carrier collsns
84 1 0 0 0 0
Reported-by: Julien Meunier <julien.meunier@6wind.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
At this point OVS tunneling is insync with upstream net
branch (commit 9a0fee2b552b1).
upstream commit:
commit cf5da330bbdd0c06b05c525a3d1d58ccd82c87a6
Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>
ovs/vxlan: fix rtnl notifications on iface deletion
The function vxlan_dev_create() (only used by ovs) never calls
rtnl_configure_link(). The consequence is that dev->rtnl_link_stat is
never set to RTNL_LINK_INITIALIZED.
During the deletion phase, the function rollback_registered_many() sends
a RTM_DELLINK only if dev->rtnl_link_state is set to RTNL_LINK_INITIALIZED.
Note that the function vxlan_dev_create() is moved after the rtnl stuff so
that vxlan_dellink() can be called in this function.
Fixes: dcc38c033b32 ("openvswitch: Re-add CONFIG_OPENVSWITCH_VXLAN")
CC: Thomas Graf <tgraf@suug.ch>
CC: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Upstream Commit:
commit 41009481b690493c169ce85f591b9d32c6fd9422
Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>
ovs/geneve: fix rtnl notifications on iface deletion
The function geneve_dev_create_fb() (only used by ovs) never calls
rtnl_configure_link(). The consequence is that dev->rtnl_link_state is
never set to RTNL_LINK_INITIALIZED.
During the deletion phase, the function rollback_registered_many() sends
a RTM_DELLINK only if dev->rtnl_link_state is set to RTNL_LINK_INITIALIZED.
Fixes: e305ac6cf5a1 ("geneve: Add support to collect tunnel metadata.")
CC: Pravin B Shelar <pshelar@ovn.org>
CC: Jesse Gross <jesse@ovn.org>
CC: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Upstream commit:
commit 106da663ff495e0aea3ac15b8317aa410754fcac
Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>
ovs/gre,geneve: fix error path when creating an iface
After ipgre_newlink()/geneve_configure() call, the netdev is registered.
Fixes: 7e059158d57b ("vxlan, gre, geneve: Set a large MTU on ovs-created tunnel devices")
CC: David Wragg <david@weave.works>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Upstream commit:
commit e5aed006be918af163eb397e45aa5ea6cefd5e01
Author: Hannes Frederic Sowa <hannes@stressinduktion.org>
udp: prevent skbs lingering in tunnel socket queues
In case we find a socket with encapsulation enabled we should call
the encap_recv function even if just a udp header without payload is
available. The callbacks are responsible for correctly verifying and
dropping the packets.
Also, in case the header validation fails for geneve and vxlan we
shouldn't put the skb back into the socket queue, no one will pick
them up there. Instead we can simply discard them in the respective
encap_recv functions.
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Upstream commit:
commit 229740c63169462a838a8b8e16391ed000934631
Author: Jarno Rajahalme <jarno@ovn.org>
udp_offload: Set encapsulation before inner completes.
UDP tunnel segmentation code relies on the inner offsets being set for
an UDP tunnel GSO packet, but the inner *_complete() functions will
set the inner offsets only if 'encapsulation' is set before calling
them. Currently, udp_gro_complete() sets 'encapsulation' only after
the inner *_complete() functions are done. This causes the inner
offsets having invalid values after udp_gro_complete() returns, which
in turn will make it impossible to properly segment the packet in case
it needs to be forwarded, which would be visible to the user either as
invalid packets being sent or as packet loss.
This patch fixes this by setting skb's 'encapsulation' in
udp_gro_complete() before calling into the inner complete functions,
and by making each possible UDP tunnel gro_complete() callback set the
inner_mac_header to the beginning of the tunnel payload.
Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Reviewed-by: Alexander Duyck <aduyck@mirantis.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
OVS has GSO compat functionality which needs inner offset
of the packet to segment a packet. older kernel did not
include these offsets in skb, therefore these were stored
in OVS_GSO_CB. Now OVS has dropped support for these
old kernel, So none of the supported kernel needs this
comapt code. Following patch removes it.
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
upstream commit:
commit e905eabc90a5b787d8708df164543ee295bea5f2
Author: Simon Horman <simon.horman@netronome.com>
openvswitch: correct encoding of set tunnel action attributes
In a set action tunnel attributes should be encoded in a
nested action.
I noticed this because ovs-dpctl was reporting an error
when dumping flows due to the incorrect encoding of tunnel attributes
in a set action.
Fixes: fc4099f17240 ("openvswitch: Fix egress tunnel info.")
Signed-off-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
It partialy backport commit:
commit d71785ffc7e7cae3fbdc4ea8a9d05b7a1c59f7b8
Author: Paolo Abeni <pabeni@redhat.com>
net: add dst_cache to ovs vxlan lwtunnel
In case of UDP traffic with datagram length
below MTU this give about 2% performance increase
when tunneling over ipv4 and about 60% when tunneling
over ipv6
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Suggested-and-acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Bug fix commit db3c6139e6e ("bpf, vxlan, geneve, gre: fix usage of
dst_cache on xmit"). is also included. Geneve changes
were added in 468dfffcd762cbb2777ec5a76bc21e3748ebf47e ("geneve: add
dst caching support")
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Mostly backports upstream commit along with other pieces
to make IPv6 tunneling work.
commit 6b26ba3a7d952e611dcde1f3f77ce63bcc70540a
Author: Jiri Benc <jbenc@redhat.com>
openvswitch: netlink attributes for IPv6 tunneling
Add netlink attributes for IPv6 tunnel addresses. This enables IPv6 support
for tunnels.
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
This patch brings in various updates to upstream Geneve and VxLAN
modules. For geneve this patch adds IPv6 support, for vxlan it adds
VXLAN GPE is the major feature.
This should make OVS compat tunnel implementation in sync upto
current net branch.
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Next patch adds support for IPV6 Geneve and VXLAN, But support for UDP
segmentation is available on all supported kernel.
Following patch adds support for UDP tunnels over IPv6 for such kernels.
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Current tnl_skb_gso_segment() is written for ipv4 tunnels. Following
patch make it generic so that it can also handle ipv6 tunnels.
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Upstream commit:
commit 039f50629b7f860f36644ed1f34b27da9aa62f43
Author: Pravin B Shelar <pshelar@ovn.org>
ip_tunnel: Move stats update to iptunnel_xmit()
By moving stats update into iptunnel_xmit(), we can simplify
iptunnel_xmit() usage. With this change there is no need to
call another function (iptunnel_xmit_stats()) to update stats
in tunnel xmit code path.
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Upstream commit:
commit 38fd2af24fcfda93f9fea3e53f26e48775ae9e09
Author: Tom Herbert <tom@herbertland.com>
udp: Add socket based GRO and config
Add gro_receive and gro_complete to struct udp_tunnel_sock_cfg.
Signed-off-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
Update udp_tunnel6_xmit_skb(). Specificaly changes are
related to setting ipv6 label.
Upstream commit:
commit 134611446dc657e1bbc73ca0e4e6b599df687db0
Author: Daniel Borkmann <daniel@iogearbox.net>
ip_tunnel: add support for setting flow label via collect metadata
This patch extends udp_tunnel6_xmit_skb() to pass in the IPv6 flow label
from call sites. Currently, there's no such option and it's always set to
zero when writing ip6_flow_hdr(). Add a label member to ip_tunnel_key, so
that flow-based tunnels via collect metadata frontends can make use of it.
vxlan and geneve will be converted to add flow label support separately.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
There is return type change in upstream handle-offload functions.
Following patch brings these changes in.
This is backport of aed069df ("ip_tunnel_core:
iptunnel_handle_offloads returns int and doesn't free skb")
I have also removed duplicate definitions of tunnel_handle_offloads()
from ip-tunnel header.
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
This backports dst-cache implementation from upstream implementation.
commit 911362c70df5b766c243dc297fadeaced786ffd8
Author: Paolo Abeni <pabeni@redhat.com>
net: add dst_cache support
This patch add a generic, lockless dst cache implementation.
The need for lock is avoided updating the dst cache fields
only in per cpu scope, and requiring that the cache manipulation
functions are invoked with the local bh disabled.
The refresh_ts and reset_ts fields are used to ensure the cache
consistency in case of cuncurrent cache update (dst_cache_set*) and
reset operation (dst_cache_reset).
Consider the following scenario:
CPU1: CPU2:
<cache lookup with emtpy cache: it fails>
<get dst via uncached route lookup>
<related configuration changes>
dst_cache_reset()
dst_cache_set()
The dst entry set passed to dst_cache_set() should not be used
for later dst cache lookup, because it's obtained using old
configuration values.
Since the refresh_ts is updated only on dst_cache lookup, the
cached value in the above scenario will be discarded on the next
lookup.
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Suggested-and-acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
