mir/ovs
2
0
Fork 0
mirror of https://github.com/openvswitch/ovs synced 2025-08-22 09:58:01 +00:00
Code Issues Releases Wiki Activity
ovs/lib/netdev-vport.c

783 lines
24 KiB
C
Raw Normal View History

netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
/*
netdev-vport: Fix theoretical null pointer dereference. Theoretically, its possible for netdev_get_status() to be called on a netdev-vport which hasn't had its configuration set yet. In this case, netdev-vport would dereference a null pointer. Reported-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-26 17:02:08 -08:00
* Copyright (c) 2010, 2011, 2012, 2013 Nicira, Inc.
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
netdev-vport: Fix typo in comment. Must have been a stray s/gre/patch/ in this file's history.
2010-09-24 10:55:57 -07:00
* Unless required by applicable law or agreed to in writing, software
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <config.h>
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
#include "netdev-vport.h"
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
#include <errno.h>
#include <fcntl.h>
lib: Show tunnel egress interface in ovsdb This commit parses rtnetlink address notifications from the kernel in order to display the egress interface of tunnels in the database. Bug #4103.
2010-12-21 16:26:21 -08:00
#include <sys/socket.h>
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
#include <net/if.h>
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
#include <sys/ioctl.h>
Expand tunnel IDs from 32 to 64 bits. We have a need to identify tunnels with keys longer than 32 bits. This commit adds basic datapath and OpenFlow support for such keys. It doesn't actually add any tunnel protocols that support 64-bit keys, so this is not very useful yet. The 'arg' member of struct odp_msg had to be expanded to 64-bits also, because it sometimes contains a tunnel ID. This member also contains the argument passed to ODPAT_CONTROLLER, so I expanded that action's argument to 64 bits also so that it can use the full width of the expanded 'arg'. Userspace doesn't take advantage of the new space though (it was only using 16 bits anyhow). This commit has been tested only to the extent that it doesn't disrupt basic Open vSwitch operation. I have not tested it with tunnel traffic. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Feature #3976.
2010-12-10 10:42:42 -08:00
#include "byte-order.h"
netdev-vport: Warn on IPsec tunnels when ovs-monitor-ipsec not running. IPsec tunnels are only supported on Debian systems running ovs-monitor-ipsec. Since that daemon configures IPsec, ovs-vswitchd doesn't know whether IPsec will actually work. With this commit, a warning is printed that it is unlikely to work unless that daemon is started. There is a more serious issue that IPsec traffic can pass unencrypted if that daemon is not running. To fix that problem, changes to the kernel module will need to occur. A future commit will address that issue, but this earlier warning will be useful regardless. Bug #4854
2011-03-11 15:18:30 -08:00
#include "daemon.h"
#include "dirs.h"
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
#include "dpif.h"
lib: Show tunnel egress interface in ovsdb This commit parses rtnetlink address notifications from the kernel in order to display the egress interface of tunnels in the database. Bug #4103.
2010-12-21 16:26:21 -08:00
#include "hash.h"
#include "hmap.h"
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
#include "list.h"
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
#include "netdev-provider.h"
lib: Show tunnel egress interface in ovsdb This commit parses rtnetlink address notifications from the kernel in order to display the egress interface of tunnels in the database. Bug #4103.
2010-12-21 16:26:21 -08:00
#include "ofpbuf.h"
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
#include "packets.h"
lib: Simplify rtnetlink routing functionality. This commit removes the rtnetlink-route module and replaces it with a much simpler to use route-table module. The route-table uses rtnetlink to maintain a routing table which may be used to query the egress interface of particular addresses. This commit also converts netdev-vport to use the new route-table module.
2011-01-12 14:55:18 -08:00
#include "route-table.h"
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
#include "shash.h"
#include "socket-util.h"
#include "vlog.h"
vlog: Make client supply semicolon for VLOG_DEFINE_THIS_MODULE. It's kind of odd for VLOG_DEFINE_THIS_MODULE to supply its own semicolon, so this commit switches to the more common form.
2010-10-19 14:47:01 -07:00
VLOG_DEFINE_THIS_MODULE(netdev_vport);
vlog: Introduce VLOG_DEFINE_THIS_MODULE for declaring vlog module in use. Adding a macro to define the vlog module in use adds a level of indirection, which makes it easier to change how the vlog module must be defined. A followup commit needs to do that, so getting these widespread changes out of the way first should make that commit easier to review.
2010-07-16 11:02:49 -07:00
Update the default VXLAN destination UDP port to the IANA assigned port VXLAN was recently assigned UDP port 4789 by IANA. This comit updates the OVS VXLAN implementation to reflect the new UDP port number. Cc: Kenneth Duda <kduda@aristanetworks.com> Signed-off-by: Kyle Mestery <kmestery@cisco.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-04-26 14:30:24 -04:00
#define VXLAN_DST_PORT 4789
Add support for LISP tunneling LISP is an experimental layer 3 tunneling protocol, described in RFC 6830. This patch adds support for LISP tunneling. Since LISP encapsulated packets do not carry an Ethernet header, it is removed before encapsulation, and added with hardcoded source and destination MAC addresses after decapsulation. The harcoded MAC chosen for this purpose is the locally administered address 02:00:00:00:00:00. Flow actions can be used to rewrite this MAC for correct reception. As such, this patch is intended to be used for static network configurations, or with a LISP capable controller. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Kyle Mestery <kmestery@cisco.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-02-21 21:52:04 -08:00
#define LISP_DST_PORT 4341
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
#define DEFAULT_TTL 64
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
struct netdev_vport {
struct netdev up;
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
/* Protects all members below. */
struct ovs_mutex mutex;
netdev-vport: Manage ethernet addresses in userspace. Letting netdev-vport manage ethernet addresses itself instead of relying on the datapath has several advantages. It simplifies the code, is significantly more efficient, and will work when there is no longer a one to one mapping from netdev-vports to datapath vports. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-11-30 11:36:42 -08:00
uint8_t etheraddr[ETH_ADDR_LEN];
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
struct netdev_stats stats;
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
/* Tunnels. */
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
struct netdev_tunnel_config tnl_cfg;
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
/* Patch Ports. */
char *peer;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
};
struct vport_class {
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
const char *dpif_port;
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
struct netdev_class netdev_class;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
};
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
static int netdev_vport_construct(struct netdev *);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
static int get_patch_config(const struct netdev *netdev, struct smap *args);
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
static int get_tunnel_config(const struct netdev *, struct smap *args);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
static bool
is_vport_class(const struct netdev_class *class)
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
{
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
return class->construct == netdev_vport_construct;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
static const struct vport_class *
vport_class_cast(const struct netdev_class *class)
{
Replace most uses of assert by ovs_assert. This is a straight search-and-replace, except that I also removed #include <assert.h> from each file where there were no assert calls left. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2012-11-06 13:14:55 -08:00
ovs_assert(is_vport_class(class));
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
return CONTAINER_OF(class, struct vport_class, netdev_class);
}
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
static struct netdev_vport *
netdev_vport_cast(const struct netdev *netdev)
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
ovs_assert(is_vport_class(netdev_get_class(netdev)));
return CONTAINER_OF(netdev, struct netdev_vport, up);
netdev-vport: New helper netdev_vport_get_dev(). Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-26 16:33:58 -08:00
}
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
static const struct netdev_tunnel_config *
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
get_netdev_tunnel_config(const struct netdev *netdev)
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
return &netdev_vport_cast(netdev)->tnl_cfg;
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
}
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
bool
netdev_vport_is_patch(const struct netdev *netdev)
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
const struct netdev_class *class = netdev_get_class(netdev);
datapath: Remove kernel patch ports. Now that userspace implements patch ports completely internally, it's possible to remove the kernel implementation of them. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Kyle Mestery <kmestery@cisco.com>
2013-01-25 14:17:49 -08:00
netdev-vport: Build on all platforms. This patch removes the final bit of linux specific code which prevents building netdev-vport everywhere. With this, other platforms automatically get access to patch ports, and (if their datapath supports it), flow based tunneling. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-25 13:30:40 -08:00
return class->get_config == get_patch_config;
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
}
ofproto-dpif: add support for layer 3 ports Add member is_layer3 to struct ofport_dpif to mark layer 3 ports. Set it to "true" for the only layer 3 port we support for now: lisp. Additionally, prevent flooding to layer 3 ports. A later patch will also prevent MAC learning. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-11-19 11:06:44 +02:00
bool
netdev_vport_is_layer3(const struct netdev *dev)
{
const char *type = netdev_get_type(dev);
return (!strcmp("lisp", type));
}
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
static bool
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
netdev_vport_needs_dst_port(const struct netdev *dev)
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
const struct netdev_class *class = netdev_get_class(dev);
const char *type = netdev_get_type(dev);
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
Add support for LISP tunneling LISP is an experimental layer 3 tunneling protocol, described in RFC 6830. This patch adds support for LISP tunneling. Since LISP encapsulated packets do not carry an Ethernet header, it is removed before encapsulation, and added with hardcoded source and destination MAC addresses after decapsulation. The harcoded MAC chosen for this purpose is the locally administered address 02:00:00:00:00:00. Flow actions can be used to rewrite this MAC for correct reception. As such, this patch is intended to be used for static network configurations, or with a LISP capable controller. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Kyle Mestery <kmestery@cisco.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-02-21 21:52:04 -08:00
return (class->get_config == get_tunnel_config &&
(!strcmp("vxlan", type) || !strcmp("lisp", type)));
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
}
netdev: Prevent using reserved names This commit adds a function to lib/netdev.c to check that the interface name is not the same as any of the registered vport providers' dpif_port name (e.g. gre_system) or the datapath's internal port name (e.g. ovs-system). Bug #15077. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-16 14:11:51 -07:00
const char *
netdev_vport_class_get_dpif_port(const struct netdev_class *class)
{
return is_vport_class(class) ? vport_class_cast(class)->dpif_port : NULL;
}
netdev: New function netdev_get_dpif_port(). In future patches, a netdev's datapath port name may not necessarily be the same as its device name. This patch prepares for this by making the distinction in the netdev and dpif layers. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-16 17:08:50 -08:00
const char *
netdev-vport: Don't return static data in netdev_vport_get_dpif_port(). Returning a static data buffer makes code more brittle and definitely not thread-safe, so this commit switches to using a caller-provided buffer instead. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 11:05:28 -07:00
netdev_vport_get_dpif_port(const struct netdev *netdev,
char namebuf[], size_t bufsize)
netdev: New function netdev_get_dpif_port(). In future patches, a netdev's datapath port name may not necessarily be the same as its device name. This patch prepares for this by making the distinction in the netdev and dpif layers. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-16 17:08:50 -08:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
if (netdev_vport_needs_dst_port(netdev)) {
const struct netdev_vport *vport = netdev_vport_cast(netdev);
const char *type = netdev_get_type(netdev);
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
/*
* Note: IFNAMSIZ is 16 bytes long. The maximum length of a VXLAN
Add support for LISP tunneling LISP is an experimental layer 3 tunneling protocol, described in RFC 6830. This patch adds support for LISP tunneling. Since LISP encapsulated packets do not carry an Ethernet header, it is removed before encapsulation, and added with hardcoded source and destination MAC addresses after decapsulation. The harcoded MAC chosen for this purpose is the locally administered address 02:00:00:00:00:00. Flow actions can be used to rewrite this MAC for correct reception. As such, this patch is intended to be used for static network configurations, or with a LISP capable controller. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Kyle Mestery <kmestery@cisco.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-02-21 21:52:04 -08:00
* or LISP port name below is 15 or 14 bytes respectively. Still,
* assert here on the size of strlen(type) in case that changes
* in the future.
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
*/
netdev-vport: Don't return static data in netdev_vport_get_dpif_port(). Returning a static data buffer makes code more brittle and definitely not thread-safe, so this commit switches to using a caller-provided buffer instead. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 11:05:28 -07:00
BUILD_ASSERT(NETDEV_VPORT_NAME_BUFSIZE >= IFNAMSIZ);
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
ovs_assert(strlen(type) + 10 < IFNAMSIZ);
netdev-vport: Don't return static data in netdev_vport_get_dpif_port(). Returning a static data buffer makes code more brittle and definitely not thread-safe, so this commit switches to using a caller-provided buffer instead. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 11:05:28 -07:00
snprintf(namebuf, bufsize, "%s_sys_%d", type,
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
ntohs(vport->tnl_cfg.dst_port));
netdev-vport: Don't return static data in netdev_vport_get_dpif_port(). Returning a static data buffer makes code more brittle and definitely not thread-safe, so this commit switches to using a caller-provided buffer instead. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 11:05:28 -07:00
return namebuf;
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
} else {
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
const struct netdev_class *class = netdev_get_class(netdev);
netdev-vport: Make netdev_vport_get_dpif_port() code less confusing. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-15 15:55:56 -07:00
const char *dpif_port = netdev_vport_class_get_dpif_port(class);
return dpif_port ? dpif_port : netdev_get_name(netdev);
vxlan: Update netdev_vport_get_dpif_port() to support VXLAN port names Modify netdev_vport_get_dpif_port() to return a name for VXLAN ports which includes the destination UDP port number as a part of the name. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:25 -05:00
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
netdev-vport: Don't return static data in netdev_vport_get_dpif_port(). Returning a static data buffer makes code more brittle and definitely not thread-safe, so this commit switches to using a caller-provided buffer instead. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 11:05:28 -07:00
char *
netdev_vport_get_dpif_port_strdup(const struct netdev *netdev)
{
char namebuf[NETDEV_VPORT_NAME_BUFSIZE];
return xstrdup(netdev_vport_get_dpif_port(netdev, namebuf,
sizeof namebuf));
}
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
static struct netdev *
netdev_vport_alloc(void)
{
struct netdev_vport *netdev = xzalloc(sizeof *netdev);
return &netdev->up;
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
static int
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
netdev_vport_construct(struct netdev *netdev_)
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
{
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
struct netdev_vport *netdev = netdev_vport_cast(netdev_);
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
Use "error-checking" mutexes in place of other kinds wherever possible. We've seen a number of deadlocks in the tree since thread safety was introduced. So far, all of these are self-deadlocks, that is, a single thread acquiring a lock and then attempting to re-acquire the same lock recursively. When this has happened, the process simply hung, and it was somewhat difficult to find the cause. POSIX "error-checking" mutexes check for this specific problem (and others). This commit switches from other types of mutexes to error-checking mutexes everywhere that we can, that is, everywhere that we're not using recursive mutexes. This ought to help find problems more quickly in the future. There might be performance advantages to other kinds of mutexes in some cases. However, the existing mutex type choices were just guesses, so I'd rather go for easy detection of errors until we know that other mutex types actually perform better in specific cases. Also, I did a quick microbenchmark of glibc mutex types on my host and found that the error checking mutexes weren't any slower than the other types, at least when the mutex is uncontended. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-08-20 13:40:02 -07:00
ovs_mutex_init(&netdev->mutex);
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
eth_addr_random(netdev->etheraddr);
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
netdev: Decouple creating and configuring network devices. Until now, each call to netdev_open() for a particular network device had to either specify a set of network device arguments that was either empty or (for devices that already existed) equal to the existing device's configuration. Unfortunately, the definition of "equality" in the latter case was mostly done in terms of strict equality of string-to-string maps, which caused problems in cases where, for example, one set of arguments specified the default value of an optional argument explicitly and the other omitted it. The netdev interface does have provisions for defining equality other ways, but this had only been done in one case that was especially problematic in practice. One way to solve this particular problem would be to carefully define equality in all the problematic cases. This commit takes another approach based on the realization that there is really no need to do any comparisons. Instead, it removes configuration at netdev_open() time entirely, because almost all of netdev_open()'s callers are not interested in creating and configuring a netdev. Most of them just want to open a configured device and use it. Therefore, this commit stops providing any configuration arguments to netdev_open() and the provider functions that it calls. Instead, a caller that does want to configure a device does so after it opens it, by calling netdev_set_config(). This change allows us to simplify the netdev interface a bit. There is no longer any need to implement argument comparisons. As a result, there is also no need for "struct netdev_dev" to keep track of configuration at all. Instead, the network devices that have configuration keep track of it in their own internal form. This new interface does mean that it becomes possible to accidentally create and try to use an unconfigured netdev that requires configuration. Bug #6677. Reported-by: Paul Ingram <paul@nicira.com>
2011-08-08 12:49:17 -07:00
route_table_register();
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
netdev: Decouple creating and configuring network devices. Until now, each call to netdev_open() for a particular network device had to either specify a set of network device arguments that was either empty or (for devices that already existed) equal to the existing device's configuration. Unfortunately, the definition of "equality" in the latter case was mostly done in terms of strict equality of string-to-string maps, which caused problems in cases where, for example, one set of arguments specified the default value of an optional argument explicitly and the other omitted it. The netdev interface does have provisions for defining equality other ways, but this had only been done in one case that was especially problematic in practice. One way to solve this particular problem would be to carefully define equality in all the problematic cases. This commit takes another approach based on the realization that there is really no need to do any comparisons. Instead, it removes configuration at netdev_open() time entirely, because almost all of netdev_open()'s callers are not interested in creating and configuring a netdev. Most of them just want to open a configured device and use it. Therefore, this commit stops providing any configuration arguments to netdev_open() and the provider functions that it calls. Instead, a caller that does want to configure a device does so after it opens it, by calling netdev_set_config(). This change allows us to simplify the netdev interface a bit. There is no longer any need to implement argument comparisons. As a result, there is also no need for "struct netdev_dev" to keep track of configuration at all. Instead, the network devices that have configuration keep track of it in their own internal form. This new interface does mean that it becomes possible to accidentally create and try to use an unconfigured netdev that requires configuration. Bug #6677. Reported-by: Paul Ingram <paul@nicira.com>
2011-08-08 12:49:17 -07:00
return 0;
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
static void
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
netdev_vport_destruct(struct netdev *netdev_)
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
struct netdev_vport *netdev = netdev_vport_cast(netdev_);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
lib: Simplify rtnetlink routing functionality. This commit removes the rtnetlink-route module and replaces it with a much simpler to use route-table module. The route-table uses rtnetlink to maintain a routing table which may be used to query the egress interface of particular addresses. This commit also converts netdev-vport to use the new route-table module.
2011-01-12 14:55:18 -08:00
route_table_unregister();
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
free(netdev->peer);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_destroy(&netdev->mutex);
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
}
static void
netdev_vport_dealloc(struct netdev *netdev_)
{
struct netdev_vport *netdev = netdev_vport_cast(netdev_);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
free(netdev);
}
static int
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
netdev_vport_set_etheraddr(struct netdev *netdev_,
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
const uint8_t mac[ETH_ADDR_LEN])
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
struct netdev_vport *netdev = netdev_vport_cast(netdev_);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&netdev->mutex);
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
memcpy(netdev->etheraddr, mac, ETH_ADDR_LEN);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_unlock(&netdev->mutex);
netdev: Add 'change_seq' back to netdev. This commit can be seen as a partial revert of commit da4a619179d (netdev: Globally track port status changes) by adding the 'change_seq' to 'struct netdev'. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-04-03 00:17:34 -07:00
netdev_change_seq_changed(netdev_);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
netdev-vport: Manage ethernet addresses in userspace. Letting netdev-vport manage ethernet addresses itself instead of relying on the datapath has several advantages. It simplifies the code, is significantly more efficient, and will work when there is no longer a one to one mapping from netdev-vports to datapath vports. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-11-30 11:36:42 -08:00
return 0;
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
static int
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
netdev_vport_get_etheraddr(const struct netdev *netdev_,
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
uint8_t mac[ETH_ADDR_LEN])
{
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
struct netdev_vport *netdev = netdev_vport_cast(netdev_);
ovs_mutex_lock(&netdev->mutex);
memcpy(mac, netdev->etheraddr, ETH_ADDR_LEN);
ovs_mutex_unlock(&netdev->mutex);
netdev-vport: Manage ethernet addresses in userspace. Letting netdev-vport manage ethernet addresses itself instead of relying on the datapath has several advantages. It simplifies the code, is significantly more efficient, and will work when there is no longer a one to one mapping from netdev-vports to datapath vports. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-11-30 11:36:42 -08:00
return 0;
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
}
bridge: Move tunnel_egress_iface to status column. This commit removes the tunnel_egress_iface column from the interface table and moves it's data to the status column. In the process it reverts the database to version 1.0.0.
2011-01-05 11:51:15 -08:00
static int
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
tunnel_get_status(const struct netdev *netdev_, struct smap *smap)
bridge: Move tunnel_egress_iface to status column. This commit removes the tunnel_egress_iface column from the interface table and moves it's data to the status column. In the process it reverts the database to version 1.0.0.
2011-01-05 11:51:15 -08:00
{
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
struct netdev_vport *netdev = netdev_vport_cast(netdev_);
netdev-vport: Make 'iface' non-static in tunnel_get_status(). I don't see any reason for this to be static. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-04-15 15:33:43 -07:00
char iface[IFNAMSIZ];
netdev: Rename get_drv_info() to get_status(). get_status() is a much more intuitive name since "status" is what the database column is called. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-16 16:42:17 -08:00
ovs_be32 route;
bridge: Move tunnel_egress_iface to status column. This commit removes the tunnel_egress_iface column from the interface table and moves it's data to the status column. In the process it reverts the database to version 1.0.0.
2011-01-05 11:51:15 -08:00
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&netdev->mutex);
route = netdev->tnl_cfg.ip_dst;
ovs_mutex_unlock(&netdev->mutex);
netdev: Rename get_drv_info() to get_status(). get_status() is a much more intuitive name since "status" is what the database column is called. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-16 16:42:17 -08:00
if (route_table_get_name(route, iface)) {
netdev-vport: Report carrier state of tunnel egress interfaces. Record carrier state of tunnel egress interface in "tunnel_egress_iface_carrier" key in "status" map of Interface table.
2011-01-19 14:50:01 -08:00
struct netdev *egress_netdev;
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
smap_add(smap, "tunnel_egress_iface", iface);
netdev-vport: Report carrier state of tunnel egress interfaces. Record carrier state of tunnel egress interface in "tunnel_egress_iface_carrier" key in "status" map of Interface table.
2011-01-19 14:50:01 -08:00
netdev: Get rid of struct netdev_options and netdev_open_default(). Now that netdev_options only has two members, we might as well pass them directly as parameters.
2011-08-05 14:18:06 -07:00
if (!netdev_open(iface, "system", &egress_netdev)) {
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
smap_add(smap, "tunnel_egress_iface_carrier",
netdev_get_carrier(egress_netdev) ? "up" : "down");
netdev-vport: Report carrier state of tunnel egress interfaces. Record carrier state of tunnel egress interface in "tunnel_egress_iface_carrier" key in "status" map of Interface table.
2011-01-19 14:50:01 -08:00
netdev_close(egress_netdev);
}
bridge: Move tunnel_egress_iface to status column. This commit removes the tunnel_egress_iface column from the interface table and moves it's data to the status column. In the process it reverts the database to version 1.0.0.
2011-01-05 11:51:15 -08:00
}
return 0;
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
static int
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
netdev_vport_update_flags(struct netdev *netdev OVS_UNUSED,
enum netdev_flags off,
enum netdev_flags on OVS_UNUSED,
enum netdev_flags *old_flagsp)
netdev: Extract netdev vport functions. All devices implemented as vports have a common interface, so pull out ioctl code from the GRE netdev so it can be used in other places as well.
2010-05-17 15:04:10 -07:00
{
if (off & (NETDEV_UP | NETDEV_PROMISC)) {
return EOPNOTSUPP;
}
*old_flagsp = NETDEV_UP | NETDEV_PROMISC;
return 0;
}
lib: Show tunnel egress interface in ovsdb This commit parses rtnetlink address notifications from the kernel in order to display the egress interface of tunnels in the database. Bug #4103.
2010-12-21 16:26:21 -08:00
static void
netdev_vport_run(void)
{
lib: Simplify rtnetlink routing functionality. This commit removes the rtnetlink-route module and replaces it with a much simpler to use route-table module. The route-table uses rtnetlink to maintain a routing table which may be used to query the egress interface of particular addresses. This commit also converts netdev-vport to use the new route-table module.
2011-01-12 14:55:18 -08:00
route_table_run();
lib: Show tunnel egress interface in ovsdb This commit parses rtnetlink address notifications from the kernel in order to display the egress interface of tunnels in the database. Bug #4103.
2010-12-21 16:26:21 -08:00
}
static void
netdev_vport_wait(void)
{
lib: Simplify rtnetlink routing functionality. This commit removes the rtnetlink-route module and replaces it with a much simpler to use route-table module. The route-table uses rtnetlink to maintain a routing table which may be used to query the egress interface of particular addresses. This commit also converts netdev-vport to use the new route-table module.
2011-01-12 14:55:18 -08:00
route_table_wait();
lib: Show tunnel egress interface in ovsdb This commit parses rtnetlink address notifications from the kernel in order to display the egress interface of tunnels in the database. Bug #4103.
2010-12-21 16:26:21 -08:00
}
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
/* Code specific to tunnel types. */
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
static ovs_be64
parse_key(const struct smap *args, const char *name,
bool *present, bool *flow)
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
{
const char *s;
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
*present = false;
*flow = false;
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
s = smap_get(args, name);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
if (!s) {
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
s = smap_get(args, "key");
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
if (!s) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
return 0;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
}
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
*present = true;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
if (!strcmp(s, "flow")) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
*flow = true;
return 0;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
} else {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
return htonll(strtoull(s, NULL, 0));
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
static int
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
set_tunnel_config(struct netdev *dev_, const struct smap *args)
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
struct netdev_vport *dev = netdev_vport_cast(dev_);
const char *name = netdev_get_name(dev_);
const char *type = netdev_get_type(dev_);
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
bool ipsec_mech_set, needs_dst_port, has_csum;
struct netdev_tunnel_config tnl_cfg;
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
struct smap_node *node;
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
has_csum = strstr(type, "gre");
ipsec_mech_set = false;
memset(&tnl_cfg, 0, sizeof tnl_cfg);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
Add support for LISP tunneling LISP is an experimental layer 3 tunneling protocol, described in RFC 6830. This patch adds support for LISP tunneling. Since LISP encapsulated packets do not carry an Ethernet header, it is removed before encapsulation, and added with hardcoded source and destination MAC addresses after decapsulation. The harcoded MAC chosen for this purpose is the locally administered address 02:00:00:00:00:00. Flow actions can be used to rewrite this MAC for correct reception. As such, this patch is intended to be used for static network configurations, or with a LISP capable controller. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Kyle Mestery <kmestery@cisco.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-02-21 21:52:04 -08:00
needs_dst_port = netdev_vport_needs_dst_port(dev_);
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.ipsec = strstr(type, "ipsec");
tnl_cfg.dont_fragment = true;
vswitch: Use "ipsec_gre" vport instead of "gre" with "other_config" Previously, a GRE-over-IPsec tunnel was created as an interface with a "type" of "gre" and the "other_config" column with "ipsec_cert" or "ipsec_psk" set. This could lead to a potential security problem if a user intended to create a GRE-over-IPsec tunnel, but misconfigured the "ipsec_*" config and created an unencrypted GRE tunnel. This commit defines an "ipsec_gre" tunnel type, which should prevent users from inadvertently establishing insecure tunnels.
2010-12-01 17:23:33 -08:00
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
SMAP_FOR_EACH (node, args) {
if (!strcmp(node->key, "remote_ip")) {
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
struct in_addr in_addr;
OpenFlow-level flow-based tunneling support. Adds tun_src and tun_dst match and set capabilities via new NXM fields NXM_NX_TUN_IPV4_SRC and NXM_NX_TUN_IPV4_DST. This allows management of large number of tunnels via the flow tables, without requiring the tunnels to be pre-configured. Flow-based tunnels can be configured with options remote_ip=flow and local_ip=flow. local_ip=flow requires remote_ip=flow. When set, the tunnel remote IP address and/or local IP address is set from the flow, instead of the tunnel configuration. Example: $ ovs-vsctl add-port br0 gre -- set Interface gre ofport_request=1 type=gre options:remote_ip=flow options:key=flow $ ovs-ofctl add-flow br0 "in_port=LOCAL actions=set_tunnel:1,set_field:192.168.0.1->tun_dst,output:1" $ ovs-ofctl add-flow br0 "in_port=1 tun_src=192.168.0.1 tun_id=1 actions=LOCAL" Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-09 15:24:16 +03:00
if (!strcmp(node->value, "flow")) {
tnl_cfg.ip_dst_flow = true;
tnl_cfg.ip_dst = htonl(0);
} else if (lookup_ip(node->value, &in_addr)) {
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
VLOG_WARN("%s: bad %s 'remote_ip'", name, type);
Tunnel: Cleanup old tunnel infrastructure. Since userspace flow based tunneling code is checked in, the kernel port based tunneling code can be removed. Patch removes following components: - tunnel ports hash table and moved tunnel ports list to individual vports. - Cleaned per tnl-port config. - OVS_KEY_ATTR_TUN_ID action is removed. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #15078
2013-03-04 13:00:25 -08:00
} else if (ip_is_multicast(in_addr.s_addr)) {
VLOG_WARN("%s: multicast remote_ip="IP_FMT" not allowed",
name, IP_ARGS(in_addr.s_addr));
return EINVAL;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
} else {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.ip_dst = in_addr.s_addr;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
} else if (!strcmp(node->key, "local_ip")) {
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
struct in_addr in_addr;
OpenFlow-level flow-based tunneling support. Adds tun_src and tun_dst match and set capabilities via new NXM fields NXM_NX_TUN_IPV4_SRC and NXM_NX_TUN_IPV4_DST. This allows management of large number of tunnels via the flow tables, without requiring the tunnels to be pre-configured. Flow-based tunnels can be configured with options remote_ip=flow and local_ip=flow. local_ip=flow requires remote_ip=flow. When set, the tunnel remote IP address and/or local IP address is set from the flow, instead of the tunnel configuration. Example: $ ovs-vsctl add-port br0 gre -- set Interface gre ofport_request=1 type=gre options:remote_ip=flow options:key=flow $ ovs-ofctl add-flow br0 "in_port=LOCAL actions=set_tunnel:1,set_field:192.168.0.1->tun_dst,output:1" $ ovs-ofctl add-flow br0 "in_port=1 tun_src=192.168.0.1 tun_id=1 actions=LOCAL" Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-09 15:24:16 +03:00
if (!strcmp(node->value, "flow")) {
tnl_cfg.ip_src_flow = true;
tnl_cfg.ip_src = htonl(0);
} else if (lookup_ip(node->value, &in_addr)) {
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
VLOG_WARN("%s: bad %s 'local_ip'", name, type);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
} else {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.ip_src = in_addr.s_addr;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
} else if (!strcmp(node->key, "tos")) {
if (!strcmp(node->value, "inherit")) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.tos_inherit = true;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
} else {
tunnel: Accept 'set options:tos' as hex value. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Bug #8822
2012-05-21 12:18:19 -07:00
char *endptr;
int tos;
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
tos = strtol(node->value, &endptr, 0);
netdev-vport: Warn about invalid TOS. Otherwise the kernel will reject it later and the result is no tunnel, whereas a tunnel with an unexpected TOS seems like a better result. Bug #12566. Reported-by: Luca Giraudo <lgiraudo@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-07-20 10:24:50 -07:00
if (*endptr == '\0' && tos == (tos & IP_DSCP_MASK)) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.tos = tos;
netdev-vport: Warn about invalid TOS. Otherwise the kernel will reject it later and the result is no tunnel, whereas a tunnel with an unexpected TOS seems like a better result. Bug #12566. Reported-by: Luca Giraudo <lgiraudo@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-07-20 10:24:50 -07:00
} else {
VLOG_WARN("%s: invalid TOS %s", name, node->value);
tunnel: Accept 'set options:tos' as hex value. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Bug #8822
2012-05-21 12:18:19 -07:00
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
} else if (!strcmp(node->key, "ttl")) {
if (!strcmp(node->value, "inherit")) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.ttl_inherit = true;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
} else {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.ttl = atoi(node->value);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
datapath: Add support for VXLAN tunnels to Open vSwitch Add support for VXLAN tunnels to Open vSwitch. Add support for setting the destination UDP port on a per-port basis. This is done by adding a "dst_port" parameter to the port configuration. This is only applicable currently to VXLAN tunnels. Please note this currently does not implement any sort of multicast learning. With this patch, VXLAN tunnels must be configured similar to GRE tunnels (e.g. point to point). A subsequent patch will implement a VXLAN control plane in userspace to handle multicast learning. This patch set is based on one posted by Ben Pfaff on Oct. 12, 2011 to the ovs-dev mailing list: http://openvswitch.org/pipermail/dev/2011-October/012051.html The patch has been maintained, updated, and freshened by me and a version of it is available at the following github repository: https://github.com/mestery/ovs-vxlan/tree/vxlan I've tested this patch with multiple VXLAN tunnels between hosts using different UDP port numbers. Performance is on par (though slightly faster) than comparable GRE tunnels. See the following IETF draft for additional information about VXLAN: http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-02 Signed-off-by: Kyle Mestery <kmestery@cisco.com> [jesse: simplify error path in vxlan_tunnel_setup, don't print default VXLAN port, and remove dead code] Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-05 16:06:46 -05:00
} else if (!strcmp(node->key, "dst_port") && needs_dst_port) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.dst_port = htons(atoi(node->value));
} else if (!strcmp(node->key, "csum") && has_csum) {
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
if (!strcmp(node->value, "true")) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.csum = true;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
} else if (!strcmp(node->key, "df_default")) {
if (!strcmp(node->value, "false")) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.dont_fragment = false;
tunneling: Add df_default and df_inherit tunnel options. Split existing pmtud tunnel option's functionality into three. Existing pmtud option still exists, but now governs only whether datapath sends ICMP frag needed messages. New df_inherit option controls whether DF bit is copied from packet inner header to outer tunnel header. New df_default option controls whether DF bit is set if inner packet isn't IP or if df_inherit is disabled. Suggested-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Andrew Evans <aevans@nicira.com> Feature #5456.
2011-04-29 17:05:58 -07:00
}
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
} else if (!strcmp(node->key, "peer_cert") && tnl_cfg.ipsec) {
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
if (smap_get(args, "certificate")) {
vswitch: Add support for IPsec certificate authentication. Previously, it was possible to fake configuring the use of certificate authentication for IPsec, but it really just used a static pre-shared key behind the scenes. This commit publicly mentions certificate authentication and finally does the real work behind the scenes.
2010-12-15 23:44:41 -08:00
ipsec_mech_set = true;
} else {
vswitch: Provide option to pull cert from SSL table Introduce "use_ssl_cert" option to "ipsec_gre" interface types, which will pull certificate and private key options from the SSL table. In the future, multiple SSL entries will be supported through the configuration database, so use of this option is strongly discouraged as this "feature" will be retired.
2010-12-27 17:44:33 -08:00
const char *use_ssl_cert;
/* If the "use_ssl_cert" is true, then "certificate" and
* "private_key" will be pulled from the SSL table. The
* use of this option is strongly discouraged, since it
* will like be removed when multiple SSL configurations
* are supported by OVS.
*/
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
use_ssl_cert = smap_get(args, "use_ssl_cert");
vswitch: Provide option to pull cert from SSL table Introduce "use_ssl_cert" option to "ipsec_gre" interface types, which will pull certificate and private key options from the SSL table. In the future, multiple SSL entries will be supported through the configuration database, so use of this option is strongly discouraged as this "feature" will be retired.
2010-12-27 17:44:33 -08:00
if (!use_ssl_cert || strcmp(use_ssl_cert, "true")) {
netdev-vport: Log at ERR level when port won't be created. Suggested-by: Ben Pfaff <blp@nicira.com>
2011-03-14 13:45:43 -07:00
VLOG_ERR("%s: 'peer_cert' requires 'certificate' argument",
name);
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
return EINVAL;
vswitch: Provide option to pull cert from SSL table Introduce "use_ssl_cert" option to "ipsec_gre" interface types, which will pull certificate and private key options from the SSL table. In the future, multiple SSL entries will be supported through the configuration database, so use of this option is strongly discouraged as this "feature" will be retired.
2010-12-27 17:44:33 -08:00
}
ipsec_mech_set = true;
vswitch: Add support for IPsec certificate authentication. Previously, it was possible to fake configuring the use of certificate authentication for IPsec, but it really just used a static pre-shared key behind the scenes. This commit publicly mentions certificate authentication and finally does the real work behind the scenes.
2010-12-15 23:44:41 -08:00
}
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
} else if (!strcmp(node->key, "psk") && tnl_cfg.ipsec) {
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
ipsec_mech_set = true;
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
} else if (tnl_cfg.ipsec
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
&& (!strcmp(node->key, "certificate")
|| !strcmp(node->key, "private_key")
|| !strcmp(node->key, "use_ssl_cert"))) {
vswitch: Add support for IPsec certificate authentication. Previously, it was possible to fake configuring the use of certificate authentication for IPsec, but it really just used a static pre-shared key behind the scenes. This commit publicly mentions certificate authentication and finally does the real work behind the scenes.
2010-12-15 23:44:41 -08:00
/* Ignore options not used by the netdev. */
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
} else if (!strcmp(node->key, "key") ||
!strcmp(node->key, "in_key") ||
!strcmp(node->key, "out_key")) {
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
/* Handled separately below. */
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
} else {
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
VLOG_WARN("%s: unknown %s argument '%s'", name, type, node->key);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
}
datapath: Add support for VXLAN tunnels to Open vSwitch Add support for VXLAN tunnels to Open vSwitch. Add support for setting the destination UDP port on a per-port basis. This is done by adding a "dst_port" parameter to the port configuration. This is only applicable currently to VXLAN tunnels. Please note this currently does not implement any sort of multicast learning. With this patch, VXLAN tunnels must be configured similar to GRE tunnels (e.g. point to point). A subsequent patch will implement a VXLAN control plane in userspace to handle multicast learning. This patch set is based on one posted by Ben Pfaff on Oct. 12, 2011 to the ovs-dev mailing list: http://openvswitch.org/pipermail/dev/2011-October/012051.html The patch has been maintained, updated, and freshened by me and a version of it is available at the following github repository: https://github.com/mestery/ovs-vxlan/tree/vxlan I've tested this patch with multiple VXLAN tunnels between hosts using different UDP port numbers. Performance is on par (though slightly faster) than comparable GRE tunnels. See the following IETF draft for additional information about VXLAN: http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-02 Signed-off-by: Kyle Mestery <kmestery@cisco.com> [jesse: simplify error path in vxlan_tunnel_setup, don't print default VXLAN port, and remove dead code] Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-05 16:06:46 -05:00
/* Add a default destination port for VXLAN if none specified. */
Add support for LISP tunneling LISP is an experimental layer 3 tunneling protocol, described in RFC 6830. This patch adds support for LISP tunneling. Since LISP encapsulated packets do not carry an Ethernet header, it is removed before encapsulation, and added with hardcoded source and destination MAC addresses after decapsulation. The harcoded MAC chosen for this purpose is the locally administered address 02:00:00:00:00:00. Flow actions can be used to rewrite this MAC for correct reception. As such, this patch is intended to be used for static network configurations, or with a LISP capable controller. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Kyle Mestery <kmestery@cisco.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-02-21 21:52:04 -08:00
if (!strcmp(type, "vxlan") && !tnl_cfg.dst_port) {
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
tnl_cfg.dst_port = htons(VXLAN_DST_PORT);
datapath: Add support for VXLAN tunnels to Open vSwitch Add support for VXLAN tunnels to Open vSwitch. Add support for setting the destination UDP port on a per-port basis. This is done by adding a "dst_port" parameter to the port configuration. This is only applicable currently to VXLAN tunnels. Please note this currently does not implement any sort of multicast learning. With this patch, VXLAN tunnels must be configured similar to GRE tunnels (e.g. point to point). A subsequent patch will implement a VXLAN control plane in userspace to handle multicast learning. This patch set is based on one posted by Ben Pfaff on Oct. 12, 2011 to the ovs-dev mailing list: http://openvswitch.org/pipermail/dev/2011-October/012051.html The patch has been maintained, updated, and freshened by me and a version of it is available at the following github repository: https://github.com/mestery/ovs-vxlan/tree/vxlan I've tested this patch with multiple VXLAN tunnels between hosts using different UDP port numbers. Performance is on par (though slightly faster) than comparable GRE tunnels. See the following IETF draft for additional information about VXLAN: http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-02 Signed-off-by: Kyle Mestery <kmestery@cisco.com> [jesse: simplify error path in vxlan_tunnel_setup, don't print default VXLAN port, and remove dead code] Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-05 16:06:46 -05:00
}
Add support for LISP tunneling LISP is an experimental layer 3 tunneling protocol, described in RFC 6830. This patch adds support for LISP tunneling. Since LISP encapsulated packets do not carry an Ethernet header, it is removed before encapsulation, and added with hardcoded source and destination MAC addresses after decapsulation. The harcoded MAC chosen for this purpose is the locally administered address 02:00:00:00:00:00. Flow actions can be used to rewrite this MAC for correct reception. As such, this patch is intended to be used for static network configurations, or with a LISP capable controller. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Kyle Mestery <kmestery@cisco.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-02-21 21:52:04 -08:00
/* Add a default destination port for LISP if none specified. */
if (!strcmp(type, "lisp") && !tnl_cfg.dst_port) {
tnl_cfg.dst_port = htons(LISP_DST_PORT);
}
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
if (tnl_cfg.ipsec) {
netdev-vport: Use ovs_mutex rather than a raw pthread_mutex_t. I'd forgotten even to use the xpthread variants here. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-07-31 14:15:05 -07:00
static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER;
ipsec gre: Do not reread ovs monitor ipsec pidfile in netdev vport so much Instead of rereading ovs-monitor-ipsec pidfile in netdev-vport so much. It's probably only necessary to check once if ovs-monitor-ipsec is running, and then cache the result. If the result is negative, then it may be worthwhile to try again the next time someone tries to configure an ipsec tunnel. Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-07-02 18:30:21 -07:00
static pid_t pid = 0;
netdev-vport: Make pid checking in set_tunnel_config() thread-safe Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-04-26 13:20:30 -07:00
netdev-vport: Don't look for ovs-monitor-ipsec's pid file. We do not have pidfiles in Windows. And we do not yet have support for ipsec tunnels. This lets us move forward with compilation. Signed-off-by: Gurucharan Shetty <gshetty@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-03-12 10:50:42 -07:00
#ifndef _WIN32
netdev-vport: Use ovs_mutex rather than a raw pthread_mutex_t. I'd forgotten even to use the xpthread variants here. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-07-31 14:15:05 -07:00
ovs_mutex_lock(&mutex);
ipsec gre: Don't cache bad ovs-monitor-ipsec pid values. Commit 2a586a5 (ipsec gre: Do not reread ovs monitor ipsec pidfile in netdev vport so much) attempts to cache the pid of ovs-monitor-ipsec so that it's not re-checked so often. Unfortunately, it also cached error returns, so errors never recover. This commit continues to check for the process's existence after an error. Issue #12399 Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Justin Pettit <jpettit@nicira.com>
2012-07-08 13:04:27 -07:00
if (pid <= 0) {
ipsec gre: Do not reread ovs monitor ipsec pidfile in netdev vport so much Instead of rereading ovs-monitor-ipsec pidfile in netdev-vport so much. It's probably only necessary to check once if ovs-monitor-ipsec is running, and then cache the result. If the result is negative, then it may be worthwhile to try again the next time someone tries to configure an ipsec tunnel. Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-07-02 18:30:21 -07:00
char *file_name = xasprintf("%s/%s", ovs_rundir(),
"ovs-monitor-ipsec.pid");
pid = read_pidfile(file_name);
free(file_name);
}
netdev-vport: Use ovs_mutex rather than a raw pthread_mutex_t. I'd forgotten even to use the xpthread variants here. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-07-31 14:15:05 -07:00
ovs_mutex_unlock(&mutex);
netdev-vport: Don't look for ovs-monitor-ipsec's pid file. We do not have pidfiles in Windows. And we do not yet have support for ipsec tunnels. This lets us move forward with compilation. Signed-off-by: Gurucharan Shetty <gshetty@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-03-12 10:50:42 -07:00
#endif
ipsec gre: Do not reread ovs monitor ipsec pidfile in netdev vport so much Instead of rereading ovs-monitor-ipsec pidfile in netdev-vport so much. It's probably only necessary to check once if ovs-monitor-ipsec is running, and then cache the result. If the result is negative, then it may be worthwhile to try again the next time someone tries to configure an ipsec tunnel. Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-07-02 18:30:21 -07:00
netdev-vport: Don't create port when ovs-monitor-ipsec not running. It was suggested by Jesse that it would be better to just not create IPsec tunnel devices if the ovs-monitor-ipsec daemon is not running. He had legitimate concerns about users missing the warning message printed and traffic possibly going out unencrypted. Suggested-by: Jesse Gross <jesse@nicira.com>
2011-03-14 13:15:25 -07:00
if (pid < 0) {
netdev-vport: Log at ERR level when port won't be created. Suggested-by: Ben Pfaff <blp@nicira.com>
2011-03-14 13:45:43 -07:00
VLOG_ERR("%s: IPsec requires the ovs-monitor-ipsec daemon",
name);
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
return EINVAL;
netdev-vport: Don't create port when ovs-monitor-ipsec not running. It was suggested by Jesse that it would be better to just not create IPsec tunnel devices if the ovs-monitor-ipsec daemon is not running. He had legitimate concerns about users missing the warning message printed and traffic possibly going out unencrypted. Suggested-by: Jesse Gross <jesse@nicira.com>
2011-03-14 13:15:25 -07:00
}
netdev-vport: Warn on IPsec tunnels when ovs-monitor-ipsec not running. IPsec tunnels are only supported on Debian systems running ovs-monitor-ipsec. Since that daemon configures IPsec, ovs-vswitchd doesn't know whether IPsec will actually work. With this commit, a warning is printed that it is unlikely to work unless that daemon is started. There is a more serious issue that IPsec traffic can pass unencrypted if that daemon is not running. To fix that problem, changes to the kernel module will need to occur. A future commit will address that issue, but this earlier warning will be useful regardless. Bug #4854
2011-03-11 15:18:30 -08:00
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
if (smap_get(args, "peer_cert") && smap_get(args, "psk")) {
netdev-vport: Log at ERR level when port won't be created. Suggested-by: Ben Pfaff <blp@nicira.com>
2011-03-14 13:45:43 -07:00
VLOG_ERR("%s: cannot define both 'peer_cert' and 'psk'", name);
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
return EINVAL;
vswitch: Add support for IPsec certificate authentication. Previously, it was possible to fake configuring the use of certificate authentication for IPsec, but it really just used a static pre-shared key behind the scenes. This commit publicly mentions certificate authentication and finally does the real work behind the scenes.
2010-12-15 23:44:41 -08:00
}
if (!ipsec_mech_set) {
netdev-vport: Log at ERR level when port won't be created. Suggested-by: Ben Pfaff <blp@nicira.com>
2011-03-14 13:45:43 -07:00
VLOG_ERR("%s: IPsec requires an 'peer_cert' or psk' argument",
name);
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
return EINVAL;
vswitch: Add support for IPsec certificate authentication. Previously, it was possible to fake configuring the use of certificate authentication for IPsec, but it really just used a static pre-shared key behind the scenes. This commit publicly mentions certificate authentication and finally does the real work behind the scenes.
2010-12-15 23:44:41 -08:00
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
OpenFlow-level flow-based tunneling support. Adds tun_src and tun_dst match and set capabilities via new NXM fields NXM_NX_TUN_IPV4_SRC and NXM_NX_TUN_IPV4_DST. This allows management of large number of tunnels via the flow tables, without requiring the tunnels to be pre-configured. Flow-based tunnels can be configured with options remote_ip=flow and local_ip=flow. local_ip=flow requires remote_ip=flow. When set, the tunnel remote IP address and/or local IP address is set from the flow, instead of the tunnel configuration. Example: $ ovs-vsctl add-port br0 gre -- set Interface gre ofport_request=1 type=gre options:remote_ip=flow options:key=flow $ ovs-ofctl add-flow br0 "in_port=LOCAL actions=set_tunnel:1,set_field:192.168.0.1->tun_dst,output:1" $ ovs-ofctl add-flow br0 "in_port=1 tun_src=192.168.0.1 tun_id=1 actions=LOCAL" Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-09 15:24:16 +03:00
if (!tnl_cfg.ip_dst && !tnl_cfg.ip_dst_flow) {
netdev-vport: Log at ERR level when port won't be created. Suggested-by: Ben Pfaff <blp@nicira.com>
2011-03-14 13:45:43 -07:00
VLOG_ERR("%s: %s type requires valid 'remote_ip' argument",
name, type);
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
return EINVAL;
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
OpenFlow-level flow-based tunneling support. Adds tun_src and tun_dst match and set capabilities via new NXM fields NXM_NX_TUN_IPV4_SRC and NXM_NX_TUN_IPV4_DST. This allows management of large number of tunnels via the flow tables, without requiring the tunnels to be pre-configured. Flow-based tunnels can be configured with options remote_ip=flow and local_ip=flow. local_ip=flow requires remote_ip=flow. When set, the tunnel remote IP address and/or local IP address is set from the flow, instead of the tunnel configuration. Example: $ ovs-vsctl add-port br0 gre -- set Interface gre ofport_request=1 type=gre options:remote_ip=flow options:key=flow $ ovs-ofctl add-flow br0 "in_port=LOCAL actions=set_tunnel:1,set_field:192.168.0.1->tun_dst,output:1" $ ovs-ofctl add-flow br0 "in_port=1 tun_src=192.168.0.1 tun_id=1 actions=LOCAL" Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-09 15:24:16 +03:00
if (tnl_cfg.ip_src_flow && !tnl_cfg.ip_dst_flow) {
VLOG_ERR("%s: %s type requires 'remote_ip=flow' with 'local_ip=flow'",
name, type);
return EINVAL;
}
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
if (!tnl_cfg.ttl) {
tnl_cfg.ttl = DEFAULT_TTL;
}
tnl_cfg.in_key = parse_key(args, "in_key",
&tnl_cfg.in_key_present,
&tnl_cfg.in_key_flow);
tnl_cfg.out_key = parse_key(args, "out_key",
&tnl_cfg.out_key_present,
&tnl_cfg.out_key_flow);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&dev->mutex);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
dev->tnl_cfg = tnl_cfg;
netdev: Add 'change_seq' back to netdev. This commit can be seen as a partial revert of commit da4a619179d (netdev: Globally track port status changes) by adding the 'change_seq' to 'struct netdev'. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-04-03 00:17:34 -07:00
netdev_change_seq_changed(dev_);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_unlock(&dev->mutex);
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
return 0;
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
static int
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
get_tunnel_config(const struct netdev *dev, struct smap *args)
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
{
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
struct netdev_vport *netdev = netdev_vport_cast(dev);
struct netdev_tunnel_config tnl_cfg;
ovs_mutex_lock(&netdev->mutex);
tnl_cfg = netdev->tnl_cfg;
ovs_mutex_unlock(&netdev->mutex);
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.ip_dst) {
smap_add_format(args, "remote_ip", IP_FMT, IP_ARGS(tnl_cfg.ip_dst));
} else if (tnl_cfg.ip_dst_flow) {
OpenFlow-level flow-based tunneling support. Adds tun_src and tun_dst match and set capabilities via new NXM fields NXM_NX_TUN_IPV4_SRC and NXM_NX_TUN_IPV4_DST. This allows management of large number of tunnels via the flow tables, without requiring the tunnels to be pre-configured. Flow-based tunnels can be configured with options remote_ip=flow and local_ip=flow. local_ip=flow requires remote_ip=flow. When set, the tunnel remote IP address and/or local IP address is set from the flow, instead of the tunnel configuration. Example: $ ovs-vsctl add-port br0 gre -- set Interface gre ofport_request=1 type=gre options:remote_ip=flow options:key=flow $ ovs-ofctl add-flow br0 "in_port=LOCAL actions=set_tunnel:1,set_field:192.168.0.1->tun_dst,output:1" $ ovs-ofctl add-flow br0 "in_port=1 tun_src=192.168.0.1 tun_id=1 actions=LOCAL" Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-09 15:24:16 +03:00
smap_add(args, "remote_ip", "flow");
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.ip_src) {
smap_add_format(args, "local_ip", IP_FMT, IP_ARGS(tnl_cfg.ip_src));
} else if (tnl_cfg.ip_src_flow) {
OpenFlow-level flow-based tunneling support. Adds tun_src and tun_dst match and set capabilities via new NXM fields NXM_NX_TUN_IPV4_SRC and NXM_NX_TUN_IPV4_DST. This allows management of large number of tunnels via the flow tables, without requiring the tunnels to be pre-configured. Flow-based tunnels can be configured with options remote_ip=flow and local_ip=flow. local_ip=flow requires remote_ip=flow. When set, the tunnel remote IP address and/or local IP address is set from the flow, instead of the tunnel configuration. Example: $ ovs-vsctl add-port br0 gre -- set Interface gre ofport_request=1 type=gre options:remote_ip=flow options:key=flow $ ovs-ofctl add-flow br0 "in_port=LOCAL actions=set_tunnel:1,set_field:192.168.0.1->tun_dst,output:1" $ ovs-ofctl add-flow br0 "in_port=1 tun_src=192.168.0.1 tun_id=1 actions=LOCAL" Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-09 15:24:16 +03:00
smap_add(args, "local_ip", "flow");
Make OVS_TUNNEL_ATTR_DST_IPV4 optional to allow configuration of null_ports. Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> [jesse: correct return type of get_u32_or_zero()] Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-29 08:58:40 +02:00
}
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.in_key_flow && tnl_cfg.out_key_flow) {
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
smap_add(args, "key", "flow");
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
} else if (tnl_cfg.in_key_present && tnl_cfg.out_key_present
&& tnl_cfg.in_key == tnl_cfg.out_key) {
smap_add_format(args, "key", "%"PRIu64, ntohll(tnl_cfg.in_key));
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
} else {
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.in_key_flow) {
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
smap_add(args, "in_key", "flow");
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
} else if (tnl_cfg.in_key_present) {
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
smap_add_format(args, "in_key", "%"PRIu64,
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ntohll(tnl_cfg.in_key));
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
}
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.out_key_flow) {
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
smap_add(args, "out_key", "flow");
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
} else if (tnl_cfg.out_key_present) {
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
smap_add_format(args, "out_key", "%"PRIu64,
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ntohll(tnl_cfg.out_key));
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
}
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.ttl_inherit) {
netdev-vport: Fix ToS/TTL mixup in unparsing. When unparsing the kernel tunnel configuration, TTL was incorrectly converted to "tos". Although it leads to confusing configuration output, actual operation is not affected. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Kyle Mestery <kmestery@cisco.com>
2012-09-25 13:22:08 -07:00
smap_add(args, "ttl", "inherit");
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
} else if (tnl_cfg.ttl != DEFAULT_TTL) {
smap_add_format(args, "ttl", "%"PRIu8, tnl_cfg.ttl);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.tos_inherit) {
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
smap_add(args, "tos", "inherit");
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
} else if (tnl_cfg.tos) {
smap_add_format(args, "tos", "0x%x", tnl_cfg.tos);
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.dst_port) {
uint16_t dst_port = ntohs(tnl_cfg.dst_port);
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
const char *type = netdev_get_type(dev);
tunnel: Only print non-default UDP dst_port for LISP/VXLAN tunnels In get_tunnel_config(), distinguish between VXLAN and LISP when deciding whether or not to print UDP destination port. Only add the UDP destination port for either protocol if it is not the default UDP port. Update the LISP unit test to match the new behavior as well. Signed-off-by: Kyle Mestery <kmestery@cisco.com> [jesse: merge common test for VXLAN and LISP] Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-02-28 09:30:16 -05:00
if ((!strcmp("vxlan", type) && dst_port != VXLAN_DST_PORT) ||
(!strcmp("lisp", type) && dst_port != LISP_DST_PORT)) {
datapath: Add support for VXLAN tunnels to Open vSwitch Add support for VXLAN tunnels to Open vSwitch. Add support for setting the destination UDP port on a per-port basis. This is done by adding a "dst_port" parameter to the port configuration. This is only applicable currently to VXLAN tunnels. Please note this currently does not implement any sort of multicast learning. With this patch, VXLAN tunnels must be configured similar to GRE tunnels (e.g. point to point). A subsequent patch will implement a VXLAN control plane in userspace to handle multicast learning. This patch set is based on one posted by Ben Pfaff on Oct. 12, 2011 to the ovs-dev mailing list: http://openvswitch.org/pipermail/dev/2011-October/012051.html The patch has been maintained, updated, and freshened by me and a version of it is available at the following github repository: https://github.com/mestery/ovs-vxlan/tree/vxlan I've tested this patch with multiple VXLAN tunnels between hosts using different UDP port numbers. Performance is on par (though slightly faster) than comparable GRE tunnels. See the following IETF draft for additional information about VXLAN: http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-02 Signed-off-by: Kyle Mestery <kmestery@cisco.com> [jesse: simplify error path in vxlan_tunnel_setup, don't print default VXLAN port, and remove dead code] Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-05 16:06:46 -05:00
smap_add_format(args, "dst_port", "%d", dst_port);
}
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (tnl_cfg.csum) {
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
smap_add(args, "csum", "true");
}
datapath: Remove support for Don't Fragment inheritance. Inheritance of the Don't Fragment bit in tunnels will not be supported with flow based tunneling and has already been removed from userspace. This removes the corresponding kernel support. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Kyle Mestery <kmestery@cisco.com>
2013-01-25 12:38:45 -08:00
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (!tnl_cfg.dont_fragment) {
tunneling: Add df_default and df_inherit tunnel options. Split existing pmtud tunnel option's functionality into three. Existing pmtud option still exists, but now governs only whether datapath sends ICMP frag needed messages. New df_inherit option controls whether DF bit is copied from packet inner header to outer tunnel header. New df_default option controls whether DF bit is set if inner packet isn't IP or if df_inherit is disabled. Suggested-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Andrew Evans <aevans@nicira.com> Feature #5456.
2011-04-29 17:05:58 -07:00
smap_add(args, "df_default", "false");
}
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
return 0;
}
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
/* Code specific to patch ports. */
netdev-vport: Make netdev_vport_patch_peer() return a malloc()'d string. When threading comes into the picture there arises the possibility of a race between netdev_vport_patch_peer()'s caller using the returned string and another caller changing the peer. It is safer to return a copy. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-07-31 14:09:30 -07:00
/* If 'netdev' is a patch port, returns the name of its peer as a malloc()'d
* string that the caller must free.
*
* If 'netdev' is not a patch port, returns NULL. */
char *
netdev_vport_patch_peer(const struct netdev *netdev_)
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
{
netdev-vport: Make netdev_vport_patch_peer() return a malloc()'d string. When threading comes into the picture there arises the possibility of a race between netdev_vport_patch_peer()'s caller using the returned string and another caller changing the peer. It is safer to return a copy. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-07-31 14:09:30 -07:00
char *peer = NULL;
if (netdev_vport_is_patch(netdev_)) {
struct netdev_vport *netdev = netdev_vport_cast(netdev_);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&netdev->mutex);
netdev-vport: Make netdev_vport_patch_peer() return a malloc()'d string. When threading comes into the picture there arises the possibility of a race between netdev_vport_patch_peer()'s caller using the returned string and another caller changing the peer. It is safer to return a copy. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-07-31 14:09:30 -07:00
if (netdev->peer) {
peer = xstrdup(netdev->peer);
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_unlock(&netdev->mutex);
netdev-vport: Make netdev_vport_patch_peer() return a malloc()'d string. When threading comes into the picture there arises the possibility of a race between netdev_vport_patch_peer()'s caller using the returned string and another caller changing the peer. It is safer to return a copy. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-07-31 14:09:30 -07:00
}
return peer;
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
}
void
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
netdev_vport_inc_rx(const struct netdev *netdev,
netdev-vport: Fix indentation. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-09-16 17:19:56 -07:00
const struct dpif_flow_stats *stats)
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
if (is_vport_class(netdev_get_class(netdev))) {
struct netdev_vport *dev = netdev_vport_cast(netdev);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&dev->mutex);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
dev->stats.rx_packets += stats->n_packets;
dev->stats.rx_bytes += stats->n_bytes;
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_unlock(&dev->mutex);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
}
}
void
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
netdev_vport_inc_tx(const struct netdev *netdev,
const struct dpif_flow_stats *stats)
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
if (is_vport_class(netdev_get_class(netdev))) {
struct netdev_vport *dev = netdev_vport_cast(netdev);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&dev->mutex);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
dev->stats.tx_packets += stats->n_packets;
dev->stats.tx_bytes += stats->n_bytes;
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_unlock(&dev->mutex);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
}
}
static int
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
get_patch_config(const struct netdev *dev_, struct smap *args)
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
struct netdev_vport *dev = netdev_vport_cast(dev_);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&dev->mutex);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
if (dev->peer) {
smap_add(args, "peer", dev->peer);
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_unlock(&dev->mutex);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
return 0;
}
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
static int
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
set_patch_config(struct netdev *dev_, const struct smap *args)
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
struct netdev_vport *dev = netdev_vport_cast(dev_);
const char *name = netdev_get_name(dev_);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
const char *peer;
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
peer = smap_get(args, "peer");
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
if (!peer) {
netdev-vport: Log at ERR level when port won't be created. Suggested-by: Ben Pfaff <blp@nicira.com>
2011-03-14 13:45:43 -07:00
VLOG_ERR("%s: patch type requires valid 'peer' argument", name);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
return EINVAL;
}
lib: New data structure - smap. A smap is a string to string hash map. It has a cleaner interface than shash's which were traditionally used for the same purpose. This patch implements the data structure, and changes netdev and its providers to use it. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-05-22 03:47:36 -07:00
if (smap_count(args) > 1) {
netdev-vport: Log at ERR level when port won't be created. Suggested-by: Ben Pfaff <blp@nicira.com>
2011-03-14 13:45:43 -07:00
VLOG_ERR("%s: patch type takes only a 'peer' argument", name);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
return EINVAL;
}
if (!strcmp(name, peer)) {
netdev-vport: Log at ERR level when port won't be created. Suggested-by: Ben Pfaff <blp@nicira.com>
2011-03-14 13:45:43 -07:00
VLOG_ERR("%s: patch peer must not be self", name);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
return EINVAL;
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&dev->mutex);
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
free(dev->peer);
dev->peer = xstrdup(peer);
netdev: Add 'change_seq' back to netdev. This commit can be seen as a partial revert of commit da4a619179d (netdev: Globally track port status changes) by adding the 'change_seq' to 'struct netdev'. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-04-03 00:17:34 -07:00
netdev_change_seq_changed(dev_);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_unlock(&dev->mutex);
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
return 0;
}
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
static int
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
get_stats(const struct netdev *netdev, struct netdev_stats *stats)
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
{
netdev: Get rid of netdev_dev. The distinction between struct netdev_dev and struct netdev has always been confusing. Now that previous commits have eliminated all interesting state from struct netdev, this commit deletes it and renames struct netdev_dev to take its place. Now the situation makes much more sense and I won't have to continue making embarrassed explanations in the future. Good riddance. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-03-15 15:54:36 -07:00
struct netdev_vport *dev = netdev_vport_cast(netdev);
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovs_mutex_lock(&dev->mutex);
*stats = dev->stats;
ovs_mutex_unlock(&dev->mutex);
netdev: Make netdev arguments fetchable, and implement for netdev-vport. This gives network device implementations the opportunity to fetch an existing device's configuration and store it as their arguments, so that netdev clients can find out how an existing device is configured. So far netdev-vport is the only implementation that needs to use this. The next commit will add use by clients. Reviewed by Justin Pettit.
2010-12-29 16:02:22 -08:00
return 0;
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
#define VPORT_FUNCTIONS(GET_CONFIG, SET_CONFIG, \
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
GET_TUNNEL_CONFIG, GET_STATUS) \
lib: route-table improvements. This commit makes several changes to the route_table code used to populate tunnel_egress_iface. - It removes name_table code from netdev-vport and puts it into route-table. - It no longer attempts to build the name_table dynamically by listening to rtnetlink-link notifications. Instead it dumps the entire table, and uses rtnetlink-link notifications to indicate a re-dump is required. - It forces rtnetlink-link notifications to re-dump the routing table. This fixes an issue where bringing an interface down or removing it altogether would not have the expected effect on related tunnel_egress_ifaces.
2011-01-30 17:52:19 -08:00
NULL, \
lib: Show tunnel egress interface in ovsdb This commit parses rtnetlink address notifications from the kernel in order to display the egress interface of tunnels in the database. Bug #4103.
2010-12-21 16:26:21 -08:00
netdev_vport_run, \
netdev_vport_wait, \
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
\
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
netdev_vport_alloc, \
netdev_vport_construct, \
netdev_vport_destruct, \
netdev_vport_dealloc, \
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
GET_CONFIG, \
SET_CONFIG, \
netdev: Parse and make available tunnel configuration. Future patches will need to know the details of a netdev's tunnel configuration from outside the netdev library. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-07 16:56:04 -08:00
GET_TUNNEL_CONFIG, \
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
\
netdev-vport: Remove the ability to send packets. The only user of netdev_send() is dpif-netdev which doesn't support vports. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-11-21 16:17:45 -08:00
NULL, /* send */ \
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
NULL, /* send_wait */ \
\
netdev_vport_set_etheraddr, \
netdev_vport_get_etheraddr, \
netdev: Allow get_mtu and set_mtu provider functions to be null. Most netdev provider functions are allowed to be null if the implementation does not support this feature. This commit adds this feature for get_mtu and set_mtu, and changes netdev-vport to take advantage of it. Also, changes netdev_get_mtu() to report an MTU of 0 on error, instead of leaving the MTU indeterminate.
2011-09-15 10:41:15 -07:00
NULL, /* get_mtu */ \
NULL, /* set_mtu */ \
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
NULL, /* get_ifindex */ \
netdev: Fix carrier status for down interfaces. Currently netdev_get_carrier() returns both a carrier status and an error code. However, usage of the error code was inconsistent: most callers either ignored it or didn't perform their task if an error occured, which prevented bond rebalancing. This makes the handling consistent by translating an error into a down status in the netdev library. Bug #3959
2010-10-27 15:29:16 -07:00
NULL, /* get_carrier */ \
vswitchd: New column "link_resets". An interface's 'link_resets' column represents the number of times Open vSwitch has observed its link_state change.
2011-10-14 12:49:57 -07:00
NULL, /* get_carrier_resets */ \
vswitchd: Add miimon support. This commit allows users to check link status in bonded ports using MII instead of carrier.
2011-01-07 16:22:34 -08:00
NULL, /* get_miimon */ \
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
get_stats, \
netdev-vport: Remove set_stats() implementation. The only user of netdev_set_stats() is bonding (for updating the fake interface). This interface is never a vport, so it seems quite a bit cleaner to keep the relevant code in the netdev-linux library where it's needed, instead of in netdev-vport, where it adds needless complexity. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-11-30 16:12:03 -08:00
NULL, /* set_stats */ \
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
\
NULL, /* get_features */ \
NULL, /* set_advertisements */ \
\
NULL, /* set_policing */ \
NULL, /* get_qos_types */ \
NULL, /* get_qos_capabilities */ \
NULL, /* get_qos */ \
NULL, /* set_qos */ \
NULL, /* get_queue */ \
NULL, /* set_queue */ \
NULL, /* delete_queue */ \
NULL, /* get_queue_stats */ \
netdev: Fix deadlock when netdev_dump_queues() callback calls into netdev. We have a call chain like this: iface_configure_qos() calls netdev_dump_queues(), which calls netdev_linux_dump_queues(), which calls back through 'cb' to qos_unixctl_show_cb(), which calls netdev_delete_queue(), which calls netdev_linux_delete_queue(). Both netdev_dump_queues() and netdev_linux_delete_queue() take the same mutex in the same netdev, which deadlocks. This commit fixes the problem by getting rid of the callback. netdev_linux_dump_queue_stats() would benefit from the same treatment but it's less urgent because I don't see any callbacks from that function that call back into a netdev function. Bug #19319. Reported-by: Scott Hendricks <shendricks@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-27 17:15:53 -07:00
NULL, /* queue_dump_start */ \
NULL, /* queue_dump_next */ \
NULL, /* queue_dump_done */ \
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
NULL, /* dump_queue_stats */ \
\
NULL, /* get_in4 */ \
NULL, /* set_in4 */ \
NULL, /* get_in6 */ \
NULL, /* add_router */ \
NULL, /* get_next_hop */ \
bridge: Move tunnel_egress_iface to status column. This commit removes the tunnel_egress_iface column from the interface table and moves it's data to the status column. In the process it reverts the database to version 1.0.0.
2011-01-05 11:51:15 -08:00
GET_STATUS, \
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
NULL, /* arp_lookup */ \
\
netdev_vport_update_flags, \
\
netdev: Adopt four-step alloc/construct/destruct/dealloc lifecycle. This is the same lifecycle used in the ofproto provider interface. Compared to the previous netdev provider interface, it has the advantage that the netdev top layer can control when any given netdev becomes visible to the outside world. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-09 21:21:38 -07:00
NULL, /* rx_alloc */ \
NULL, /* rx_construct */ \
NULL, /* rx_destruct */ \
NULL, /* rx_dealloc */ \
NULL, /* rx_recv */ \
NULL, /* rx_wait */ \
NULL, /* rx_drain */
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
netdev-vport: Build on all platforms. This patch removes the final bit of linux specific code which prevents building netdev-vport everywhere. With this, other platforms automatically get access to patch ports, and (if their datapath supports it), flow based tunneling. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-25 13:30:40 -08:00
#define TUNNEL_CLASS(NAME, DPIF_PORT) \
{ DPIF_PORT, \
ofproto-dpif: Implement patch ports in userspace. This commit moves responsibility for implementing patch ports from the datapath to ofproto-dpif. There are two main reasons to do this. The first is a matter of design: ofproto-dpif both has more information than the datapath, and is better suited to handle the complexity required to implement patch ports. The second is performance. My setup is a virtual machine with two basic learning bridges connected by patch ports. I used ovs-benchmark to ping the virtual router IP residing outside the VM. Over a 60 second run, "ovs-benchmark rate" improves from 14618.1 to 19311.9 transactions per second, or a 32% improvement. Similarly, "ovs-benchmark latency" improves from 6ms to 4ms. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2012-12-20 15:32:03 -08:00
{ NAME, VPORT_FUNCTIONS(get_tunnel_config, \
set_tunnel_config, \
get_netdev_tunnel_config, \
tunnel_get_status) }}
netdev-vport: Create new TUNNEL_CLASS macro. There are a lot of tunnels, and they all use the exact same functions, so it makes sense to collapse their initialization into a macro. Suggested-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-08 20:01:24 -08:00
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
void
netdev-vport: Build on all platforms. This patch removes the final bit of linux specific code which prevents building netdev-vport everywhere. With this, other platforms automatically get access to patch ports, and (if their datapath supports it), flow based tunneling. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-25 13:30:40 -08:00
netdev_vport_tunnel_register(void)
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
{
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
static const struct vport_class vport_classes[] = {
netdev-vport: Build on all platforms. This patch removes the final bit of linux specific code which prevents building netdev-vport everywhere. With this, other platforms automatically get access to patch ports, and (if their datapath supports it), flow based tunneling. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-25 13:30:40 -08:00
TUNNEL_CLASS("gre", "gre_system"),
TUNNEL_CLASS("ipsec_gre", "gre_system"),
TUNNEL_CLASS("gre64", "gre64_system"),
TUNNEL_CLASS("ipsec_gre64", "gre64_system"),
Add support for LISP tunneling LISP is an experimental layer 3 tunneling protocol, described in RFC 6830. This patch adds support for LISP tunneling. Since LISP encapsulated packets do not carry an Ethernet header, it is removed before encapsulation, and added with hardcoded source and destination MAC addresses after decapsulation. The harcoded MAC chosen for this purpose is the locally administered address 02:00:00:00:00:00. Flow actions can be used to rewrite this MAC for correct reception. As such, this patch is intended to be used for static network configurations, or with a LISP capable controller. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Kyle Mestery <kmestery@cisco.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-02-21 21:52:04 -08:00
TUNNEL_CLASS("vxlan", "vxlan_system"),
TUNNEL_CLASS("lisp", "lisp_system")
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
};
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
if (ovsthread_once_start(&once)) {
int i;
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
netdev-dummy: Remove FreeBSD dependency. There's no particular reason that netdev_dummy_register() has to care about the particular OS, except that the tests like to use the special Linux-only tunnel vport types. But that can be done better, I think, by just always registering them from netdev_dummy_register() and making that function idempotent, so that calling it twice under Linux has no additional effect. This commit implements that solution. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ed Maste <emaste@freebsd.org>
2013-05-18 08:27:20 -07:00
for (i = 0; i < ARRAY_SIZE(vport_classes); i++) {
netdev_register_provider(&vport_classes[i].netdev_class);
}
netdev: Make netdev access thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
2013-08-09 21:34:02 -07:00
ovsthread_once_done(&once);
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
}
netdev-vport: Merge in netdev-patch and netdev-tunnel. The only real difference between netdev-patch and netdev-tunnel is in their parse_config() implementation. That's a lot of extra code to maintain, for questionable benefit. This commit merges them into the netdev-vport code, which was heretofore merely a collection of helper functions.
2010-10-06 15:35:53 -07:00
}
netdev-vport: Build on all platforms. This patch removes the final bit of linux specific code which prevents building netdev-vport everywhere. With this, other platforms automatically get access to patch ports, and (if their datapath supports it), flow based tunneling. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-25 13:30:40 -08:00
void
netdev_vport_patch_register(void)
{
static const struct vport_class patch_class =
{ NULL,
{ "patch", VPORT_FUNCTIONS(get_patch_config,
set_patch_config,
NULL,
NULL) }};
netdev_register_provider(&patch_class.netdev_class);
}
Reference in New Issue Copy Permalink