mir/ovs
2
0
Fork 0
mirror of https://github.com/openvswitch/ovs synced 2025-08-22 09:58:01 +00:00
Code Issues Releases Wiki Activity
ovs/lib/dpif-netlink.c

5315 lines
168 KiB
C
Raw Normal View History

dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
/*
Userspace datapath: Add fragmentation handling. Fragmentation handling is added for supporting conntrack. Both v4 and v6 are supported. After discussion with several people, I decided to not store configuration state in the database to be more consistent with the kernel in future, similarity with other conntrack configuration which will not be in the database as well and overall simplicity. Accordingly, fragmentation handling is enabled by default. This patch enables fragmentation tests for the userspace datapath. Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-02-13 15:34:21 -08:00
* Copyright (c) 2008-2018 Nicira, Inc.
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <config.h>
datapath: Drop datapath index and port number from Ethtool output. I introduced this a long time ago as an efficient way for userspace to find out whether and where an internal device was attached, but I've always considered it an ugly kluge. Now that ODP_VPORT_QUERY can fetch a vport's info regardless of datapath, it is no longer necessary. This commit stops using Ethtool for this purpose and drops the feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-29 14:20:16 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
#include "dpif-netlink.h"
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <net/if.h>
datapath: Make datapath-protocol.h portable to non-Linux systems. datapath-protocol.h is not a very clean interface. I originally intended it to be solely a Linux-kernel specific interface. Over time it became a general-purpose interface to dpifs. This is not a good situation, because clearly the header is still Linux-specific. In the long run, the correct solution is to separate the generic and Linux-specific bits. This is not that patch. Instead, this patch modifies datapath-protocol.h enough that it can be used on non-Linux hosts. In particular I tested that it works OK with FreeBSD 8.0.
2010-05-26 15:32:34 -07:00
#include <linux/types.h>
dpif: Abstract translation from OpenFlow queue ID into ODP priority value. When the QoS code was integrated, I didn't yet know how to abstract the translation from a queue ID in an OpenFlow OFPAT_ENQUEUE action into a priority value for an ODP ODPAT_SET_PRIORITY action. This commit is a first attempt that works OK for Linux, so far. It's possible that in fact this translation needs the 'netdev' as an argument too, but it's not needed yet.
2010-07-20 11:23:21 -07:00
#include <linux/pkt_sched.h>
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
#include <poll.h>
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
#include <stdlib.h>
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
#include <strings.h>
dpif-linux: Use "epoll" instead of poll(). epoll appears to be much more efficient than poll() at least for static file descriptor sets. I can't otherwise explain why this patch increases netperf CRR performance by 20% above the previous commit, which is also about a 19% overall improvement versus the baseline from before the poll_fd_woke() optimization was removed.
2011-11-22 09:25:32 -08:00
#include <sys/epoll.h>
dpif: Include stat.h header
2010-05-20 13:26:48 -07:00
#include <sys/stat.h>
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
#include <unistd.h>
dpif-linux: Choose port numbers more prudently. Before this patch the kernel chose the lowest available number for newly created datapath ports. This patch moves the port number choosing responsibility to user space, and implements a least recently used port number queue in an attempt to avoid reuse. Bug #2140.
2011-04-04 16:55:34 -07:00
#include "bitmap.h"
dpif-netlink: Support rtnetlink port creation. In order to be able to add those tunnels, we need to add code to create the tunnels and add them as NETDEV vports. And when there is no support to create them, we need to fallback to compatibility code and add them as tunnel vports. When removing those tunnels, we need to remove the interfaces as well, and detecting the right type might be important, at least to distinguish the tunnel vports that we should remove and the interfaces that we shouldn't. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:29 -04:00
#include "dpif-netlink-rtnl.h"
ofp-util, ofp-parse: Break up into many separate modules. ofp-util had been far too large and monolithic for a long time. This commit breaks it up into units that make some logical sense. It also moves the pieces of ofp-parse that were specific to each unit into the relevant unit. Most of this commit is just moving code around. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-02-09 10:04:26 -08:00
#include "dpif-provider.h"
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
#include "fat-rwlock.h"
ofp-util, ofp-parse: Break up into many separate modules. ofp-util had been far too large and monolithic for a long time. This commit breaks it up into units that make some logical sense. It also moves the pieces of ofp-parse that were specific to each unit into the relevant unit. Most of this commit is just moving code around. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-02-09 10:04:26 -08:00
#include "flow.h"
ovs-dpctl: Add -s option to print packet and byte counters.
2011-04-28 13:02:15 -07:00
#include "netdev-linux.h"
netdev: Split up netdev offloading to separate module. New module 'netdev-offload' created to manage different flow API implementations. All the generic and provider independent code moved there from the 'netdev' module. Flow API providers further encapsulated. The only function that was changed is 'netdev_any_oor'. Now it uses offloading related hmap instead of common 'netdev_shash'. Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Acked-by: Ben Pfaff <blp@ovn.org> Acked-by: Roi Dayan <roid@mellanox.com>
2019-05-07 12:24:08 +03:00
#include "netdev-offload.h"
ofp-util, ofp-parse: Break up into many separate modules. ofp-util had been far too large and monolithic for a long time. This commit breaks it up into units that make some logical sense. It also moves the pieces of ofp-parse that were specific to each unit into the relevant unit. Most of this commit is just moving code around. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-02-09 10:04:26 -08:00
#include "netdev-provider.h"
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
#include "netdev-vport.h"
ofp-util, ofp-parse: Break up into many separate modules. ofp-util had been far too large and monolithic for a long time. This commit breaks it up into units that make some logical sense. It also moves the pieces of ofp-parse that were specific to each unit into the relevant unit. Most of this commit is just moving code around. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-02-09 10:04:26 -08:00
#include "netdev.h"
dpif-netlink: Implement ct_dump_{start,next,done}. These member functions are used by the ct-dpif module to provide its services. They're implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 11:26:18 -07:00
#include "netlink-conntrack.h"
lib: Rename rtnetlink.[ch] files. The only rtnetlink specific functionality contained in the rtnetlink module is the use of the NETLINK_ROUTE protocol. This can easily be passed in by callers. In preparation for generalization, this patch renames rtnetlink.[ch] to netlink-notifier.[ch]. Future patches will complete the transition.
2011-08-25 14:06:54 -07:00
#include "netlink-notifier.h"
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
#include "netlink-socket.h"
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
#include "netlink.h"
netnsid: update device only if netnsid matches. Recent kernels provide the network namespace ID of a port, so use that to discover where the port currently is. A network device in another network namespace could have the same name, so once the socket starts listening to other network namespaces, it is necessary to confirm the netnsid. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-03-29 23:05:27 -03:00
#include "netnsid.h"
dpif: Eliminate "struct odp_flow" from client-visible interface. Following this commit, "struct odp_flow" and related data structures are only used in Linux-specific parts of OVS userspace code. This allows the actual Linux datapath interface to evolve more freely. Reviewed by Justin Pettit.
2011-01-26 07:03:39 -08:00
#include "odp-util.h"
ofp-util, ofp-parse: Break up into many separate modules. ofp-util had been far too large and monolithic for a long time. This commit breaks it up into units that make some logical sense. It also moves the pieces of ofp-parse that were specific to each unit into the relevant unit. Most of this commit is just moving code around. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-02-09 10:04:26 -08:00
#include "openvswitch/dynamic-string.h"
#include "openvswitch/flow.h"
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
#include "openvswitch/hmap.h"
ofp-util, ofp-parse: Break up into many separate modules. ofp-util had been far too large and monolithic for a long time. This commit breaks it up into units that make some logical sense. It also moves the pieces of ofp-parse that were specific to each unit into the relevant unit. Most of this commit is just moving code around. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-02-09 10:04:26 -08:00
#include "openvswitch/match.h"
Move lib/ofpbuf.h to include/openvswitch directory Signed-off-by: Ben Warren <ben@skyportsystems.com> Acked-by: Ryan Moats <rmoats@us.ibm.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-03-25 14:10:24 -07:00
#include "openvswitch/ofpbuf.h"
lib: Move lib/poll-loop.h to include/openvswitch Poll-loop is the core to implement main loop. It should be available in libopenvswitch. Signed-off-by: Xiao Liang <shaw.leon@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-11-03 13:53:53 +08:00
#include "openvswitch/poll-loop.h"
json: Move from lib to include/openvswitch. To easily allow both in- and out-of-tree building of the Python wrapper for the OVS JSON parser (e.g. w/ pip), move json.h to include/openvswitch. This also requires moving lib/{hmap,shash}.h. Both hmap.h and shash.h were #include-ing "util.h" even though the headers themselves did not use anything from there, but rather from include/openvswitch/util.h. Fixing that required including util.h in several C files mostly due to OVS_NOT_REACHED and things like xmalloc. Signed-off-by: Terry Wilson <twilson@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-07-12 16:37:34 -05:00
#include "openvswitch/shash.h"
dpif-netlink: Probe for broken Linux meter implementations. Meter support was introduced in Linux 4.15. In some versions of Linux 4.15, 4.16, and 4.17, there was a bug that never set the id when the meter was created, so all meters essentially had an id of zero. This commit adds a probe to check for that condition and disable meters on those kernels. Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-08 17:31:17 -07:00
#include "openvswitch/thread.h"
utilities: Add netlink flow operation USDT probes and upcall_cost script. This patch adds a series of NetLink flow operation USDT probes. These probes are in turn used in the upcall_cost Python script, which in addition of some kernel tracepoints, give an insight into the time spent on processing upcall. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-12-22 10:19:02 +01:00
#include "openvswitch/usdt-probes.h"
ofp-util, ofp-parse: Break up into many separate modules. ofp-util had been far too large and monolithic for a long time. This commit breaks it up into units that make some logical sense. It also moves the pieces of ofp-parse that were specific to each unit into the relevant unit. Most of this commit is just moving code around. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-02-09 10:04:26 -08:00
#include "openvswitch/vlog.h"
#include "packets.h"
#include "random.h"
Convert shash users that don't use the 'data' value to sset instead. In each of the cases converted here, an shash was used simply to maintain a set of strings, with the shash_nodes' 'data' values set to NULL. This commit converts them to use sset instead.
2011-03-25 15:26:30 -07:00
#include "sset.h"
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
#include "timeval.h"
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
#include "unaligned.h"
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
#include "util.h"
vlog: Introduce VLOG_DEFINE_THIS_MODULE for declaring vlog module in use. Adding a macro to define the vlog module in use adds a level of indirection, which makes it easier to change how the vlog module must be defined. A followup commit needs to do that, so getting these widespread changes out of the way first should make that commit easier to review.
2010-07-16 11:02:49 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
VLOG_DEFINE_THIS_MODULE(dpif_netlink);
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifdef _WIN32
Windows: Add internal switch port per OVS bridge This patch updates the following commands in the vswitch: ovs-vsctl add-br br-test ovs-vsctl del-br br-test ovs-vsctl add-br br-test: This command will now create an internal port on the MSFT virtual switch using the WMI interface from Msvm_VirtualEthernetSwitchManagementService leveraging the method AddResourceSettings. Before creating the actual port, the switch will be queried to see if there is not a port already created (good for restarts when restarting the vswitch daemon). If there is a port defined it will return success and log a message. After checking if the port already exists the command will also verify if the forwarding extension (windows datapath) is enabled and on a single switch. If it is not activated or if it is activated on multiple switches it will return an error and a message will be logged. After the port was created on the switch, we will disable the adapter on the host and rename to the corresponding OVS bridge name for consistency. The user will enable and set the values he wants after creation. ovs-vsctl del-br br-test This command will remove an internal port on the MSFT virtual switch using the Msvm_VirtualEthernetSwitchManagementService class and executing the method RemoveResourceSettings. Both commands will be blocking until the WMI job is finished, this allows us to guarantee that the ports are created and their name are set before issuing a netlink message to the windows datapath. This patch also includes helpers for normal WMI retrievals and initializations. Appveyor and documentation has been modified to include the libraries needed for COM objects. This patch was tested individually using IMallocSpy and CRT heap checks to ensure no new memory leaks are introduced. Tested on the following OS's: Windows 2012, Windows 2012r2, Windows 2016 Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Acked-by: Paul Boca <pboca@cloudbasesolutions.com> Acked-by: Sairam Venugopal <vsairam@vmware.com> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
2016-12-20 19:41:22 +00:00
#include "wmi.h"
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
enum { WINDOWS = 1 };
#else
enum { WINDOWS = 0 };
#endif
datapath: Increase maximum number of datapath ports. Use hash table to store ports of datapath. Allow 64K ports per switch. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #2462
2012-02-16 17:12:36 -08:00
enum { MAX_PORTS = USHRT_MAX };
dpif-linux: Choose port numbers more prudently. Before this patch the kernel chose the lowest available number for newly created datapath ports. This patch moves the port number choosing responsibility to user space, and implements a least recently used port number queue in an attempt to avoid reuse. Bug #2140.
2011-04-04 16:55:34 -07:00
datapath: Disable LRO from userspace instead of the kernel. Whenever a port is added to the datapath, LRO is automatically disabled. In the future, we may want to enable LRO in some circumstances, so have userspace disable LRO through the ethtool ioctls. As part of this change, the MTU and LRO checks are moved to netdev-vport's send(), which is where they're actually needed. Feature #6810 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-26 23:34:40 -07:00
/* This ethtool flag was introduced in Linux 2.6.24, so it might be
* missing if we have old headers. */
#define ETH_FLAG_LRO (1 << 15) /* LRO is enabled */
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
#define FLOW_DUMP_MAX_BATCH 50
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
#define OPERATE_MAX_OPS 50
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
#ifndef EPOLLEXCLUSIVE
#define EPOLLEXCLUSIVE (1u << 28)
#endif
treewide: Fix invalid bit shift operations. UB Sanitizer reports: tests/test-hash.c:59:40: runtime error: shift exponent 64 is too large for 64-bit type 'long unsigned int' 0 0x44c3c9 in get_range128 tests/test-hash.c:59 1 0x44cb2e in check_hash_bytes128 tests/test-hash.c:178 2 0x44d14d in test_hash_main tests/test-hash.c:282 [...] ofproto/ofproto-dpif-xlate.c:5607:45: runtime error: left shift of 65535 by 16 places cannot be represented in type 'int' 0 0x53fe9f in xlate_sample_action ofproto/ofproto-dpif-xlate.c:5607 1 0x54d625 in do_xlate_actions ofproto/ofproto-dpif-xlate.c:7160 2 0x553b76 in xlate_actions ofproto/ofproto-dpif-xlate.c:7806 3 0x4fcb49 in upcall_xlate ofproto/ofproto-dpif-upcall.c:1237 4 0x4fe02f in process_upcall ofproto/ofproto-dpif-upcall.c:1456 5 0x4fda99 in upcall_cb ofproto/ofproto-dpif-upcall.c:1358 [...] tests/test-util.c:89:23: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' 0 0x476415 in test_ctz tests/test-util.c:89 [...] lib/dpif-netlink.c:396:33: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' 0 0x571b9f in dpif_netlink_open lib/dpif-netlink.c:396 Acked-by: Aaron Conole <aconole@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Dumitru Ceara <dceara@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-04-11 13:37:38 +02:00
#define OVS_DP_F_UNSUPPORTED (1u << 31);
dpif-netlink: Fix feature negotiation for older kernels. Older kernels do not reject unsupported features. This can lead to a situation in which 'ovs-vswitchd' believes that a feature is supported when, in fact, it is not. This patch probes for this by attempting to set a known unsupported feature. Reported-by: Dumitru Ceara <dceara@redhat.com> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2004083 Suggested-by: Ilya Maximets <i.maximets@ovn.org> Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Tested-by: Dumitru Ceara <dceara@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-15 11:08:03 -04:00
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
/* This PID is not used by the kernel datapath when using dispatch per CPU,
* but it is required to be set (not zero). */
#define DPIF_NETLINK_PER_CPU_PID UINT32_MAX
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_dp {
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
/* Generic Netlink header. */
uint8_t cmd;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* struct ovs_header. */
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
int dp_ifindex;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
/* Attributes. */
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
const char *name; /* OVS_DP_ATTR_NAME. */
dpif-linux: Fix minor typo OVS_DP_ATTR_UPCALL_PID Signed-off-by: Thomas Graf <tgraf@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-11-18 15:24:10 +01:00
const uint32_t *upcall_pid; /* OVS_DP_ATTR_UPCALL_PID. */
linux: Report supported user features to the kernel Following commit (''netlink: Do not enforce alignment of last Netlink attribute''), signal the ability to receive unaligned Netlink messages to the datapath to enable utilization of zerocopy optimizations. Opening a datapath is now done by issueing a OVS_DP_CMD_SET in order to overwrite previously set user features. Signed-off-by: Thomas Graf <tgraf@redhat.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-12-19 16:20:42 +01:00
uint32_t user_features; /* OVS_DP_ATTR_USER_FEATURES */
dpctl: dpif: Allow viewing and configuring dp cache sizes. This patch adds a general way of viewing/configuring datapath cache sizes. With an implementation for the netlink interface. The ovs-dpctl/ovs-appctl show commands will display the current cache sizes configured: $ ovs-dpctl show system@ovs-system: lookups: hit:25 missed:63 lost:0 flows: 0 masks: hit:282 total:0 hit/pkt:3.20 cache: hit:4 hit-rate:4.54% caches: masks-cache: size:256 port 0: ovs-system (internal) port 1: br-int (internal) port 2: genev_sys_6081 (geneve: packet_type=ptap) port 3: br-ex (internal) port 4: eth2 port 5: sw0p1 (internal) port 6: sw0p3 (internal) A specific cache can be configured as follows: $ ovs-appctl dpctl/cache-set-size DP CACHE SIZE $ ovs-dpctl cache-set-size DP CACHE SIZE For example to disable the cache do: $ ovs-dpctl cache-set-size system@ovs-system masks-cache 0 Setting cache size successful, new size 0. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:58 +02:00
uint32_t cache_size; /* OVS_DP_ATTR_MASKS_CACHE_SIZE */
odp-netlink.h: Use 32-bit aligned 64-bit types. Open vSwitch userspace uses special types to indicate that a particular object may not be naturally aligned. Netlink is one source of such problems: in Netlink, 64-bit integers are often aligned only on 32-bit boundaries. This commit changes the odp-netlink.h that is transformed from <linux/openvswitch.h> to use these types to make it harder to accidentally access a misaligned 64-bit member. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2014-06-13 15:28:29 -07:00
const struct ovs_dp_stats *stats; /* OVS_DP_ATTR_STATS. */
const struct ovs_dp_megaflow_stats *megaflow_stats;
dpif-linux: collect and display mega flow mask stats Signed-off-by: Andy Zhou <azhou@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-10-21 14:37:34 -07:00
/* OVS_DP_ATTR_MEGAFLOW_STATS.*/
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
const uint32_t *upcall_pids; /* OVS_DP_ATTR_PER_CPU_PIDS */
uint32_t n_upcall_pids;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
static void dpif_netlink_dp_init(struct dpif_netlink_dp *);
static int dpif_netlink_dp_from_ofpbuf(struct dpif_netlink_dp *,
const struct ofpbuf *);
static void dpif_netlink_dp_dump_start(struct nl_dump *);
static int dpif_netlink_dp_transact(const struct dpif_netlink_dp *request,
struct dpif_netlink_dp *reply,
struct ofpbuf **bufp);
static int dpif_netlink_dp_get(const struct dpif *,
struct dpif_netlink_dp *reply,
struct ofpbuf **bufp);
netdev-offload-tc: Add recirculation support via tc chains Each recirculation id will create a tc chain, and we translate the recirculation action to a tc goto chain action. We check for kernel support for this by probing OvS Datapath for the tc recirc id sharing feature. If supported, we can offload rules that match on recirc_id, and recirculation action safely. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:40 +02:00
static int
dpif_netlink_set_features(struct dpif *dpif_, uint32_t new_features);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static void
dpif_netlink_unixctl_dispatch_mode(struct unixctl_conn *conn, int argc,
const char *argv[], void *aux);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow {
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
/* Generic Netlink header. */
uint8_t cmd;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* struct ovs_header. */
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
unsigned int nlmsg_flags;
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
int dp_ifindex;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
/* Attributes.
*
dpif-linux: Use get_32aligned_u64() in an appropriate place.
2011-10-04 15:25:14 -07:00
* The 'stats' member points to 64-bit data that might only be aligned on
* 32-bit boundaries, so get_unaligned_u64() should be used to access its
* values.
dpif-linux: Always pass an actions attribute in dpif_flow_put(). The kernel expects that ODP_FLOW_NEW always has an ODP_FLOW_ATTR_ACTIONS attribute, even though that attribute may be empty to drop all of the packets in the flow. Similarly, ODP_FLOW_SET as used by dpif_linux_flow_put() should always have such an attribute, since it is used by OVS to update the flow's actions. So make it possible for dpif_linux_flow_to_ofpbuf() to pass an empty actions attribute, and make dpif_linux_flow_put() always force that behavior if the actions_len passed to it is 0. This fixes EINVAL error creating flows to drop packets. Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-31 15:46:03 -08:00
*
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
* If 'actions' is nonnull then OVS_FLOW_ATTR_ACTIONS will be included in
dpif-linux: Always pass an actions attribute in dpif_flow_put(). The kernel expects that ODP_FLOW_NEW always has an ODP_FLOW_ATTR_ACTIONS attribute, even though that attribute may be empty to drop all of the packets in the flow. Similarly, ODP_FLOW_SET as used by dpif_linux_flow_put() should always have such an attribute, since it is used by OVS to update the flow's actions. So make it possible for dpif_linux_flow_to_ofpbuf() to pass an empty actions attribute, and make dpif_linux_flow_put() always force that behavior if the actions_len passed to it is 0. This fixes EINVAL error creating flows to drop packets. Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-31 15:46:03 -08:00
* the Netlink version of the command, even if actions_len is zero. */
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
const struct nlattr *key; /* OVS_FLOW_ATTR_KEY. */
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
size_t key_len;
ovs-dpctl: Add mega flow support Added support to allow mega flow specified and displayed. ovs-dpctl tool is mainly used as debugging tool. This patch also implements the low level user space routines to send and receive mega flow netlink messages. Those netlink suppor routines are required for forthcoming user space mega flow patches. Added a unit test to test parsing and display of mega flows. Ethan contributed the ovs-dpctl mega flow output function. Co-authored-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 07:15:10 +00:00
const struct nlattr *mask; /* OVS_FLOW_ATTR_MASK. */
size_t mask_len;
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
const struct nlattr *actions; /* OVS_FLOW_ATTR_ACTIONS. */
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
size_t actions_len;
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
ovs_u128 ufid; /* OVS_FLOW_ATTR_FLOW_ID. */
bool ufid_present; /* Is there a UFID? */
bool ufid_terse; /* Skip serializing key/mask/acts? */
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
const struct ovs_flow_stats *stats; /* OVS_FLOW_ATTR_STATS. */
const uint8_t *tcp_flags; /* OVS_FLOW_ATTR_TCP_FLAGS. */
dpif-linux: Use get_32aligned_u64() in an appropriate place.
2011-10-04 15:25:14 -07:00
const ovs_32aligned_u64 *used; /* OVS_FLOW_ATTR_USED. */
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
bool clear; /* OVS_FLOW_ATTR_CLEAR. */
dpif: Use OVS_FLOW_ATTR_PROBE. Use the new OVS_FLOW_ATTR_PROBE flag when probing for datapath feature support. Suppress also dpif error logging when requested, as probe failures are already logged at ofproto-dpif. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-12 11:20:13 -07:00
bool probe; /* OVS_FLOW_ATTR_PROBE. */
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
static void dpif_netlink_flow_init(struct dpif_netlink_flow *);
static int dpif_netlink_flow_from_ofpbuf(struct dpif_netlink_flow *,
const struct ofpbuf *);
static void dpif_netlink_flow_to_ofpbuf(const struct dpif_netlink_flow *,
struct ofpbuf *);
static int dpif_netlink_flow_transact(struct dpif_netlink_flow *request,
struct dpif_netlink_flow *reply,
struct ofpbuf **bufp);
static void dpif_netlink_flow_get_stats(const struct dpif_netlink_flow *,
struct dpif_flow_stats *);
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
static void dpif_netlink_flow_to_dpif_flow(struct dpif_flow *,
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
const struct dpif_netlink_flow *);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
/* One of the dpif channels between the kernel and userspace. */
dpif-linux: Slightly refactor internal data structures. An initial attempt also replaced the 'uint32_t ready_mask' in struct dpif_linux by a 'bool ready' in each struct dpif_channel, but I wasn't happy with the result (the ready_mask bitmap works out really well) and so I dropped that part. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-05-23 16:55:09 -07:00
struct dpif_channel {
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
struct nl_sock *sock; /* Netlink socket. */
long long int last_poll; /* Last time this channel was polled. */
dpif-linux: Slightly refactor internal data structures. An initial attempt also replaced the 'uint32_t ready_mask' in struct dpif_linux by a 'bool ready' in each struct dpif_channel, but I wasn't happy with the result (the ready_mask bitmap works out really well) and so I dropped that part. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-05-23 16:55:09 -07:00
};
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifdef _WIN32
#define VPORT_SOCK_POOL_SIZE 1
/* On Windows, there is no native support for epoll. There are equivalent
* interfaces though, that are not used currently. For simpicity, a pool of
* netlink sockets is used. Each socket is represented by 'struct
* dpif_windows_vport_sock'. Since it is a pool, multiple OVS ports may be
* sharing the same socket. In the future, we can add a reference count and
* such fields. */
struct dpif_windows_vport_sock {
struct nl_sock *nl_sock; /* netlink socket. */
};
#endif
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
struct dpif_handler {
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
/* per-vport dispatch mode. */
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
struct epoll_event *epoll_events;
int epoll_fd; /* epoll fd that includes channel socks. */
int n_events; /* Num events returned by epoll_wait(). */
int event_offset; /* Offset into 'epoll_events'. */
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
/* per-cpu dispatch mode. */
struct nl_sock *sock; /* Each handler thread holds one netlink
socket. */
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifdef _WIN32
/* Pool of sockets. */
struct dpif_windows_vport_sock *vport_sock_pool;
size_t last_used_pool_idx; /* Index to aid in allocating a
socket in the pool to a port. */
#endif
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
};
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
/* Datapath interface for the openvswitch Linux kernel module. */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink {
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
struct dpif dpif;
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
int dp_ifindex;
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
uint32_t user_features;
Introduce general-purpose ways to wait for dpif and netdev changes. The dpif and netdev code has had various ways to check for changes to dpifs and netdevs over the course of Open vSwitch development. All of these have been thus far fairly specific to the Linux implementation. This commit is the start of a more general API for watching for such changes. The dpif-related parts seem fairly mature and so they are documented, the netdev parts will probably need to change somewhat and so they are not documented yet.
2009-06-24 10:24:09 -07:00
datapath: Use unicast Netlink sockets for upcalls. Currently we publish several multicast groups for upcalls and let userspace sockets subscribe to them. The benefit of this is mostly that userspace is the one doing the subscription - the actual multicast capability is not currently used and probably wouldn't be even if we moved to a multiprocess model. Despite the convenience, multicast sockets have a number of disadvantages, primarily that we only have a limited number of them so there could be collisions. In addition, unicast sockets give additional flexibility to userspace by allowing every object to potentially have a different socket chosen by userspace for upcalls. Finally, any future optimizations for upcalls to reduce copying will likely not be compatible with multicast anyways so disallowing it potentially simplifies things. We also never unregistered the multicast groups registered for upcalls and leaked them on module unload. As a side effect, this solves that problem. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-09-14 13:05:09 -07:00
/* Upcall messages. */
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
struct fat_rwlock upcall_lock;
struct dpif_handler *handlers;
uint32_t n_handlers; /* Num of upcall handlers. */
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
/* Per-vport dispatch mode. */
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
struct dpif_channel *channels; /* Array of channels for each port. */
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
int uc_array_size; /* Size of 'handler->channels' and */
/* 'handler->epoll_events'. */
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
Introduce general-purpose ways to wait for dpif and netdev changes. The dpif and netdev code has had various ways to check for changes to dpifs and netdevs over the course of Open vSwitch development. All of these have been thus far fairly specific to the Linux implementation. This commit is the start of a more general API for watching for such changes. The dpif-related parts seem fairly mature and so they are documented, the netdev parts will probably need to change somewhat and so they are not documented yet.
2009-06-24 10:24:09 -07:00
/* Change notification. */
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
struct nl_sock *port_notifier; /* vport multicast group subscriber. */
dpif-linux: Fix fd leak for vports that disappear from the datapath. When ovs-vswitchd deletes a port with dpif_linux_port_del(), that function uses del_channel() to delete the corresponding channel, including closing its Netlink socket fd. However, if the vport gets removed by some other process (e.g. "ip link delete" for veths) then this function never gets called and thus the channel never gets deleted. This commit fixes the problem by resynchronizing channels with the datapath whenever a vport gets deleted. Bug #16784. Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 17:13:14 -07:00
bool refresh_channels;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
static void report_loss(struct dpif_netlink *, struct dpif_channel *,
dpif-linux: Pass 'struct dpif_linux *' to internal static functions. This commit reformats the dpif-linux module so that all internal static functions take 'struct dpif_linux *' as input argument. This will allow the adding of thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 16:33:17 -07:00
uint32_t ch_idx, uint32_t handler_id);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static struct vlog_rate_limit error_rl = VLOG_RATE_LIMIT_INIT(9999, 5);
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
/* Generic Netlink family numbers for OVS.
*
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
* Initialized by dpif_netlink_init(). */
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
static int ovs_datapath_family;
static int ovs_vport_family;
static int ovs_flow_family;
static int ovs_packet_family;
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
static int ovs_meter_family;
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
static int ovs_ct_limit_family;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
/* Generic Netlink multicast groups for OVS.
*
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
* Initialized by dpif_netlink_init(). */
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
static unsigned int ovs_vport_mcgroup;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
/* If true, tunnel devices are created using OVS compat/genetlink.
* If false, tunnel devices are created with rtnetlink and using light weight
* tunnels. If we fail to create the tunnel the rtnetlink+LWT, then we fallback
* to using the compat interface. */
static bool ovs_tunnels_out_of_tree = true;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
static int dpif_netlink_init(void);
static int open_dpif(const struct dpif_netlink_dp *, struct dpif **);
static uint32_t dpif_netlink_port_get_pid(const struct dpif *,
dpif: Remove support for multiple queues per port. Commit 69c51582ff78 ("dpif-netlink: don't allocate per thread netlink sockets") removed dpif-netlink support for multiple queues per port. No remaining dpif provider supports multiple queues per port, so remove infrastructure for the feature. CC: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: Yifeng Sun <pkusunyifeng@gmail.com> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-09-25 15:14:13 -07:00
odp_port_t port_no);
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
static void dpif_netlink_handler_uninit(struct dpif_handler *handler);
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static int dpif_netlink_refresh_handlers_vport_dispatch(struct dpif_netlink *,
uint32_t n_handlers);
static void destroy_all_channels(struct dpif_netlink *);
static int dpif_netlink_refresh_handlers_cpu_dispatch(struct dpif_netlink *);
static void destroy_all_handlers(struct dpif_netlink *);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
static void dpif_netlink_vport_to_ofpbuf(const struct dpif_netlink_vport *,
struct ofpbuf *);
static int dpif_netlink_vport_from_ofpbuf(struct dpif_netlink_vport *,
const struct ofpbuf *);
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
static int dpif_netlink_port_query__(const struct dpif_netlink *dpif,
odp_port_t port_no, const char *port_name,
struct dpif_port *dpif_port);
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
Windows: Fix broken kernel userspace communication Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460 broke Windows userpace - kernel communication. On windows we create netlink sockets when the handlers are initiated and reuse them. This patch remaps the usage of the netlink socket pool. Fixes: https://github.com/openvswitch/ovs-issues/issues/164 Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Shashank Ram <rams@vmware.com> Tested-by: Shashank Ram <rams@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Co-authored-by: Ben Pfaff <blp@ovn.org>
2018-11-16 15:32:58 +02:00
static int
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
create_nl_sock(struct dpif_netlink *dpif OVS_UNUSED, struct nl_sock **sockp)
Windows: Fix broken kernel userspace communication Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460 broke Windows userpace - kernel communication. On windows we create netlink sockets when the handlers are initiated and reuse them. This patch remaps the usage of the netlink socket pool. Fixes: https://github.com/openvswitch/ovs-issues/issues/164 Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Shashank Ram <rams@vmware.com> Tested-by: Shashank Ram <rams@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Co-authored-by: Ben Pfaff <blp@ovn.org>
2018-11-16 15:32:58 +02:00
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
#ifndef _WIN32
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
return nl_sock_create(NETLINK_GENERIC, sockp);
Windows: Fix broken kernel userspace communication Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460 broke Windows userpace - kernel communication. On windows we create netlink sockets when the handlers are initiated and reuse them. This patch remaps the usage of the netlink socket pool. Fixes: https://github.com/openvswitch/ovs-issues/issues/164 Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Shashank Ram <rams@vmware.com> Tested-by: Shashank Ram <rams@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Co-authored-by: Ben Pfaff <blp@ovn.org>
2018-11-16 15:32:58 +02:00
#else
/* Pick netlink sockets to use in a round-robin fashion from each
* handler's pool of sockets. */
struct dpif_handler *handler = &dpif->handlers[0];
struct dpif_windows_vport_sock *sock_pool = handler->vport_sock_pool;
size_t index = handler->last_used_pool_idx;
/* A pool of sockets is allocated when the handler is initialized. */
if (sock_pool == NULL) {
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
*sockp = NULL;
Windows: Fix broken kernel userspace communication Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460 broke Windows userpace - kernel communication. On windows we create netlink sockets when the handlers are initiated and reuse them. This patch remaps the usage of the netlink socket pool. Fixes: https://github.com/openvswitch/ovs-issues/issues/164 Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Shashank Ram <rams@vmware.com> Tested-by: Shashank Ram <rams@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Co-authored-by: Ben Pfaff <blp@ovn.org>
2018-11-16 15:32:58 +02:00
return EINVAL;
}
ovs_assert(index < VPORT_SOCK_POOL_SIZE);
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
*sockp = sock_pool[index].nl_sock;
ovs_assert(*sockp);
Windows: Fix broken kernel userspace communication Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460 broke Windows userpace - kernel communication. On windows we create netlink sockets when the handlers are initiated and reuse them. This patch remaps the usage of the netlink socket pool. Fixes: https://github.com/openvswitch/ovs-issues/issues/164 Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Shashank Ram <rams@vmware.com> Tested-by: Shashank Ram <rams@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Co-authored-by: Ben Pfaff <blp@ovn.org>
2018-11-16 15:32:58 +02:00
index = (index == VPORT_SOCK_POOL_SIZE - 1) ? 0 : index + 1;
handler->last_used_pool_idx = index;
return 0;
#endif
}
static void
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
close_nl_sock(struct nl_sock *sock)
Windows: Fix broken kernel userspace communication Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460 broke Windows userpace - kernel communication. On windows we create netlink sockets when the handlers are initiated and reuse them. This patch remaps the usage of the netlink socket pool. Fixes: https://github.com/openvswitch/ovs-issues/issues/164 Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Shashank Ram <rams@vmware.com> Tested-by: Shashank Ram <rams@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Co-authored-by: Ben Pfaff <blp@ovn.org>
2018-11-16 15:32:58 +02:00
{
#ifndef _WIN32
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
nl_sock_destroy(sock);
Windows: Fix broken kernel userspace communication Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460 broke Windows userpace - kernel communication. On windows we create netlink sockets when the handlers are initiated and reuse them. This patch remaps the usage of the netlink socket pool. Fixes: https://github.com/openvswitch/ovs-issues/issues/164 Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Shashank Ram <rams@vmware.com> Tested-by: Shashank Ram <rams@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Co-authored-by: Ben Pfaff <blp@ovn.org>
2018-11-16 15:32:58 +02:00
#endif
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
static struct dpif_netlink *
dpif_netlink_cast(const struct dpif *dpif)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_assert_class(dpif, &dpif_netlink_class);
return CONTAINER_OF(dpif, struct dpif_netlink, dpif);
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static inline bool
dpif_netlink_upcall_per_cpu(const struct dpif_netlink *dpif) {
return !!((dpif)->user_features & OVS_DP_F_DISPATCH_UPCALL_PER_CPU);
}
vswitch: Avoid knowledge of details specific to Linux datapaths. At startup, the vswitch needs to delete datapaths that are not configured by the administrator. Until now this was done by knowing the possible names of Linux datapaths. This commit cleans up by allowing each datapath class to enumerate its existing datapaths and their names.
2009-07-06 11:06:36 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_enumerate(struct sset *all_dps,
const struct dpif_class *dpif_class OVS_UNUSED)
vswitch: Avoid knowledge of details specific to Linux datapaths. At startup, the vswitch needs to delete datapaths that are not configured by the administrator. Until now this was done by knowing the possible names of Linux datapaths. This commit cleans up by allowing each datapath class to enumerate its existing datapaths and their names.
2009-07-06 11:06:36 -07:00
{
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
struct nl_dump dump;
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
uint64_t reply_stub[NL_DUMP_BUFSIZE / 8];
struct ofpbuf msg, buf;
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
int error;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_init();
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
if (error) {
return error;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
}
vswitch: Avoid knowledge of details specific to Linux datapaths. At startup, the vswitch needs to delete datapaths that are not configured by the administrator. Until now this was done by knowing the possible names of Linux datapaths. This commit cleans up by allowing each datapath class to enumerate its existing datapaths and their names.
2009-07-06 11:06:36 -07:00
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
ofpbuf_use_stub(&buf, reply_stub, sizeof reply_stub);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_dump_start(&dump);
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
while (nl_dump_next(&dump, &msg, &buf)) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_dp dp;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
if (!dpif_netlink_dp_from_ofpbuf(&dp, &msg)) {
dpif: Use sset instead of svec in dpif interface.
2011-03-25 13:00:13 -07:00
sset_add(all_dps, dp.name);
vswitch: Avoid knowledge of details specific to Linux datapaths. At startup, the vswitch needs to delete datapaths that are not configured by the administrator. Until now this was done by knowing the possible names of Linux datapaths. This commit cleans up by allowing each datapath class to enumerate its existing datapaths and their names.
2009-07-06 11:06:36 -07:00
}
}
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
ofpbuf_uninit(&buf);
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
return nl_dump_done(&dump);
vswitch: Avoid knowledge of details specific to Linux datapaths. At startup, the vswitch needs to delete datapaths that are not configured by the administrator. Until now this was done by knowing the possible names of Linux datapaths. This commit cleans up by allowing each datapath class to enumerate its existing datapaths and their names.
2009-07-06 11:06:36 -07:00
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_open(const struct dpif_class *class OVS_UNUSED, const char *name,
bool create, struct dpif **dpifp)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_dp dp_request, dp;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
struct ofpbuf *buf;
datapath: Require explicit upcall_pid for new datapaths and vports. This increases consistency with the OVS_ACTION_ATTR_USERSPACE action, which also requires an explicit pid. Suggested-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-10-12 11:04:10 -07:00
uint32_t upcall_pid;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
int error;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_init();
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
if (error) {
return error;
}
/* Create or look up datapath. */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_init(&dp_request);
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
upcall_pid = 0;
dp_request.upcall_pid = &upcall_pid;
dp_request.name = name;
datapath: Require explicit upcall_pid for new datapaths and vports. This increases consistency with the OVS_ACTION_ATTR_USERSPACE action, which also requires an explicit pid. Suggested-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-10-12 11:04:10 -07:00
if (create) {
dp_request.cmd = OVS_DP_CMD_NEW;
} else {
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
dp_request.cmd = OVS_DP_CMD_GET;
error = dpif_netlink_dp_transact(&dp_request, &dp, &buf);
if (error) {
return error;
}
dp_request.user_features = dp.user_features;
ofpbuf_delete(buf);
linux: Report supported user features to the kernel Following commit (''netlink: Do not enforce alignment of last Netlink attribute''), signal the ability to receive unaligned Netlink messages to the datapath to enable utilization of zerocopy optimizations. Opening a datapath is now done by issueing a OVS_DP_CMD_SET in order to overwrite previously set user features. Signed-off-by: Thomas Graf <tgraf@redhat.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-12-19 16:20:42 +01:00
/* Use OVS_DP_CMD_SET to report user features */
dp_request.cmd = OVS_DP_CMD_SET;
datapath: Require explicit upcall_pid for new datapaths and vports. This increases consistency with the OVS_ACTION_ATTR_USERSPACE action, which also requires an explicit pid. Suggested-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-10-12 11:04:10 -07:00
}
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
dpif-netlink: Fix feature negotiation for older kernels. Older kernels do not reject unsupported features. This can lead to a situation in which 'ovs-vswitchd' believes that a feature is supported when, in fact, it is not. This patch probes for this by attempting to set a known unsupported feature. Reported-by: Dumitru Ceara <dceara@redhat.com> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2004083 Suggested-by: Ilya Maximets <i.maximets@ovn.org> Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Tested-by: Dumitru Ceara <dceara@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-15 11:08:03 -04:00
/* Some older kernels will not reject unknown features. This will cause
* 'ovs-vswitchd' to incorrectly assume a feature is supported. In order to
* test for that, we attempt to set a feature that we know is not supported
* by any kernel. If this feature is not rejected, we can assume we are
* running on one of these older kernels.
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
*/
linux: Report supported user features to the kernel Following commit (''netlink: Do not enforce alignment of last Netlink attribute''), signal the ability to receive unaligned Netlink messages to the datapath to enable utilization of zerocopy optimizations. Opening a datapath is now done by issueing a OVS_DP_CMD_SET in order to overwrite previously set user features. Signed-off-by: Thomas Graf <tgraf@redhat.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-12-19 16:20:42 +01:00
dp_request.user_features |= OVS_DP_F_UNALIGNED;
dpif-netlink: Fix feature negotiation for older kernels. Older kernels do not reject unsupported features. This can lead to a situation in which 'ovs-vswitchd' believes that a feature is supported when, in fact, it is not. This patch probes for this by attempting to set a known unsupported feature. Reported-by: Dumitru Ceara <dceara@redhat.com> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2004083 Suggested-by: Ilya Maximets <i.maximets@ovn.org> Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Tested-by: Dumitru Ceara <dceara@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-15 11:08:03 -04:00
dp_request.user_features |= OVS_DP_F_VPORT_PIDS;
dp_request.user_features |= OVS_DP_F_UNSUPPORTED;
dpif-netlink: Fix memory leak dpif_netlink_open(). In the specific call to dpif_netlink_dp_transact() (line 398) in dpif_netlink_open(), the 'dp' content is not being used in the branch when no error is returned (starting line 430). Furthermore, the 'dp' and 'buf' variables are overwritten later in this same branch when a new netlink request is sent (line 437), which results in a memory leak. Reported by Address Sanitizer. Indirect leak of 1024 byte(s) in 1 object(s) allocated from: 0 0x7fe09d3bfe70 in __interceptor_malloc (/usr/lib64/libasan.so.4+0xe0e70) 1 0x8759be in xmalloc__ lib/util.c:140 2 0x875a9a in xmalloc lib/util.c:175 3 0x7ba0d2 in ofpbuf_init lib/ofpbuf.c:141 4 0x7ba1d6 in ofpbuf_new lib/ofpbuf.c:169 5 0x9057f9 in nl_sock_transact lib/netlink-socket.c:1113 6 0x907a7e in nl_transact lib/netlink-socket.c:1817 7 0x8b5abe in dpif_netlink_dp_transact lib/dpif-netlink.c:5007 8 0x89a6b5 in dpif_netlink_open lib/dpif-netlink.c:398 9 0x5de16f in do_open lib/dpif.c:348 10 0x5de69a in dpif_open lib/dpif.c:393 11 0x5de71f in dpif_create_and_open lib/dpif.c:419 12 0x47b918 in open_dpif_backer ofproto/ofproto-dpif.c:764 13 0x483e4a in construct ofproto/ofproto-dpif.c:1658 14 0x441644 in ofproto_create ofproto/ofproto.c:556 15 0x40ba5a in bridge_reconfigure vswitchd/bridge.c:885 16 0x41f1a9 in bridge_run vswitchd/bridge.c:3313 17 0x42d4fb in main vswitchd/ovs-vswitchd.c:132 18 0x7fe09cc03c86 in __libc_start_main (/usr/lib64/libc.so.6+0x25c86) Fixes: b841e3cd4a28 ("dpif-netlink: Fix feature negotiation for older kernels.") Reviewed-by: David Marchand <david.marchand@redhat.com> Reviewed-by: Simon Horman <simon.horman@corigine.com> Signed-off-by: Yunjian Wang <wangyunjian@huawei.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-04-24 19:54:58 +08:00
error = dpif_netlink_dp_transact(&dp_request, NULL, NULL);
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (error) {
dpif-netlink: Fix feature negotiation for older kernels. Older kernels do not reject unsupported features. This can lead to a situation in which 'ovs-vswitchd' believes that a feature is supported when, in fact, it is not. This patch probes for this by attempting to set a known unsupported feature. Reported-by: Dumitru Ceara <dceara@redhat.com> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2004083 Suggested-by: Ilya Maximets <i.maximets@ovn.org> Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Tested-by: Dumitru Ceara <dceara@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-15 11:08:03 -04:00
/* The Open vSwitch kernel module has two modes for dispatching
* upcalls: per-vport and per-cpu.
*
* When dispatching upcalls per-vport, the kernel will
* send the upcall via a Netlink socket that has been selected based on
* the vport that received the packet that is causing the upcall.
*
* When dispatching upcall per-cpu, the kernel will send the upcall via
* a Netlink socket that has been selected based on the cpu that
* received the packet that is causing the upcall.
*
* First we test to see if the kernel module supports per-cpu
* dispatching (the preferred method). If it does not support per-cpu
* dispatching, we fall back to the per-vport dispatch mode.
*/
dp_request.user_features &= ~OVS_DP_F_UNSUPPORTED;
dp_request.user_features &= ~OVS_DP_F_VPORT_PIDS;
dp_request.user_features |= OVS_DP_F_DISPATCH_UPCALL_PER_CPU;
error = dpif_netlink_dp_transact(&dp_request, &dp, &buf);
dpif-netlink: Improve feature negotiation for older kernels. OVS_DP_F_UNALIGNED is already set, no need to set again. If restarting ovs, dp is already created. So dpif_netlink_dp_transact() will return EEXIST. No need to probe again. Signed-off-by: Chris Mi <cmi@nvidia.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-11-05 18:21:57 +08:00
if (error == EOPNOTSUPP) {
dpif-netlink: Fix feature negotiation for older kernels. Older kernels do not reject unsupported features. This can lead to a situation in which 'ovs-vswitchd' believes that a feature is supported when, in fact, it is not. This patch probes for this by attempting to set a known unsupported feature. Reported-by: Dumitru Ceara <dceara@redhat.com> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2004083 Suggested-by: Ilya Maximets <i.maximets@ovn.org> Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Tested-by: Dumitru Ceara <dceara@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-15 11:08:03 -04:00
dp_request.user_features &= ~OVS_DP_F_DISPATCH_UPCALL_PER_CPU;
dp_request.user_features |= OVS_DP_F_VPORT_PIDS;
error = dpif_netlink_dp_transact(&dp_request, &dp, &buf);
}
if (error) {
return error;
}
error = open_dpif(&dp, dpifp);
dpif_netlink_set_features(*dpifp, OVS_DP_F_TC_RECIRC_SHARING);
} else {
VLOG_INFO("Kernel does not correctly support feature negotiation. "
"Using standard features.");
dp_request.cmd = OVS_DP_CMD_SET;
dp_request.user_features = 0;
dp_request.user_features |= OVS_DP_F_UNALIGNED;
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
dp_request.user_features |= OVS_DP_F_VPORT_PIDS;
error = dpif_netlink_dp_transact(&dp_request, &dp, &buf);
dpif-netlink: Fix feature negotiation for older kernels. Older kernels do not reject unsupported features. This can lead to a situation in which 'ovs-vswitchd' believes that a feature is supported when, in fact, it is not. This patch probes for this by attempting to set a known unsupported feature. Reported-by: Dumitru Ceara <dceara@redhat.com> Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2004083 Suggested-by: Ilya Maximets <i.maximets@ovn.org> Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Tested-by: Dumitru Ceara <dceara@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-15 11:08:03 -04:00
if (error) {
return error;
}
error = open_dpif(&dp, dpifp);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
dpif-linux: Open dpif despite notifier failures. Before this patch, if dpif-linux failed to register a notifier it would give up opening the datapath entirely. This seems draconian as a dpif can still perform the majority of its intended functionality without vport notifications.
2011-09-14 11:26:21 -07:00
ofpbuf_delete(buf);
netdev-offload-tc: Add recirculation support via tc chains Each recirculation id will create a tc chain, and we translate the recirculation action to a tc goto chain action. We check for kernel support for this by probing OvS Datapath for the tc recirc id sharing feature. If supported, we can offload rules that match on recirc_id, and recirculation action safely. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:40 +02:00
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (create) {
VLOG_INFO("Datapath dispatch mode: %s",
dpif_netlink_upcall_per_cpu(dpif_netlink_cast(*dpifp)) ?
"per-cpu" : "per-vport");
}
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
return error;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
open_dpif(const struct dpif_netlink_dp *dp, struct dpif **dpifp)
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
dpif = xzalloc(sizeof *dpif);
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
dpif->port_notifier = NULL;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_init(&dpif->upcall_lock);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_init(&dpif->dpif, &dpif_netlink_class, dp->name,
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
dp->dp_ifindex, dp->dp_ifindex);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
dpif->dp_ifindex = dp->dp_ifindex;
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
dpif->user_features = dp->user_features;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
*dpifp = &dpif->dpif;
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
return 0;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifdef _WIN32
static void
vport_delete_sock_pool(struct dpif_handler *handler)
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
if (handler->vport_sock_pool) {
uint32_t i;
struct dpif_windows_vport_sock *sock_pool =
handler->vport_sock_pool;
for (i = 0; i < VPORT_SOCK_POOL_SIZE; i++) {
if (sock_pool[i].nl_sock) {
nl_sock_unsubscribe_packets(sock_pool[i].nl_sock);
nl_sock_destroy(sock_pool[i].nl_sock);
sock_pool[i].nl_sock = NULL;
}
}
free(handler->vport_sock_pool);
handler->vport_sock_pool = NULL;
}
}
static int
vport_create_sock_pool(struct dpif_handler *handler)
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
struct dpif_windows_vport_sock *sock_pool;
size_t i;
int error = 0;
sock_pool = xzalloc(VPORT_SOCK_POOL_SIZE * sizeof *sock_pool);
for (i = 0; i < VPORT_SOCK_POOL_SIZE; i++) {
error = nl_sock_create(NETLINK_GENERIC, &sock_pool[i].nl_sock);
if (error) {
goto error;
}
/* Enable the netlink socket to receive packets. This is equivalent to
* calling nl_sock_join_mcgroup() to receive events. */
error = nl_sock_subscribe_packets(sock_pool[i].nl_sock);
if (error) {
goto error;
}
}
handler->vport_sock_pool = sock_pool;
handler->last_used_pool_idx = 0;
return 0;
error:
vport_delete_sock_pool(handler);
return error;
}
#endif /* _WIN32 */
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
/* Given the port number 'port_idx', extracts the pid of netlink socket
* associated to the port and assigns it to 'upcall_pid'. */
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
static bool
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
vport_get_pid(struct dpif_netlink *dpif, uint32_t port_idx,
uint32_t *upcall_pid)
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
{
/* Since the nl_sock can only be assigned in either all
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
* or none "dpif" channels, the following check
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
* would suffice. */
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
if (!dpif->channels[port_idx].sock) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
return false;
}
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
ovs_assert(!WINDOWS || dpif->n_handlers <= 1);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
*upcall_pid = nl_sock_pid(dpif->channels[port_idx].sock);
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
return true;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
}
static int
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
vport_add_channel(struct dpif_netlink *dpif, odp_port_t port_no,
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
struct nl_sock *sock)
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
{
struct epoll_event event;
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
uint32_t port_idx = odp_to_u32(port_no);
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
size_t i;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
int error;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (dpif->handlers == NULL) {
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
close_nl_sock(sock);
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
return 0;
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
/* We assume that the datapath densely chooses port numbers, which can
* therefore be used as an index into 'channels' and 'epoll_events' of
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
* 'dpif'. */
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
if (port_idx >= dpif->uc_array_size) {
uint32_t new_size = port_idx + 1;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-linux: Use MAX_PORTS instead of hard-coded 65535. MAX_PORTS is currently USHRT_MAX (also 65535). I think that's a coincidence; I don't remember MAX_PORTS being mentioned when the new dpif_channel code was written. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 16:54:18 -07:00
if (new_size > MAX_PORTS) {
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
VLOG_WARN_RL(&error_rl, "%s: datapath port %"PRIu32" too big",
dpif_name(&dpif->dpif), port_no);
return EFBIG;
}
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
dpif->channels = xrealloc(dpif->channels,
new_size * sizeof *dpif->channels);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
for (i = dpif->uc_array_size; i < new_size; i++) {
dpif->channels[i].sock = NULL;
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
for (i = 0; i < dpif->n_handlers; i++) {
struct dpif_handler *handler = &dpif->handlers[i];
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
handler->epoll_events = xrealloc(handler->epoll_events,
new_size * sizeof *handler->epoll_events);
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
}
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif->uc_array_size = new_size;
}
memset(&event, 0, sizeof event);
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
event.events = EPOLLIN | EPOLLEXCLUSIVE;
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
event.data.u32 = port_idx;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
for (i = 0; i < dpif->n_handlers; i++) {
struct dpif_handler *handler = &dpif->handlers[i];
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifndef _WIN32
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
if (epoll_ctl(handler->epoll_fd, EPOLL_CTL_ADD, nl_sock_fd(sock),
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
&event) < 0) {
error = errno;
goto error;
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
#endif
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
}
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
dpif->channels[port_idx].sock = sock;
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
dpif->channels[port_idx].last_poll = LLONG_MIN;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
return 0;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
error:
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifndef _WIN32
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
while (i--) {
epoll_ctl(dpif->handlers[i].epoll_fd, EPOLL_CTL_DEL,
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
nl_sock_fd(sock), NULL);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
}
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
#endif
dpif->channels[port_idx].sock = NULL;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
return error;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
}
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
vport_del_channels(struct dpif_netlink *dpif, odp_port_t port_no)
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
{
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
uint32_t port_idx = odp_to_u32(port_no);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
size_t i;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
if (!dpif->handlers || port_idx >= dpif->uc_array_size
|| !dpif->channels[port_idx].sock) {
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
return;
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
for (i = 0; i < dpif->n_handlers; i++) {
struct dpif_handler *handler = &dpif->handlers[i];
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifndef _WIN32
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
epoll_ctl(handler->epoll_fd, EPOLL_CTL_DEL,
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
nl_sock_fd(dpif->channels[port_idx].sock), NULL);
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#endif
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
handler->event_offset = handler->n_events = 0;
}
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
#ifndef _WIN32
nl_sock_destroy(dpif->channels[port_idx].sock);
#endif
dpif->channels[port_idx].sock = NULL;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
}
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
destroy_all_channels(struct dpif_netlink *dpif)
OVS_REQ_WRLOCK(dpif->upcall_lock)
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
{
unsigned int i;
if (!dpif->handlers) {
return;
}
for (i = 0; i < dpif->uc_array_size; i++ ) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport vport_request;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
uint32_t upcall_pids = 0;
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
if (!dpif->channels[i].sock) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
continue;
}
/* Turn off upcalls. */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(&vport_request);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
vport_request.cmd = OVS_VPORT_CMD_SET;
vport_request.dp_ifindex = dpif->dp_ifindex;
vport_request.port_no = u32_to_odp(i);
setup n_upcall_pids for vport_request when destroy all channels Setup the n_upcall_pids to 1, otherwise the OVS_VPORT_ATTR_UPCALL_PID nlattr will be incorrect. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Thomas Graf <tgraf@noironetworks.com>
2015-01-22 17:01:28 +08:00
vport_request.n_upcall_pids = 1;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
vport_request.upcall_pids = &upcall_pids;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_transact(&vport_request, NULL, NULL);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
vport_del_channels(dpif, u32_to_odp(i));
}
for (i = 0; i < dpif->n_handlers; i++) {
struct dpif_handler *handler = &dpif->handlers[i];
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
dpif_netlink_handler_uninit(handler);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
free(handler->epoll_events);
}
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
free(dpif->channels);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
free(dpif->handlers);
dpif->handlers = NULL;
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
dpif->channels = NULL;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif->n_handlers = 0;
dpif->uc_array_size = 0;
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static void
destroy_all_handlers(struct dpif_netlink *dpif)
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
int i = 0;
if (!dpif->handlers) {
return;
}
for (i = 0; i < dpif->n_handlers; i++) {
struct dpif_handler *handler = &dpif->handlers[i];
close_nl_sock(handler->sock);
}
free(dpif->handlers);
dpif->handlers = NULL;
dpif->n_handlers = 0;
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_close(struct dpif *dpif_)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Stop listening for RTNL notifications. Currently dpif-linux listens for vport change events using rtnetlink notifications. This patch switches to the ovs genl notification system. Feature #6809.
2011-08-24 16:21:10 -07:00
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
nl_sock_destroy(dpif->port_notifier);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_wrlock(&dpif->upcall_lock);
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (dpif_netlink_upcall_per_cpu(dpif)) {
destroy_all_handlers(dpif);
} else {
destroy_all_channels(dpif);
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_unlock(&dpif->upcall_lock);
fat_rwlock_destroy(&dpif->upcall_lock);
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
free(dpif);
}
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_destroy(struct dpif *dpif_)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_netlink_dp dp;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_init(&dp);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
dp.cmd = OVS_DP_CMD_DEL;
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
dp.dp_ifindex = dpif->dp_ifindex;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return dpif_netlink_dp_transact(&dp, NULL, NULL);
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
openvswitch: Userspace tunneling. Following patch adds support for userspace tunneling. Tunneling needs three more component first is routing table which is configured by caching kernel routes and second is ARP cache which build automatically by snooping arp. And third is tunnel protocol table which list all listening protocols which is populated by vswitchd as tunnel ports are added. GRE and VXLAN protocol support is added in this patch. Tunneling works as follows: On packet receive vswitchd check if this packet is targeted to tunnel port. If it is then vswitchd inserts tunnel pop action which pops header and sends packet to tunnel port. On packet xmit rather than generating Set tunnel action it generate tunnel push action which has tunnel header data. datapath can use tunnel-push action data to generate header for each packet and forward this packet to output port. Since tunnel-push action contains most of packet header vswitchd needs to lookup routing table and arp table to build this action. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-11-11 11:53:47 -08:00
static bool
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_run(struct dpif *dpif_)
dpif-linux: Fix fd leak for vports that disappear from the datapath. When ovs-vswitchd deletes a port with dpif_linux_port_del(), that function uses del_channel() to delete the corresponding channel, including closing its Netlink socket fd. However, if the vport gets removed by some other process (e.g. "ip link delete" for veths) then this function never gets called and thus the channel never gets deleted. This commit fixes the problem by resynchronizing channels with the datapath whenever a vport gets deleted. Bug #16784. Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 17:13:14 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (!dpif_netlink_upcall_per_cpu(dpif)) {
if (dpif->refresh_channels) {
dpif->refresh_channels = false;
fat_rwlock_wrlock(&dpif->upcall_lock);
dpif_netlink_refresh_handlers_vport_dispatch(dpif,
dpif->n_handlers);
fat_rwlock_unlock(&dpif->upcall_lock);
}
dpif-linux: Fix fd leak for vports that disappear from the datapath. When ovs-vswitchd deletes a port with dpif_linux_port_del(), that function uses del_channel() to delete the corresponding channel, including closing its Netlink socket fd. However, if the vport gets removed by some other process (e.g. "ip link delete" for veths) then this function never gets called and thus the channel never gets deleted. This commit fixes the problem by resynchronizing channels with the datapath whenever a vport gets deleted. Bug #16784. Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 17:13:14 -07:00
}
openvswitch: Userspace tunneling. Following patch adds support for userspace tunneling. Tunneling needs three more component first is routing table which is configured by caching kernel routes and second is ARP cache which build automatically by snooping arp. And third is tunnel protocol table which list all listening protocols which is populated by vswitchd as tunnel ports are added. GRE and VXLAN protocol support is added in this patch. Tunneling works as follows: On packet receive vswitchd check if this packet is targeted to tunnel port. If it is then vswitchd inserts tunnel pop action which pops header and sends packet to tunnel port. On packet xmit rather than generating Set tunnel action it generate tunnel push action which has tunnel header data. datapath can use tunnel-push action data to generate header for each packet and forward this packet to output port. Since tunnel-push action contains most of packet header vswitchd needs to lookup routing table and arp table to build this action. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-11-11 11:53:47 -08:00
return false;
dpif-linux: Fix fd leak for vports that disappear from the datapath. When ovs-vswitchd deletes a port with dpif_linux_port_del(), that function uses del_channel() to delete the corresponding channel, including closing its Netlink socket fd. However, if the vport gets removed by some other process (e.g. "ip link delete" for veths) then this function never gets called and thus the channel never gets deleted. This commit fixes the problem by resynchronizing channels with the datapath whenever a vport gets deleted. Bug #16784. Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 17:13:14 -07:00
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_get_stats(const struct dpif *dpif_, struct dpif_dp_stats *stats)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_dp dp;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
struct ofpbuf *buf;
int error;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_dp_get(dpif_, &dp, &buf);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
if (!error) {
odp-netlink.h: Use 32-bit aligned 64-bit types. Open vSwitch userspace uses special types to indicate that a particular object may not be naturally aligned. Netlink is one source of such problems: in Netlink, 64-bit integers are often aligned only on 32-bit boundaries. This commit changes the odp-netlink.h that is transformed from <linux/openvswitch.h> to use these types to make it harder to accidentally access a misaligned 64-bit member. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2014-06-13 15:28:29 -07:00
memset(stats, 0, sizeof *stats);
if (dp.stats) {
stats->n_hit = get_32aligned_u64(&dp.stats->n_hit);
stats->n_missed = get_32aligned_u64(&dp.stats->n_missed);
stats->n_lost = get_32aligned_u64(&dp.stats->n_lost);
stats->n_flows = get_32aligned_u64(&dp.stats->n_flows);
}
if (dp.megaflow_stats) {
stats->n_masks = dp.megaflow_stats->n_masks;
stats->n_mask_hit = get_32aligned_u64(
&dp.megaflow_stats->n_mask_hit);
dpctl: dpif: Add kernel datapath cache hit output. This patch adds cache usage statistics to the output: $ ovs-dpctl show system@ovs-system: lookups: hit:24 missed:71 lost:0 flows: 0 masks: hit:334 total:0 hit/pkt:3.52 cache: hit:4 hit-rate:4.21% port 0: ovs-system (internal) port 1: genev_sys_6081 (geneve: packet_type=ptap) port 2: br-int (internal) port 3: br-ex (internal) port 4: eth2 port 5: sw1p1 (internal) port 6: sw0p4 (internal) Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:42 +02:00
stats->n_cache_hit = get_32aligned_u64(
&dp.megaflow_stats->n_cache_hit);
if (!stats->n_cache_hit) {
/* Old kernels don't use this field and always
* report zero instead. Disable this stat. */
stats->n_cache_hit = UINT64_MAX;
}
odp-netlink.h: Use 32-bit aligned 64-bit types. Open vSwitch userspace uses special types to indicate that a particular object may not be naturally aligned. Netlink is one source of such problems: in Netlink, 64-bit integers are often aligned only on 32-bit boundaries. This commit changes the odp-netlink.h that is transformed from <linux/openvswitch.h> to use these types to make it harder to accidentally access a misaligned 64-bit member. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2014-06-13 15:28:29 -07:00
} else {
stats->n_masks = UINT32_MAX;
stats->n_mask_hit = UINT64_MAX;
dpctl: dpif: Add kernel datapath cache hit output. This patch adds cache usage statistics to the output: $ ovs-dpctl show system@ovs-system: lookups: hit:24 missed:71 lost:0 flows: 0 masks: hit:334 total:0 hit/pkt:3.52 cache: hit:4 hit-rate:4.21% port 0: ovs-system (internal) port 1: genev_sys_6081 (geneve: packet_type=ptap) port 2: br-int (internal) port 3: br-ex (internal) port 4: eth2 port 5: sw1p1 (internal) port 6: sw0p4 (internal) Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:42 +02:00
stats->n_cache_hit = UINT64_MAX;
odp-netlink.h: Use 32-bit aligned 64-bit types. Open vSwitch userspace uses special types to indicate that a particular object may not be naturally aligned. Netlink is one source of such problems: in Netlink, 64-bit integers are often aligned only on 32-bit boundaries. This commit changes the odp-netlink.h that is transformed from <linux/openvswitch.h> to use these types to make it harder to accidentally access a misaligned 64-bit member. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2014-06-13 15:28:29 -07:00
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
ofpbuf_delete(buf);
}
return error;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static int
dpif_netlink_set_handler_pids(struct dpif *dpif_, const uint32_t *upcall_pids,
uint32_t n_upcall_pids)
{
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
handlers: Fix handlers mapping. The handler and CPU mapping in upcalls are incorrect, and this is specially noticeable systems with cpu isolation enabled. Say we have a 12 core system where only every even number CPU is enabled C0, C2, C4, C6, C8, C10 This means we will create an array of size 6 that will be sent to kernel that is populated with sockets [S0, S1, S2, S3, S4, S5] The problem is when the kernel does an upcall it checks the socket array via the index of the CPU, effectively adding additional load on some CPUs while leaving no work on other CPUs. e.g. C0 indexes to S0 C2 indexes to S2 (should be S1) C4 indexes to S4 (should be S2) Modulo of 6 (size of socket array) is applied, so we wrap back to S0 C6 indexes to S0 (should be S3) C8 indexes to S2 (should be S4) C10 indexes to S4 (should be S5) Effectively sockets S0, S2, S4 get overloaded while sockets S1, S3, S5 get no work assigned to them This leads to the kernel to throw the following message: "openvswitch: cpu_id mismatch with handler threads" Instead we will send the kernel a corrected array of sockets the size of all CPUs in the system, or the largest core_id on the system, which ever one is greatest. This is to take care of systems with non-continous core cpus. In the above example we would create a corrected array in a round-robin(assuming prime bias) fashion as follows: [S0, S1, S2, S3, S4, S5, S6, S0, S1, S2, S3, S4] Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Co-authored-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:15 -04:00
int largest_cpu_id = ovs_numa_get_largest_core_id();
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
struct dpif_netlink_dp request, reply;
struct ofpbuf *bufp;
handlers: Fix handlers mapping. The handler and CPU mapping in upcalls are incorrect, and this is specially noticeable systems with cpu isolation enabled. Say we have a 12 core system where only every even number CPU is enabled C0, C2, C4, C6, C8, C10 This means we will create an array of size 6 that will be sent to kernel that is populated with sockets [S0, S1, S2, S3, S4, S5] The problem is when the kernel does an upcall it checks the socket array via the index of the CPU, effectively adding additional load on some CPUs while leaving no work on other CPUs. e.g. C0 indexes to S0 C2 indexes to S2 (should be S1) C4 indexes to S4 (should be S2) Modulo of 6 (size of socket array) is applied, so we wrap back to S0 C6 indexes to S0 (should be S3) C8 indexes to S2 (should be S4) C10 indexes to S4 (should be S5) Effectively sockets S0, S2, S4 get overloaded while sockets S1, S3, S5 get no work assigned to them This leads to the kernel to throw the following message: "openvswitch: cpu_id mismatch with handler threads" Instead we will send the kernel a corrected array of sockets the size of all CPUs in the system, or the largest core_id on the system, which ever one is greatest. This is to take care of systems with non-continous core cpus. In the above example we would create a corrected array in a round-robin(assuming prime bias) fashion as follows: [S0, S1, S2, S3, S4, S5, S6, S0, S1, S2, S3, S4] Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Co-authored-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:15 -04:00
uint32_t *corrected;
int error, i, n_cores;
if (largest_cpu_id == OVS_NUMA_UNSPEC) {
largest_cpu_id = -1;
}
/* Some systems have non-continuous cpu core ids. count_total_cores()
* would return an accurate number, however, this number cannot be used.
* e.g. If the largest core_id of a system is cpu9, but the system only
* has 4 cpus then the OVS kernel module would throw a "CPU mismatch"
* warning. With the MAX() in place in this example we send an array of
* size 10 and prevent the warning. This has no bearing on the number of
* threads created.
*/
n_cores = MAX(count_total_cores(), largest_cpu_id + 1);
VLOG_DBG("Dispatch mode(per-cpu): Setting up handler PIDs for %d cores",
n_cores);
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
dpif_netlink_dp_init(&request);
request.cmd = OVS_DP_CMD_SET;
request.name = dpif_->base_name;
request.dp_ifindex = dpif->dp_ifindex;
request.user_features = dpif->user_features |
OVS_DP_F_DISPATCH_UPCALL_PER_CPU;
handlers: Fix handlers mapping. The handler and CPU mapping in upcalls are incorrect, and this is specially noticeable systems with cpu isolation enabled. Say we have a 12 core system where only every even number CPU is enabled C0, C2, C4, C6, C8, C10 This means we will create an array of size 6 that will be sent to kernel that is populated with sockets [S0, S1, S2, S3, S4, S5] The problem is when the kernel does an upcall it checks the socket array via the index of the CPU, effectively adding additional load on some CPUs while leaving no work on other CPUs. e.g. C0 indexes to S0 C2 indexes to S2 (should be S1) C4 indexes to S4 (should be S2) Modulo of 6 (size of socket array) is applied, so we wrap back to S0 C6 indexes to S0 (should be S3) C8 indexes to S2 (should be S4) C10 indexes to S4 (should be S5) Effectively sockets S0, S2, S4 get overloaded while sockets S1, S3, S5 get no work assigned to them This leads to the kernel to throw the following message: "openvswitch: cpu_id mismatch with handler threads" Instead we will send the kernel a corrected array of sockets the size of all CPUs in the system, or the largest core_id on the system, which ever one is greatest. This is to take care of systems with non-continous core cpus. In the above example we would create a corrected array in a round-robin(assuming prime bias) fashion as follows: [S0, S1, S2, S3, S4, S5, S6, S0, S1, S2, S3, S4] Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Co-authored-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:15 -04:00
corrected = xcalloc(n_cores, sizeof *corrected);
for (i = 0; i < n_cores; i++) {
corrected[i] = upcall_pids[i % n_upcall_pids];
}
request.upcall_pids = corrected;
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
request.n_upcall_pids = n_cores;
error = dpif_netlink_dp_transact(&request, &reply, &bufp);
if (!error) {
dpif->user_features = reply.user_features;
ofpbuf_delete(bufp);
if (!dpif_netlink_upcall_per_cpu(dpif)) {
handlers: Fix handlers mapping. The handler and CPU mapping in upcalls are incorrect, and this is specially noticeable systems with cpu isolation enabled. Say we have a 12 core system where only every even number CPU is enabled C0, C2, C4, C6, C8, C10 This means we will create an array of size 6 that will be sent to kernel that is populated with sockets [S0, S1, S2, S3, S4, S5] The problem is when the kernel does an upcall it checks the socket array via the index of the CPU, effectively adding additional load on some CPUs while leaving no work on other CPUs. e.g. C0 indexes to S0 C2 indexes to S2 (should be S1) C4 indexes to S4 (should be S2) Modulo of 6 (size of socket array) is applied, so we wrap back to S0 C6 indexes to S0 (should be S3) C8 indexes to S2 (should be S4) C10 indexes to S4 (should be S5) Effectively sockets S0, S2, S4 get overloaded while sockets S1, S3, S5 get no work assigned to them This leads to the kernel to throw the following message: "openvswitch: cpu_id mismatch with handler threads" Instead we will send the kernel a corrected array of sockets the size of all CPUs in the system, or the largest core_id on the system, which ever one is greatest. This is to take care of systems with non-continous core cpus. In the above example we would create a corrected array in a round-robin(assuming prime bias) fashion as follows: [S0, S1, S2, S3, S4, S5, S6, S0, S1, S2, S3, S4] Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Co-authored-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:15 -04:00
error = -EOPNOTSUPP;
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
}
}
handlers: Fix handlers mapping. The handler and CPU mapping in upcalls are incorrect, and this is specially noticeable systems with cpu isolation enabled. Say we have a 12 core system where only every even number CPU is enabled C0, C2, C4, C6, C8, C10 This means we will create an array of size 6 that will be sent to kernel that is populated with sockets [S0, S1, S2, S3, S4, S5] The problem is when the kernel does an upcall it checks the socket array via the index of the CPU, effectively adding additional load on some CPUs while leaving no work on other CPUs. e.g. C0 indexes to S0 C2 indexes to S2 (should be S1) C4 indexes to S4 (should be S2) Modulo of 6 (size of socket array) is applied, so we wrap back to S0 C6 indexes to S0 (should be S3) C8 indexes to S2 (should be S4) C10 indexes to S4 (should be S5) Effectively sockets S0, S2, S4 get overloaded while sockets S1, S3, S5 get no work assigned to them This leads to the kernel to throw the following message: "openvswitch: cpu_id mismatch with handler threads" Instead we will send the kernel a corrected array of sockets the size of all CPUs in the system, or the largest core_id on the system, which ever one is greatest. This is to take care of systems with non-continous core cpus. In the above example we would create a corrected array in a round-robin(assuming prime bias) fashion as follows: [S0, S1, S2, S3, S4, S5, S6, S0, S1, S2, S3, S4] Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Co-authored-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:15 -04:00
free(corrected);
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
return error;
}
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
static int
dpif_netlink_set_features(struct dpif *dpif_, uint32_t new_features)
{
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_netlink_dp request, reply;
struct ofpbuf *bufp;
int error;
dpif_netlink_dp_init(&request);
request.cmd = OVS_DP_CMD_SET;
dpif-netlink: Fix Windows incompatibility when setting new feature OVS_DP_ATTR_NAME field is required when sending OVS_DP_CMD_SET to windows kernel driver. The function "dpif_netlink_set_features" dose not set the OVS_DP_ATTR_NAME field which will cause set feature failure and ovs-vswitchd will exist. This patch fixes the issue by setting "request.name" in request. Reported-at: https://github.com/openvswitch/ovs-issues/issues/187 Submitted-at: https://github.com/openvswitch/ovs/pull/319 Signed-off-by: Rui Cao <rcao@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2020-06-15 14:05:13 +08:00
request.name = dpif_->base_name;
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
request.dp_ifindex = dpif->dp_ifindex;
request.user_features = dpif->user_features | new_features;
error = dpif_netlink_dp_transact(&request, &reply, &bufp);
if (!error) {
dpif->user_features = reply.user_features;
ofpbuf_delete(bufp);
if (!(dpif->user_features & new_features)) {
return -EOPNOTSUPP;
}
}
return error;
}
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
static const char *
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
get_vport_type(const struct dpif_netlink_vport *vport)
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
{
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
switch (vport->type) {
dpif-linux: Lookup netdev to get netdev type string. When creating tap ports in dpif-linux, the "tap" type is treated the same as "system", and the type is discarded. When dumping datapath port types, this would cause "tap" type to be reported as a "system" type. Each time we see a port of the wrong type in bridge_reconfigure(), we remove it and add a port with the correct configuration. This would always occur for tap ports, causing deletion and re-creation of all tap ports each time the bridge was reconfigured. This patch makes dpif-linux use netdev to look up port types if the datapath reports that they are of type OVS_VPORT_TYPE_NETDEV. Bug #1196289. Reported-by: James Schmidt <jschmidt@vmware.com> Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-02-26 13:22:35 -08:00
case OVS_VPORT_TYPE_NETDEV: {
const char *type = netdev_get_type_from_name(vport->name);
return type ? type : "system";
}
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
case OVS_VPORT_TYPE_INTERNAL:
return "internal";
datapath: Add support for Geneve tunneling. This adds support for Geneve - Generic Network Virtualization Encapsulation. The protocol is documented at http://tools.ietf.org/html/draft-gross-geneve-00 The kernel implementation is completely agnostic to the options that are in use and can handle newly defined options without further work. It does this by simply matching on a byte array of options and allowing userspace to setup flows on this array. Userspace currently implements only support for basic version of Geneve. It can work with the base header (including the VNI) and is capable of parsing options but does not currently support any particular option definitions. Over time, the intention is to allow options to be matched through OpenFlow without requiring explicit support in OVS userspace. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Thomas Graf <tgraf@suug.ch> Acked-by: Pravin B Shelar <pshelar@nicira.com>
2014-06-05 19:07:32 -07:00
case OVS_VPORT_TYPE_GENEVE:
return "geneve";
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
case OVS_VPORT_TYPE_GRE:
return "gre";
case OVS_VPORT_TYPE_VXLAN:
return "vxlan";
compat: Add ipv6 GRE and IPV6 Tunneling This patch backports upstream ipv6 GRE and tunneling into the OVS OOT (Out of Tree) datapath drivers. The primary reason for this is to support the ERSPAN feature. Because there is no previous history of ipv6 GRE and tunneling it is not possible to exactly reproduce the history of all the files in the patch. The two newly added files - ip6_gre.c and ip6_tunnel.c - are cut from whole cloth out of the upstream Linux 4.15 kernel and then modified as necessary with compatibility layer fixups. These two files already included parts of several other upstream commits that also touched other upstream files. As such, this patch may incorporate parts or all of the following commits: d350a82 net: erspan: create erspan metadata uapi header c69de58 net: erspan: use bitfield instead of mask and offset b423d13 net: erspan: fix use-after-free 214bb1c net: erspan: remove md NULL check afb4c97 ip6_gre: fix potential memory leak in ip6erspan_rcv 50670b6 ip_gre: fix potential memory leak in erspan_rcv a734321 ip6_gre: fix error path when ip6erspan_rcv failed dd8d5b8 ip_gre: fix error path when erspan_rcv failed 293a199 ip6_gre: fix a pontential issue in ip6erspan_rcv d91e8db5 net: erspan: reload pointer after pskb_may_pull ae3e133 net: erspan: fix wrong return value c05fad5 ip_gre: fix wrong return value of erspan_rcv 94d7d8f ip6_gre: add erspan v2 support f551c91 net: erspan: introduce erspan v2 for ip_gre 1d7e2ed net: erspan: refactor existing erspan code ef7baf5 ip6_gre: add ip6 erspan collect_md mode 5a963eb ip6_gre: Add ERSPAN native tunnel support ceaa001 openvswitch: Add erspan tunnel support. f192970 ip_gre: check packet length and mtu correctly in erspan tx c84bed4 ip_gre: erspan device should keep dst c122fda ip_gre: set tunnel hlen properly in erspan_tunnel_init 5513d08 ip_gre: check packet length and mtu correctly in erspan_xmit 935a974 ip_gre: get key from session_id correctly in erspan_rcv 1a66a83 gre: add collect_md mode to ERSPAN tunnel 84e54fe gre: introduce native tunnel support for ERSPAN In cases where the listed commits also touched other source code files then the patches are also listed separately within this patch series. Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: William Tu <u9012063@gmail.com>
2018-03-05 10:11:57 -08:00
case OVS_VPORT_TYPE_ERSPAN:
erspan: add kernel datapath support pass check, check-kernel (4.16-rc4), check-system-userspace Signed-off-by: William Tu <u9012063@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-03-21 14:02:25 -07:00
return "erspan";
compat: Add ipv6 GRE and IPV6 Tunneling This patch backports upstream ipv6 GRE and tunneling into the OVS OOT (Out of Tree) datapath drivers. The primary reason for this is to support the ERSPAN feature. Because there is no previous history of ipv6 GRE and tunneling it is not possible to exactly reproduce the history of all the files in the patch. The two newly added files - ip6_gre.c and ip6_tunnel.c - are cut from whole cloth out of the upstream Linux 4.15 kernel and then modified as necessary with compatibility layer fixups. These two files already included parts of several other upstream commits that also touched other upstream files. As such, this patch may incorporate parts or all of the following commits: d350a82 net: erspan: create erspan metadata uapi header c69de58 net: erspan: use bitfield instead of mask and offset b423d13 net: erspan: fix use-after-free 214bb1c net: erspan: remove md NULL check afb4c97 ip6_gre: fix potential memory leak in ip6erspan_rcv 50670b6 ip_gre: fix potential memory leak in erspan_rcv a734321 ip6_gre: fix error path when ip6erspan_rcv failed dd8d5b8 ip_gre: fix error path when erspan_rcv failed 293a199 ip6_gre: fix a pontential issue in ip6erspan_rcv d91e8db5 net: erspan: reload pointer after pskb_may_pull ae3e133 net: erspan: fix wrong return value c05fad5 ip_gre: fix wrong return value of erspan_rcv 94d7d8f ip6_gre: add erspan v2 support f551c91 net: erspan: introduce erspan v2 for ip_gre 1d7e2ed net: erspan: refactor existing erspan code ef7baf5 ip6_gre: add ip6 erspan collect_md mode 5a963eb ip6_gre: Add ERSPAN native tunnel support ceaa001 openvswitch: Add erspan tunnel support. f192970 ip_gre: check packet length and mtu correctly in erspan tx c84bed4 ip_gre: erspan device should keep dst c122fda ip_gre: set tunnel hlen properly in erspan_tunnel_init 5513d08 ip_gre: check packet length and mtu correctly in erspan_xmit 935a974 ip_gre: get key from session_id correctly in erspan_rcv 1a66a83 gre: add collect_md mode to ERSPAN tunnel 84e54fe gre: introduce native tunnel support for ERSPAN In cases where the listed commits also touched other source code files then the patches are also listed separately within this patch series. Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: William Tu <u9012063@gmail.com>
2018-03-05 10:11:57 -08:00
case OVS_VPORT_TYPE_IP6ERSPAN:
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
return "ip6erspan";
ip6gre: Add ip6gre vport type Add handlers for OVS_VPORT_TYPE_IP6GRE Cc: Ben Pfaff <blp@ovn.org> Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: William Tu <u9012063@gmail.com>
2018-05-04 10:14:44 -07:00
compat: Add ipv6 GRE and IPV6 Tunneling This patch backports upstream ipv6 GRE and tunneling into the OVS OOT (Out of Tree) datapath drivers. The primary reason for this is to support the ERSPAN feature. Because there is no previous history of ipv6 GRE and tunneling it is not possible to exactly reproduce the history of all the files in the patch. The two newly added files - ip6_gre.c and ip6_tunnel.c - are cut from whole cloth out of the upstream Linux 4.15 kernel and then modified as necessary with compatibility layer fixups. These two files already included parts of several other upstream commits that also touched other upstream files. As such, this patch may incorporate parts or all of the following commits: d350a82 net: erspan: create erspan metadata uapi header c69de58 net: erspan: use bitfield instead of mask and offset b423d13 net: erspan: fix use-after-free 214bb1c net: erspan: remove md NULL check afb4c97 ip6_gre: fix potential memory leak in ip6erspan_rcv 50670b6 ip_gre: fix potential memory leak in erspan_rcv a734321 ip6_gre: fix error path when ip6erspan_rcv failed dd8d5b8 ip_gre: fix error path when erspan_rcv failed 293a199 ip6_gre: fix a pontential issue in ip6erspan_rcv d91e8db5 net: erspan: reload pointer after pskb_may_pull ae3e133 net: erspan: fix wrong return value c05fad5 ip_gre: fix wrong return value of erspan_rcv 94d7d8f ip6_gre: add erspan v2 support f551c91 net: erspan: introduce erspan v2 for ip_gre 1d7e2ed net: erspan: refactor existing erspan code ef7baf5 ip6_gre: add ip6 erspan collect_md mode 5a963eb ip6_gre: Add ERSPAN native tunnel support ceaa001 openvswitch: Add erspan tunnel support. f192970 ip_gre: check packet length and mtu correctly in erspan tx c84bed4 ip_gre: erspan device should keep dst c122fda ip_gre: set tunnel hlen properly in erspan_tunnel_init 5513d08 ip_gre: check packet length and mtu correctly in erspan_xmit 935a974 ip_gre: get key from session_id correctly in erspan_rcv 1a66a83 gre: add collect_md mode to ERSPAN tunnel 84e54fe gre: introduce native tunnel support for ERSPAN In cases where the listed commits also touched other source code files then the patches are also listed separately within this patch series. Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: William Tu <u9012063@gmail.com>
2018-03-05 10:11:57 -08:00
case OVS_VPORT_TYPE_IP6GRE:
ip6gre: Add ip6gre vport type Add handlers for OVS_VPORT_TYPE_IP6GRE Cc: Ben Pfaff <blp@ovn.org> Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: William Tu <u9012063@gmail.com>
2018-05-04 10:14:44 -07:00
return "ip6gre";
compat: Add ipv6 GRE and IPV6 Tunneling This patch backports upstream ipv6 GRE and tunneling into the OVS OOT (Out of Tree) datapath drivers. The primary reason for this is to support the ERSPAN feature. Because there is no previous history of ipv6 GRE and tunneling it is not possible to exactly reproduce the history of all the files in the patch. The two newly added files - ip6_gre.c and ip6_tunnel.c - are cut from whole cloth out of the upstream Linux 4.15 kernel and then modified as necessary with compatibility layer fixups. These two files already included parts of several other upstream commits that also touched other upstream files. As such, this patch may incorporate parts or all of the following commits: d350a82 net: erspan: create erspan metadata uapi header c69de58 net: erspan: use bitfield instead of mask and offset b423d13 net: erspan: fix use-after-free 214bb1c net: erspan: remove md NULL check afb4c97 ip6_gre: fix potential memory leak in ip6erspan_rcv 50670b6 ip_gre: fix potential memory leak in erspan_rcv a734321 ip6_gre: fix error path when ip6erspan_rcv failed dd8d5b8 ip_gre: fix error path when erspan_rcv failed 293a199 ip6_gre: fix a pontential issue in ip6erspan_rcv d91e8db5 net: erspan: reload pointer after pskb_may_pull ae3e133 net: erspan: fix wrong return value c05fad5 ip_gre: fix wrong return value of erspan_rcv 94d7d8f ip6_gre: add erspan v2 support f551c91 net: erspan: introduce erspan v2 for ip_gre 1d7e2ed net: erspan: refactor existing erspan code ef7baf5 ip6_gre: add ip6 erspan collect_md mode 5a963eb ip6_gre: Add ERSPAN native tunnel support ceaa001 openvswitch: Add erspan tunnel support. f192970 ip_gre: check packet length and mtu correctly in erspan tx c84bed4 ip_gre: erspan device should keep dst c122fda ip_gre: set tunnel hlen properly in erspan_tunnel_init 5513d08 ip_gre: check packet length and mtu correctly in erspan_xmit 935a974 ip_gre: get key from session_id correctly in erspan_rcv 1a66a83 gre: add collect_md mode to ERSPAN tunnel 84e54fe gre: introduce native tunnel support for ERSPAN In cases where the listed commits also touched other source code files then the patches are also listed separately within this patch series. Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: William Tu <u9012063@gmail.com>
2018-03-05 10:11:57 -08:00
userspace: Add GTP-U support. GTP, GPRS Tunneling Protocol, is a group of IP-based communications protocols used to carry general packet radio service (GPRS) within GSM, UMTS and LTE networks. GTP protocol has two parts: Signalling (GTP-Control, GTP-C) and User data (GTP-User, GTP-U). GTP-C is used for setting up GTP-U protocol, which is an IP-in-UDP tunneling protocol. Usually GTP is used in connecting between base station for radio, Serving Gateway (S-GW), and PDN Gateway (P-GW). This patch implements GTP-U protocol for userspace datapath, supporting only required header fields and G-PDU message type. See spec in: https://tools.ietf.org/html/draft-hmm-dmm-5g-uplane-analysis-00 Tested-at: https://travis-ci.org/github/williamtu/ovs-travis/builds/666518784 Signed-off-by: Feng Yang <yangfengee04@gmail.com> Co-authored-by: Feng Yang <yangfengee04@gmail.com> Signed-off-by: Yi Yang <yangyi01@inspur.com> Co-authored-by: Yi Yang <yangyi01@inspur.com> Signed-off-by: William Tu <u9012063@gmail.com> Acked-by: Ben Pfaff <blp@ovn.org>
2019-11-25 11:19:23 -08:00
case OVS_VPORT_TYPE_GTPU:
return "gtpu";
userspace: Add SRv6 tunnel support. SRv6 (Segment Routing IPv6) tunnel vport is responsible for encapsulation and decapsulation the inner packets with IPv6 header and an extended header called SRH (Segment Routing Header). See spec in: https://datatracker.ietf.org/doc/html/rfc8754 This patch implements SRv6 tunneling in userspace datapath. It uses `remote_ip` and `local_ip` options as with existing tunnel protocols. It also adds a dedicated `srv6_segs` option to define a sequence of routers called segment list. Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-03-29 14:51:17 +09:00
case OVS_VPORT_TYPE_SRV6:
return "srv6";
tunnel: Bareudp Tunnel Support. There are various L3 encapsulation standards using UDP being discussed to leverage the UDP based load balancing capability of different networks. MPLSoUDP (__ https://tools.ietf.org/html/rfc7510) is one among them. The Bareudp tunnel provides a generic L3 encapsulation support for tunnelling different L3 protocols like MPLS, IP, NSH etc. inside a UDP tunnel. An example to create bareudp device to tunnel MPLS traffic is given $ ovs-vsctl add-port br_mpls udp_port -- set interface udp_port \ type=bareudp options:remote_ip=2.1.1.3 options:local_ip=2.1.1.2 \ options:payload_type=0x8847 options:dst_port=6635 The bareudp device supports special handling for MPLS & IP as they can have multiple ethertypes. MPLS procotcol can have ethertypes ETH_P_MPLS_UC (unicast) & ETH_P_MPLS_MC (multicast). IP protocol can have ethertypes ETH_P_IP (v4) & ETH_P_IPV6 (v6). The bareudp device to tunnel L3 traffic with multiple ethertypes (MPLS & IP) can be created by passing the L3 protocol name as string in the field payload_type. An example to create bareudp device to tunnel MPLS unicast & multicast traffic is given below.:: $ ovs-vsctl add-port br_mpls udp_port -- set interface udp_port \ type=bareudp options:remote_ip=2.1.1.3 options:local_ip=2.1.1.2 \ options:payload_type=mpls options:dst_port=6635 Signed-off-by: Martin Varghese <martin.varghese@nokia.com> Acked-By: Greg Rose <gvrose8192@gmail.com> Tested-by: Greg Rose <gvrose8192@gmail.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-12-17 12:48:41 +05:30
case OVS_VPORT_TYPE_BAREUDP:
return "bareudp";
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
case OVS_VPORT_TYPE_UNSPEC:
case __OVS_VPORT_TYPE_MAX:
break;
}
VLOG_WARN_RL(&rl, "dp%d: port `%s' has unsupported type %u",
vport->dp_ifindex, vport->name, (unsigned int) vport->type);
return "unknown";
}
dpif-netlink: Support rtnetlink port creation. In order to be able to add those tunnels, we need to add code to create the tunnels and add them as NETDEV vports. And when there is no support to create them, we need to fallback to compatibility code and add them as tunnel vports. When removing those tunnels, we need to remove the interfaces as well, and detecting the right type might be important, at least to distinguish the tunnel vports that we should remove and the interfaces that we shouldn't. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:29 -04:00
enum ovs_vport_type
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
netdev_to_ovs_vport_type(const char *type)
netdev-vport: Build on all platforms. This patch removes the final bit of linux specific code which prevents building netdev-vport everywhere. With this, other platforms automatically get access to patch ports, and (if their datapath supports it), flow based tunneling. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-25 13:30:40 -08:00
{
if (!strcmp(type, "tap") || !strcmp(type, "system")) {
return OVS_VPORT_TYPE_NETDEV;
} else if (!strcmp(type, "internal")) {
return OVS_VPORT_TYPE_INTERNAL;
datapath: Add support for Geneve tunneling. This adds support for Geneve - Generic Network Virtualization Encapsulation. The protocol is documented at http://tools.ietf.org/html/draft-gross-geneve-00 The kernel implementation is completely agnostic to the options that are in use and can handle newly defined options without further work. It does this by simply matching on a byte array of options and allowing userspace to setup flows on this array. Userspace currently implements only support for basic version of Geneve. It can work with the base header (including the VNI) and is capable of parsing options but does not currently support any particular option definitions. Over time, the intention is to allow options to be matched through OpenFlow without requiring explicit support in OVS userspace. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Thomas Graf <tgraf@suug.ch> Acked-by: Pravin B Shelar <pshelar@nicira.com>
2014-06-05 19:07:32 -07:00
} else if (!strcmp(type, "geneve")) {
return OVS_VPORT_TYPE_GENEVE;
netdev-vport: Build on all platforms. This patch removes the final bit of linux specific code which prevents building netdev-vport everywhere. With this, other platforms automatically get access to patch ports, and (if their datapath supports it), flow based tunneling. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-25 13:30:40 -08:00
} else if (!strcmp(type, "vxlan")) {
return OVS_VPORT_TYPE_VXLAN;
userspace: add erspan tunnel support. ERSPAN is a tunneling protocol based on GRE tunnel. The patch add erspan tunnel support for ovs-vswitchd with userspace datapath. Configuring erspan tunnel is similar to gre tunnel, but with additional erspan's parameters. Matching a flow on erspan's metadata is also supported, see ovs-fields for more details. Signed-off-by: William Tu <u9012063@gmail.com> Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-05-15 16:10:48 -04:00
} else if (!strcmp(type, "erspan")) {
return OVS_VPORT_TYPE_ERSPAN;
} else if (!strcmp(type, "ip6erspan")) {
return OVS_VPORT_TYPE_IP6ERSPAN;
ip6gre: Add ip6gre vport type Add handlers for OVS_VPORT_TYPE_IP6GRE Cc: Ben Pfaff <blp@ovn.org> Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: William Tu <u9012063@gmail.com>
2018-05-04 10:14:44 -07:00
} else if (!strcmp(type, "ip6gre")) {
return OVS_VPORT_TYPE_IP6GRE;
lib/dpif-netlink: Fix miscompare of gre ports In netdev_to_ovs_vport_type() it checks for netdev types matching "gre" with a strstr(). This makes it match ip6gre as well and return OVS_VPORT_TYPE_GRE, which is clearly wrong. Move the usage of strstr() *after* all the exact matches with strcmp() to avoid the problem permanently because when I added the ip6gre type I ran into a very difficult to detect bug. Cc: Ben Pfaff <blp@ovn.org> Signed-off-by: Greg Rose <gvrose8192@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: William Tu <u9012063@gmail.com>
2018-05-04 16:48:43 -07:00
} else if (!strcmp(type, "gre")) {
return OVS_VPORT_TYPE_GRE;
userspace: Add GTP-U support. GTP, GPRS Tunneling Protocol, is a group of IP-based communications protocols used to carry general packet radio service (GPRS) within GSM, UMTS and LTE networks. GTP protocol has two parts: Signalling (GTP-Control, GTP-C) and User data (GTP-User, GTP-U). GTP-C is used for setting up GTP-U protocol, which is an IP-in-UDP tunneling protocol. Usually GTP is used in connecting between base station for radio, Serving Gateway (S-GW), and PDN Gateway (P-GW). This patch implements GTP-U protocol for userspace datapath, supporting only required header fields and G-PDU message type. See spec in: https://tools.ietf.org/html/draft-hmm-dmm-5g-uplane-analysis-00 Tested-at: https://travis-ci.org/github/williamtu/ovs-travis/builds/666518784 Signed-off-by: Feng Yang <yangfengee04@gmail.com> Co-authored-by: Feng Yang <yangfengee04@gmail.com> Signed-off-by: Yi Yang <yangyi01@inspur.com> Co-authored-by: Yi Yang <yangyi01@inspur.com> Signed-off-by: William Tu <u9012063@gmail.com> Acked-by: Ben Pfaff <blp@ovn.org>
2019-11-25 11:19:23 -08:00
} else if (!strcmp(type, "gtpu")) {
return OVS_VPORT_TYPE_GTPU;
userspace: Add SRv6 tunnel support. SRv6 (Segment Routing IPv6) tunnel vport is responsible for encapsulation and decapsulation the inner packets with IPv6 header and an extended header called SRH (Segment Routing Header). See spec in: https://datatracker.ietf.org/doc/html/rfc8754 This patch implements SRv6 tunneling in userspace datapath. It uses `remote_ip` and `local_ip` options as with existing tunnel protocols. It also adds a dedicated `srv6_segs` option to define a sequence of routers called segment list. Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-03-29 14:51:17 +09:00
} else if (!strcmp(type, "srv6")) {
return OVS_VPORT_TYPE_SRV6;
tunnel: Bareudp Tunnel Support. There are various L3 encapsulation standards using UDP being discussed to leverage the UDP based load balancing capability of different networks. MPLSoUDP (__ https://tools.ietf.org/html/rfc7510) is one among them. The Bareudp tunnel provides a generic L3 encapsulation support for tunnelling different L3 protocols like MPLS, IP, NSH etc. inside a UDP tunnel. An example to create bareudp device to tunnel MPLS traffic is given $ ovs-vsctl add-port br_mpls udp_port -- set interface udp_port \ type=bareudp options:remote_ip=2.1.1.3 options:local_ip=2.1.1.2 \ options:payload_type=0x8847 options:dst_port=6635 The bareudp device supports special handling for MPLS & IP as they can have multiple ethertypes. MPLS procotcol can have ethertypes ETH_P_MPLS_UC (unicast) & ETH_P_MPLS_MC (multicast). IP protocol can have ethertypes ETH_P_IP (v4) & ETH_P_IPV6 (v6). The bareudp device to tunnel L3 traffic with multiple ethertypes (MPLS & IP) can be created by passing the L3 protocol name as string in the field payload_type. An example to create bareudp device to tunnel MPLS unicast & multicast traffic is given below.:: $ ovs-vsctl add-port br_mpls udp_port -- set interface udp_port \ type=bareudp options:remote_ip=2.1.1.3 options:local_ip=2.1.1.2 \ options:payload_type=mpls options:dst_port=6635 Signed-off-by: Martin Varghese <martin.varghese@nokia.com> Acked-By: Greg Rose <gvrose8192@gmail.com> Tested-by: Greg Rose <gvrose8192@gmail.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-12-17 12:48:41 +05:30
} else if (!strcmp(type, "bareudp")) {
return OVS_VPORT_TYPE_BAREUDP;
netdev-vport: Build on all platforms. This patch removes the final bit of linux specific code which prevents building netdev-vport everywhere. With this, other platforms automatically get access to patch ports, and (if their datapath supports it), flow based tunneling. Signed-off-by: Ethan Jackson <ethan@nicira.com>
2013-01-25 13:30:40 -08:00
} else {
return OVS_VPORT_TYPE_UNSPEC;
}
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static int
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
dpif_netlink_port_add__(struct dpif_netlink *dpif, const char *name,
enum ovs_vport_type type,
struct ofpbuf *options,
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
odp_port_t *port_nop)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
OVS_REQ_WRLOCK(dpif->upcall_lock)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport request, reply;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
struct ofpbuf *buf;
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
struct nl_sock *sock = NULL;
dpif-netlink: Fix null pointer. In dpif_netlink_port_add__(), socksp could be NULL, because vport_socksp_to_pids() would allocate a new array and return a single zero element. Following vport_socksp_to_pids() removal, a NULL pointer can happen when dpif_netlink_port_add__() is called and dpif->handlers is 0. Restore the old behaviour of using a zero pid when dpif->handlers is 0. Fixes: 69c51582f ("dpif-netlink: don't allocate per thread netlink sockets") Reported-by: Flavio Leitner <fbl@redhat.com> Reported-by: Guru Shetty <guru@ovn.org> Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-10-06 18:19:55 +02:00
uint32_t upcall_pids = 0;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
int error = 0;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
/* per-cpu dispatch mode does not require a socket per vport. */
if (!dpif_netlink_upcall_per_cpu(dpif)) {
if (dpif->handlers) {
error = create_nl_sock(dpif, &sock);
if (error) {
return error;
}
}
if (sock) {
upcall_pids = nl_sock_pid(sock);
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
}
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(&request);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
request.cmd = OVS_VPORT_CMD_NEW;
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
request.dp_ifindex = dpif->dp_ifindex;
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
request.type = type;
request.name = name;
request.port_no = *port_nop;
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
request.n_upcall_pids = 1;
request.upcall_pids = &upcall_pids;
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
if (options) {
request.options = options->data;
request.options_len = options->size;
}
error = dpif_netlink_vport_transact(&request, &reply, &buf);
if (!error) {
*port_nop = reply.port_no;
} else {
if (error == EBUSY && *port_nop != ODPP_NONE) {
VLOG_INFO("%s: requested port %"PRIu32" is in use",
dpif_name(&dpif->dpif), *port_nop);
}
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
close_nl_sock(sock);
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
goto exit;
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (!dpif_netlink_upcall_per_cpu(dpif)) {
error = vport_add_channel(dpif, *port_nop, sock);
if (error) {
VLOG_INFO("%s: could not add channel for port %s",
dpif_name(&dpif->dpif), name);
/* Delete the port. */
dpif_netlink_vport_init(&request);
request.cmd = OVS_VPORT_CMD_DEL;
request.dp_ifindex = dpif->dp_ifindex;
request.port_no = *port_nop;
dpif_netlink_vport_transact(&request, NULL, NULL);
close_nl_sock(sock);
goto exit;
}
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
}
exit:
ofpbuf_delete(buf);
return error;
}
static int
dpif_netlink_port_add_compat(struct dpif_netlink *dpif, struct netdev *netdev,
odp_port_t *port_nop)
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
const struct netdev_tunnel_config *tnl_cfg;
char namebuf[NETDEV_VPORT_NAME_BUFSIZE];
const char *type = netdev_get_type(netdev);
uint64_t options_stub[64 / 8];
enum ovs_vport_type ovs_type;
struct ofpbuf options;
const char *name;
name = netdev_vport_get_dpif_port(netdev, namebuf, sizeof namebuf);
ovs_type = netdev_to_ovs_vport_type(netdev_get_type(netdev));
if (ovs_type == OVS_VPORT_TYPE_UNSPEC) {
datapath: Change vport type from string to integer enumeration. I plan to make the vport type part of the standard header stuck on each Netlink message related to a vport. As such, it is more convenient to use an integer than a string. In addition, by being fundamentally different from strings, using an integer may reduce the confusion we've had in the past over the differences in userspace and kernel names for network device and vport types. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-23 20:01:30 -08:00
VLOG_WARN_RL(&error_rl, "%s: cannot create port `%s' because it has "
"unsupported type `%s'",
dpif-linux: Pass 'struct dpif_linux *' to internal static functions. This commit reformats the dpif-linux module so that all internal static functions take 'struct dpif_linux *' as input argument. This will allow the adding of thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 16:33:17 -07:00
dpif_name(&dpif->dpif), name, type);
datapath: Change vport type from string to integer enumeration. I plan to make the vport type part of the standard header stuck on each Netlink message related to a vport. As such, it is more convenient to use an integer than a string. In addition, by being fundamentally different from strings, using an integer may reduce the confusion we've had in the past over the differences in userspace and kernel names for network device and vport types. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-23 20:01:30 -08:00
return EINVAL;
}
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
if (ovs_type == OVS_VPORT_TYPE_NETDEV) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
#ifdef _WIN32
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
/* XXX : Map appropiate Windows handle */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
#else
datapath: Disable LRO from userspace instead of the kernel. Whenever a port is added to the datapath, LRO is automatically disabled. In the future, we may want to enable LRO in some circumstances, so have userspace disable LRO through the ethtool ioctls. As part of this change, the MTU and LRO checks are moved to netdev-vport's send(), which is where they're actually needed. Feature #6810 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-26 23:34:40 -07:00
netdev_linux_ethtool_set_flag(netdev, ETH_FLAG_LRO, "LRO", false);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
#endif
datapath: Disable LRO from userspace instead of the kernel. Whenever a port is added to the datapath, LRO is automatically disabled. In the future, we may want to enable LRO in some circumstances, so have userspace disable LRO through the ethtool ioctls. As part of this change, the MTU and LRO checks are moved to netdev-vport's send(), which is where they're actually needed. Feature #6810 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-26 23:34:40 -07:00
}
Windows: Add internal switch port per OVS bridge This patch updates the following commands in the vswitch: ovs-vsctl add-br br-test ovs-vsctl del-br br-test ovs-vsctl add-br br-test: This command will now create an internal port on the MSFT virtual switch using the WMI interface from Msvm_VirtualEthernetSwitchManagementService leveraging the method AddResourceSettings. Before creating the actual port, the switch will be queried to see if there is not a port already created (good for restarts when restarting the vswitch daemon). If there is a port defined it will return success and log a message. After checking if the port already exists the command will also verify if the forwarding extension (windows datapath) is enabled and on a single switch. If it is not activated or if it is activated on multiple switches it will return an error and a message will be logged. After the port was created on the switch, we will disable the adapter on the host and rename to the corresponding OVS bridge name for consistency. The user will enable and set the values he wants after creation. ovs-vsctl del-br br-test This command will remove an internal port on the MSFT virtual switch using the Msvm_VirtualEthernetSwitchManagementService class and executing the method RemoveResourceSettings. Both commands will be blocking until the WMI job is finished, this allows us to guarantee that the ports are created and their name are set before issuing a netlink message to the windows datapath. This patch also includes helpers for normal WMI retrievals and initializations. Appveyor and documentation has been modified to include the libraries needed for COM objects. This patch was tested individually using IMallocSpy and CRT heap checks to ensure no new memory leaks are introduced. Tested on the following OS's: Windows 2012, Windows 2012r2, Windows 2016 Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Acked-by: Paul Boca <pboca@cloudbasesolutions.com> Acked-by: Sairam Venugopal <vsairam@vmware.com> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
2016-12-20 19:41:22 +00:00
#ifdef _WIN32
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
if (ovs_type == OVS_VPORT_TYPE_INTERNAL) {
Windows: Add internal switch port per OVS bridge This patch updates the following commands in the vswitch: ovs-vsctl add-br br-test ovs-vsctl del-br br-test ovs-vsctl add-br br-test: This command will now create an internal port on the MSFT virtual switch using the WMI interface from Msvm_VirtualEthernetSwitchManagementService leveraging the method AddResourceSettings. Before creating the actual port, the switch will be queried to see if there is not a port already created (good for restarts when restarting the vswitch daemon). If there is a port defined it will return success and log a message. After checking if the port already exists the command will also verify if the forwarding extension (windows datapath) is enabled and on a single switch. If it is not activated or if it is activated on multiple switches it will return an error and a message will be logged. After the port was created on the switch, we will disable the adapter on the host and rename to the corresponding OVS bridge name for consistency. The user will enable and set the values he wants after creation. ovs-vsctl del-br br-test This command will remove an internal port on the MSFT virtual switch using the Msvm_VirtualEthernetSwitchManagementService class and executing the method RemoveResourceSettings. Both commands will be blocking until the WMI job is finished, this allows us to guarantee that the ports are created and their name are set before issuing a netlink message to the windows datapath. This patch also includes helpers for normal WMI retrievals and initializations. Appveyor and documentation has been modified to include the libraries needed for COM objects. This patch was tested individually using IMallocSpy and CRT heap checks to ensure no new memory leaks are introduced. Tested on the following OS's: Windows 2012, Windows 2012r2, Windows 2016 Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Acked-by: Paul Boca <pboca@cloudbasesolutions.com> Acked-by: Sairam Venugopal <vsairam@vmware.com> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
2016-12-20 19:41:22 +00:00
if (!create_wmi_port(name)){
VLOG_ERR("Could not create wmi internal port with name:%s", name);
return EINVAL;
};
}
#endif
Modify dpif_linux_port_add() to set the destination port for VXLAN ports. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:26 -05:00
tnl_cfg = netdev_get_tunnel_config(netdev);
tunnel: Provide framework for tunnel extensions for VXLAN-GBP and others Supports a new "exts" field in the tunnel configuration which takes a comma separated list of enabled extensions. The only extension supported so far is GBP but this can be used to enable RCO and possibly others as soon as the OVS datapath supports them. Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-06 21:10:45 +01:00
if (tnl_cfg && (tnl_cfg->dst_port != 0 || tnl_cfg->exts)) {
Modify dpif_linux_port_add() to set the destination port for VXLAN ports. Signed-off-by: Kyle Mestery <kmestery@cisco.com> Acked-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-02-14 09:37:26 -05:00
ofpbuf_use_stack(&options, options_stub, sizeof options_stub);
tunnel: Provide framework for tunnel extensions for VXLAN-GBP and others Supports a new "exts" field in the tunnel configuration which takes a comma separated list of enabled extensions. The only extension supported so far is GBP but this can be used to enable RCO and possibly others as soon as the OVS datapath supports them. Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-06 21:10:45 +01:00
if (tnl_cfg->dst_port) {
nl_msg_put_u16(&options, OVS_TUNNEL_ATTR_DST_PORT,
ntohs(tnl_cfg->dst_port));
}
if (tnl_cfg->exts) {
size_t ext_ofs;
int i;
ext_ofs = nl_msg_start_nested(&options, OVS_TUNNEL_ATTR_EXTENSION);
for (i = 0; i < 32; i++) {
dpif-netlink: Fix incorrect bit shift in compat mode. SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior in lib/dpif-netlink.c:1077:40: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' #0 0x73fc31 in dpif_netlink_port_add_compat lib/dpif-netlink.c:1077:40 #1 0x73fc31 in dpif_netlink_port_add lib/dpif-netlink.c:1132:17 #2 0x2c1745 in dpif_port_add lib/dpif.c:597:13 #3 0x07b279 in port_add ofproto/ofproto-dpif.c:3957:17 #4 0x01b209 in ofproto_port_add ofproto/ofproto.c:2124:13 #5 0xfdbfce in iface_do_create vswitchd/bridge.c:2066:13 #6 0xfdbfce in iface_create vswitchd/bridge.c:2109:13 #7 0xfdbfce in bridge_add_ports__ vswitchd/bridge.c:1173:21 #8 0xfb5319 in bridge_add_ports vswitchd/bridge.c:1189:5 #9 0xfb5319 in bridge_reconfigure vswitchd/bridge.c:901:9 #10 0xfae0f9 in bridge_run vswitchd/bridge.c:3334:9 #11 0xfe67dd in main vswitchd/ovs-vswitchd.c:129:9 #12 0x4b6d8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) #13 0x4b6e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) #14 0x562594eed024 in _start (vswitchd/ovs-vswitchd+0x787024) Fixes: 526df7d8543f ("tunnel: Provide framework for tunnel extensions for VXLAN-GBP and others") Acked-by: Mike Pattrick <mkp@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-07-28 17:43:34 +02:00
if (tnl_cfg->exts & (UINT32_C(1) << i)) {
tunnel: Provide framework for tunnel extensions for VXLAN-GBP and others Supports a new "exts" field in the tunnel configuration which takes a comma separated list of enabled extensions. The only extension supported so far is GBP but this can be used to enable RCO and possibly others as soon as the OVS datapath supports them. Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-06 21:10:45 +01:00
nl_msg_put_flag(&options, i);
}
}
nl_msg_end_nested(&options, ext_ofs);
}
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
return dpif_netlink_port_add__(dpif, name, ovs_type, &options,
port_nop);
dpif-linux: Fix segfault when a port already exists. Commit 78a2d59c (dpif-linux.c: Let the kernel pick a port number if one not requested.) changed the logic for port assignment, but didn't properly handle some error conditions. An attempt to add a tunnel port that already exists would lead to a segfault. This commit fixes the logic to stop processing and return an error. Reported-by: Gurucharan Shetty <shettyg@nicira.com> Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-16 15:53:14 -08:00
} else {
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
return dpif_netlink_port_add__(dpif, name, ovs_type, NULL, port_nop);
dpif-linux.c: Let the kernel pick a port number if one not requested. With the single datapath change, we no longer depend on the kernel to make sure that we don't reuse OpenFlow port numbers, since the ofproto library now picks them. Remove the code that contained that logic. Suggested-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Justin Pettit <jpettit@nicira.com>
2012-11-14 15:58:19 -08:00
}
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
dpif-netlink: Refactor code to create compat ports This breaks up creating compat ports so we can reuse some of the code to create ports with rtnetlink. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:28 -04:00
}
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
static int
dpif-netlink: Support rtnetlink port creation. In order to be able to add those tunnels, we need to add code to create the tunnels and add them as NETDEV vports. And when there is no support to create them, we need to fallback to compatibility code and add them as tunnel vports. When removing those tunnels, we need to remove the interfaces as well, and detecting the right type might be important, at least to distinguish the tunnel vports that we should remove and the interfaces that we shouldn't. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:29 -04:00
dpif_netlink_rtnl_port_create_and_add(struct dpif_netlink *dpif,
struct netdev *netdev,
odp_port_t *port_nop)
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
char namebuf[NETDEV_VPORT_NAME_BUFSIZE];
const char *name;
int error;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-netlink: Support rtnetlink port creation. In order to be able to add those tunnels, we need to add code to create the tunnels and add them as NETDEV vports. And when there is no support to create them, we need to fallback to compatibility code and add them as tunnel vports. When removing those tunnels, we need to remove the interfaces as well, and detecting the right type might be important, at least to distinguish the tunnel vports that we should remove and the interfaces that we shouldn't. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:29 -04:00
error = dpif_netlink_rtnl_port_create(netdev);
if (error) {
if (error != EOPNOTSUPP) {
dpif-netlink: Fix log level for error message Since it's an error but also will always occur in older kernels log the message with level warning instead of info. Signed-off-by: Roi Dayan <roid@mellanox.com> Acked-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-07-30 07:58:17 +03:00
VLOG_WARN_RL(&rl, "Failed to create %s with rtnetlink: %s",
dpif-netlink: Support rtnetlink port creation. In order to be able to add those tunnels, we need to add code to create the tunnels and add them as NETDEV vports. And when there is no support to create them, we need to fallback to compatibility code and add them as tunnel vports. When removing those tunnels, we need to remove the interfaces as well, and detecting the right type might be important, at least to distinguish the tunnel vports that we should remove and the interfaces that we shouldn't. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:29 -04:00
netdev_get_name(netdev), ovs_strerror(error));
}
return error;
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif-netlink: Support rtnetlink port creation. In order to be able to add those tunnels, we need to add code to create the tunnels and add them as NETDEV vports. And when there is no support to create them, we need to fallback to compatibility code and add them as tunnel vports. When removing those tunnels, we need to remove the interfaces as well, and detecting the right type might be important, at least to distinguish the tunnel vports that we should remove and the interfaces that we shouldn't. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:29 -04:00
name = netdev_vport_get_dpif_port(netdev, namebuf, sizeof namebuf);
error = dpif_netlink_port_add__(dpif, name, OVS_VPORT_TYPE_NETDEV, NULL,
port_nop);
Revert "dpif-netlink: Don't destroy and recreate port if it exists" This reverts commit a38dccb3ee80a1d0b8973191c9e94f045441f8cc. The original commit 7521e0cf9e88 ("ofproto-dpif: Let the dpif report when a port is a duplicate.") relies on the kernel to check if the port exists or not. However, the current kernel code doesn't handle when the port is moved to another network namespace. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-12-13 12:24:46 -02:00
if (error) {
dpif-netlink: Support rtnetlink port creation. In order to be able to add those tunnels, we need to add code to create the tunnels and add them as NETDEV vports. And when there is no support to create them, we need to fallback to compatibility code and add them as tunnel vports. When removing those tunnels, we need to remove the interfaces as well, and detecting the right type might be important, at least to distinguish the tunnel vports that we should remove and the interfaces that we shouldn't. Co-authored-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:29 -04:00
dpif_netlink_rtnl_port_destroy(name, netdev_get_type(netdev));
}
return error;
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_add(struct dpif *dpif_, struct netdev *netdev,
odp_port_t *port_nop)
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
int error = EOPNOTSUPP;
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_wrlock(&dpif->upcall_lock);
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
if (!ovs_tunnels_out_of_tree) {
error = dpif_netlink_rtnl_port_create_and_add(dpif, netdev, port_nop);
}
Revert "dpif-netlink: Don't destroy and recreate port if it exists" This reverts commit a38dccb3ee80a1d0b8973191c9e94f045441f8cc. The original commit 7521e0cf9e88 ("ofproto-dpif: Let the dpif report when a port is a duplicate.") relies on the kernel to check if the port exists or not. However, the current kernel code doesn't handle when the port is moved to another network namespace. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-12-13 12:24:46 -02:00
if (error) {
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
error = dpif_netlink_port_add_compat(dpif, netdev, port_nop);
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_unlock(&dpif->upcall_lock);
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
return error;
}
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_del__(struct dpif_netlink *dpif, odp_port_t port_no)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
OVS_REQ_WRLOCK(dpif->upcall_lock)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport vport;
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
struct dpif_port dpif_port;
dpif-linux: Choose port numbers more prudently. Before this patch the kernel chose the lowest available number for newly created datapath ports. This patch moves the port number choosing responsibility to user space, and implements a least recently used port number queue in an attempt to avoid reuse. Bug #2140.
2011-04-04 16:55:34 -07:00
int error;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
error = dpif_netlink_port_query__(dpif, port_no, NULL, &dpif_port);
if (error) {
return error;
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(&vport);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
vport.cmd = OVS_VPORT_CMD_DEL;
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
vport.dp_ifindex = dpif->dp_ifindex;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
vport.port_no = port_no;
Windows: Add internal switch port per OVS bridge This patch updates the following commands in the vswitch: ovs-vsctl add-br br-test ovs-vsctl del-br br-test ovs-vsctl add-br br-test: This command will now create an internal port on the MSFT virtual switch using the WMI interface from Msvm_VirtualEthernetSwitchManagementService leveraging the method AddResourceSettings. Before creating the actual port, the switch will be queried to see if there is not a port already created (good for restarts when restarting the vswitch daemon). If there is a port defined it will return success and log a message. After checking if the port already exists the command will also verify if the forwarding extension (windows datapath) is enabled and on a single switch. If it is not activated or if it is activated on multiple switches it will return an error and a message will be logged. After the port was created on the switch, we will disable the adapter on the host and rename to the corresponding OVS bridge name for consistency. The user will enable and set the values he wants after creation. ovs-vsctl del-br br-test This command will remove an internal port on the MSFT virtual switch using the Msvm_VirtualEthernetSwitchManagementService class and executing the method RemoveResourceSettings. Both commands will be blocking until the WMI job is finished, this allows us to guarantee that the ports are created and their name are set before issuing a netlink message to the windows datapath. This patch also includes helpers for normal WMI retrievals and initializations. Appveyor and documentation has been modified to include the libraries needed for COM objects. This patch was tested individually using IMallocSpy and CRT heap checks to ensure no new memory leaks are introduced. Tested on the following OS's: Windows 2012, Windows 2012r2, Windows 2016 Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Acked-by: Paul Boca <pboca@cloudbasesolutions.com> Acked-by: Sairam Venugopal <vsairam@vmware.com> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
2016-12-20 19:41:22 +00:00
#ifdef _WIN32
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
if (!strcmp(dpif_port.type, "internal")) {
if (!delete_wmi_port(dpif_port.name)) {
Windows: Add internal switch port per OVS bridge This patch updates the following commands in the vswitch: ovs-vsctl add-br br-test ovs-vsctl del-br br-test ovs-vsctl add-br br-test: This command will now create an internal port on the MSFT virtual switch using the WMI interface from Msvm_VirtualEthernetSwitchManagementService leveraging the method AddResourceSettings. Before creating the actual port, the switch will be queried to see if there is not a port already created (good for restarts when restarting the vswitch daemon). If there is a port defined it will return success and log a message. After checking if the port already exists the command will also verify if the forwarding extension (windows datapath) is enabled and on a single switch. If it is not activated or if it is activated on multiple switches it will return an error and a message will be logged. After the port was created on the switch, we will disable the adapter on the host and rename to the corresponding OVS bridge name for consistency. The user will enable and set the values he wants after creation. ovs-vsctl del-br br-test This command will remove an internal port on the MSFT virtual switch using the Msvm_VirtualEthernetSwitchManagementService class and executing the method RemoveResourceSettings. Both commands will be blocking until the WMI job is finished, this allows us to guarantee that the ports are created and their name are set before issuing a netlink message to the windows datapath. This patch also includes helpers for normal WMI retrievals and initializations. Appveyor and documentation has been modified to include the libraries needed for COM objects. This patch was tested individually using IMallocSpy and CRT heap checks to ensure no new memory leaks are introduced. Tested on the following OS's: Windows 2012, Windows 2012r2, Windows 2016 Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Acked-by: Paul Boca <pboca@cloudbasesolutions.com> Acked-by: Sairam Venugopal <vsairam@vmware.com> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
2016-12-20 19:41:22 +00:00
VLOG_ERR("Could not delete wmi port with name: %s",
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
dpif_port.name);
Windows: Add internal switch port per OVS bridge This patch updates the following commands in the vswitch: ovs-vsctl add-br br-test ovs-vsctl del-br br-test ovs-vsctl add-br br-test: This command will now create an internal port on the MSFT virtual switch using the WMI interface from Msvm_VirtualEthernetSwitchManagementService leveraging the method AddResourceSettings. Before creating the actual port, the switch will be queried to see if there is not a port already created (good for restarts when restarting the vswitch daemon). If there is a port defined it will return success and log a message. After checking if the port already exists the command will also verify if the forwarding extension (windows datapath) is enabled and on a single switch. If it is not activated or if it is activated on multiple switches it will return an error and a message will be logged. After the port was created on the switch, we will disable the adapter on the host and rename to the corresponding OVS bridge name for consistency. The user will enable and set the values he wants after creation. ovs-vsctl del-br br-test This command will remove an internal port on the MSFT virtual switch using the Msvm_VirtualEthernetSwitchManagementService class and executing the method RemoveResourceSettings. Both commands will be blocking until the WMI job is finished, this allows us to guarantee that the ports are created and their name are set before issuing a netlink message to the windows datapath. This patch also includes helpers for normal WMI retrievals and initializations. Appveyor and documentation has been modified to include the libraries needed for COM objects. This patch was tested individually using IMallocSpy and CRT heap checks to ensure no new memory leaks are introduced. Tested on the following OS's: Windows 2012, Windows 2012r2, Windows 2016 Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Acked-by: Paul Boca <pboca@cloudbasesolutions.com> Acked-by: Sairam Venugopal <vsairam@vmware.com> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
2016-12-20 19:41:22 +00:00
};
}
#endif
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_vport_transact(&vport, NULL, NULL);
dpif-linux: Choose port numbers more prudently. Before this patch the kernel chose the lowest available number for newly created datapath ports. This patch moves the port number choosing responsibility to user space, and implements a least recently used port number queue in an attempt to avoid reuse. Bug #2140.
2011-04-04 16:55:34 -07:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
vport_del_channels(dpif, port_no);
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
if (!error && !ovs_tunnels_out_of_tree) {
error = dpif_netlink_rtnl_port_destroy(dpif_port.name, dpif_port.type);
if (error == EOPNOTSUPP) {
error = 0;
}
}
dpif_port_destroy(&dpif_port);
dpif-linux: Choose port numbers more prudently. Before this patch the kernel chose the lowest available number for newly created datapath ports. This patch moves the port number choosing responsibility to user space, and implements a least recently used port number queue in an attempt to avoid reuse. Bug #2140.
2011-04-04 16:55:34 -07:00
return error;
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
}
dpif-linux: Clean up vports that are no longer in config. If the config changes while ovs-vswitchd is not running it is possible that there could be some vports which are no longer needed but won't be destroyed when closed because they aren't open. This deletes unneeded vports at the same time that we clean up unneeded datapaths.
2010-04-10 01:19:29 -04:00
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_del(struct dpif *dpif_, odp_port_t port_no)
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
int error;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_wrlock(&dpif->upcall_lock);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_port_del__(dpif, port_no);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_unlock(&dpif->upcall_lock);
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
return error;
}
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_query__(const struct dpif_netlink *dpif, odp_port_t port_no,
const char *port_name, struct dpif_port *dpif_port)
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport request;
struct dpif_netlink_vport reply;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
struct ofpbuf *buf;
dpif: Eliminate "struct odp_port" from client-visible interface. Following this commit, "struct odp_port" is only used in Linux-specific parts of OVS userspace code. This allows the actual Linux datapath interface to evolve more freely. Reviewed by Justin Pettit.
2011-01-23 18:48:02 -08:00
int error;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(&request);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
request.cmd = OVS_VPORT_CMD_GET;
dpif-linux: Pass 'struct dpif_linux *' to internal static functions. This commit reformats the dpif-linux module so that all internal static functions take 'struct dpif_linux *' as input argument. This will allow the adding of thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 16:33:17 -07:00
request.dp_ifindex = dpif->dp_ifindex;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
request.port_no = port_no;
request.name = port_name;
dpif: Eliminate "struct odp_port" from client-visible interface. Following this commit, "struct odp_port" is only used in Linux-specific parts of OVS userspace code. This allows the actual Linux datapath interface to evolve more freely. Reviewed by Justin Pettit.
2011-01-23 18:48:02 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_vport_transact(&request, &reply, &buf);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
if (!error) {
dpif-linux: Make dpif_linux_port_query_by_name() query only one datapath. The kernel will report a vport with the given name in any datapath, but userspace only wants a vport with the given name in a specific datapath. Receiving information on a vport in an unexpected datapath yields bizarre and hard-to-debug problems. Bug #9889. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-02-27 18:42:17 -08:00
if (reply.dp_ifindex != request.dp_ifindex) {
/* A query by name reported that 'port_name' is in some datapath
* other than 'dpif', but the caller wants to know about 'dpif'. */
error = ENODEV;
dpif: Add new dpif_port_exists() function. Provide the ability to determine whether a port exists in a datapath without having to deal with a "dpif_port" structure as with dpif_port_query_by_name(). A future patch will use this function. Signed-off-by: Justin Pettit <jpettit@nicira.com>
2012-10-17 23:11:53 -07:00
} else if (dpif_port) {
dpif-linux: Make dpif_linux_port_query_by_name() query only one datapath. The kernel will report a vport with the given name in any datapath, but userspace only wants a vport with the given name in a specific datapath. Receiving information on a vport in an unexpected datapath yields bizarre and hard-to-debug problems. Bug #9889. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-02-27 18:42:17 -08:00
dpif_port->name = xstrdup(reply.name);
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
dpif_port->type = xstrdup(get_vport_type(&reply));
dpif-linux: Make dpif_linux_port_query_by_name() query only one datapath. The kernel will report a vport with the given name in any datapath, but userspace only wants a vport with the given name in a specific datapath. Receiving information on a vport in an unexpected datapath yields bizarre and hard-to-debug problems. Bug #9889. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-02-27 18:42:17 -08:00
dpif_port->port_no = reply.port_no;
}
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
ofpbuf_delete(buf);
dpif-linux: Clean up vports that are no longer in config. If the config changes while ovs-vswitchd is not running it is possible that there could be some vports which are no longer needed but won't be destroyed when closed because they aren't open. This deletes unneeded vports at the same time that we clean up unneeded datapaths.
2010-04-10 01:19:29 -04:00
}
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
return error;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_query_by_number(const struct dpif *dpif_, odp_port_t port_no,
struct dpif_port *dpif_port)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Pass 'struct dpif_linux *' to internal static functions. This commit reformats the dpif-linux module so that all internal static functions take 'struct dpif_linux *' as input argument. This will allow the adding of thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 16:33:17 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return dpif_netlink_port_query__(dpif, port_no, NULL, dpif_port);
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_query_by_name(const struct dpif *dpif_, const char *devname,
dpif: Eliminate "struct odp_port" from client-visible interface. Following this commit, "struct odp_port" is only used in Linux-specific parts of OVS userspace code. This allows the actual Linux datapath interface to evolve more freely. Reviewed by Justin Pettit.
2011-01-23 18:48:02 -08:00
struct dpif_port *dpif_port)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Pass 'struct dpif_linux *' to internal static functions. This commit reformats the dpif-linux module so that all internal static functions take 'struct dpif_linux *' as input argument. This will allow the adding of thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 16:33:17 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return dpif_netlink_port_query__(dpif, 0, devname, dpif_port);
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
datapath: Move Netlink PID for userspace actions from flows to actions. Commit b063d9f06 "datapath: Use unicast Netlink sockets for upcalls" that switched from multicast to unicast Netlink for sending upcalls added a Netlink PID to each kernel flow, used by OVS_ACTION_ATTR_USERSPACE actions within the flow as target. This commit drops this per-flow PID in favor of a per-action PID, because that is more flexible. It does not yet make use of this additional flexibility, so behavior should not change. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #7559.
2011-10-12 16:24:54 -07:00
static uint32_t
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_get_pid__(const struct dpif_netlink *dpif,
dpif: Remove support for multiple queues per port. Commit 69c51582ff78 ("dpif-netlink: don't allocate per thread netlink sockets") removed dpif-netlink support for multiple queues per port. No remaining dpif provider supports multiple queues per port, so remove infrastructure for the feature. CC: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: Yifeng Sun <pkusunyifeng@gmail.com> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-09-25 15:14:13 -07:00
odp_port_t port_no)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
OVS_REQ_RDLOCK(dpif->upcall_lock)
datapath: Move Netlink PID for userspace actions from flows to actions. Commit b063d9f06 "datapath: Use unicast Netlink sockets for upcalls" that switched from multicast to unicast Netlink for sending upcalls added a Netlink PID to each kernel flow, used by OVS_ACTION_ATTR_USERSPACE actions within the flow as target. This commit drops this per-flow PID in favor of a per-action PID, because that is more flexible. It does not yet make use of this additional flexibility, so behavior should not change. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #7559.
2011-10-12 16:24:54 -07:00
{
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
uint32_t port_idx = odp_to_u32(port_no);
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
uint32_t pid = 0;
datapath: Move Netlink PID for userspace actions from flows to actions. Commit b063d9f06 "datapath: Use unicast Netlink sockets for upcalls" that switched from multicast to unicast Netlink for sending upcalls added a Netlink PID to each kernel flow, used by OVS_ACTION_ATTR_USERSPACE actions within the flow as target. This commit drops this per-flow PID in favor of a per-action PID, because that is more flexible. It does not yet make use of this additional flexibility, so behavior should not change. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #7559.
2011-10-12 16:24:54 -07:00
dpif-linux: Avoid null dereference if all ports disappear. When dpif_linux_refresh_channels() refreshes the set of channels when the number of handlers changes, it destroys all the dpif's channels and sets dpif->uc_array_size to 0. If the port dump later in the function turns up no ports (which generally indicates a bug), then no channels will be allocated and thus dpif->uc_array_size will remain 0 and 'channels' will be null in each handler. This is self-consistent, at least, but dpif_linux_port_get_pid__() was still willing in this situation to try to access element 0 of the set of channels, dereferencing a null pointer. This fixes the problem. I encountered this while looking at a bug that I had introduced during development that caused the port dump to always be empty. It would be difficult to encounter in normal use. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Joe Stringer <joestringer@nicira.com>
2014-07-14 13:17:05 -07:00
if (dpif->handlers && dpif->uc_array_size > 0) {
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
/* The ODPP_NONE "reserved" port number uses the "ovs-system"'s
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
* channel, since it is not heavily loaded. */
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
uint32_t idx = port_idx >= dpif->uc_array_size ? 0 : port_idx;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif-linux: Recheck the socket pointer existence before getting its pid. This commit fixes a race between port deletion and flow miss handling. More specifically, a port could be removed by main thread while the handler thread is handling the flow miss from it. If the flow requires slow path action, the handler thread will try querying a pid from port's socket. Since the port has been deleted, the query will cause a dereference of NULL socket pointer. This commit makes the handler thread recheck the socket pointer before dereferencing it. VMware-BZ: 1251981 Reported-by: Pratap Reddy <preddy@nicira.com> Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Joe Stringer <joestringer@nicira.com>
2014-07-07 21:58:33 -07:00
/* Needs to check in case the socket pointer is changed in between
* the holding of upcall_lock. A known case happens when the main
* thread deletes the vport while the handler thread is handling
* the upcall from that port. */
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
if (dpif->channels[idx].sock) {
pid = nl_sock_pid(dpif->channels[idx].sock);
dpif-linux: Recheck the socket pointer existence before getting its pid. This commit fixes a race between port deletion and flow miss handling. More specifically, a port could be removed by main thread while the handler thread is handling the flow miss from it. If the flow requires slow path action, the handler thread will try querying a pid from port's socket. Since the port has been deleted, the query will cause a dereference of NULL socket pointer. This commit makes the handler thread recheck the socket pointer before dereferencing it. VMware-BZ: 1251981 Reported-by: Pratap Reddy <preddy@nicira.com> Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Joe Stringer <joestringer@nicira.com>
2014-07-07 21:58:33 -07:00
}
datapath: Move Netlink PID for userspace actions from flows to actions. Commit b063d9f06 "datapath: Use unicast Netlink sockets for upcalls" that switched from multicast to unicast Netlink for sending upcalls added a Netlink PID to each kernel flow, used by OVS_ACTION_ATTR_USERSPACE actions within the flow as target. This commit drops this per-flow PID in favor of a per-action PID, because that is more flexible. It does not yet make use of this additional flexibility, so behavior should not change. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #7559.
2011-10-12 16:24:54 -07:00
}
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
return pid;
datapath: Move Netlink PID for userspace actions from flows to actions. Commit b063d9f06 "datapath: Use unicast Netlink sockets for upcalls" that switched from multicast to unicast Netlink for sending upcalls added a Netlink PID to each kernel flow, used by OVS_ACTION_ATTR_USERSPACE actions within the flow as target. This commit drops this per-flow PID in favor of a per-action PID, because that is more flexible. It does not yet make use of this additional flexibility, so behavior should not change. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #7559.
2011-10-12 16:24:54 -07:00
}
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
static uint32_t
dpif: Remove support for multiple queues per port. Commit 69c51582ff78 ("dpif-netlink: don't allocate per thread netlink sockets") removed dpif-netlink support for multiple queues per port. No remaining dpif provider supports multiple queues per port, so remove infrastructure for the feature. CC: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: Yifeng Sun <pkusunyifeng@gmail.com> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-09-25 15:14:13 -07:00
dpif_netlink_port_get_pid(const struct dpif *dpif_, odp_port_t port_no)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
const struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
uint32_t ret;
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
/* In per-cpu dispatch mode, vports do not have an associated PID */
if (dpif_netlink_upcall_per_cpu(dpif)) {
/* In per-cpu dispatch mode, this will be ignored as kernel space will
* select the PID before sending to user space. We set to
* DPIF_NETLINK_PER_CPU_PID as 0 is rejected by kernel space as an
* invalid PID.
*/
return DPIF_NETLINK_PER_CPU_PID;
}
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
fat_rwlock_rdlock(&dpif->upcall_lock);
dpif: Remove support for multiple queues per port. Commit 69c51582ff78 ("dpif-netlink: don't allocate per thread netlink sockets") removed dpif-netlink support for multiple queues per port. No remaining dpif provider supports multiple queues per port, so remove infrastructure for the feature. CC: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: Yifeng Sun <pkusunyifeng@gmail.com> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2018-09-25 15:14:13 -07:00
ret = dpif_netlink_port_get_pid__(dpif, port_no);
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
fat_rwlock_unlock(&dpif->upcall_lock);
return ret;
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_flush(struct dpif *dpif_)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
const char *dpif_type_str = dpif_normalize_type(dpif_type(dpif_));
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
const struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_netlink_flow flow;
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_init(&flow);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
flow.cmd = OVS_FLOW_CMD_DEL;
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
flow.dp_ifindex = dpif->dp_ifindex;
dpif-netlink: Flush added ports using netdev flow api If netdev flow offloading is enabled, flush all added ports using netdev flow api. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:32 +03:00
if (netdev_is_flow_api_enabled()) {
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
netdev_ports_flow_flush(dpif_type_str);
dpif-netlink: Flush added ports using netdev flow api If netdev flow offloading is enabled, flush all added ports using netdev flow api. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:32 +03:00
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return dpif_netlink_flow_transact(&flow, NULL, NULL);
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_port_state {
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
struct nl_dump dump;
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
struct ofpbuf buf;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
};
dpif-linux: Factor out port dumping helper functions. These helpers simplify new code to be added in an upcoming commit. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 14:40:38 -07:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_dump_start__(const struct dpif_netlink *dpif,
struct nl_dump *dump)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport request;
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
struct ofpbuf *buf;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(&request);
dpif-linux: Use correct enum in dpif_linux_flow_dump_start(). Both the old (wrong) and new (correct) enums have the same value, so this doesn't fix a visible bug. Reported-by: ankur dwivedi <ankurengg2003@gmail.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-09-12 10:54:23 -07:00
request.cmd = OVS_VPORT_CMD_GET;
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
request.dp_ifindex = dpif->dp_ifindex;
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
buf = ofpbuf_new(1024);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_to_ofpbuf(&request, buf);
dpif-linux: Factor out port dumping helper functions. These helpers simplify new code to be added in an upcoming commit. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 14:40:38 -07:00
nl_dump_start(dump, NETLINK_GENERIC, buf);
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
ofpbuf_delete(buf);
dpif-linux: Factor out port dumping helper functions. These helpers simplify new code to be added in an upcoming commit. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 14:40:38 -07:00
}
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_dump_start(const struct dpif *dpif_, void **statep)
dpif-linux: Factor out port dumping helper functions. These helpers simplify new code to be added in an upcoming commit. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 14:40:38 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_netlink_port_state *state;
dpif-linux: Factor out port dumping helper functions. These helpers simplify new code to be added in an upcoming commit. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 14:40:38 -07:00
*statep = state = xmalloc(sizeof *state);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_dump_start__(dpif, &state->dump);
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
ofpbuf_init(&state->buf, NL_DUMP_BUFSIZE);
datapath: Change listing ports to use an iterator concept. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. In turn, that means that the odp_port structure must become variable-length. This does not, however, fit in well with the ODP_PORT_LIST ioctl in its current form, because that would require userspace to know how much space to allocate for each port in advance, or to allocate as much space as could possibly be needed. Neither choice is very attractive. This commit prepares for a different solution, by replacing ODP_PORT_LIST by a new ioctl ODP_VPORT_DUMP that retrieves information about a single vport from the datapath on each call. It is much cleaner to allocate the maximum amount of space for a single vport than to do so for possibly a large number of vports. It would be faster to retrieve a number of vports in batch instead of just one at a time, but that will naturally happen later when the kernel datapath interface is changed to use Netlink, so this patch does not bother with it. The Netlink version won't need to take the starting port number from userspace, since Netlink sockets can keep track of that state as part of their "dump" feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-10 13:12:12 -08:00
return 0;
}
dpif-linux: Fix the return type of dpif_linux_port_dump_next__(). Commit 222837 (dpif-linux: Factor out port dumping helper functions.) introduced a bug by making dpif_linux_port_dump_next__() return 'bool' instead of 'int' as defined in dpif-provider.h. This bug causes ovs- vswitchd failure with SEGFAULT when processing slow-path packet. This commit fixes the bug by following the dpif-provider specification. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-17 14:37:09 -08:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_dump_next__(const struct dpif_netlink *dpif,
struct nl_dump *dump,
struct dpif_netlink_vport *vport,
struct ofpbuf *buffer)
dpif-linux: Factor out port dumping helper functions. These helpers simplify new code to be added in an upcoming commit. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 14:40:38 -07:00
{
struct ofpbuf buf;
int error;
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
if (!nl_dump_next(dump, &buf, buffer)) {
dpif-linux: Factor out port dumping helper functions. These helpers simplify new code to be added in an upcoming commit. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 14:40:38 -07:00
return EOF;
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_vport_from_ofpbuf(vport, &buf);
dpif-linux: Factor out port dumping helper functions. These helpers simplify new code to be added in an upcoming commit. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 14:40:38 -07:00
if (error) {
VLOG_WARN_RL(&error_rl, "%s: failed to parse vport record (%s)",
dpif_name(&dpif->dpif), ovs_strerror(error));
}
return error;
}
datapath: Change listing ports to use an iterator concept. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. In turn, that means that the odp_port structure must become variable-length. This does not, however, fit in well with the ODP_PORT_LIST ioctl in its current form, because that would require userspace to know how much space to allocate for each port in advance, or to allocate as much space as could possibly be needed. Neither choice is very attractive. This commit prepares for a different solution, by replacing ODP_PORT_LIST by a new ioctl ODP_VPORT_DUMP that retrieves information about a single vport from the datapath on each call. It is much cleaner to allocate the maximum amount of space for a single vport than to do so for possibly a large number of vports. It would be faster to retrieve a number of vports in batch instead of just one at a time, but that will naturally happen later when the kernel datapath interface is changed to use Netlink, so this patch does not bother with it. The Netlink version won't need to take the starting port number from userspace, since Netlink sockets can keep track of that state as part of their "dump" feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-10 13:12:12 -08:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_dump_next(const struct dpif *dpif_, void *state_,
struct dpif_port *dpif_port)
datapath: Change listing ports to use an iterator concept. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. In turn, that means that the odp_port structure must become variable-length. This does not, however, fit in well with the ODP_PORT_LIST ioctl in its current form, because that would require userspace to know how much space to allocate for each port in advance, or to allocate as much space as could possibly be needed. Neither choice is very attractive. This commit prepares for a different solution, by replacing ODP_PORT_LIST by a new ioctl ODP_VPORT_DUMP that retrieves information about a single vport from the datapath on each call. It is much cleaner to allocate the maximum amount of space for a single vport than to do so for possibly a large number of vports. It would be faster to retrieve a number of vports in batch instead of just one at a time, but that will naturally happen later when the kernel datapath interface is changed to use Netlink, so this patch does not bother with it. The Netlink version won't need to take the starting port number from userspace, since Netlink sockets can keep track of that state as part of their "dump" feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-10 13:12:12 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_netlink_port_state *state = state_;
struct dpif_netlink_vport vport;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
int error;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_port_dump_next__(dpif, &state->dump, &vport,
&state->buf);
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
if (error) {
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
return error;
datapath: Make adding and attaching a vport a single step. For some time now, Open vSwitch datapaths have internally made a distinction between adding a vport and attaching it to a datapath. Adding a vport just means to create it, as an entity detached from any datapath. Attaching it gives it a port number and a datapath. Similarly, a vport could be detached and deleted separately. After some study, I think I understand why this distinction exists. It is because ovs-vswitchd tries to open all the datapath ports before it tries to create them. However, changing it to create them before it tries to open them is not difficult, so this commit does this. The bulk of this commit, however, changes the datapath interface to one that always creates a vport and attaches it to a datapath in a single step, and similarly detaches a vport and deletes it in a single step. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-03 14:41:38 -08:00
}
util: New macro CONST_CAST. Casts are sometimes necessary. One common reason that they are necessary is for discarding a "const" qualifier. However, this can impede maintenance: if the type of the expression being cast changes, then the presence of the cast can hide a necessary change in the code that does the cast. Using CONST_CAST, instead of a bare cast, makes these changes visible. Inspired by my own work elsewhere: http://git.savannah.gnu.org/cgit/pspp.git/tree/src/libpspp/cast.h#n80 Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-07-13 16:00:29 -07:00
dpif_port->name = CONST_CAST(char *, vport.name);
lib: Switch to flow based tunneling. With this patch, ovs-vswitchd uses flow based tunneling exclusively. I.E. each kind of tunnel shares a single tunnel backer in the datapath. Tunnel headers are set by userspace using the ipv4_tunnel datapath action. And, the configuration of individual tunnels is now a userspace responsibility, so netdev-vport no longer marshals and unmarshals Netlink attributes for tunnel configuration, instead only storing the configuration internally. There are still some significant pieces of work to do, but the basic building blocks are there to begin testing. Signed-off-by: Ethan Jackson <ethan@nicira.com> Co-authored-by: Jesse Gross <jesse@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2012-12-14 19:14:54 -08:00
dpif_port->type = CONST_CAST(char *, get_vport_type(&vport));
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
dpif_port->port_no = vport.port_no;
return 0;
datapath: Change listing ports to use an iterator concept. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. In turn, that means that the odp_port structure must become variable-length. This does not, however, fit in well with the ODP_PORT_LIST ioctl in its current form, because that would require userspace to know how much space to allocate for each port in advance, or to allocate as much space as could possibly be needed. Neither choice is very attractive. This commit prepares for a different solution, by replacing ODP_PORT_LIST by a new ioctl ODP_VPORT_DUMP that retrieves information about a single vport from the datapath on each call. It is much cleaner to allocate the maximum amount of space for a single vport than to do so for possibly a large number of vports. It would be faster to retrieve a number of vports in batch instead of just one at a time, but that will naturally happen later when the kernel datapath interface is changed to use Netlink, so this patch does not bother with it. The Netlink version won't need to take the starting port number from userspace, since Netlink sockets can keep track of that state as part of their "dump" feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-10 13:12:12 -08:00
}
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_dump_done(const struct dpif *dpif_ OVS_UNUSED, void *state_)
datapath: Change listing ports to use an iterator concept. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. In turn, that means that the odp_port structure must become variable-length. This does not, however, fit in well with the ODP_PORT_LIST ioctl in its current form, because that would require userspace to know how much space to allocate for each port in advance, or to allocate as much space as could possibly be needed. Neither choice is very attractive. This commit prepares for a different solution, by replacing ODP_PORT_LIST by a new ioctl ODP_VPORT_DUMP that retrieves information about a single vport from the datapath on each call. It is much cleaner to allocate the maximum amount of space for a single vport than to do so for possibly a large number of vports. It would be faster to retrieve a number of vports in batch instead of just one at a time, but that will naturally happen later when the kernel datapath interface is changed to use Netlink, so this patch does not bother with it. The Netlink version won't need to take the starting port number from userspace, since Netlink sockets can keep track of that state as part of their "dump" feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-10 13:12:12 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_port_state *state = state_;
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
int error = nl_dump_done(&state->dump);
dpif-linux: Recycle leaked ports. When ports are deleted from the datapath they need to be added to an LRU list maintained in dpif-linux so they may be reallocated. When using vswitchd to delete the ports this happens automatically. However, if a port is deleted directly from the datapath it is never reclaimed by dpif-linux. If this happens often, eventually no ports will be available for allocation and dpif-linux will fall back to using the old, kernel implemented, allocation strategy. This commit fixes the problem by automatically reclaiming ports missing from the datapath whenever the list of ports in the datapath is dumped. Bug #2140.
2011-04-29 13:12:19 -07:00
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
ofpbuf_uninit(&state->buf);
datapath: Change listing ports to use an iterator concept. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. In turn, that means that the odp_port structure must become variable-length. This does not, however, fit in well with the ODP_PORT_LIST ioctl in its current form, because that would require userspace to know how much space to allocate for each port in advance, or to allocate as much space as could possibly be needed. Neither choice is very attractive. This commit prepares for a different solution, by replacing ODP_PORT_LIST by a new ioctl ODP_VPORT_DUMP that retrieves information about a single vport from the datapath on each call. It is much cleaner to allocate the maximum amount of space for a single vport than to do so for possibly a large number of vports. It would be faster to retrieve a number of vports in batch instead of just one at a time, but that will naturally happen later when the kernel datapath interface is changed to use Netlink, so this patch does not bother with it. The Netlink version won't need to take the starting port number from userspace, since Netlink sockets can keep track of that state as part of their "dump" feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-10 13:12:12 -08:00
free(state);
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
return error;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
Introduce general-purpose ways to wait for dpif and netdev changes. The dpif and netdev code has had various ways to check for changes to dpifs and netdevs over the course of Open vSwitch development. All of these have been thus far fairly specific to the Linux implementation. This commit is the start of a more general API for watching for such changes. The dpif-related parts seem fairly mature and so they are documented, the netdev parts will probably need to change somewhat and so they are not documented yet.
2009-06-24 10:24:09 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_poll(const struct dpif *dpif_, char **devnamep)
Introduce general-purpose ways to wait for dpif and netdev changes. The dpif and netdev code has had various ways to check for changes to dpifs and netdevs over the course of Open vSwitch development. All of these have been thus far fairly specific to the Linux implementation. This commit is the start of a more general API for watching for such changes. The dpif-related parts seem fairly mature and so they are documented, the netdev parts will probably need to change somewhat and so they are not documented yet.
2009-06-24 10:24:09 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
Introduce general-purpose ways to wait for dpif and netdev changes. The dpif and netdev code has had various ways to check for changes to dpifs and netdevs over the course of Open vSwitch development. All of these have been thus far fairly specific to the Linux implementation. This commit is the start of a more general API for watching for such changes. The dpif-related parts seem fairly mature and so they are documented, the netdev parts will probably need to change somewhat and so they are not documented yet.
2009-06-24 10:24:09 -07:00
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
/* Lazily create the Netlink socket to listen for notifications. */
if (!dpif->port_notifier) {
struct nl_sock *sock;
int error;
error = nl_sock_create(NETLINK_GENERIC, &sock);
if (error) {
return error;
}
error = nl_sock_join_mcgroup(sock, ovs_vport_mcgroup);
if (error) {
nl_sock_destroy(sock);
return error;
}
dpif->port_notifier = sock;
/* We have no idea of the current state so report that everything
* changed. */
return ENOBUFS;
}
for (;;) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
uint64_t buf_stub[4096 / 8];
struct ofpbuf buf;
int error;
ofpbuf_use_stub(&buf, buf_stub, sizeof buf_stub);
netlink: provide network namespace id from a msg. The netlink notification's ancillary data contains the network namespace id (netnsid) needed to identify the device correctly. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-03-29 23:05:26 -03:00
error = nl_sock_recv(dpif->port_notifier, &buf, NULL, false);
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
if (!error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport vport;
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_vport_from_ofpbuf(&vport, &buf);
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
if (!error) {
if (vport.dp_ifindex == dpif->dp_ifindex
&& (vport.cmd == OVS_VPORT_CMD_NEW
|| vport.cmd == OVS_VPORT_CMD_DEL
|| vport.cmd == OVS_VPORT_CMD_SET)) {
VLOG_DBG("port_changed: dpif:%s vport:%s cmd:%"PRIu8,
dpif->dpif.full_name, vport.name, vport.cmd);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (vport.cmd == OVS_VPORT_CMD_DEL && dpif->handlers) {
dpif-linux: Fix fd leak for vports that disappear from the datapath. When ovs-vswitchd deletes a port with dpif_linux_port_del(), that function uses del_channel() to delete the corresponding channel, including closing its Netlink socket fd. However, if the vport gets removed by some other process (e.g. "ip link delete" for veths) then this function never gets called and thus the channel never gets deleted. This commit fixes the problem by resynchronizing channels with the datapath whenever a vport gets deleted. Bug #16784. Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-05-01 17:13:14 -07:00
dpif->refresh_channels = true;
}
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
*devnamep = xstrdup(vport.name);
dpif-linux: Fix theoretical memory leak on error path. If a notification is bigger than 4 kB (I doubt it one would be), then the lack of ofpbuf_uninit() would cause a memory leak. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-01 14:07:35 -07:00
ofpbuf_uninit(&buf);
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
return 0;
}
}
dpif-linux: Fix theoretical memory leak on error path. If a notification is bigger than 4 kB (I doubt it one would be), then the lack of ofpbuf_uninit() would cause a memory leak. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-01 14:07:35 -07:00
} else if (error != EAGAIN) {
VLOG_WARN_RL(&rl, "error reading or parsing netlink (%s)",
ovs_strerror(error));
nl_sock_drain(dpif->port_notifier);
error = ENOBUFS;
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
}
dpif-linux: Fix theoretical memory leak on error path. If a notification is bigger than 4 kB (I doubt it one would be), then the lack of ofpbuf_uninit() would cause a memory leak. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-08-01 14:07:35 -07:00
ofpbuf_uninit(&buf);
if (error) {
return error;
}
Introduce general-purpose ways to wait for dpif and netdev changes. The dpif and netdev code has had various ways to check for changes to dpifs and netdevs over the course of Open vSwitch development. All of these have been thus far fairly specific to the Linux implementation. This commit is the start of a more general API for watching for such changes. The dpif-related parts seem fairly mature and so they are documented, the netdev parts will probably need to change somewhat and so they are not documented yet.
2009-06-24 10:24:09 -07:00
}
}
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_poll_wait(const struct dpif *dpif_)
Introduce general-purpose ways to wait for dpif and netdev changes. The dpif and netdev code has had various ways to check for changes to dpifs and netdevs over the course of Open vSwitch development. All of these have been thus far fairly specific to the Linux implementation. This commit is the start of a more general API for watching for such changes. The dpif-related parts seem fairly mature and so they are documented, the netdev parts will probably need to change somewhat and so they are not documented yet.
2009-06-24 10:24:09 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
const struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
if (dpif->port_notifier) {
nl_sock_wait(dpif->port_notifier, POLLIN);
} else {
Introduce general-purpose ways to wait for dpif and netdev changes. The dpif and netdev code has had various ways to check for changes to dpifs and netdevs over the course of Open vSwitch development. All of these have been thus far fairly specific to the Linux implementation. This commit is the start of a more general API for watching for such changes. The dpif-related parts seem fairly mature and so they are documented, the netdev parts will probably need to change somewhat and so they are not documented yet.
2009-06-24 10:24:09 -07:00
poll_immediate_wake();
}
}
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
static void
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
dpif_netlink_flow_init_ufid(struct dpif_netlink_flow *request,
const ovs_u128 *ufid, bool terse)
{
if (ufid) {
request->ufid = *ufid;
request->ufid_present = true;
} else {
request->ufid_present = false;
}
request->ufid_terse = terse;
}
static void
dpif_netlink_init_flow_get__(const struct dpif_netlink *dpif,
const struct nlattr *key, size_t key_len,
const ovs_u128 *ufid, bool terse,
struct dpif_netlink_flow *request)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_init(request);
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
request->cmd = OVS_FLOW_CMD_GET;
request->dp_ifindex = dpif->dp_ifindex;
request->key = key;
request->key_len = key_len;
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
dpif_netlink_flow_init_ufid(request, ufid, terse);
}
static void
dpif_netlink_init_flow_get(const struct dpif_netlink *dpif,
const struct dpif_flow_get *get,
struct dpif_netlink_flow *request)
{
dpif_netlink_init_flow_get__(dpif, get->key, get->key_len, get->ufid,
false, request);
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
}
static int
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
dpif_netlink_flow_get__(const struct dpif_netlink *dpif,
const struct nlattr *key, size_t key_len,
const ovs_u128 *ufid, bool terse,
struct dpif_netlink_flow *reply, struct ofpbuf **bufp)
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow request;
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
dpif_netlink_init_flow_get__(dpif, key, key_len, ufid, terse, &request);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return dpif_netlink_flow_transact(&request, reply, bufp);
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
static int
dpif_netlink_flow_get(const struct dpif_netlink *dpif,
const struct dpif_netlink_flow *flow,
struct dpif_netlink_flow *reply, struct ofpbuf **bufp)
{
return dpif_netlink_flow_get__(dpif, flow->key, flow->key_len,
flow->ufid_present ? &flow->ufid : NULL,
false, reply, bufp);
}
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_init_flow_put(struct dpif_netlink *dpif,
const struct dpif_flow_put *put,
struct dpif_netlink_flow *request)
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
{
dpif-linux: Make dummy_action const in dpif_linux_init_flow_put(). This makes this code more obviously thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-23 14:06:25 -07:00
static const struct nlattr dummy_action;
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_init(request);
dpif: Change provider interface to consistently use operation structs. Until now, a "flow put" has represented its parameters in two different ways, depending on whether it was coming from dpif_flow_put() or from dpif_operate(), and similarly for an "execute" operation. This commit adopts the operation struct consistently within the dpif provider interface, which seems cleaner. This commit also factors out logging for flow puts and executes, which is useful in the following commit. This doesn't change the dpif client interface, since the two forms are more convenient for clients than always filling out an operation struct. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:39:03 -08:00
request->cmd = (put->flags & DPIF_FP_CREATE
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
? OVS_FLOW_CMD_NEW : OVS_FLOW_CMD_SET);
request->dp_ifindex = dpif->dp_ifindex;
dpif: Change provider interface to consistently use operation structs. Until now, a "flow put" has represented its parameters in two different ways, depending on whether it was coming from dpif_flow_put() or from dpif_operate(), and similarly for an "execute" operation. This commit adopts the operation struct consistently within the dpif provider interface, which seems cleaner. This commit also factors out logging for flow puts and executes, which is useful in the following commit. This doesn't change the dpif client interface, since the two forms are more convenient for clients than always filling out an operation struct. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:39:03 -08:00
request->key = put->key;
request->key_len = put->key_len;
ovs-dpctl: Add mega flow support Added support to allow mega flow specified and displayed. ovs-dpctl tool is mainly used as debugging tool. This patch also implements the low level user space routines to send and receive mega flow netlink messages. Those netlink suppor routines are required for forthcoming user space mega flow patches. Added a unit test to test parsing and display of mega flows. Ethan contributed the ovs-dpctl mega flow output function. Co-authored-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 07:15:10 +00:00
request->mask = put->mask;
request->mask_len = put->mask_len;
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
dpif_netlink_flow_init_ufid(request, put->ufid, false);
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
/* Ensure that OVS_FLOW_ATTR_ACTIONS will always be included. */
dpif-linux: Make dummy_action const in dpif_linux_init_flow_put(). This makes this code more obviously thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-23 14:06:25 -07:00
request->actions = (put->actions
? put->actions
: CONST_CAST(struct nlattr *, &dummy_action));
dpif: Change provider interface to consistently use operation structs. Until now, a "flow put" has represented its parameters in two different ways, depending on whether it was coming from dpif_flow_put() or from dpif_operate(), and similarly for an "execute" operation. This commit adopts the operation struct consistently within the dpif provider interface, which seems cleaner. This commit also factors out logging for flow puts and executes, which is useful in the following commit. This doesn't change the dpif client interface, since the two forms are more convenient for clients than always filling out an operation struct. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:39:03 -08:00
request->actions_len = put->actions_len;
if (put->flags & DPIF_FP_ZERO_STATS) {
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
request->clear = true;
}
dpif: Use OVS_FLOW_ATTR_PROBE. Use the new OVS_FLOW_ATTR_PROBE flag when probing for datapath feature support. Suppress also dpif error logging when requested, as probe failures are already logged at ofproto-dpif. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-12 11:20:13 -07:00
if (put->flags & DPIF_FP_PROBE) {
request->probe = true;
}
dpif: Change provider interface to consistently use operation structs. Until now, a "flow put" has represented its parameters in two different ways, depending on whether it was coming from dpif_flow_put() or from dpif_operate(), and similarly for an "execute" operation. This commit adopts the operation struct consistently within the dpif provider interface, which seems cleaner. This commit also factors out logging for flow puts and executes, which is useful in the following commit. This doesn't change the dpif client interface, since the two forms are more convenient for clients than always filling out an operation struct. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:39:03 -08:00
request->nlmsg_flags = put->flags & DPIF_FP_MODIFY ? 0 : NLM_F_CREATE;
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
static void
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
dpif_netlink_init_flow_del__(struct dpif_netlink *dpif,
const struct nlattr *key, size_t key_len,
const ovs_u128 *ufid, bool terse,
struct dpif_netlink_flow *request)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_init(request);
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
request->cmd = OVS_FLOW_CMD_DEL;
request->dp_ifindex = dpif->dp_ifindex;
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
request->key = key;
request->key_len = key_len;
dpif_netlink_flow_init_ufid(request, ufid, terse);
}
static void
dpif_netlink_init_flow_del(struct dpif_netlink *dpif,
const struct dpif_flow_del *del,
struct dpif_netlink_flow *request)
{
dpif-netlink: Fix compiler warning. warning C4098: 'dpif_netlink_init_flow_del' : 'void' function returning a value Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2015-07-13 14:15:33 +00:00
dpif_netlink_init_flow_del__(dpif, del->key, del->key_len,
del->ufid, del->terse, request);
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow_dump {
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
struct dpif_flow_dump up;
struct nl_dump nl_dump;
dpif: Make dpif_flow_dump_next() thread-safe. This patch makes it the caller's responsibility to initialize a per-thread 'state' object and pass it down to the dpif_flow_dump_next() implementation. The implementation can expect to be called from multiple threads with the same 'iter' and different 'state' objects. When flow_dump_next() returns non-zero, the implementation must ensure that subsequent calls with the same arguments also return non-zero. Subsequent calls with the same 'iter' and different 'state' may return zero, but should make progress towards returning non-zero. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:08 -08:00
atomic_int status;
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
struct netdev_flow_dump **netdev_dumps;
int netdev_dumps_num; /* Number of netdev_flow_dumps */
struct ovs_mutex netdev_lock; /* Guards the following. */
int netdev_current_dump OVS_GUARDED; /* Shared current dump */
dpctl: Expand the flow dump type filter Added new types to the flow dump filter, and allowed multiple filter types to be passed at once, as a comma separated list. The new types added are: * tc - specifies flows handled by the tc dp * non-offloaded - specifies flows not offloaded to the HW * all - specifies flows of all types The type list is now fully parsed by the dpctl, and a new struct was added to dpif which enables dpctl to define which types of dumps to provide, rather than passing the type string and having dpif parse it. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-08-10 11:30:08 +03:00
struct dpif_flow_dump_types types; /* Type of dump */
dpif: Separate local and shared flow dump state. This patch separates the structures for thread-local flow dump state ("state") from the shared flow dump state ("iter") in dpif-linux and dpif-netdev. Future patches will make use of this to allow multiple threads to dump flows from the same flow dump operation. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:07 -08:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
static struct dpif_netlink_flow_dump *
dpif_netlink_flow_dump_cast(struct dpif_flow_dump *dump)
dpif: Separate local and shared flow dump state. This patch separates the structures for thread-local flow dump state ("state") from the shared flow dump state ("iter") in dpif-linux and dpif-netdev. Future patches will make use of this to allow multiple threads to dump flows from the same flow dump operation. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:07 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return CONTAINER_OF(dump, struct dpif_netlink_flow_dump, up);
dpif: Separate local and shared flow dump state. This patch separates the structures for thread-local flow dump state ("state") from the shared flow dump state ("iter") in dpif-linux and dpif-netdev. Future patches will make use of this to allow multiple threads to dump flows from the same flow dump operation. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:07 -08:00
}
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
static void
start_netdev_dump(const struct dpif *dpif_,
struct dpif_netlink_flow_dump *dump)
{
ovs_mutex_init(&dump->netdev_lock);
dpctl: Expand the flow dump type filter Added new types to the flow dump filter, and allowed multiple filter types to be passed at once, as a comma separated list. The new types added are: * tc - specifies flows handled by the tc dp * non-offloaded - specifies flows not offloaded to the HW * all - specifies flows of all types The type list is now fully parsed by the dpctl, and a new struct was added to dpif which enables dpctl to define which types of dumps to provide, rather than passing the type string and having dpif parse it. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-08-10 11:30:08 +03:00
if (!(dump->types.netdev_flows)) {
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
dump->netdev_dumps_num = 0;
dump->netdev_dumps = NULL;
return;
}
ovs_mutex_lock(&dump->netdev_lock);
dump->netdev_current_dump = 0;
dump->netdev_dumps
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
= netdev_ports_flow_dump_create(dpif_normalize_type(dpif_type(dpif_)),
netdev-offload: Implement terse dump support In order to improve revalidator performance by minimizing unnecessary copying of data, extend netdev-offloads to support terse dump mode. Extend netdev_flow_api->flow_dump_create() with 'terse' bool argument. Implement support for terse dump in functions that convert netlink to flower and flower to match. Set flow stats "used" value based on difference in number of flow packets because lastuse timestamp is not included in TC terse dump. Kernel API support is implemented in following patch. Signed-off-by: Vlad Buslov <vladbu@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2020-06-04 13:47:00 +03:00
&dump->netdev_dumps_num,
dump->up.terse);
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
ovs_mutex_unlock(&dump->netdev_lock);
}
dpctl: Expand the flow dump type filter Added new types to the flow dump filter, and allowed multiple filter types to be passed at once, as a comma separated list. The new types added are: * tc - specifies flows handled by the tc dp * non-offloaded - specifies flows not offloaded to the HW * all - specifies flows of all types The type list is now fully parsed by the dpctl, and a new struct was added to dpif which enables dpctl to define which types of dumps to provide, rather than passing the type string and having dpif parse it. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-08-10 11:30:08 +03:00
static void
dpif_netlink_populate_flow_dump_types(struct dpif_netlink_flow_dump *dump,
struct dpif_flow_dump_types *types)
{
if (!types) {
dump->types.ovs_flows = true;
dump->types.netdev_flows = true;
} else {
memcpy(&dump->types, types, sizeof *types);
Revert "dpctl: Expand the flow dump type filter" Commit ab15e70eb587 ("dpctl: Expand the flow dump type filter") had a number of issues with style, build breakage, and failing unit tests. The patch is being reverted so that they can addressed. This reverts commit ab15e70eb5878b46f8f84da940ffc915b6d74cad. CC: Gavi Teitz <gavi@mellanox.com> CC: Simon Horman <simon.horman@netronome.com> CC: Roi Dayan <roid@mellanox.com> CC: Aaron Conole <aconole@redhat.com> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-07-25 13:52:42 -07:00
}
dpctl: Add an option to dump only certain kinds of flows Usage: # to dump all datapath flows (default): ovs-dpctl dump-flows # to dump only flows that in kernel datapath: ovs-dpctl dump-flows type=ovs # to dump only flows that are offloaded: ovs-dpctl dump-flows type=offloaded Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:49 +03:00
}
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
static struct dpif_flow_dump *
dpctl: Add an option to dump only certain kinds of flows Usage: # to dump all datapath flows (default): ovs-dpctl dump-flows # to dump only flows that in kernel datapath: ovs-dpctl dump-flows type=ovs # to dump only flows that are offloaded: ovs-dpctl dump-flows type=offloaded Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:49 +03:00
dpif_netlink_flow_dump_create(const struct dpif *dpif_, bool terse,
dpctl: Expand the flow dump type filter Added new types to the flow dump filter, and allowed multiple filter types to be passed at once, as a comma separated list. The new types added are: * tc - specifies flows handled by the tc dp * non-offloaded - specifies flows not offloaded to the HW * all - specifies flows of all types The type list is now fully parsed by the dpctl, and a new struct was added to dpif which enables dpctl to define which types of dumps to provide, rather than passing the type string and having dpif parse it. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-08-10 11:30:08 +03:00
struct dpif_flow_dump_types *types)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
const struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_netlink_flow_dump *dump;
struct dpif_netlink_flow request;
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
struct ofpbuf *buf;
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
dump = xmalloc(sizeof *dump);
dpif_flow_dump_init(&dump->up, dpif_);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
dpctl: Expand the flow dump type filter Added new types to the flow dump filter, and allowed multiple filter types to be passed at once, as a comma separated list. The new types added are: * tc - specifies flows handled by the tc dp * non-offloaded - specifies flows not offloaded to the HW * all - specifies flows of all types The type list is now fully parsed by the dpctl, and a new struct was added to dpif which enables dpctl to define which types of dumps to provide, rather than passing the type string and having dpif parse it. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-08-10 11:30:08 +03:00
dpif_netlink_populate_flow_dump_types(dump, types);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
dpctl: Expand the flow dump type filter Added new types to the flow dump filter, and allowed multiple filter types to be passed at once, as a comma separated list. The new types added are: * tc - specifies flows handled by the tc dp * non-offloaded - specifies flows not offloaded to the HW * all - specifies flows of all types The type list is now fully parsed by the dpctl, and a new struct was added to dpif which enables dpctl to define which types of dumps to provide, rather than passing the type string and having dpif parse it. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-08-10 11:30:08 +03:00
if (dump->types.ovs_flows) {
dpctl: Add an option to dump only certain kinds of flows Usage: # to dump all datapath flows (default): ovs-dpctl dump-flows # to dump only flows that in kernel datapath: ovs-dpctl dump-flows type=ovs # to dump only flows that are offloaded: ovs-dpctl dump-flows type=offloaded Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:49 +03:00
dpif_netlink_flow_init(&request);
request.cmd = OVS_FLOW_CMD_GET;
request.dp_ifindex = dpif->dp_ifindex;
request.ufid_present = false;
request.ufid_terse = terse;
buf = ofpbuf_new(1024);
dpif_netlink_flow_to_ofpbuf(&request, buf);
nl_dump_start(&dump->nl_dump, NETLINK_GENERIC, buf);
ofpbuf_delete(buf);
}
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
atomic_init(&dump->status, 0);
dpif: Minimize memory copy for revalidation. One of the limiting factors on the number of flows that can be supported in the datapath is the overhead of assembling flow dump messages in the datapath. This patch modifies the dpif to allow revalidators to skip dumping the key, mask and actions from the datapath, by making use of the unique flow identifiers introduced in earlier patches. For each flow dump, the dpif user specifies whether to skip these attributes, allowing the common case to only dump a pair of 128-bit ID and flow stats. With datapath support, this increases the number of flows that a revalidator can handle per second by 50% or more. Support in dpif-netdev and dpif-netlink is added in this patch; kernel support is left for future patches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-10-06 11:14:08 +13:00
dump->up.terse = terse;
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
start_netdev_dump(dpif_, dump);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
return &dump->up;
datapath: Change listing flows to use an iterator concept. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. In turn, that means that flow keys must become variable-length. This does not, however, fit in well with the ODP_FLOW_LIST ioctl in its current form, because that would require userspace to know how much space to allocate for each flow's key in advance, or to allocate as much space as could possibly be needed. Neither choice is very attractive. This commit prepares for a different solution, by replacing ODP_FLOW_LIST by a new ioctl ODP_FLOW_DUMP that retrieves a single flow from the datapath on each call. It is much cleaner to allocate the maximum amount of space for a single flow key than to do so for possibly a very large number of flow keys. As a side effect, this patch also fixes a race condition that sometimes made "ovs-dpctl dump-flows" print an error: previously, flows were listed and then their actions were retrieved, which left a window in which ovs-vswitchd could delete the flow. Now dumping a flow and its actions is a single step, closing that window. Dumping all of the flows in a datapath is no longer an atomic step, so now it is possible to miss some flows or see a single flow twice during iteration, if the flow table is modified by another process. It doesn't look like this should be a problem for ovs-vswitchd. It would be faster to retrieve a number of flows in batch instead of just one at a time, but that will naturally happen later when the kernel datapath interface is changed to use Netlink, so this patch does not bother with it. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-28 10:39:52 -08:00
}
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_dump_destroy(struct dpif_flow_dump *dump_)
datapath: Change listing flows to use an iterator concept. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. In turn, that means that flow keys must become variable-length. This does not, however, fit in well with the ODP_FLOW_LIST ioctl in its current form, because that would require userspace to know how much space to allocate for each flow's key in advance, or to allocate as much space as could possibly be needed. Neither choice is very attractive. This commit prepares for a different solution, by replacing ODP_FLOW_LIST by a new ioctl ODP_FLOW_DUMP that retrieves a single flow from the datapath on each call. It is much cleaner to allocate the maximum amount of space for a single flow key than to do so for possibly a very large number of flow keys. As a side effect, this patch also fixes a race condition that sometimes made "ovs-dpctl dump-flows" print an error: previously, flows were listed and then their actions were retrieved, which left a window in which ovs-vswitchd could delete the flow. Now dumping a flow and its actions is a single step, closing that window. Dumping all of the flows in a datapath is no longer an atomic step, so now it is possible to miss some flows or see a single flow twice during iteration, if the flow table is modified by another process. It doesn't look like this should be a problem for ovs-vswitchd. It would be faster to retrieve a number of flows in batch instead of just one at a time, but that will naturally happen later when the kernel datapath interface is changed to use Netlink, so this patch does not bother with it. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-28 10:39:52 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow_dump *dump = dpif_netlink_flow_dump_cast(dump_);
dpctl: Add an option to dump only certain kinds of flows Usage: # to dump all datapath flows (default): ovs-dpctl dump-flows # to dump only flows that in kernel datapath: ovs-dpctl dump-flows type=ovs # to dump only flows that are offloaded: ovs-dpctl dump-flows type=offloaded Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:49 +03:00
unsigned int nl_status = 0;
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
int dump_status;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
dpctl: Expand the flow dump type filter Added new types to the flow dump filter, and allowed multiple filter types to be passed at once, as a comma separated list. The new types added are: * tc - specifies flows handled by the tc dp * non-offloaded - specifies flows not offloaded to the HW * all - specifies flows of all types The type list is now fully parsed by the dpctl, and a new struct was added to dpif which enables dpctl to define which types of dumps to provide, rather than passing the type string and having dpif parse it. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-08-10 11:30:08 +03:00
if (dump->types.ovs_flows) {
dpctl: Add an option to dump only certain kinds of flows Usage: # to dump all datapath flows (default): ovs-dpctl dump-flows # to dump only flows that in kernel datapath: ovs-dpctl dump-flows type=ovs # to dump only flows that are offloaded: ovs-dpctl dump-flows type=offloaded Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:49 +03:00
nl_status = nl_dump_done(&dump->nl_dump);
}
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
for (int i = 0; i < dump->netdev_dumps_num; i++) {
int err = netdev_flow_dump_destroy(dump->netdev_dumps[i]);
if (err != 0 && err != EOPNOTSUPP) {
VLOG_ERR("failed dumping netdev: %s", ovs_strerror(err));
}
}
free(dump->netdev_dumps);
ovs_mutex_destroy(&dump->netdev_lock);
lib/dpif-linux: Use relaxed atomics for 'dump->status'. 'dump->status' does not syncronize the state of any other variable, so we can use relaxed atomics on it. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-29 10:34:52 -07:00
/* No other thread has access to 'dump' at this point. */
atomic_read_relaxed(&dump->status, &dump_status);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
free(dump);
return dump_status ? dump_status : nl_status;
}
dpif: Eliminate "struct odp_flow" from client-visible interface. Following this commit, "struct odp_flow" and related data structures are only used in Linux-specific parts of OVS userspace code. This allows the actual Linux datapath interface to evolve more freely. Reviewed by Justin Pettit.
2011-01-26 07:03:39 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow_dump_thread {
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
struct dpif_flow_dump_thread up;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow_dump *dump;
struct dpif_netlink_flow flow;
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
struct dpif_flow_stats stats;
struct ofpbuf nl_flows; /* Always used to store flows. */
struct ofpbuf *nl_actions; /* Used if kernel does not supply actions. */
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
int netdev_dump_idx; /* This thread current netdev dump index */
bool netdev_done; /* If we are finished dumping netdevs */
/* (Key/Mask/Actions) Buffers for netdev dumping */
struct odputil_keybuf keybuf[FLOW_DUMP_MAX_BATCH];
struct odputil_keybuf maskbuf[FLOW_DUMP_MAX_BATCH];
struct odputil_keybuf actbuf[FLOW_DUMP_MAX_BATCH];
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
static struct dpif_netlink_flow_dump_thread *
dpif_netlink_flow_dump_thread_cast(struct dpif_flow_dump_thread *thread)
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return CONTAINER_OF(thread, struct dpif_netlink_flow_dump_thread, up);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
}
static struct dpif_flow_dump_thread *
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_dump_thread_create(struct dpif_flow_dump *dump_)
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow_dump *dump = dpif_netlink_flow_dump_cast(dump_);
struct dpif_netlink_flow_dump_thread *thread;
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
thread = xmalloc(sizeof *thread);
dpif_flow_dump_thread_init(&thread->up, &dump->up);
thread->dump = dump;
ofpbuf_init(&thread->nl_flows, NL_DUMP_BUFSIZE);
thread->nl_actions = NULL;
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
thread->netdev_dump_idx = 0;
thread->netdev_done = !(thread->netdev_dump_idx < dump->netdev_dumps_num);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
return &thread->up;
}
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_dump_thread_destroy(struct dpif_flow_dump_thread *thread_)
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow_dump_thread *thread
= dpif_netlink_flow_dump_thread_cast(thread_);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
ofpbuf_uninit(&thread->nl_flows);
ofpbuf_delete(thread->nl_actions);
free(thread);
}
static void
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
dpif_netlink_flow_to_dpif_flow(struct dpif_flow *dpif_flow,
dpif-netlink: rename linux_flow variable to datapath_flow In the flow related functions, there's a stack variable called 'linux_flow'. Since this code is not specific to Linux anymore, in this patch, we rename the variable to 'datpath_flow'. Signed-off-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-19 15:34:45 -07:00
const struct dpif_netlink_flow *datapath_flow)
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
{
dpif-netlink: rename linux_flow variable to datapath_flow In the flow related functions, there's a stack variable called 'linux_flow'. Since this code is not specific to Linux anymore, in this patch, we rename the variable to 'datpath_flow'. Signed-off-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-19 15:34:45 -07:00
dpif_flow->key = datapath_flow->key;
dpif_flow->key_len = datapath_flow->key_len;
dpif_flow->mask = datapath_flow->mask;
dpif_flow->mask_len = datapath_flow->mask_len;
dpif_flow->actions = datapath_flow->actions;
dpif_flow->actions_len = datapath_flow->actions_len;
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
dpif_flow->ufid_present = datapath_flow->ufid_present;
ovs-dpctl: Do not report pmd info for 'dpif-netlink' datapath. In 'ovs-dpctl dump-flows' output, we should only report the pmd related info for 'dpif-netdev' datapath. However, current implementation also reports uninitialized pmd info for 'dpif-netlink' datapath, which is very confusing to users. This commit fixes it. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-02 14:50:47 -08:00
dpif_flow->pmd_id = PMD_ID_NULL;
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
if (datapath_flow->ufid_present) {
dpif_flow->ufid = datapath_flow->ufid;
} else {
ovs_assert(datapath_flow->key && datapath_flow->key_len);
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
odp_flow_key_hash(datapath_flow->key, datapath_flow->key_len,
&dpif_flow->ufid);
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
}
dpif-netlink: rename linux_flow variable to datapath_flow In the flow related functions, there's a stack variable called 'linux_flow'. Since this code is not specific to Linux anymore, in this patch, we rename the variable to 'datpath_flow'. Signed-off-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-19 15:34:45 -07:00
dpif_netlink_flow_get_stats(datapath_flow, &dpif_flow->stats);
dpctl: Properly reflect a rule's offloaded to HW state Previously, any rule that is offloaded via a netdev, not necessarily to the HW, would be reported as "offloaded". This patch fixes this misalignment, and introduces the 'dp' state, as follows: rule is in HW via TC offload -> offloaded=yes dp:tc rule is in not HW over TC DP -> offloaded=no dp:tc rule is in not HW over OVS DP -> offloaded=no dp:ovs To achieve this, the flows's 'offloaded' flag was encapsulated in a new attrs struct, which contains the offloaded state of the flow and the DP layer the flow is handled in, and instead of setting the flow's 'offloaded' state based solely on the type of dump it was acquired via, for netdev flows it now sends the new attrs struct to be collected along with the rest of the flow via the netdev, allowing it to be set per flow. For TC offloads, the offloaded state is set based on the 'in_hw' and 'not_in_hw' flags received from the TC as part of the flower. If no such flag was received, due to lack of kernel support, it defaults to true. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> [simon: resolved conflict in lib/dpctl.man] Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-06-07 09:36:59 +03:00
dpif_flow->attrs.offloaded = false;
dpif_flow->attrs.dp_layer = "ovs";
dpif: Fix leak and usage of uninitialized dp_extra_info. 'dpif_probe_feature'/'revalidate' doesn't free the 'dp_extra_info' string. Also, all the implementations of dpif_flow_get() should initialize the value to avoid printing/freeing of random memory. 30 bytes in 1 blocks are definitely lost in loss record 323 of 889 at 0x483AD19: realloc (vg_replace_malloc.c:836) by 0xDDAD89: xrealloc (util.c:149) by 0xCE1609: ds_reserve (dynamic-string.c:63) by 0xCE1A90: ds_put_format_valist (dynamic-string.c:161) by 0xCE19B9: ds_put_format (dynamic-string.c:142) by 0xCCCEA9: dp_netdev_flow_to_dpif_flow (dpif-netdev.c:3170) by 0xCCD2DD: dpif_netdev_flow_get (dpif-netdev.c:3278) by 0xCCEA0A: dpif_netdev_operate (dpif-netdev.c:3868) by 0xCDF81B: dpif_operate (dpif.c:1361) by 0xCDEE93: dpif_flow_get (dpif.c:1002) by 0xCDECF9: dpif_probe_feature (dpif.c:962) by 0xC635D2: check_recirc (ofproto-dpif.c:896) by 0xC65C02: check_support (ofproto-dpif.c:1567) by 0xC63274: open_dpif_backer (ofproto-dpif.c:818) by 0xC65E3E: construct (ofproto-dpif.c:1605) by 0xC4D436: ofproto_create (ofproto.c:549) by 0xC3931A: bridge_reconfigure (bridge.c:877) by 0xC3FEAC: bridge_run (bridge.c:3324) by 0xC4551D: main (ovs-vswitchd.c:127) CC: Emma Finn <emma.finn@intel.com> Fixes: 0e8f5c6a38d0 ("dpif-netdev: Modified ovs-appctl dpctl/dump-flows command") Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Roi Dayan <roid@mellanox.com>
2020-01-17 23:00:05 +01:00
dpif_flow->attrs.dp_extra_info = NULL;
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
}
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
/* The design is such that all threads are working together on the first dump
* to the last, in order (at first they all on dump 0).
* When the first thread finds that the given dump is finished,
* they all move to the next. If two or more threads find the same dump
* is finished at the same time, the first one will advance the shared
* netdev_current_dump and the others will catch up. */
static void
dpif_netlink_advance_netdev_dump(struct dpif_netlink_flow_dump_thread *thread)
{
struct dpif_netlink_flow_dump *dump = thread->dump;
ovs_mutex_lock(&dump->netdev_lock);
/* if we haven't finished (dumped everything) */
if (dump->netdev_current_dump < dump->netdev_dumps_num) {
/* if we are the first to find that current dump is finished
* advance it. */
if (thread->netdev_dump_idx == dump->netdev_current_dump) {
thread->netdev_dump_idx = ++dump->netdev_current_dump;
/* did we just finish the last dump? done. */
if (dump->netdev_current_dump == dump->netdev_dumps_num) {
thread->netdev_done = true;
}
} else {
/* otherwise, we are behind, catch up */
thread->netdev_dump_idx = dump->netdev_current_dump;
}
} else {
/* some other thread finished */
thread->netdev_done = true;
}
ovs_mutex_unlock(&dump->netdev_lock);
}
static int
dpif_netlink_netdev_match_to_dpif_flow(struct match *match,
struct ofpbuf *key_buf,
struct ofpbuf *mask_buf,
struct nlattr *actions,
struct dpif_flow_stats *stats,
dpctl: Properly reflect a rule's offloaded to HW state Previously, any rule that is offloaded via a netdev, not necessarily to the HW, would be reported as "offloaded". This patch fixes this misalignment, and introduces the 'dp' state, as follows: rule is in HW via TC offload -> offloaded=yes dp:tc rule is in not HW over TC DP -> offloaded=no dp:tc rule is in not HW over OVS DP -> offloaded=no dp:ovs To achieve this, the flows's 'offloaded' flag was encapsulated in a new attrs struct, which contains the offloaded state of the flow and the DP layer the flow is handled in, and instead of setting the flow's 'offloaded' state based solely on the type of dump it was acquired via, for netdev flows it now sends the new attrs struct to be collected along with the rest of the flow via the netdev, allowing it to be set per flow. For TC offloads, the offloaded state is set based on the 'in_hw' and 'not_in_hw' flags received from the TC as part of the flower. If no such flag was received, due to lack of kernel support, it defaults to true. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> [simon: resolved conflict in lib/dpctl.man] Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-06-07 09:36:59 +03:00
struct dpif_flow_attrs *attrs,
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
ovs_u128 *ufid,
struct dpif_flow *flow,
netdev-offload: Implement terse dump support In order to improve revalidator performance by minimizing unnecessary copying of data, extend netdev-offloads to support terse dump mode. Extend netdev_flow_api->flow_dump_create() with 'terse' bool argument. Implement support for terse dump in functions that convert netlink to flower and flower to match. Set flow stats "used" value based on difference in number of flow packets because lastuse timestamp is not included in TC terse dump. Kernel API support is implemented in following patch. Signed-off-by: Vlad Buslov <vladbu@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2020-06-04 13:47:00 +03:00
bool terse)
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
{
memset(flow, 0, sizeof *flow);
netdev-offload: Implement terse dump support In order to improve revalidator performance by minimizing unnecessary copying of data, extend netdev-offloads to support terse dump mode. Extend netdev_flow_api->flow_dump_create() with 'terse' bool argument. Implement support for terse dump in functions that convert netlink to flower and flower to match. Set flow stats "used" value based on difference in number of flow packets because lastuse timestamp is not included in TC terse dump. Kernel API support is implemented in following patch. Signed-off-by: Vlad Buslov <vladbu@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2020-06-04 13:47:00 +03:00
if (!terse) {
struct odp_flow_key_parms odp_parms = {
.flow = &match->flow,
.mask = &match->wc.masks,
.support = {
.max_vlan_headers = 2,
.recirc = true,
.ct_state = true,
.ct_zone = true,
.ct_mark = true,
.ct_label = true,
},
};
size_t offset;
/* Key */
offset = key_buf->size;
flow->key = ofpbuf_tail(key_buf);
odp_flow_key_from_flow(&odp_parms, key_buf);
flow->key_len = key_buf->size - offset;
/* Mask */
offset = mask_buf->size;
flow->mask = ofpbuf_tail(mask_buf);
odp_parms.key_buf = key_buf;
odp_flow_key_from_mask(&odp_parms, mask_buf);
flow->mask_len = mask_buf->size - offset;
/* Actions */
flow->actions = nl_attr_get(actions);
flow->actions_len = nl_attr_get_size(actions);
}
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
/* Stats */
memcpy(&flow->stats, stats, sizeof *stats);
/* UFID */
flow->ufid_present = true;
flow->ufid = *ufid;
flow->pmd_id = PMD_ID_NULL;
dpctl: Indicate if flow is offloaded when dumping flows of all types When verbosity is requested on dump-flows (-m) indicate which flows are offloaded. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:50 +03:00
dpctl: Properly reflect a rule's offloaded to HW state Previously, any rule that is offloaded via a netdev, not necessarily to the HW, would be reported as "offloaded". This patch fixes this misalignment, and introduces the 'dp' state, as follows: rule is in HW via TC offload -> offloaded=yes dp:tc rule is in not HW over TC DP -> offloaded=no dp:tc rule is in not HW over OVS DP -> offloaded=no dp:ovs To achieve this, the flows's 'offloaded' flag was encapsulated in a new attrs struct, which contains the offloaded state of the flow and the DP layer the flow is handled in, and instead of setting the flow's 'offloaded' state based solely on the type of dump it was acquired via, for netdev flows it now sends the new attrs struct to be collected along with the rest of the flow via the netdev, allowing it to be set per flow. For TC offloads, the offloaded state is set based on the 'in_hw' and 'not_in_hw' flags received from the TC as part of the flower. If no such flag was received, due to lack of kernel support, it defaults to true. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> [simon: resolved conflict in lib/dpctl.man] Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-06-07 09:36:59 +03:00
memcpy(&flow->attrs, attrs, sizeof *attrs);
dpctl: Indicate if flow is offloaded when dumping flows of all types When verbosity is requested on dump-flows (-m) indicate which flows are offloaded. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:50 +03:00
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
return 0;
}
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_dump_next(struct dpif_flow_dump_thread *thread_,
struct dpif_flow *flows, int max_flows)
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow_dump_thread *thread
= dpif_netlink_flow_dump_thread_cast(thread_);
struct dpif_netlink_flow_dump *dump = thread->dump;
struct dpif_netlink *dpif = dpif_netlink_cast(thread->up.dpif);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
int n_flows;
ofpbuf_delete(thread->nl_actions);
thread->nl_actions = NULL;
n_flows = 0;
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
max_flows = MIN(max_flows, FLOW_DUMP_MAX_BATCH);
while (!thread->netdev_done && n_flows < max_flows) {
struct odputil_keybuf *maskbuf = &thread->maskbuf[n_flows];
struct odputil_keybuf *keybuf = &thread->keybuf[n_flows];
struct odputil_keybuf *actbuf = &thread->actbuf[n_flows];
struct ofpbuf key, mask, act;
struct dpif_flow *f = &flows[n_flows];
int cur = thread->netdev_dump_idx;
struct netdev_flow_dump *netdev_dump = dump->netdev_dumps[cur];
struct match match;
struct nlattr *actions;
struct dpif_flow_stats stats;
dpctl: Properly reflect a rule's offloaded to HW state Previously, any rule that is offloaded via a netdev, not necessarily to the HW, would be reported as "offloaded". This patch fixes this misalignment, and introduces the 'dp' state, as follows: rule is in HW via TC offload -> offloaded=yes dp:tc rule is in not HW over TC DP -> offloaded=no dp:tc rule is in not HW over OVS DP -> offloaded=no dp:ovs To achieve this, the flows's 'offloaded' flag was encapsulated in a new attrs struct, which contains the offloaded state of the flow and the DP layer the flow is handled in, and instead of setting the flow's 'offloaded' state based solely on the type of dump it was acquired via, for netdev flows it now sends the new attrs struct to be collected along with the rest of the flow via the netdev, allowing it to be set per flow. For TC offloads, the offloaded state is set based on the 'in_hw' and 'not_in_hw' flags received from the TC as part of the flower. If no such flag was received, due to lack of kernel support, it defaults to true. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> [simon: resolved conflict in lib/dpctl.man] Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-06-07 09:36:59 +03:00
struct dpif_flow_attrs attrs;
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
ovs_u128 ufid;
bool has_next;
ofpbuf_use_stack(&key, keybuf, sizeof *keybuf);
ofpbuf_use_stack(&act, actbuf, sizeof *actbuf);
ofpbuf_use_stack(&mask, maskbuf, sizeof *maskbuf);
has_next = netdev_flow_dump_next(netdev_dump, &match,
dpctl: Properly reflect a rule's offloaded to HW state Previously, any rule that is offloaded via a netdev, not necessarily to the HW, would be reported as "offloaded". This patch fixes this misalignment, and introduces the 'dp' state, as follows: rule is in HW via TC offload -> offloaded=yes dp:tc rule is in not HW over TC DP -> offloaded=no dp:tc rule is in not HW over OVS DP -> offloaded=no dp:ovs To achieve this, the flows's 'offloaded' flag was encapsulated in a new attrs struct, which contains the offloaded state of the flow and the DP layer the flow is handled in, and instead of setting the flow's 'offloaded' state based solely on the type of dump it was acquired via, for netdev flows it now sends the new attrs struct to be collected along with the rest of the flow via the netdev, allowing it to be set per flow. For TC offloads, the offloaded state is set based on the 'in_hw' and 'not_in_hw' flags received from the TC as part of the flower. If no such flag was received, due to lack of kernel support, it defaults to true. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> [simon: resolved conflict in lib/dpctl.man] Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-06-07 09:36:59 +03:00
&actions, &stats, &attrs,
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
&ufid,
&thread->nl_flows,
&act);
if (has_next) {
dpif_netlink_netdev_match_to_dpif_flow(&match,
&key, &mask,
actions,
&stats,
dpctl: Properly reflect a rule's offloaded to HW state Previously, any rule that is offloaded via a netdev, not necessarily to the HW, would be reported as "offloaded". This patch fixes this misalignment, and introduces the 'dp' state, as follows: rule is in HW via TC offload -> offloaded=yes dp:tc rule is in not HW over TC DP -> offloaded=no dp:tc rule is in not HW over OVS DP -> offloaded=no dp:ovs To achieve this, the flows's 'offloaded' flag was encapsulated in a new attrs struct, which contains the offloaded state of the flow and the DP layer the flow is handled in, and instead of setting the flow's 'offloaded' state based solely on the type of dump it was acquired via, for netdev flows it now sends the new attrs struct to be collected along with the rest of the flow via the netdev, allowing it to be set per flow. For TC offloads, the offloaded state is set based on the 'in_hw' and 'not_in_hw' flags received from the TC as part of the flower. If no such flag was received, due to lack of kernel support, it defaults to true. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> [simon: resolved conflict in lib/dpctl.man] Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-06-07 09:36:59 +03:00
&attrs,
dpif-netlink: Dump netdevs flows on flow dump While dumping flows, dump flows that were offloaded to netdev and parse them back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:34 +03:00
&ufid,
f,
dump->up.terse);
n_flows++;
} else {
dpif_netlink_advance_netdev_dump(thread);
}
}
dpctl: Expand the flow dump type filter Added new types to the flow dump filter, and allowed multiple filter types to be passed at once, as a comma separated list. The new types added are: * tc - specifies flows handled by the tc dp * non-offloaded - specifies flows not offloaded to the HW * all - specifies flows of all types The type list is now fully parsed by the dpctl, and a new struct was added to dpif which enables dpctl to define which types of dumps to provide, rather than passing the type string and having dpif parse it. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-08-10 11:30:08 +03:00
if (!(dump->types.ovs_flows)) {
dpctl: Add an option to dump only certain kinds of flows Usage: # to dump all datapath flows (default): ovs-dpctl dump-flows # to dump only flows that in kernel datapath: ovs-dpctl dump-flows type=ovs # to dump only flows that are offloaded: ovs-dpctl dump-flows type=offloaded Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:49 +03:00
return n_flows;
}
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
while (!n_flows
ofpbuf: Simplify ofpbuf API. ofpbuf was complicated due to its wide usage across all layers of OVS, Now we have introduced independent dp_packet which can be used for datapath packet, we can simplify ofpbuf. Following patch removes DPDK mbuf and access API of ofpbuf members. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-03-02 17:29:44 -08:00
|| (n_flows < max_flows && thread->nl_flows.size)) {
dpif-netlink: rename linux_flow variable to datapath_flow In the flow related functions, there's a stack variable called 'linux_flow'. Since this code is not specific to Linux anymore, in this patch, we rename the variable to 'datpath_flow'. Signed-off-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-19 15:34:45 -07:00
struct dpif_netlink_flow datapath_flow;
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
struct ofpbuf nl_flow;
int error;
/* Try to grab another flow. */
if (!nl_dump_next(&dump->nl_dump, &nl_flow, &thread->nl_flows)) {
break;
dpif: Eliminate "struct odp_flow" from client-visible interface. Following this commit, "struct odp_flow" and related data structures are only used in Linux-specific parts of OVS userspace code. This allows the actual Linux datapath interface to evolve more freely. Reviewed by Justin Pettit.
2011-01-26 07:03:39 -08:00
}
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
/* Convert the flow to our output format. */
dpif-netlink: rename linux_flow variable to datapath_flow In the flow related functions, there's a stack variable called 'linux_flow'. Since this code is not specific to Linux anymore, in this patch, we rename the variable to 'datpath_flow'. Signed-off-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-19 15:34:45 -07:00
error = dpif_netlink_flow_from_ofpbuf(&datapath_flow, &nl_flow);
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
if (error) {
lib/dpif-linux: Use relaxed atomics for 'dump->status'. 'dump->status' does not syncronize the state of any other variable, so we can use relaxed atomics on it. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-29 10:34:52 -07:00
atomic_store_relaxed(&dump->status, error);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
break;
dpif: Eliminate "struct odp_flow" from client-visible interface. Following this commit, "struct odp_flow" and related data structures are only used in Linux-specific parts of OVS userspace code. This allows the actual Linux datapath interface to evolve more freely. Reviewed by Justin Pettit.
2011-01-26 07:03:39 -08:00
}
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
dpif: Minimize memory copy for revalidation. One of the limiting factors on the number of flows that can be supported in the datapath is the overhead of assembling flow dump messages in the datapath. This patch modifies the dpif to allow revalidators to skip dumping the key, mask and actions from the datapath, by making use of the unique flow identifiers introduced in earlier patches. For each flow dump, the dpif user specifies whether to skip these attributes, allowing the common case to only dump a pair of 128-bit ID and flow stats. With datapath support, this increases the number of flows that a revalidator can handle per second by 50% or more. Support in dpif-netdev and dpif-netlink is added in this patch; kernel support is left for future patches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-10-06 11:14:08 +13:00
if (dump->up.terse || datapath_flow.actions) {
/* Common case: we don't want actions, or the flow includes
* actions. */
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
dpif_netlink_flow_to_dpif_flow(&flows[n_flows++], &datapath_flow);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
} else {
/* Rare case: the flow does not include actions. Retrieve this
* individual flow again to get the actions. */
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
error = dpif_netlink_flow_get(dpif, &datapath_flow,
dpif-netlink: rename linux_flow variable to datapath_flow In the flow related functions, there's a stack variable called 'linux_flow'. Since this code is not specific to Linux anymore, in this patch, we rename the variable to 'datpath_flow'. Signed-off-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-19 15:34:45 -07:00
&datapath_flow, &thread->nl_actions);
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
if (error == ENOENT) {
VLOG_DBG("dumped flow disappeared on get");
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
continue;
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
} else if (error) {
Replace all uses of strerror() by ovs_strerror(), for thread safety. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-24 10:54:49 -07:00
VLOG_WARN("error fetching dumped flow: %s",
ovs_strerror(error));
lib/dpif-linux: Use relaxed atomics for 'dump->status'. 'dump->status' does not syncronize the state of any other variable, so we can use relaxed atomics on it. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-29 10:34:52 -07:00
atomic_store_relaxed(&dump->status, error);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
break;
datapath: Dump flow actions only if there is room. Expanding an skbuff in a netlink dump handler doesn't work well. We weren't updating the truesize of the skb or the allocation within the socket that netlink_dump() had put the skb in. The code had other bugs too. This commit fixes the problem (in my tests, anyway) by avoiding expanding the reply skbuff to fill in the actions. Instead, in such a case the userspace client has to do a separate "get" action to get the actions. This commit also updates userspace to do this automatically for dumps in the cases where the caller cares (only "ovs-dpctl dump-flows" currently cares). Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com> Bug #4520.
2011-02-01 09:25:26 -08:00
}
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
/* Save this flow. Then exit, because we only have one buffer to
* handle this case. */
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
dpif_netlink_flow_to_dpif_flow(&flows[n_flows++], &datapath_flow);
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
break;
}
dpif: Eliminate "struct odp_flow" from client-visible interface. Following this commit, "struct odp_flow" and related data structures are only used in Linux-specific parts of OVS userspace code. This allows the actual Linux datapath interface to evolve more freely. Reviewed by Justin Pettit.
2011-01-26 07:03:39 -08:00
}
dpif: Refactor flow dumping interface to make better sense for batching. Commit a6ce4b9d251 (ofproto-dpif-upcall: Avoid use-after-free in revalidate() corner case.) showed that it is somewhat tricky to correctly use the existing dpif flow dumping interface to obtain batches of flows. One has to be careful about calling dpif_flow_dump_next_may_destroy_keys() before going on to the next flow. A better interface is possible, one that is naturally oriented toward retrieving batches when that is a useful optimization. This commit replaces the dpif interface by such a design, and updates both the implementations and the callers to adopt it. This is a fairly large change, but I think that the code in ofproto-dpif-upcall is easier to understand after the change. Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-05-20 11:37:02 -07:00
return n_flows;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_encode_execute(int dp_ifindex, const struct dpif_execute *d_exec,
struct ofpbuf *buf)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif: Change provider interface to consistently use operation structs. Until now, a "flow put" has represented its parameters in two different ways, depending on whether it was coming from dpif_flow_put() or from dpif_operate(), and similarly for an "execute" operation. This commit adopts the operation struct consistently within the dpif provider interface, which seems cleaner. This commit also factors out logging for flow puts and executes, which is useful in the following commit. This doesn't change the dpif client interface, since the two forms are more convenient for clients than always filling out an operation struct. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:39:03 -08:00
struct ovs_header *k_exec;
dpif: Use explicit packet metadata. This helps reduce confusion about when a flow is a flow and when it is just metadata. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2013-12-30 15:58:58 -08:00
size_t key_ofs;
datapath: Convert ODP_EXECUTE to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-23 19:08:06 -08:00
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
ofpbuf_prealloc_tailroom(buf, (64
dp-packet: Remove ofpbuf dependency. Currently dp-packet make use of ofpbuf for managing packet buffers. That complicates ofpbuf, by making dp-packet independent of ofpbuf both libraries can be optimized for their own use case. This avoids mapping operation between ofpbuf and dp_packet in datapath upcalls. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-22 03:21:09 -08:00
+ dp_packet_size(d_exec->packet)
dpif: Use explicit packet metadata. This helps reduce confusion about when a flow is a flow and when it is just metadata. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2013-12-30 15:58:58 -08:00
+ ODP_KEY_METADATA_SIZE
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
+ d_exec->actions_len));
datapath: Convert ODP_EXECUTE to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-23 19:08:06 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_genlmsghdr(buf, 0, ovs_packet_family, NLM_F_REQUEST,
datapath: Define constants for versions of GENL families. Currently we hard code the versions of our GENL families to 1 but it's nicer to have symbolic constants. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-10-22 18:22:18 -07:00
OVS_PACKET_CMD_EXECUTE, OVS_PACKET_VERSION);
datapath: Convert ODP_EXECUTE to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-23 19:08:06 -08:00
dpif: Change provider interface to consistently use operation structs. Until now, a "flow put" has represented its parameters in two different ways, depending on whether it was coming from dpif_flow_put() or from dpif_operate(), and similarly for an "execute" operation. This commit adopts the operation struct consistently within the dpif provider interface, which seems cleaner. This commit also factors out logging for flow puts and executes, which is useful in the following commit. This doesn't change the dpif client interface, since the two forms are more convenient for clients than always filling out an operation struct. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:39:03 -08:00
k_exec = ofpbuf_put_uninit(buf, sizeof *k_exec);
k_exec->dp_ifindex = dp_ifindex;
datapath: Convert ODP_EXECUTE to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-23 19:08:06 -08:00
dpif: Change provider interface to consistently use operation structs. Until now, a "flow put" has represented its parameters in two different ways, depending on whether it was coming from dpif_flow_put() or from dpif_operate(), and similarly for an "execute" operation. This commit adopts the operation struct consistently within the dpif provider interface, which seems cleaner. This commit also factors out logging for flow puts and executes, which is useful in the following commit. This doesn't change the dpif client interface, since the two forms are more convenient for clients than always filling out an operation struct. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:39:03 -08:00
nl_msg_put_unspec(buf, OVS_PACKET_ATTR_PACKET,
dp-packet: Remove ofpbuf dependency. Currently dp-packet make use of ofpbuf for managing packet buffers. That complicates ofpbuf, by making dp-packet independent of ofpbuf both libraries can be optimized for their own use case. This avoids mapping operation between ofpbuf and dp_packet in datapath upcalls. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-22 03:21:09 -08:00
dp_packet_data(d_exec->packet),
dp_packet_size(d_exec->packet));
dpif: Use explicit packet metadata. This helps reduce confusion about when a flow is a flow and when it is just metadata. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2013-12-30 15:58:58 -08:00
key_ofs = nl_msg_start_nested(buf, OVS_PACKET_ATTR_KEY);
userspace: Switching of L3 packets in L2 pipeline Ports have a new layer3 attribute if they send/receive L3 packets. The packet_type included in structs dp_packet and flow is considered in ofproto-dpif. The classical L2 match fields (dl_src, dl_dst, dl_type, and vlan_tci, vlan_vid, vlan_pcp) now have Ethernet as pre-requisite. A dummy ethernet header is pushed to L3 packets received from L3 ports before the the pipeline processing starts. The ethernet header is popped before sending a packet to a L3 port. For datapath ports that can receive L2 or L3 packets, the packet_type becomes part of the flow key for datapath flows and is handled appropriately in dpif-netdev. In the 'else' branch in flow_put_on_pmd() function, the additional check flow_equal(&match.flow, &netdev_flow->flow) was removed, as a) the dpcls lookup is sufficient to uniquely identify a flow and b) it caused false negatives because the flow in netdev->flow may not properly masked. In dpif_netdev_flow_put() we now use the same method for constructing the netdev_flow_key as the one used when adding the flow to the dplcs to make sure these always match. The function netdev_flow_key_from_flow() used so far was not only inefficient but sometimes caused mismatches and subsequent flow update failures. The kernel datapath does not support the packet_type match field. Instead it encodes the packet type implictly by the presence or absence of the Ethernet attribute in the flow key and mask. This patch filters the PACKET_TYPE attribute out of netlink flow key and mask to be sent to the kernel datapath. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-06-02 16:16:17 +00:00
odp_key_from_dp_packet(buf, d_exec->packet);
dpif: Use explicit packet metadata. This helps reduce confusion about when a flow is a flow and when it is just metadata. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2013-12-30 15:58:58 -08:00
nl_msg_end_nested(buf, key_ofs);
dpif: Change provider interface to consistently use operation structs. Until now, a "flow put" has represented its parameters in two different ways, depending on whether it was coming from dpif_flow_put() or from dpif_operate(), and similarly for an "execute" operation. This commit adopts the operation struct consistently within the dpif provider interface, which seems cleaner. This commit also factors out logging for flow puts and executes, which is useful in the following commit. This doesn't change the dpif client interface, since the two forms are more convenient for clients than always filling out an operation struct. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:39:03 -08:00
nl_msg_put_unspec(buf, OVS_PACKET_ATTR_ACTIONS,
d_exec->actions, d_exec->actions_len);
dpif: Use OVS_FLOW_ATTR_PROBE. Use the new OVS_FLOW_ATTR_PROBE flag when probing for datapath feature support. Suppress also dpif error logging when requested, as probe failures are already logged at ofproto-dpif. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-12 11:20:13 -07:00
if (d_exec->probe) {
dpif: Use separate OVS_PACKET_ATTR_PROBE for packet messges User space is currently sending a OVS_FLOW_ATTR_PROBE for both flow and packet messages. This leads to an out-of-bounds access in ovs_packet_cmd_execute() because OVS_FLOW_ATTR_PROBE > OVS_PACKET_ATTR_MAX. Introduce a new OVS_PACKET_ATTR_PROBE with the same numeric value as OVS_FLOW_ATTR_PROBE to grow the range of accepted packet attributes while maintaining binary compatibility with existing OVS binaries. Fixes: 9233ce ("datapath: Add support for OVS_FLOW_ATTR_PROBE.") Reported-by: Sander Eikelenboom <linux@eikelenboom.it> Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-15 00:17:31 +01:00
nl_msg_put_flag(buf, OVS_PACKET_ATTR_PROBE);
dpif: Use OVS_FLOW_ATTR_PROBE. Use the new OVS_FLOW_ATTR_PROBE flag when probing for datapath feature support. Suppress also dpif error logging when requested, as probe failures are already logged at ofproto-dpif. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-12 11:20:13 -07:00
}
dpif-netlink: Allow MRU packet attribute. User space now may receive re-assembled IP fragments. The user space netlink handler can now accept packets with the new OVS_PACKET_ATTR_MRU attribute. This allows the kernel to assemble fragmented packets for the duration of OpenFlow processing, then re-fragment at output time. Most notably this occurs for packets that are sent through the connection tracker. Note that the MRU attribute is not exported at the OpenFlow layer. As such, if packets are reassembled by conntrack and subsequently sent to the controller, then OVS has no way to re-serialize the packets to their original size. Signed-off-by: Andy Zhou <azhou@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-26 15:52:34 -08:00
if (d_exec->mtu) {
nl_msg_put_u16(buf, OVS_PACKET_ATTR_MRU, d_exec->mtu);
}
ofproto-dpif-upcall: Echo HASH attribute back to datapath. The kernel datapath may sent upcall with hash info, ovs-vswitchd should get it from upcall and then send it back. The reason is that: | When using the kernel datapath, the upcall don't | include skb hash info relatived. That will introduce | some problem, because the hash of skb is important | in kernel stack. For example, VXLAN module uses | it to select UDP src port. The tx queue selection | may also use the hash in stack. | | Hash is computed in different ways. Hash is random | for a TCP socket, and hash may be computed in hardware, | or software stack. Recalculation hash is not easy. | | There will be one upcall, without information of skb | hash, to ovs-vswitchd, for the first packet of a TCP | session. The rest packets will be processed in Open vSwitch | modules, hash kept. If this tcp session is forward to | VXLAN module, then the UDP src port of first tcp packet | is different from rest packets. | | TCP packets may come from the host or dockers, to Open vSwitch. | To fix it, we store the hash info to upcall, and restore hash | when packets sent back. Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2019-October/364062.html Link: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=bd1903b7c4596ba6f7677d0dfefd05ba5876707d Signed-off-by: Tonghao Zhang <xiangxia.m.yue@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-11-15 10:58:59 +08:00
if (d_exec->hash) {
nl_msg_put_u64(buf, OVS_PACKET_ATTR_HASH, d_exec->hash);
}
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
dpif-netlink: Drop oversized packets instead of assert-failing. A packet sent to a Netlink datapath has to fit within a Netlink attribute. Until now, this was only checked in an assertion inside the Netlink code, which meant that trying to send a too-large packet (approximate 64 kB or larger) would assert-fail. It's better to just drop those packets, which this commit does. Reported-by: Shuping Cui <scui@redhat.com> Reported-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-11 13:45:36 -08:00
/* Executes, against 'dpif', up to the first 'n_ops' operations in 'ops'.
* Returns the number actually executed (at least 1, if 'n_ops' is
* positive). */
static size_t
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_operate__(struct dpif_netlink *dpif,
struct dpif_op **ops, size_t n_ops)
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
{
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
struct op_auxdata {
struct nl_transaction txn;
netlink-socket: Make caller provide message receive buffers. Typically an nl_sock client can stack-allocate the buffer for receiving a Netlink message, which provides a performance boost. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-09 15:35:29 -07:00
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
struct ofpbuf request;
uint64_t request_stub[1024 / 8];
netlink-socket: Make caller provide message receive buffers. Typically an nl_sock client can stack-allocate the buffer for receiving a Netlink message, which provides a performance boost. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-09 15:35:29 -07:00
struct ofpbuf reply;
uint64_t reply_stub[1024 / 8];
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
} auxes[OPERATE_MAX_OPS];
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
struct nl_transaction *txnsp[OPERATE_MAX_OPS];
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
size_t i;
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
n_ops = MIN(n_ops, OPERATE_MAX_OPS);
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
for (i = 0; i < n_ops; i++) {
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
struct op_auxdata *aux = &auxes[i];
dpif: Factor 'type' and 'error' out of individual dpif_op members. I'd like to change ->dpif_flow_put() and ->dpif_execute() in the dpif provider to take the structures of the same names as parameters, instead of passing them discrete parameters, because this seems like a more sensible way to do things internally than to have two different ways to pass the parameters. It might even simplify code slightly. But ->flow_put() and ->execute() wouldn't want the 'type' (because it's implied by the function being called) or 'error' (because it would be the same as the return value). Although of course they could just ignore those members, it seems slightly cleaner to omit them entirely, as this change allows. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:17:55 -08:00
struct dpif_op *op = ops[i];
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
struct dpif_flow_put *put;
struct dpif_flow_del *del;
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
struct dpif_flow_get *get;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow flow;
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
ofpbuf_use_stub(&aux->request,
aux->request_stub, sizeof aux->request_stub);
aux->txn.request = &aux->request;
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
netlink-socket: Make caller provide message receive buffers. Typically an nl_sock client can stack-allocate the buffer for receiving a Netlink message, which provides a performance boost. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-09 15:35:29 -07:00
ofpbuf_use_stub(&aux->reply, aux->reply_stub, sizeof aux->reply_stub);
aux->txn.reply = NULL;
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
switch (op->type) {
case DPIF_OP_FLOW_PUT:
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
put = &op->flow_put;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_init_flow_put(dpif, put, &flow);
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
if (put->stats) {
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
flow.nlmsg_flags |= NLM_F_ECHO;
netlink-socket: Make caller provide message receive buffers. Typically an nl_sock client can stack-allocate the buffer for receiving a Netlink message, which provides a performance boost. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-09 15:35:29 -07:00
aux->txn.reply = &aux->reply;
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_to_ofpbuf(&flow, &aux->request);
utilities: Add netlink flow operation USDT probes and upcall_cost script. This patch adds a series of NetLink flow operation USDT probes. These probes are in turn used in the upcall_cost Python script, which in addition of some kernel tracepoints, give an insight into the time spent on processing upcall. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-12-22 10:19:02 +01:00
OVS_USDT_PROBE(dpif_netlink_operate__, op_flow_put,
dpif, put, &flow, &aux->request);
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
break;
case DPIF_OP_FLOW_DEL:
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
del = &op->flow_del;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_init_flow_del(dpif, del, &flow);
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
if (del->stats) {
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
flow.nlmsg_flags |= NLM_F_ECHO;
netlink-socket: Make caller provide message receive buffers. Typically an nl_sock client can stack-allocate the buffer for receiving a Netlink message, which provides a performance boost. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-09 15:35:29 -07:00
aux->txn.reply = &aux->reply;
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_to_ofpbuf(&flow, &aux->request);
utilities: Add netlink flow operation USDT probes and upcall_cost script. This patch adds a series of NetLink flow operation USDT probes. These probes are in turn used in the upcall_cost Python script, which in addition of some kernel tracepoints, give an insight into the time spent on processing upcall. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-12-22 10:19:02 +01:00
OVS_USDT_PROBE(dpif_netlink_operate__, op_flow_del,
dpif, del, &flow, &aux->request);
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
break;
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
case DPIF_OP_EXECUTE:
dpif-netlink: Drop oversized packets instead of assert-failing. A packet sent to a Netlink datapath has to fit within a Netlink attribute. Until now, this was only checked in an assertion inside the Netlink code, which meant that trying to send a too-large packet (approximate 64 kB or larger) would assert-fail. It's better to just drop those packets, which this commit does. Reported-by: Shuping Cui <scui@redhat.com> Reported-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-11 13:45:36 -08:00
/* Can't execute a packet that won't fit in a Netlink attribute. */
if (OVS_UNLIKELY(nl_attr_oversized(
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
dp_packet_size(op->execute.packet)))) {
dpif-netlink: Drop oversized packets instead of assert-failing. A packet sent to a Netlink datapath has to fit within a Netlink attribute. Until now, this was only checked in an assertion inside the Netlink code, which meant that trying to send a too-large packet (approximate 64 kB or larger) would assert-fail. It's better to just drop those packets, which this commit does. Reported-by: Shuping Cui <scui@redhat.com> Reported-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-11 13:45:36 -08:00
/* Report an error immediately if this is the first operation.
* Otherwise the easiest thing to do is to postpone to the next
* call (when this will be the first operation). */
if (i == 0) {
VLOG_ERR_RL(&error_rl,
"dropping oversized %"PRIu32"-byte packet",
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
dp_packet_size(op->execute.packet));
dpif-netlink: Drop oversized packets instead of assert-failing. A packet sent to a Netlink datapath has to fit within a Netlink attribute. Until now, this was only checked in an assertion inside the Netlink code, which meant that trying to send a too-large packet (approximate 64 kB or larger) would assert-fail. It's better to just drop those packets, which this commit does. Reported-by: Shuping Cui <scui@redhat.com> Reported-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-11 13:45:36 -08:00
op->error = ENOBUFS;
return 1;
}
n_ops = i;
} else {
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
dpif_netlink_encode_execute(dpif->dp_ifindex, &op->execute,
dpif-netlink: Drop oversized packets instead of assert-failing. A packet sent to a Netlink datapath has to fit within a Netlink attribute. Until now, this was only checked in an assertion inside the Netlink code, which meant that trying to send a too-large packet (approximate 64 kB or larger) would assert-fail. It's better to just drop those packets, which this commit does. Reported-by: Shuping Cui <scui@redhat.com> Reported-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-11 13:45:36 -08:00
&aux->request);
utilities: Add netlink flow operation USDT probes and upcall_cost script. This patch adds a series of NetLink flow operation USDT probes. These probes are in turn used in the upcall_cost Python script, which in addition of some kernel tracepoints, give an insight into the time spent on processing upcall. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-12-22 10:19:02 +01:00
OVS_USDT_PROBE(dpif_netlink_operate__, op_flow_execute,
dpif, &op->execute,
dp_packet_data(op->execute.packet),
dp_packet_size(op->execute.packet),
&aux->request);
dpif-netlink: Drop oversized packets instead of assert-failing. A packet sent to a Netlink datapath has to fit within a Netlink attribute. Until now, this was only checked in an assertion inside the Netlink code, which meant that trying to send a too-large packet (approximate 64 kB or larger) would assert-fail. It's better to just drop those packets, which this commit does. Reported-by: Shuping Cui <scui@redhat.com> Reported-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-11 13:45:36 -08:00
}
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
break;
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
case DPIF_OP_FLOW_GET:
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
get = &op->flow_get;
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
dpif_netlink_init_flow_get(dpif, get, &flow);
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
aux->txn.reply = get->buffer;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_to_ofpbuf(&flow, &aux->request);
utilities: Add netlink flow operation USDT probes and upcall_cost script. This patch adds a series of NetLink flow operation USDT probes. These probes are in turn used in the upcall_cost Python script, which in addition of some kernel tracepoints, give an insight into the time spent on processing upcall. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-12-22 10:19:02 +01:00
OVS_USDT_PROBE(dpif_netlink_operate__, op_flow_get,
dpif, get, &flow, &aux->request);
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
break;
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
default:
Rename NOT_REACHED to OVS_NOT_REACHED This allows other libraries to use util.h that has already defined NOT_REACHED. Signed-off-by: Harold Lim <haroldl@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-17 10:32:12 -08:00
OVS_NOT_REACHED();
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
}
for (i = 0; i < n_ops; i++) {
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
txnsp[i] = &auxes[i].txn;
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
netlink-socket: Simplify use of transactions and dumps. This disentangles "struct nl_dump" from "struct nl_sock", clearing the way to make the use of either one thread-safe in an obviously correct manner. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-29 13:57:50 -07:00
nl_transact_multiple(NETLINK_GENERIC, txnsp, n_ops);
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
for (i = 0; i < n_ops; i++) {
netlink-socket: Make caller provide message receive buffers. Typically an nl_sock client can stack-allocate the buffer for receiving a Netlink message, which provides a performance boost. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-09 15:35:29 -07:00
struct op_auxdata *aux = &auxes[i];
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
struct nl_transaction *txn = &auxes[i].txn;
dpif: Factor 'type' and 'error' out of individual dpif_op members. I'd like to change ->dpif_flow_put() and ->dpif_execute() in the dpif provider to take the structures of the same names as parameters, instead of passing them discrete parameters, because this seems like a more sensible way to do things internally than to have two different ways to pass the parameters. It might even simplify code slightly. But ->flow_put() and ->execute() wouldn't want the 'type' (because it's implied by the function being called) or 'error' (because it would be the same as the return value). Although of course they could just ignore those members, it seems slightly cleaner to omit them entirely, as this change allows. Signed-off-by: Ben Pfaff <blp@nicira.com>
2011-12-26 14:17:55 -08:00
struct dpif_op *op = ops[i];
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
struct dpif_flow_put *put;
struct dpif_flow_del *del;
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
struct dpif_flow_get *get;
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
op->error = txn->error;
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
switch (op->type) {
case DPIF_OP_FLOW_PUT:
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
put = &op->flow_put;
dpif-linux: Zero 'stats' outputs of dpif_operate() ops on failure. When DPIF_OP_FLOW_PUT or DPIF_OP_FLOW_DEL operations failed, they left their 'stats' outputs uninitialized. For DPIF_OP_FLOW_DEL, this meant that the caller would read indeterminate data: Conditional jump or move depends on uninitialised value(s) at 0x805C1EB: subfacet_reset_dp_stats (ofproto-dpif.c:4410) by 0x80637D2: expire_batch (ofproto-dpif.c:3471) by 0x8066114: run (ofproto-dpif.c:3513) by 0x8059DF4: ofproto_run (ofproto.c:1035) by 0x8052E17: bridge_run (bridge.c:2005) by 0x8053F74: main (ovs-vswitchd.c:108) It's unusual for a delete operation to fail. The most common reason is an administrator running "ovs-dpctl del-flows". The only user of DPIF_OP_FLOW_PUT did not request stats, so this doesn't fix an actual bug for that case. Bug #11797. Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-20 10:55:41 -07:00
if (put->stats) {
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
if (!op->error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow reply;
dpif-linux: Zero 'stats' outputs of dpif_operate() ops on failure. When DPIF_OP_FLOW_PUT or DPIF_OP_FLOW_DEL operations failed, they left their 'stats' outputs uninitialized. For DPIF_OP_FLOW_DEL, this meant that the caller would read indeterminate data: Conditional jump or move depends on uninitialised value(s) at 0x805C1EB: subfacet_reset_dp_stats (ofproto-dpif.c:4410) by 0x80637D2: expire_batch (ofproto-dpif.c:3471) by 0x8066114: run (ofproto-dpif.c:3513) by 0x8059DF4: ofproto_run (ofproto.c:1035) by 0x8052E17: bridge_run (bridge.c:2005) by 0x8053F74: main (ovs-vswitchd.c:108) It's unusual for a delete operation to fail. The most common reason is an administrator running "ovs-dpctl del-flows". The only user of DPIF_OP_FLOW_PUT did not request stats, so this doesn't fix an actual bug for that case. Bug #11797. Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-20 10:55:41 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
op->error = dpif_netlink_flow_from_ofpbuf(&reply,
txn->reply);
dpif-linux: Zero 'stats' outputs of dpif_operate() ops on failure. When DPIF_OP_FLOW_PUT or DPIF_OP_FLOW_DEL operations failed, they left their 'stats' outputs uninitialized. For DPIF_OP_FLOW_DEL, this meant that the caller would read indeterminate data: Conditional jump or move depends on uninitialised value(s) at 0x805C1EB: subfacet_reset_dp_stats (ofproto-dpif.c:4410) by 0x80637D2: expire_batch (ofproto-dpif.c:3471) by 0x8066114: run (ofproto-dpif.c:3513) by 0x8059DF4: ofproto_run (ofproto.c:1035) by 0x8052E17: bridge_run (bridge.c:2005) by 0x8053F74: main (ovs-vswitchd.c:108) It's unusual for a delete operation to fail. The most common reason is an administrator running "ovs-dpctl del-flows". The only user of DPIF_OP_FLOW_PUT did not request stats, so this doesn't fix an actual bug for that case. Bug #11797. Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-20 10:55:41 -07:00
if (!op->error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_get_stats(&reply, put->stats);
dpif-linux: Zero 'stats' outputs of dpif_operate() ops on failure. When DPIF_OP_FLOW_PUT or DPIF_OP_FLOW_DEL operations failed, they left their 'stats' outputs uninitialized. For DPIF_OP_FLOW_DEL, this meant that the caller would read indeterminate data: Conditional jump or move depends on uninitialised value(s) at 0x805C1EB: subfacet_reset_dp_stats (ofproto-dpif.c:4410) by 0x80637D2: expire_batch (ofproto-dpif.c:3471) by 0x8066114: run (ofproto-dpif.c:3513) by 0x8059DF4: ofproto_run (ofproto.c:1035) by 0x8052E17: bridge_run (bridge.c:2005) by 0x8053F74: main (ovs-vswitchd.c:108) It's unusual for a delete operation to fail. The most common reason is an administrator running "ovs-dpctl del-flows". The only user of DPIF_OP_FLOW_PUT did not request stats, so this doesn't fix an actual bug for that case. Bug #11797. Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-20 10:55:41 -07:00
}
}
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
break;
case DPIF_OP_FLOW_DEL:
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
del = &op->flow_del;
dpif-linux: Zero 'stats' outputs of dpif_operate() ops on failure. When DPIF_OP_FLOW_PUT or DPIF_OP_FLOW_DEL operations failed, they left their 'stats' outputs uninitialized. For DPIF_OP_FLOW_DEL, this meant that the caller would read indeterminate data: Conditional jump or move depends on uninitialised value(s) at 0x805C1EB: subfacet_reset_dp_stats (ofproto-dpif.c:4410) by 0x80637D2: expire_batch (ofproto-dpif.c:3471) by 0x8066114: run (ofproto-dpif.c:3513) by 0x8059DF4: ofproto_run (ofproto.c:1035) by 0x8052E17: bridge_run (bridge.c:2005) by 0x8053F74: main (ovs-vswitchd.c:108) It's unusual for a delete operation to fail. The most common reason is an administrator running "ovs-dpctl del-flows". The only user of DPIF_OP_FLOW_PUT did not request stats, so this doesn't fix an actual bug for that case. Bug #11797. Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-20 10:55:41 -07:00
if (del->stats) {
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
if (!op->error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow reply;
dpif-linux: Zero 'stats' outputs of dpif_operate() ops on failure. When DPIF_OP_FLOW_PUT or DPIF_OP_FLOW_DEL operations failed, they left their 'stats' outputs uninitialized. For DPIF_OP_FLOW_DEL, this meant that the caller would read indeterminate data: Conditional jump or move depends on uninitialised value(s) at 0x805C1EB: subfacet_reset_dp_stats (ofproto-dpif.c:4410) by 0x80637D2: expire_batch (ofproto-dpif.c:3471) by 0x8066114: run (ofproto-dpif.c:3513) by 0x8059DF4: ofproto_run (ofproto.c:1035) by 0x8052E17: bridge_run (bridge.c:2005) by 0x8053F74: main (ovs-vswitchd.c:108) It's unusual for a delete operation to fail. The most common reason is an administrator running "ovs-dpctl del-flows". The only user of DPIF_OP_FLOW_PUT did not request stats, so this doesn't fix an actual bug for that case. Bug #11797. Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-20 10:55:41 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
op->error = dpif_netlink_flow_from_ofpbuf(&reply,
txn->reply);
dpif-linux: Zero 'stats' outputs of dpif_operate() ops on failure. When DPIF_OP_FLOW_PUT or DPIF_OP_FLOW_DEL operations failed, they left their 'stats' outputs uninitialized. For DPIF_OP_FLOW_DEL, this meant that the caller would read indeterminate data: Conditional jump or move depends on uninitialised value(s) at 0x805C1EB: subfacet_reset_dp_stats (ofproto-dpif.c:4410) by 0x80637D2: expire_batch (ofproto-dpif.c:3471) by 0x8066114: run (ofproto-dpif.c:3513) by 0x8059DF4: ofproto_run (ofproto.c:1035) by 0x8052E17: bridge_run (bridge.c:2005) by 0x8053F74: main (ovs-vswitchd.c:108) It's unusual for a delete operation to fail. The most common reason is an administrator running "ovs-dpctl del-flows". The only user of DPIF_OP_FLOW_PUT did not request stats, so this doesn't fix an actual bug for that case. Bug #11797. Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-20 10:55:41 -07:00
if (!op->error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_get_stats(&reply, del->stats);
dpif-linux: Zero 'stats' outputs of dpif_operate() ops on failure. When DPIF_OP_FLOW_PUT or DPIF_OP_FLOW_DEL operations failed, they left their 'stats' outputs uninitialized. For DPIF_OP_FLOW_DEL, this meant that the caller would read indeterminate data: Conditional jump or move depends on uninitialised value(s) at 0x805C1EB: subfacet_reset_dp_stats (ofproto-dpif.c:4410) by 0x80637D2: expire_batch (ofproto-dpif.c:3471) by 0x8066114: run (ofproto-dpif.c:3513) by 0x8059DF4: ofproto_run (ofproto.c:1035) by 0x8052E17: bridge_run (bridge.c:2005) by 0x8053F74: main (ovs-vswitchd.c:108) It's unusual for a delete operation to fail. The most common reason is an administrator running "ovs-dpctl del-flows". The only user of DPIF_OP_FLOW_PUT did not request stats, so this doesn't fix an actual bug for that case. Bug #11797. Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-20 10:55:41 -07:00
}
}
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
}
break;
case DPIF_OP_EXECUTE:
break;
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
case DPIF_OP_FLOW_GET:
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
get = &op->flow_get;
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
if (!op->error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_flow reply;
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
op->error = dpif_netlink_flow_from_ofpbuf(&reply, txn->reply);
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
if (!op->error) {
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
dpif_netlink_flow_to_dpif_flow(get->flow, &reply);
dpif: Support flow_get in dpif_operate(). This cleans up the dpif interface to make it more consistent with the other dpif operations, and allows flows to be fetched in batches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-08-13 09:55:54 +12:00
}
}
break;
ofproto-dpif: Batch flow uninstallations due to expiration. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-17 21:52:10 -07:00
default:
Rename NOT_REACHED to OVS_NOT_REACHED This allows other libraries to use util.h that has already defined NOT_REACHED. Signed-off-by: Harold Lim <haroldl@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-17 10:32:12 -08:00
OVS_NOT_REACHED();
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
netlink-socket: Make caller provide message receive buffers. Typically an nl_sock client can stack-allocate the buffer for receiving a Netlink message, which provides a performance boost. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-09 15:35:29 -07:00
ofpbuf_uninit(&aux->request);
ofpbuf_uninit(&aux->reply);
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
dpif-netlink: Drop oversized packets instead of assert-failing. A packet sent to a Netlink datapath has to fit within a Netlink attribute. Until now, this was only checked in an assertion inside the Netlink code, which meant that trying to send a too-large packet (approximate 64 kB or larger) would assert-fail. It's better to just drop those packets, which this commit does. Reported-by: Shuping Cui <scui@redhat.com> Reported-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-11 13:45:36 -08:00
return n_ops;
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
}
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
static int
parse_flow_get(struct dpif_netlink *dpif, struct dpif_flow_get *get)
{
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
const char *dpif_type_str = dpif_normalize_type(dpif_type(&dpif->dpif));
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
struct dpif_flow *dpif_flow = get->flow;
struct match match;
struct nlattr *actions;
struct dpif_flow_stats stats;
dpctl: Properly reflect a rule's offloaded to HW state Previously, any rule that is offloaded via a netdev, not necessarily to the HW, would be reported as "offloaded". This patch fixes this misalignment, and introduces the 'dp' state, as follows: rule is in HW via TC offload -> offloaded=yes dp:tc rule is in not HW over TC DP -> offloaded=no dp:tc rule is in not HW over OVS DP -> offloaded=no dp:ovs To achieve this, the flows's 'offloaded' flag was encapsulated in a new attrs struct, which contains the offloaded state of the flow and the DP layer the flow is handled in, and instead of setting the flow's 'offloaded' state based solely on the type of dump it was acquired via, for netdev flows it now sends the new attrs struct to be collected along with the rest of the flow via the netdev, allowing it to be set per flow. For TC offloads, the offloaded state is set based on the 'in_hw' and 'not_in_hw' flags received from the TC as part of the flower. If no such flag was received, due to lack of kernel support, it defaults to true. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> [simon: resolved conflict in lib/dpctl.man] Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-06-07 09:36:59 +03:00
struct dpif_flow_attrs attrs;
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
struct ofpbuf buf;
uint64_t act_buf[1024 / 8];
struct odputil_keybuf maskbuf;
struct odputil_keybuf keybuf;
struct odputil_keybuf actbuf;
struct ofpbuf key, mask, act;
int err;
ofpbuf_use_stack(&buf, &act_buf, sizeof act_buf);
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
err = netdev_ports_flow_get(dpif_type_str, &match, &actions, get->ufid,
&stats, &attrs, &buf);
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
if (err) {
return err;
}
VLOG_DBG("found flow from netdev, translating to dpif flow");
ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
ofpbuf_use_stack(&act, &actbuf, sizeof actbuf);
ofpbuf_use_stack(&mask, &maskbuf, sizeof maskbuf);
dpif_netlink_netdev_match_to_dpif_flow(&match, &key, &mask, actions,
dpctl: Properly reflect a rule's offloaded to HW state Previously, any rule that is offloaded via a netdev, not necessarily to the HW, would be reported as "offloaded". This patch fixes this misalignment, and introduces the 'dp' state, as follows: rule is in HW via TC offload -> offloaded=yes dp:tc rule is in not HW over TC DP -> offloaded=no dp:tc rule is in not HW over OVS DP -> offloaded=no dp:ovs To achieve this, the flows's 'offloaded' flag was encapsulated in a new attrs struct, which contains the offloaded state of the flow and the DP layer the flow is handled in, and instead of setting the flow's 'offloaded' state based solely on the type of dump it was acquired via, for netdev flows it now sends the new attrs struct to be collected along with the rest of the flow via the netdev, allowing it to be set per flow. For TC offloads, the offloaded state is set based on the 'in_hw' and 'not_in_hw' flags received from the TC as part of the flower. If no such flag was received, due to lack of kernel support, it defaults to true. Signed-off-by: Gavi Teitz <gavi@mellanox.com> Acked-by: Roi Dayan <roid@mellanox.com> [simon: resolved conflict in lib/dpctl.man] Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-06-07 09:36:59 +03:00
&stats, &attrs,
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
(ovs_u128 *) get->ufid,
dpif_flow,
false);
ofpbuf_put(get->buffer, nl_attr_get(actions), nl_attr_get_size(actions));
dpif_flow->actions = ofpbuf_at(get->buffer, 0, 0);
dpif_flow->actions_len = nl_attr_get_size(actions);
return 0;
}
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
static int
parse_flow_put(struct dpif_netlink *dpif, struct dpif_flow_put *put)
{
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
const char *dpif_type_str = dpif_normalize_type(dpif_type(&dpif->dpif));
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
struct match match;
odp_port_t in_port;
const struct nlattr *nla;
size_t left;
struct netdev *dev;
struct offload_info info;
int err;
dpif-netlink: Fix using uninitialized info.tc_modify_flow_deleted in out label. Before info.tc_modify_flow_deleted is assigned a value, error processing of other statements goes to the out label. In the out label, the uninitialized variant is used for condition determination, which may cause uncertain behavior. Fixes: 65b84d4a32bd ("dpif-netlink: avoid netlink modify flow put op failed after tc modify flow put op failed.") Signed-off-by: Mengfan Lv <lvmengfan@huawei.com> Signed-off-by: Yunjian Wang <wangyunjian@huawei.com> Reviewed-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-04-08 21:33:12 +08:00
info.tc_modify_flow_deleted = false;
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
if (put->flags & DPIF_FP_PROBE) {
return EOPNOTSUPP;
}
err = parse_key_and_mask_to_match(put->key, put->key_len, put->mask,
put->mask_len, &match);
if (err) {
return err;
}
in_port = match.flow.in_port.odp_port;
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
dev = netdev_ports_get(in_port, dpif_type_str);
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
if (!dev) {
return EOPNOTSUPP;
}
netdev-offload-tc: Fix ignoring unknown tunnel keys. Current offloading code supports only limited number of tunnel keys and silently ignores everything it doesn't understand. This is causing, for example, offloaded ERSPAN tunnels to not work, because flow is offloaded, but ERSPAN options are not provided to TC. There is a number of tunnel keys, which are supported by the userspace, but silently ignored during offloading: OVS_TUNNEL_KEY_ATTR_DONT_FRAGMENT OVS_TUNNEL_KEY_ATTR_OAM OVS_TUNNEL_KEY_ATTR_VXLAN_OPTS OVS_TUNNEL_KEY_ATTR_ERSPAN_OPTS OVS_TUNNEL_KEY_ATTR_CSUM is kind of supported, but only for actions and for some reason is set from the tunnel port instead of the provided action, and not currently supported for the tunnel key in the match. Addig a default case to fail offloading of unknown attributes. For now explicitly allowing incorrect behavior for the DONT_FRAGMENT flag, otherwise we'll break all tunnel offloading by default. VXLAN and ERSPAN options has to fail offloading, because the tunnel will not work otherwise. OAM is not a default configurations, so failing it as well. The missing DONT_FRAGMENT flag though should, probably, cause frequent flow revalidation, but that is not new with this patch. Same for the 'match' key, only clearing masks that was actually consumed, except for the DONT_FRAGMENT and CSUM flags, which are explicitly allowed and highlighted as broken. Also, destination port as well as CSUM configuration for unknown reason was not taken from the actions list and were passed via HW offload info instead of being consumed from the set() action. Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2022-July/395522.html Reported-by: Eelco Chaudron <echaudro@redhat.com> Fixes: 8f283af89298 ("netdev-tc-offloads: Implement netdev flow put using tc interface") Reviewed-by: Roi Dayan <roid@nvidia.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-14 16:46:02 +02:00
/* Check the output port for a tunnel. */
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
NL_ATTR_FOR_EACH(nla, left, put->actions, put->actions_len) {
if (nl_attr_type(nla) == OVS_ACTION_ATTR_OUTPUT) {
struct netdev *outdev;
odp_port_t out_port;
out_port = nl_attr_get_odp_port(nla);
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
outdev = netdev_ports_get(out_port, dpif_type_str);
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
if (!outdev) {
err = EOPNOTSUPP;
goto out;
}
netdev_close(outdev);
}
}
netdev-offload-tc: Add recirculation support via tc chains Each recirculation id will create a tc chain, and we translate the recirculation action to a tc goto chain action. We check for kernel support for this by probing OvS Datapath for the tc recirc id sharing feature. If supported, we can offload rules that match on recirc_id, and recirculation action safely. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:40 +02:00
info.recirc_id_shared_with_tc = (dpif->user_features
& OVS_DP_F_TC_RECIRC_SHARING);
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
err = netdev_flow_put(dev, &match,
CONST_CAST(struct nlattr *, put->actions),
put->actions_len,
CONST_CAST(ovs_u128 *, put->ufid),
&info, put->stats);
if (!err) {
if (put->flags & DPIF_FP_MODIFY) {
struct dpif_op *opp;
struct dpif_op op;
op.type = DPIF_OP_FLOW_DEL;
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
op.flow_del.key = put->key;
op.flow_del.key_len = put->key_len;
op.flow_del.ufid = put->ufid;
op.flow_del.pmd_id = put->pmd_id;
op.flow_del.stats = NULL;
op.flow_del.terse = false;
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
opp = &op;
dpif_netlink_operate__(dpif, &opp, 1);
}
VLOG_DBG("added flow");
} else if (err != EEXIST) {
dpif-netlink: Detect Out-Of-Resource condition on a netdev This is the first patch in the patch-set to support dynamic rebalancing of offloaded flows. The patch detects OOR condition on a netdev port when ENOSPC error is returned by TC-Flower while adding a flow rule. A new structure is added to the netdev called "netdev_hw_info", to store OOR related information required to perform dynamic offload-rebalancing. Signed-off-by: Sriharsha Basavapatna <sriharsha.basavapatna@broadcom.com> Co-authored-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Signed-off-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Reviewed-by: Sathya Perla <sathya.perla@broadcom.com> Reviewed-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-10-18 21:43:12 +05:30
struct netdev *oor_netdev = NULL;
dpif-netlink: make offload failed EOPNOTSUPP and ENOSPC cases lower priority level log Offload flow failed for EOPNOTSUPP and ENOSPC which should not be a err. It should e lower priority level log for this two failure case. Signed-off-by: wenxu <wenxu@ucloud.cn> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-03-19 20:47:31 +08:00
enum vlog_level level;
dpif-netlink: Detect Out-Of-Resource condition on a netdev This is the first patch in the patch-set to support dynamic rebalancing of offloaded flows. The patch detects OOR condition on a netdev port when ENOSPC error is returned by TC-Flower while adding a flow rule. A new structure is added to the netdev called "netdev_hw_info", to store OOR related information required to perform dynamic offload-rebalancing. Signed-off-by: Sriharsha Basavapatna <sriharsha.basavapatna@broadcom.com> Co-authored-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Signed-off-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Reviewed-by: Sathya Perla <sathya.perla@broadcom.com> Reviewed-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-10-18 21:43:12 +05:30
if (err == ENOSPC && netdev_is_offload_rebalance_policy_enabled()) {
/*
* We need to set OOR on the input netdev (i.e, 'dev') for the
* flow. But if the flow has a tunnel attribute (i.e, decap action,
* with a virtual device like a VxLAN interface as its in-port),
* then lookup and set OOR on the underlying tunnel (real) netdev.
*/
oor_netdev = flow_get_tunnel_netdev(&match.flow.tunnel);
if (!oor_netdev) {
/* Not a 'tunnel' flow */
oor_netdev = dev;
}
netdev_set_hw_info(oor_netdev, HW_INFO_TYPE_OOR, true);
}
dpif-netlink: make offload failed EOPNOTSUPP and ENOSPC cases lower priority level log Offload flow failed for EOPNOTSUPP and ENOSPC which should not be a err. It should e lower priority level log for this two failure case. Signed-off-by: wenxu <wenxu@ucloud.cn> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-03-19 20:47:31 +08:00
level = (err == ENOSPC || err == EOPNOTSUPP) ? VLL_DBG : VLL_ERR;
VLOG_RL(&rl, level, "failed to offload flow: %s: %s",
ovs_strerror(err),
(oor_netdev ? oor_netdev->name : dev->name));
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
}
out:
if (err && err != EEXIST && (put->flags & DPIF_FP_MODIFY)) {
/* Modified rule can't be offloaded, try and delete from HW */
dpif-netlink: avoid netlink modify flow put op failed after tc modify flow put op failed. The tc modify flow put always delete the original flow first and then add the new flow. If the modfiy flow put operation failed, the flow put operation will change from modify to create if success to delete the original flow in tc (which will be always failed with ENOENT, the flow is already be deleted before add the new flow in tc). Finally, the modify flow put will failed to add in kernel datapath. Signed-off-by: wenxu <wenxu@ucloud.cn> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2020-03-11 13:39:34 +08:00
int del_err = 0;
if (!info.tc_modify_flow_deleted) {
del_err = netdev_flow_del(dev, put->ufid, put->stats);
}
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
if (!del_err) {
/* Delete from hw success, so old flow was offloaded.
* Change flags to create the flow in kernel */
put->flags &= ~DPIF_FP_MODIFY;
put->flags |= DPIF_FP_CREATE;
} else if (del_err != ENOENT) {
VLOG_ERR_RL(&rl, "failed to delete offloaded flow: %s",
ovs_strerror(del_err));
/* stop proccesing the flow in kernel */
err = 0;
}
}
netdev_close(dev);
return err;
}
static int
try_send_to_netdev(struct dpif_netlink *dpif, struct dpif_op *op)
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
{
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
int err = EOPNOTSUPP;
dpif-linux: Pass 'struct dpif_linux *' to internal static functions. This commit reformats the dpif-linux module so that all internal static functions take 'struct dpif_linux *' as input argument. This will allow the adding of thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 16:33:17 -07:00
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
switch (op->type) {
case DPIF_OP_FLOW_PUT: {
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
struct dpif_flow_put *put = &op->flow_put;
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
if (!put->ufid) {
break;
}
dpif-netlink: Use dpif logging functions Remove redundant logging functions and reuse the exposed dpif logging functions. Signed-off-by: Roi Dayan <roid@mellanox.com> Reviewed-by: Paul Blakey <paulb@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:54 +03:00
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
err = parse_flow_put(dpif, put);
dpif-netlink: Fix dumping uninitialized netdev flow stats. dpif logging functions expects to be called after the operation. log_flow_del_message() dumps flow stats on success which are not initialized before the actual call to netdev_flow_del(): Conditional jump or move depends on uninitialised value(s) at 0x6090875: _itoa_word (_itoa.c:179) by 0x6093F0D: vfprintf (vfprintf.c:1642) by 0x60C090F: vsnprintf (vsnprintf.c:114) by 0xE5E7EC: ds_put_format_valist (dynamic-string.c:155) by 0xE5E755: ds_put_format (dynamic-string.c:142) by 0xE5A5E6: dpif_flow_stats_format (dpif.c:903) by 0xE5B708: log_flow_message (dpif.c:1763) by 0xE5BCA4: log_flow_del_message (dpif.c:1809) by 0xFA6076: try_send_to_netdev (dpif-netlink.c:2190) by 0xFA0D3C: dpif_netlink_operate (dpif-netlink.c:2248) by 0xE5AFAC: dpif_operate (dpif.c:1376) by 0xDF176E: push_dp_ops (ofproto-dpif-upcall.c:2367) by 0xDF04C8: push_ukey_ops (ofproto-dpif-upcall.c:2447) by 0xDF008F: revalidator_sweep__ (ofproto-dpif-upcall.c:2805) by 0xDF5DC6: revalidator_sweep (ofproto-dpif-upcall.c:2816) by 0xDF1E83: udpif_revalidator (ofproto-dpif-upcall.c:949) by 0xF3A3FE: ovsthread_wrapper (ovs-thread.c:383) by 0x565F6DA: start_thread (pthread_create.c:463) by 0x615988E: clone (clone.S:95) Uninitialised value was created by a stack allocation at 0xDEFC24: revalidator_sweep__ (ofproto-dpif-upcall.c:2733) Fixes: 3cd99886191e ("dpif-netlink: Use dpif logging functions") Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2020-01-06 11:23:42 +01:00
log_flow_put_message(&dpif->dpif, &this_module, put, 0);
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
break;
}
dpif-netlink: Use netdev flow del api to delete a flow If a flow was offloaded to a netdev we delete it using netdev flow api. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:41 +03:00
case DPIF_OP_FLOW_DEL: {
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
struct dpif_flow_del *del = &op->flow_del;
dpif-netlink: Use netdev flow del api to delete a flow If a flow was offloaded to a netdev we delete it using netdev flow api. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:41 +03:00
if (!del->ufid) {
break;
}
dpif-netlink: Use dpif logging functions Remove redundant logging functions and reuse the exposed dpif logging functions. Signed-off-by: Roi Dayan <roid@mellanox.com> Reviewed-by: Paul Blakey <paulb@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:54 +03:00
netdev-offload: Use dpif type instead of class. There is no real difference between the 'class' and 'type' in the context of common lookup operations inside netdev-offload module because it only checks the value of pointers without using the value itself. However, 'type' has some meaning and can be used by offload provides on the initialization phase to check if this type of Flow API in pair with the netdev type could be used in particular datapath type. For example, this is needed to check if Linux flow API could be used for current tunneling vport because it could be used only if tunneling vport belongs to system datapath, i.e. has backing linux interface. This is needed to unblock tunneling offloads in userspace datapath with DPDK flow API. Acked-by: Eli Britstein <elibr@mellanox.com> Acked-by: Roni Bar Yanai <roniba@mellanox.com> Acked-by: Ophir Munk <ophirmu@mellanox.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-07-08 06:38:29 +00:00
err = netdev_ports_flow_del(
dpif_normalize_type(dpif_type(&dpif->dpif)),
del->ufid,
del->stats);
dpif-netlink: Fix dumping uninitialized netdev flow stats. dpif logging functions expects to be called after the operation. log_flow_del_message() dumps flow stats on success which are not initialized before the actual call to netdev_flow_del(): Conditional jump or move depends on uninitialised value(s) at 0x6090875: _itoa_word (_itoa.c:179) by 0x6093F0D: vfprintf (vfprintf.c:1642) by 0x60C090F: vsnprintf (vsnprintf.c:114) by 0xE5E7EC: ds_put_format_valist (dynamic-string.c:155) by 0xE5E755: ds_put_format (dynamic-string.c:142) by 0xE5A5E6: dpif_flow_stats_format (dpif.c:903) by 0xE5B708: log_flow_message (dpif.c:1763) by 0xE5BCA4: log_flow_del_message (dpif.c:1809) by 0xFA6076: try_send_to_netdev (dpif-netlink.c:2190) by 0xFA0D3C: dpif_netlink_operate (dpif-netlink.c:2248) by 0xE5AFAC: dpif_operate (dpif.c:1376) by 0xDF176E: push_dp_ops (ofproto-dpif-upcall.c:2367) by 0xDF04C8: push_ukey_ops (ofproto-dpif-upcall.c:2447) by 0xDF008F: revalidator_sweep__ (ofproto-dpif-upcall.c:2805) by 0xDF5DC6: revalidator_sweep (ofproto-dpif-upcall.c:2816) by 0xDF1E83: udpif_revalidator (ofproto-dpif-upcall.c:949) by 0xF3A3FE: ovsthread_wrapper (ovs-thread.c:383) by 0x565F6DA: start_thread (pthread_create.c:463) by 0x615988E: clone (clone.S:95) Uninitialised value was created by a stack allocation at 0xDEFC24: revalidator_sweep__ (ofproto-dpif-upcall.c:2733) Fixes: 3cd99886191e ("dpif-netlink: Use dpif logging functions") Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2020-01-06 11:23:42 +01:00
log_flow_del_message(&dpif->dpif, &this_module, del, 0);
dpif-netlink: Use netdev flow del api to delete a flow If a flow was offloaded to a netdev we delete it using netdev flow api. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:41 +03:00
break;
}
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
case DPIF_OP_FLOW_GET: {
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
struct dpif_flow_get *get = &op->flow_get;
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
Embrace anonymous unions. Several OVS structs contain embedded named unions, like this: struct { ... union { ... } u; }; C11 standardized a feature that many compilers already implemented anyway, where an embedded union may be unnamed, like this: struct { ... union { ... }; }; This is more convenient because it allows the programmer to omit "u." in many places. OVS already used this feature in several places. This commit embraces it in several others. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
2018-05-24 10:32:59 -07:00
if (!op->flow_get.ufid) {
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
break;
}
dpif-netlink: Use dpif logging functions Remove redundant logging functions and reuse the exposed dpif logging functions. Signed-off-by: Roi Dayan <roid@mellanox.com> Reviewed-by: Paul Blakey <paulb@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:54 +03:00
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
err = parse_flow_get(dpif, get);
dpif-netlink: Fix dumping uninitialized netdev flow stats. dpif logging functions expects to be called after the operation. log_flow_del_message() dumps flow stats on success which are not initialized before the actual call to netdev_flow_del(): Conditional jump or move depends on uninitialised value(s) at 0x6090875: _itoa_word (_itoa.c:179) by 0x6093F0D: vfprintf (vfprintf.c:1642) by 0x60C090F: vsnprintf (vsnprintf.c:114) by 0xE5E7EC: ds_put_format_valist (dynamic-string.c:155) by 0xE5E755: ds_put_format (dynamic-string.c:142) by 0xE5A5E6: dpif_flow_stats_format (dpif.c:903) by 0xE5B708: log_flow_message (dpif.c:1763) by 0xE5BCA4: log_flow_del_message (dpif.c:1809) by 0xFA6076: try_send_to_netdev (dpif-netlink.c:2190) by 0xFA0D3C: dpif_netlink_operate (dpif-netlink.c:2248) by 0xE5AFAC: dpif_operate (dpif.c:1376) by 0xDF176E: push_dp_ops (ofproto-dpif-upcall.c:2367) by 0xDF04C8: push_ukey_ops (ofproto-dpif-upcall.c:2447) by 0xDF008F: revalidator_sweep__ (ofproto-dpif-upcall.c:2805) by 0xDF5DC6: revalidator_sweep (ofproto-dpif-upcall.c:2816) by 0xDF1E83: udpif_revalidator (ofproto-dpif-upcall.c:949) by 0xF3A3FE: ovsthread_wrapper (ovs-thread.c:383) by 0x565F6DA: start_thread (pthread_create.c:463) by 0x615988E: clone (clone.S:95) Uninitialised value was created by a stack allocation at 0xDEFC24: revalidator_sweep__ (ofproto-dpif-upcall.c:2733) Fixes: 3cd99886191e ("dpif-netlink: Use dpif logging functions") Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2020-01-06 11:23:42 +01:00
log_flow_get_message(&dpif->dpif, &this_module, get, 0);
dpif-netlink: Use netdev flow get api to query a flow Search all datapath added netdevs for a given flow using netdev flow api and parse it back to dpif flow. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:43 +03:00
break;
}
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
case DPIF_OP_EXECUTE:
default:
break;
}
return err;
}
static void
dpif_netlink_operate_chunks(struct dpif_netlink *dpif, struct dpif_op **ops,
size_t n_ops)
{
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
while (n_ops > 0) {
dpif-netlink: Drop oversized packets instead of assert-failing. A packet sent to a Netlink datapath has to fit within a Netlink attribute. Until now, this was only checked in an assertion inside the Netlink code, which meant that trying to send a too-large packet (approximate 64 kB or larger) would assert-fail. It's better to just drop those packets, which this commit does. Reported-by: Shuping Cui <scui@redhat.com> Reported-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2015-01-11 13:45:36 -08:00
size_t chunk = dpif_netlink_operate__(dpif, ops, n_ops);
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
dpif-linux: Avoid malloc() in dpif_linux_operate(). Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-05 16:49:22 -07:00
ops += chunk;
n_ops -= chunk;
}
dpif: New function dpif_operate() and dpif-linux implementation. This will be used in an upcoming commit.
2011-09-27 15:08:50 -07:00
}
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
static void
revalidator: Rebalance offloaded flows based on the pps rate This is the third patch in the patch-set to support dynamic rebalancing of offloaded flows. The dynamic rebalancing functionality is implemented in this patch. The ukeys that are not scheduled for deletion are obtained and passed as input to the rebalancing routine. The rebalancing is done in the context of revalidation leader thread, after all other revalidator threads are done with gathering rebalancing data for flows. For each netdev that is in OOR state, a list of flows - both offloaded and non-offloaded (pending) - is obtained using the ukeys. For each netdev that is in OOR state, the flows are grouped and sorted into offloaded and pending flows. The offloaded flows are sorted in descending order of pps-rate, while pending flows are sorted in ascending order of pps-rate. The rebalancing is done in two phases. In the first phase, we try to offload all pending flows and if that succeeds, the OOR state on the device is cleared. If some (or none) of the pending flows could not be offloaded, then we start replacing an offloaded flow that has a lower pps-rate than a pending flow, until there are no more pending flows with a higher rate than an offloaded flow. The flows that are replaced from the device are added into kernel datapath. A new OVS configuration parameter "offload-rebalance", is added to ovsdb. The default value of this is "false". To enable this feature, set the value of this parameter to "true", which provides packets-per-second rate based policy to dynamically offload and un-offload flows. Note: This option can be enabled only when 'hw-offload' policy is enabled. It also requires 'tc-policy' to be set to 'skip_sw'; otherwise, flow offload errors (specifically ENOSPC error this feature depends on) reported by an offloaded device are supressed by TC-Flower kernel module. Signed-off-by: Sriharsha Basavapatna <sriharsha.basavapatna@broadcom.com> Co-authored-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Signed-off-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Reviewed-by: Sathya Perla <sathya.perla@broadcom.com> Reviewed-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-10-18 21:43:14 +05:30
dpif_netlink_operate(struct dpif *dpif_, struct dpif_op **ops, size_t n_ops,
enum dpif_offload_type offload_type)
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
{
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_op *new_ops[OPERATE_MAX_OPS];
int count = 0;
int i = 0;
int err = 0;
revalidator: Rebalance offloaded flows based on the pps rate This is the third patch in the patch-set to support dynamic rebalancing of offloaded flows. The dynamic rebalancing functionality is implemented in this patch. The ukeys that are not scheduled for deletion are obtained and passed as input to the rebalancing routine. The rebalancing is done in the context of revalidation leader thread, after all other revalidator threads are done with gathering rebalancing data for flows. For each netdev that is in OOR state, a list of flows - both offloaded and non-offloaded (pending) - is obtained using the ukeys. For each netdev that is in OOR state, the flows are grouped and sorted into offloaded and pending flows. The offloaded flows are sorted in descending order of pps-rate, while pending flows are sorted in ascending order of pps-rate. The rebalancing is done in two phases. In the first phase, we try to offload all pending flows and if that succeeds, the OOR state on the device is cleared. If some (or none) of the pending flows could not be offloaded, then we start replacing an offloaded flow that has a lower pps-rate than a pending flow, until there are no more pending flows with a higher rate than an offloaded flow. The flows that are replaced from the device are added into kernel datapath. A new OVS configuration parameter "offload-rebalance", is added to ovsdb. The default value of this is "false". To enable this feature, set the value of this parameter to "true", which provides packets-per-second rate based policy to dynamically offload and un-offload flows. Note: This option can be enabled only when 'hw-offload' policy is enabled. It also requires 'tc-policy' to be set to 'skip_sw'; otherwise, flow offload errors (specifically ENOSPC error this feature depends on) reported by an offloaded device are supressed by TC-Flower kernel module. Signed-off-by: Sriharsha Basavapatna <sriharsha.basavapatna@broadcom.com> Co-authored-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Signed-off-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Reviewed-by: Sathya Perla <sathya.perla@broadcom.com> Reviewed-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-10-18 21:43:14 +05:30
if (offload_type == DPIF_OFFLOAD_ALWAYS && !netdev_is_flow_api_enabled()) {
VLOG_DBG("Invalid offload_type: %d", offload_type);
return;
}
if (offload_type != DPIF_OFFLOAD_NEVER && netdev_is_flow_api_enabled()) {
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
while (n_ops > 0) {
count = 0;
while (n_ops > 0 && count < OPERATE_MAX_OPS) {
struct dpif_op *op = ops[i++];
err = try_send_to_netdev(dpif, op);
if (err && err != EEXIST) {
revalidator: Rebalance offloaded flows based on the pps rate This is the third patch in the patch-set to support dynamic rebalancing of offloaded flows. The dynamic rebalancing functionality is implemented in this patch. The ukeys that are not scheduled for deletion are obtained and passed as input to the rebalancing routine. The rebalancing is done in the context of revalidation leader thread, after all other revalidator threads are done with gathering rebalancing data for flows. For each netdev that is in OOR state, a list of flows - both offloaded and non-offloaded (pending) - is obtained using the ukeys. For each netdev that is in OOR state, the flows are grouped and sorted into offloaded and pending flows. The offloaded flows are sorted in descending order of pps-rate, while pending flows are sorted in ascending order of pps-rate. The rebalancing is done in two phases. In the first phase, we try to offload all pending flows and if that succeeds, the OOR state on the device is cleared. If some (or none) of the pending flows could not be offloaded, then we start replacing an offloaded flow that has a lower pps-rate than a pending flow, until there are no more pending flows with a higher rate than an offloaded flow. The flows that are replaced from the device are added into kernel datapath. A new OVS configuration parameter "offload-rebalance", is added to ovsdb. The default value of this is "false". To enable this feature, set the value of this parameter to "true", which provides packets-per-second rate based policy to dynamically offload and un-offload flows. Note: This option can be enabled only when 'hw-offload' policy is enabled. It also requires 'tc-policy' to be set to 'skip_sw'; otherwise, flow offload errors (specifically ENOSPC error this feature depends on) reported by an offloaded device are supressed by TC-Flower kernel module. Signed-off-by: Sriharsha Basavapatna <sriharsha.basavapatna@broadcom.com> Co-authored-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Signed-off-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Reviewed-by: Sathya Perla <sathya.perla@broadcom.com> Reviewed-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-10-18 21:43:14 +05:30
if (offload_type == DPIF_OFFLOAD_ALWAYS) {
/* We got an error while offloading an op. Since
* OFFLOAD_ALWAYS is specified, we stop further
* processing and return to the caller without
* invoking kernel datapath as fallback. But the
* interface requires us to process all n_ops; so
* return the same error in the remaining ops too.
*/
op->error = err;
n_ops--;
while (n_ops > 0) {
op = ops[i++];
op->error = err;
n_ops--;
}
return;
}
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
new_ops[count++] = op;
} else {
op->error = err;
}
n_ops--;
}
dpif_netlink_operate_chunks(dpif, new_ops, count);
}
revalidator: Rebalance offloaded flows based on the pps rate This is the third patch in the patch-set to support dynamic rebalancing of offloaded flows. The dynamic rebalancing functionality is implemented in this patch. The ukeys that are not scheduled for deletion are obtained and passed as input to the rebalancing routine. The rebalancing is done in the context of revalidation leader thread, after all other revalidator threads are done with gathering rebalancing data for flows. For each netdev that is in OOR state, a list of flows - both offloaded and non-offloaded (pending) - is obtained using the ukeys. For each netdev that is in OOR state, the flows are grouped and sorted into offloaded and pending flows. The offloaded flows are sorted in descending order of pps-rate, while pending flows are sorted in ascending order of pps-rate. The rebalancing is done in two phases. In the first phase, we try to offload all pending flows and if that succeeds, the OOR state on the device is cleared. If some (or none) of the pending flows could not be offloaded, then we start replacing an offloaded flow that has a lower pps-rate than a pending flow, until there are no more pending flows with a higher rate than an offloaded flow. The flows that are replaced from the device are added into kernel datapath. A new OVS configuration parameter "offload-rebalance", is added to ovsdb. The default value of this is "false". To enable this feature, set the value of this parameter to "true", which provides packets-per-second rate based policy to dynamically offload and un-offload flows. Note: This option can be enabled only when 'hw-offload' policy is enabled. It also requires 'tc-policy' to be set to 'skip_sw'; otherwise, flow offload errors (specifically ENOSPC error this feature depends on) reported by an offloaded device are supressed by TC-Flower kernel module. Signed-off-by: Sriharsha Basavapatna <sriharsha.basavapatna@broadcom.com> Co-authored-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Signed-off-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com> Reviewed-by: Sathya Perla <sathya.perla@broadcom.com> Reviewed-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2018-10-18 21:43:14 +05:30
} else if (offload_type != DPIF_OFFLOAD_ALWAYS) {
dpif-netlink: Use netdev flow put api to insert a flow Using the new netdev flow api operate will now try and offload flows to the relevant netdev of the input port. Other operate methods flows will come in later patches. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2017-06-13 18:03:38 +03:00
dpif_netlink_operate_chunks(dpif, ops, n_ops);
}
}
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#if _WIN32
static void
dpif_netlink_handler_uninit(struct dpif_handler *handler)
{
vport_delete_sock_pool(handler);
}
static int
dpif_netlink_handler_init(struct dpif_handler *handler)
{
return vport_create_sock_pool(handler);
}
#else
static int
dpif_netlink_handler_init(struct dpif_handler *handler)
{
handler->epoll_fd = epoll_create(10);
return handler->epoll_fd < 0 ? errno : 0;
}
static void
dpif_netlink_handler_uninit(struct dpif_handler *handler)
{
close(handler->epoll_fd);
}
#endif
handlers: Create additional handler threads when using CPU isolation. Additional threads are required to service upcalls when we have CPU isolation (in per-cpu dispatch mode). The reason additional threads are required is because it creates a more fair distribution. With more threads we decrease the load of each thread as more threads would decrease the number of cores each threads is assigned. Adding additional threads also increases the chance OVS utilizes all cores available to use. Some RPS schemas might make some handler threads get all the workload while others get no workload. This tends to happen when the handler thread count is low. An example would be an RPS that sends traffic on all even cores on a system with only the lower half of the cores available for OVS to use. In this example we have as many handlers threads as there are available cores. In this case 50% of the handler threads get all the workload while the other 50% get no workload. Not only that, but OVS is only utilizing half of the cores that it can use. This is the worst case scenario. The ideal scenario is to have as many threads as there are cores - in this case we guarantee that all cores OVS can use are utilized But, adding as many threads are there are cores could have a performance hit when the number of active cores (which all threads have to share) is very low. For this reason we avoid creating as many threads as there are cores and instead meet somewhere in the middle. The formula used to calculate the number of handler threads to create is as follows: handlers_n = min(next_prime(active_cores+1), total_cores) Assume default behavior when total_cores <= 2, that is do not create additional threads when we have less than 2 total cores on the system Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:14 -04:00
/* Returns true if num is a prime number,
* otherwise, return false.
*/
static bool
is_prime(uint32_t num)
{
if (num == 2) {
return true;
}
if (num < 2) {
return false;
}
if (num % 2 == 0) {
return false;
}
for (uint64_t i = 3; i * i <= num; i += 2) {
if (num % i == 0) {
return false;
}
}
return true;
}
/* Returns start if start is a prime number. Otherwise returns the next
* prime greater than start. Search is limited by UINT32_MAX.
*
* Returns 0 if no prime has been found between start and UINT32_MAX.
*/
static uint32_t
next_prime(uint32_t start)
{
if (start <= 2) {
return 2;
}
for (uint32_t i = start; i < UINT32_MAX; i++) {
if (is_prime(i)) {
return i;
}
}
return 0;
}
/* Calculates and returns the number of handler threads needed based
* the following formula:
*
* handlers_n = min(next_prime(active_cores + 1), total_cores)
*/
static uint32_t
dpif_netlink_calculate_n_handlers(void)
{
uint32_t total_cores = count_total_cores();
uint32_t n_handlers = count_cpu_cores();
uint32_t next_prime_num;
/* If not all cores are available to OVS, create additional handler
* threads to ensure more fair distribution of load between them.
*/
if (n_handlers < total_cores && total_cores > 2) {
next_prime_num = next_prime(n_handlers + 1);
n_handlers = MIN(next_prime_num, total_cores);
}
dpif-netlink: Always create at least 1 handler. Ensure at least 1 handler is created even if something goes wrong during cpu detection or prime numer calculation. Fixes: a5cacea5f988 ("handlers: Create additional handler threads when using CPU isolation.") Suggested-by: Aaron Conole <aconole@redhat.com> Acked-by: Mike Pattrick <mkp@redhat.com> Acked-by: Michael Santana <msantana@redhat.com> Signed-off-by: Adrian Moreno <amorenoz@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-03-27 10:40:10 +02:00
return MAX(n_handlers, 1);
handlers: Create additional handler threads when using CPU isolation. Additional threads are required to service upcalls when we have CPU isolation (in per-cpu dispatch mode). The reason additional threads are required is because it creates a more fair distribution. With more threads we decrease the load of each thread as more threads would decrease the number of cores each threads is assigned. Adding additional threads also increases the chance OVS utilizes all cores available to use. Some RPS schemas might make some handler threads get all the workload while others get no workload. This tends to happen when the handler thread count is low. An example would be an RPS that sends traffic on all even cores on a system with only the lower half of the cores available for OVS to use. In this example we have as many handlers threads as there are available cores. In this case 50% of the handler threads get all the workload while the other 50% get no workload. Not only that, but OVS is only utilizing half of the cores that it can use. This is the worst case scenario. The ideal scenario is to have as many threads as there are cores - in this case we guarantee that all cores OVS can use are utilized But, adding as many threads are there are cores could have a performance hit when the number of active cores (which all threads have to share) is very low. For this reason we avoid creating as many threads as there are cores and instead meet somewhere in the middle. The formula used to calculate the number of handler threads to create is as follows: handlers_n = min(next_prime(active_cores+1), total_cores) Assume default behavior when total_cores <= 2, that is do not create additional threads when we have less than 2 total cores on the system Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:14 -04:00
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static int
dpif_netlink_refresh_handlers_cpu_dispatch(struct dpif_netlink *dpif)
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
int handler_id;
int error = 0;
uint32_t n_handlers;
uint32_t *upcall_pids;
handlers: Create additional handler threads when using CPU isolation. Additional threads are required to service upcalls when we have CPU isolation (in per-cpu dispatch mode). The reason additional threads are required is because it creates a more fair distribution. With more threads we decrease the load of each thread as more threads would decrease the number of cores each threads is assigned. Adding additional threads also increases the chance OVS utilizes all cores available to use. Some RPS schemas might make some handler threads get all the workload while others get no workload. This tends to happen when the handler thread count is low. An example would be an RPS that sends traffic on all even cores on a system with only the lower half of the cores available for OVS to use. In this example we have as many handlers threads as there are available cores. In this case 50% of the handler threads get all the workload while the other 50% get no workload. Not only that, but OVS is only utilizing half of the cores that it can use. This is the worst case scenario. The ideal scenario is to have as many threads as there are cores - in this case we guarantee that all cores OVS can use are utilized But, adding as many threads are there are cores could have a performance hit when the number of active cores (which all threads have to share) is very low. For this reason we avoid creating as many threads as there are cores and instead meet somewhere in the middle. The formula used to calculate the number of handler threads to create is as follows: handlers_n = min(next_prime(active_cores+1), total_cores) Assume default behavior when total_cores <= 2, that is do not create additional threads when we have less than 2 total cores on the system Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:14 -04:00
n_handlers = dpif_netlink_calculate_n_handlers();
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (dpif->n_handlers != n_handlers) {
VLOG_DBG("Dispatch mode(per-cpu): initializing %d handlers",
n_handlers);
destroy_all_handlers(dpif);
upcall_pids = xzalloc(n_handlers * sizeof *upcall_pids);
dpif->handlers = xzalloc(n_handlers * sizeof *dpif->handlers);
for (handler_id = 0; handler_id < n_handlers; handler_id++) {
struct dpif_handler *handler = &dpif->handlers[handler_id];
error = create_nl_sock(dpif, &handler->sock);
if (error) {
VLOG_ERR("Dispatch mode(per-cpu): Cannot create socket for"
"handler %d", handler_id);
continue;
}
upcall_pids[handler_id] = nl_sock_pid(handler->sock);
VLOG_DBG("Dispatch mode(per-cpu): "
"handler %d has Netlink PID of %u",
handler_id, upcall_pids[handler_id]);
}
dpif->n_handlers = n_handlers;
error = dpif_netlink_set_handler_pids(&dpif->dpif, upcall_pids,
n_handlers);
free(upcall_pids);
}
return error;
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
/* Synchronizes 'channels' in 'dpif->handlers' with the set of vports
* currently in 'dpif' in the kernel, by adding a new set of channels for
* any kernel vport that lacks one and deleting any channels that have no
* backing kernel vports. */
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static int
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
dpif_netlink_refresh_handlers_vport_dispatch(struct dpif_netlink *dpif,
uint32_t n_handlers)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
OVS_REQ_WRLOCK(dpif->upcall_lock)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
unsigned long int *keep_channels;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport vport;
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
size_t keep_channels_nbits;
struct nl_dump dump;
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
uint64_t reply_stub[NL_DUMP_BUFSIZE / 8];
struct ofpbuf buf;
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
int retval = 0;
size_t i;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
ovs_assert(!WINDOWS || n_handlers <= 1);
ovs_assert(!WINDOWS || dpif->n_handlers <= 1);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (dpif->n_handlers != n_handlers) {
destroy_all_channels(dpif);
dpif->handlers = xzalloc(n_handlers * sizeof *dpif->handlers);
for (i = 0; i < n_handlers; i++) {
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
int error;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
struct dpif_handler *handler = &dpif->handlers[i];
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
error = dpif_netlink_handler_init(handler);
if (error) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
size_t j;
for (j = 0; j < i; j++) {
dpif-netlink: Fix multiple-free and fd leak on error path. This function attempts to open a bunch of new handlers. If it fails, it attempts to close all the handlers that have already been opened. Unfortunately, the loop to close the opened handlers used the wrong array index: 'i' instead of 'j'. This fixes the problem. Found by Coverity. Reported-at: https://scan3.coverity.com/reports.htm#v16889/p10449/fileInstanceId=14762827&defectInstanceId=4305351&mergedDefectId=180429 Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Justin Pettit <jpettit@ovn.org>
2017-05-30 07:38:56 -07:00
struct dpif_handler *tmp = &dpif->handlers[j];
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
dpif_netlink_handler_uninit(tmp);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
}
free(dpif->handlers);
dpif->handlers = NULL;
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
return error;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
}
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif->n_handlers = n_handlers;
}
for (i = 0; i < n_handlers; i++) {
struct dpif_handler *handler = &dpif->handlers[i];
handler->event_offset = handler->n_events = 0;
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
}
datapath: Use unicast Netlink sockets for upcalls. Currently we publish several multicast groups for upcalls and let userspace sockets subscribe to them. The benefit of this is mostly that userspace is the one doing the subscription - the actual multicast capability is not currently used and probably wouldn't be even if we moved to a multiprocess model. Despite the convenience, multicast sockets have a number of disadvantages, primarily that we only have a limited number of them so there could be collisions. In addition, unicast sockets give additional flexibility to userspace by allowing every object to potentially have a different socket chosen by userspace for upcalls. Finally, any future optimizations for upcalls to reduce copying will likely not be compatible with multicast anyways so disallowing it potentially simplifies things. We also never unregistered the multicast groups registered for upcalls and leaked them on module unload. As a side effect, this solves that problem. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-09-14 13:05:09 -07:00
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
keep_channels_nbits = dpif->uc_array_size;
keep_channels = bitmap_allocate(keep_channels_nbits);
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
ofpbuf_use_stub(&buf, reply_stub, sizeof reply_stub);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_dump_start__(dpif, &dump);
while (!dpif_netlink_port_dump_next__(dpif, &dump, &vport, &buf)) {
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
uint32_t port_no = odp_to_u32(vport.port_no);
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
uint32_t upcall_pid;
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
int error;
dpif-linux: Use "epoll" instead of poll(). epoll appears to be much more efficient than poll() at least for static file descriptor sets. I can't otherwise explain why this patch increases netperf CRR performance by 20% above the previous commit, which is also about a 19% overall improvement versus the baseline from before the poll_fd_woke() optimization was removed.
2011-11-22 09:25:32 -08:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (port_no >= dpif->uc_array_size
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
|| !vport_get_pid(dpif, port_no, &upcall_pid)) {
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
struct nl_sock *sock;
error = create_nl_sock(dpif, &sock);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
Windows: Fix broken kernel userspace communication Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460 broke Windows userpace - kernel communication. On windows we create netlink sockets when the handlers are initiated and reuse them. This patch remaps the usage of the netlink socket pool. Fixes: https://github.com/openvswitch/ovs-issues/issues/164 Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Shashank Ram <rams@vmware.com> Tested-by: Shashank Ram <rams@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Co-authored-by: Ben Pfaff <blp@ovn.org>
2018-11-16 15:32:58 +02:00
if (error) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
goto error;
}
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
error = vport_add_channel(dpif, vport.port_no, sock);
datapath: Use unicast Netlink sockets for upcalls. Currently we publish several multicast groups for upcalls and let userspace sockets subscribe to them. The benefit of this is mostly that userspace is the one doing the subscription - the actual multicast capability is not currently used and probably wouldn't be even if we moved to a multiprocess model. Despite the convenience, multicast sockets have a number of disadvantages, primarily that we only have a limited number of them so there could be collisions. In addition, unicast sockets give additional flexibility to userspace by allowing every object to potentially have a different socket chosen by userspace for upcalls. Finally, any future optimizations for upcalls to reduce copying will likely not be compatible with multicast anyways so disallowing it potentially simplifies things. We also never unregistered the multicast groups registered for upcalls and leaked them on module unload. As a side effect, this solves that problem. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-09-14 13:05:09 -07:00
if (error) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
VLOG_INFO("%s: could not add channels for port %s",
dpif-linux: Pass 'struct dpif_linux *' to internal static functions. This commit reformats the dpif-linux module so that all internal static functions take 'struct dpif_linux *' as input argument. This will allow the adding of thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 16:33:17 -07:00
dpif_name(&dpif->dpif), vport.name);
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
nl_sock_destroy(sock);
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
retval = error;
goto error;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
}
dpif-netlink: Fix some variable naming. Usually a plural name refers to an array, but 'socks' and 'socksp' were only single objects, so this changes their names to 'sock' and 'sockp'. Usually a 'p' suffix means that a variable is an output argument, but that was only true in one place here, so this changes the names of the other variables to plain 'sock'. Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
2019-10-14 11:10:47 -07:00
upcall_pid = nl_sock_pid(sock);
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
}
dpif-linux: Use "epoll" instead of poll(). epoll appears to be much more efficient than poll() at least for static file descriptor sets. I can't otherwise explain why this patch increases netperf CRR performance by 20% above the previous commit, which is also about a 19% overall improvement versus the baseline from before the poll_fd_woke() optimization was removed.
2011-11-22 09:25:32 -08:00
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
/* Configure the vport to deliver misses to 'sock'. */
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (vport.upcall_pids[0] == 0
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
|| vport.n_upcall_pids != 1
|| upcall_pid != vport.upcall_pids[0]) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport vport_request;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(&vport_request);
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
vport_request.cmd = OVS_VPORT_CMD_SET;
vport_request.dp_ifindex = dpif->dp_ifindex;
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
vport_request.port_no = vport.port_no;
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
vport_request.n_upcall_pids = 1;
vport_request.upcall_pids = &upcall_pid;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_vport_transact(&vport_request, NULL, NULL);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (error) {
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
VLOG_WARN_RL(&error_rl,
"%s: failed to set upcall pid on port: %s",
Replace all uses of strerror() by ovs_strerror(), for thread safety. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-24 10:54:49 -07:00
dpif_name(&dpif->dpif), ovs_strerror(error));
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
if (error != ENODEV && error != ENOENT) {
retval = error;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
} else {
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
/* The vport isn't really there, even though the dump says
* it is. Probably we just hit a race after a port
* disappeared. */
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
}
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
goto error;
dpif-linux: Use "epoll" instead of poll(). epoll appears to be much more efficient than poll() at least for static file descriptor sets. I can't otherwise explain why this patch increases netperf CRR performance by 20% above the previous commit, which is also about a 19% overall improvement versus the baseline from before the poll_fd_woke() optimization was removed.
2011-11-22 09:25:32 -08:00
}
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
}
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
if (port_no < keep_channels_nbits) {
bitmap_set1(keep_channels, port_no);
}
continue;
error:
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
vport_del_channels(dpif, vport.port_no);
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
}
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
nl_dump_done(&dump);
netlink: Remove buffer from 'struct nl_dump'. This patch makes all of the users of 'struct nl_dump' allocate their own buffers to pass down to nl_dump_next(). This paves the way for allowing multithreaded flow dumping. Signed-off-by: Joe Stringer <joestringer@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-02-27 14:13:05 -08:00
ofpbuf_uninit(&buf);
datapath: Use unicast Netlink sockets for upcalls. Currently we publish several multicast groups for upcalls and let userspace sockets subscribe to them. The benefit of this is mostly that userspace is the one doing the subscription - the actual multicast capability is not currently used and probably wouldn't be even if we moved to a multiprocess model. Despite the convenience, multicast sockets have a number of disadvantages, primarily that we only have a limited number of them so there could be collisions. In addition, unicast sockets give additional flexibility to userspace by allowing every object to potentially have a different socket chosen by userspace for upcalls. Finally, any future optimizations for upcalls to reduce copying will likely not be compatible with multicast anyways so disallowing it potentially simplifies things. We also never unregistered the multicast groups registered for upcalls and leaked them on module unload. As a side effect, this solves that problem. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-09-14 13:05:09 -07:00
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
/* Discard any saved channels that we didn't reuse. */
for (i = 0; i < keep_channels_nbits; i++) {
if (!bitmap_is_set(keep_channels, i)) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
vport_del_channels(dpif, u32_to_odp(i));
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
}
}
free(keep_channels);
return retval;
}
static int
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
dpif_netlink_recv_set_vport_dispatch(struct dpif_netlink *dpif, bool enable)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
OVS_REQ_WRLOCK(dpif->upcall_lock)
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
{
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if ((dpif->handlers != NULL) == enable) {
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
return 0;
} else if (!enable) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
destroy_all_channels(dpif);
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
return 0;
} else {
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
return dpif_netlink_refresh_handlers_vport_dispatch(dpif, 1);
}
}
static int
dpif_netlink_recv_set_cpu_dispatch(struct dpif_netlink *dpif, bool enable)
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
if ((dpif->handlers != NULL) == enable) {
return 0;
} else if (!enable) {
destroy_all_handlers(dpif);
return 0;
} else {
return dpif_netlink_refresh_handlers_cpu_dispatch(dpif);
dpif-linux: Generalize dpif_linux_recv_set() to synchronize channels. Until now, the code in dpif_linux_recv_set() has assumed it is starting from a clean slate with no channels at all. This commit generalizes it to compare the existing set of channels against the ones that should exist given the vports that the kernel has, adding any new ones that are missing and removing any that should not exist. A followup commit will make good use of this functionality. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-12-04 13:37:31 -08:00
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_recv_set(struct dpif *dpif_, bool enable)
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
int error;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_wrlock(&dpif->upcall_lock);
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (dpif_netlink_upcall_per_cpu(dpif)) {
error = dpif_netlink_recv_set_cpu_dispatch(dpif, enable);
} else {
error = dpif_netlink_recv_set_vport_dispatch(dpif, enable);
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_unlock(&dpif->upcall_lock);
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
return error;
}
dpif: Change dpif API to allow multiple handler threads read upcall. This commit changes the API in 'dpif-provider.h' to allow multiple handler threads call dpif_recv() simultaneously. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-03-07 10:57:36 -08:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_handlers_set(struct dpif *dpif_, uint32_t n_handlers)
dpif: Change dpif API to allow multiple handler threads read upcall. This commit changes the API in 'dpif-provider.h' to allow multiple handler threads call dpif_recv() simultaneously. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-03-07 10:57:36 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
int error = 0;
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifdef _WIN32
/* Multiple upcall handlers will be supported once kernel datapath supports
* it. */
if (n_handlers > 1) {
return error;
}
#endif
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_wrlock(&dpif->upcall_lock);
if (dpif->handlers) {
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (dpif_netlink_upcall_per_cpu(dpif)) {
error = dpif_netlink_refresh_handlers_cpu_dispatch(dpif);
} else {
error = dpif_netlink_refresh_handlers_vport_dispatch(dpif,
n_handlers);
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
}
fat_rwlock_unlock(&dpif->upcall_lock);
return error;
dpif: Change dpif API to allow multiple handler threads read upcall. This commit changes the API in 'dpif-provider.h' to allow multiple handler threads call dpif_recv() simultaneously. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-03-07 10:57:36 -08:00
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static bool
dpif_netlink_number_handlers_required(struct dpif *dpif_, uint32_t *n_handlers)
{
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
if (dpif_netlink_upcall_per_cpu(dpif)) {
handlers: Create additional handler threads when using CPU isolation. Additional threads are required to service upcalls when we have CPU isolation (in per-cpu dispatch mode). The reason additional threads are required is because it creates a more fair distribution. With more threads we decrease the load of each thread as more threads would decrease the number of cores each threads is assigned. Adding additional threads also increases the chance OVS utilizes all cores available to use. Some RPS schemas might make some handler threads get all the workload while others get no workload. This tends to happen when the handler thread count is low. An example would be an RPS that sends traffic on all even cores on a system with only the lower half of the cores available for OVS to use. In this example we have as many handlers threads as there are available cores. In this case 50% of the handler threads get all the workload while the other 50% get no workload. Not only that, but OVS is only utilizing half of the cores that it can use. This is the worst case scenario. The ideal scenario is to have as many threads as there are cores - in this case we guarantee that all cores OVS can use are utilized But, adding as many threads are there are cores could have a performance hit when the number of active cores (which all threads have to share) is very low. For this reason we avoid creating as many threads as there are cores and instead meet somewhere in the middle. The formula used to calculate the number of handler threads to create is as follows: handlers_n = min(next_prime(active_cores+1), total_cores) Assume default behavior when total_cores <= 2, that is do not create additional threads when we have less than 2 total cores on the system Fixes: b1e517bd2f81 ("dpif-netlink: Introduce per-cpu upcall dispatch.") Signed-off-by: Michael Santana <msantana@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2022-08-09 03:18:14 -04:00
*n_handlers = dpif_netlink_calculate_n_handlers();
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
return true;
}
return false;
}
dpif: Abstract translation from OpenFlow queue ID into ODP priority value. When the QoS code was integrated, I didn't yet know how to abstract the translation from a queue ID in an OpenFlow OFPAT_ENQUEUE action into a priority value for an ODP ODPAT_SET_PRIORITY action. This commit is a first attempt that works OK for Linux, so far. It's possible that in fact this translation needs the 'netdev' as an argument too, but it's not needed yet.
2010-07-20 11:23:21 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_queue_to_priority(const struct dpif *dpif OVS_UNUSED,
dpif: Abstract translation from OpenFlow queue ID into ODP priority value. When the QoS code was integrated, I didn't yet know how to abstract the translation from a queue ID in an OpenFlow OFPAT_ENQUEUE action into a priority value for an ODP ODPAT_SET_PRIORITY action. This commit is a first attempt that works OK for Linux, so far. It's possible that in fact this translation needs the 'netdev' as an argument too, but it's not needed yet.
2010-07-20 11:23:21 -07:00
uint32_t queue_id, uint32_t *priority)
{
if (queue_id < 0xf000) {
netdev-linux: Avoid minor number 0 in traffic control. Linux traffic control handles with minor number 0 refer to qdiscs, not to classes. This commit deals with this by using a conversion function: OpenFlow queue 0 maps to minor 1, queue 1 to minor 2, and so on.
2010-07-16 15:50:57 -07:00
*priority = TC_H_MAKE(1 << 16, queue_id + 1);
dpif: Abstract translation from OpenFlow queue ID into ODP priority value. When the QoS code was integrated, I didn't yet know how to abstract the translation from a queue ID in an OpenFlow OFPAT_ENQUEUE action into a priority value for an ODP ODPAT_SET_PRIORITY action. This commit is a first attempt that works OK for Linux, so far. It's possible that in fact this translation needs the 'netdev' as an argument too, but it's not needed yet.
2010-07-20 11:23:21 -07:00
return 0;
} else {
return EINVAL;
}
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static int
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
parse_odp_packet(struct ofpbuf *buf, struct dpif_upcall *upcall,
int *dp_ifindex)
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
{
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
static const struct nl_policy ovs_packet_policy[] = {
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
/* Always present. */
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
[OVS_PACKET_ATTR_PACKET] = { .type = NL_A_UNSPEC,
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
.min_len = ETH_HEADER_LEN },
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
[OVS_PACKET_ATTR_KEY] = { .type = NL_A_NESTED },
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* OVS_PACKET_CMD_ACTION only. */
Allow OVS_USERSPACE_ATTR_USERDATA to be variable length. Until now, the optional OVS_USERSPACE_ATTR_USERDATA attribute had to be exactly 64 bits long, if it was present. However, 64 bits is not enough space to associate as much information with a flow as would be convenient for some userspace features now under development. This commit generalizes the attribute, allowing it to be any length. This generalization is backward-compatible: if userspace only uses 64-bit attributes, then it will not see any change in behavior. CC: Romain Lenglet <rlenglet@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2013-02-15 16:48:32 -08:00
[OVS_PACKET_ATTR_USERDATA] = { .type = NL_A_UNSPEC, .optional = true },
Extend OVS IPFIX exporter to export tunnel headers Extend IPFIX exporter to export tunnel headers when both input and output of the port. Add three other_config options in IPFIX table: enable-input-sampling, enable-output-sampling and enable-tunnel-sampling, to control whether sampling tunnel info, on which direction (input or output). Insert sampling action before output action and the output tunnel port is sent to datapath in the sampling action. Make datapath collect output tunnel info and send it back to userpace in upcall message with a new additional optional attribute. Add a tunnel ports map to make the tunnel port lookup faster in sampling upcalls in IPFIX exporter. Make the IPFIX exporter generate IPFIX template sets with enterprise elements for the tunnel info, save the tunnel info in IPFIX cache entries, and send IPFIX DATA with tunnel info. Add flowDirection element in IPFIX templates. Signed-off-by: Wenyu Zhang <wenyuz@vmware.com> Acked-by: Romain Lenglet <rlenglet@vmware.com> Acked-by: Ben Pfaff <blp@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
2014-08-17 20:19:36 -07:00
[OVS_PACKET_ATTR_EGRESS_TUN_KEY] = { .type = NL_A_NESTED, .optional = true },
Extend sFlow agent to report tunnel and MPLS structures Packets are still sampled at ingress only, so the egress tunnel and/or MPLS structures are only included when there is just 1 output port. The actions are either provided by the datapath in the sample upcall or looked up in the userspace cache. The former is preferred because it is more reliable and does not present any new demands or constraints on the userspace cache, however the code falls back on the userspace lookup so that this solution can work with existing kernel datapath modules. If the lookup fails it is not critical: the compiled user-action-cookie is still available and provides the essential output port and output VLAN forwarding information just as before. The openvswitch actions can express almost any tunneling/mangling so the only totally faithful representation would be to somehow encode the whole list of flow actions in the sFlow output. However the standard sFlow tunnel structures can express most common real-world scenarios, so in parsing the actions we look for those and skip the encoding if we see anything unusual. For example, a single set(tunnel()) or tnl_push() is interpreted, but if a second such action is encountered then the egress tunnel reporting is suppressed. The sFlow standard allows "best effort" encoding so that if a field is not knowable or too onerous to look up then it can be left out. This is often the case for the layer-4 source port or even the src ip address of a tunnel. The assumption is that monitoring is enabled everywhere so a missing field can typically be seen at ingress to the next switch in the path. This patch also adds unit tests to check the sFlow encoding of set(tunnel()), tnl_push() and push_mpls() actions. The netlink attribute to request that actions be included in the upcall from the datapath is inserted for sFlow sampling only. To make that option be explicit would require further changes to the printing and parsing of actions in lib/odp-util.c, and to scripts in the test suite. Further enhancements to report on 802.1AD QinQ, 64-bit tunnel IDs, and NAT transformations can follow in future patches that make only incremental changes. Signed-off-by: Neil McKee <neil.mckee@inmon.com> [blp@nicira.com made stylistic and semantic changes] Signed-off-by: Ben Pfaff <blp@nicira.com>
2015-07-17 21:37:02 -07:00
[OVS_PACKET_ATTR_ACTIONS] = { .type = NL_A_NESTED, .optional = true },
ofproto-dpif-upcall: Echo HASH attribute back to datapath. The kernel datapath may sent upcall with hash info, ovs-vswitchd should get it from upcall and then send it back. The reason is that: | When using the kernel datapath, the upcall don't | include skb hash info relatived. That will introduce | some problem, because the hash of skb is important | in kernel stack. For example, VXLAN module uses | it to select UDP src port. The tx queue selection | may also use the hash in stack. | | Hash is computed in different ways. Hash is random | for a TCP socket, and hash may be computed in hardware, | or software stack. Recalculation hash is not easy. | | There will be one upcall, without information of skb | hash, to ovs-vswitchd, for the first packet of a TCP | session. The rest packets will be processed in Open vSwitch | modules, hash kept. If this tcp session is forward to | VXLAN module, then the UDP src port of first tcp packet | is different from rest packets. | | TCP packets may come from the host or dockers, to Open vSwitch. | To fix it, we store the hash info to upcall, and restore hash | when packets sent back. Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2019-October/364062.html Link: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=bd1903b7c4596ba6f7677d0dfefd05ba5876707d Signed-off-by: Tonghao Zhang <xiangxia.m.yue@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-11-15 10:58:59 +08:00
[OVS_PACKET_ATTR_MRU] = { .type = NL_A_U16, .optional = true },
[OVS_PACKET_ATTR_HASH] = { .type = NL_A_U64, .optional = true }
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
};
ofpbuf: New function ofpbuf_const_initializer(). A number of times I've looked at code and thought that it would be easier to understand if I could write an initializer instead of ofpbuf_use_const(). This commit adds a function for that purpose and adapts a lot of code to use it, in the places where I thought it made the code better. In theory this could improve code generation since the new function can be inlined whereas ofpbuf_use_const() isn't. But I guess that's probably insignificant; the intent of this change is code readability. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-18 15:13:09 -08:00
struct ofpbuf b = ofpbuf_const_initializer(buf->data, buf->size);
struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg);
struct genlmsghdr *genl = ofpbuf_try_pull(&b, sizeof *genl);
struct ovs_header *ovs_header = ofpbuf_try_pull(&b, sizeof *ovs_header);
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
ofpbuf: New function ofpbuf_const_initializer(). A number of times I've looked at code and thought that it would be easier to understand if I could write an initializer instead of ofpbuf_use_const(). This commit adds a function for that purpose and adapts a lot of code to use it, in the places where I thought it made the code better. In theory this could improve code generation since the new function can be inlined whereas ofpbuf_use_const() isn't. But I guess that's probably insignificant; the intent of this change is code readability. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-18 15:13:09 -08:00
struct nlattr *a[ARRAY_SIZE(ovs_packet_policy)];
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (!nlmsg || !genl || !ovs_header
|| nlmsg->nlmsg_type != ovs_packet_family
|| !nl_policy_parse(&b, 0, ovs_packet_policy, a,
ARRAY_SIZE(ovs_packet_policy))) {
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
return EINVAL;
}
ofpbuf: New function ofpbuf_const_initializer(). A number of times I've looked at code and thought that it would be easier to understand if I could write an initializer instead of ofpbuf_use_const(). This commit adds a function for that purpose and adapts a lot of code to use it, in the places where I thought it made the code better. In theory this could improve code generation since the new function can be inlined whereas ofpbuf_use_const() isn't. But I guess that's probably insignificant; the intent of this change is code readability. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-18 15:13:09 -08:00
int type = (genl->cmd == OVS_PACKET_CMD_MISS ? DPIF_UC_MISS
: genl->cmd == OVS_PACKET_CMD_ACTION ? DPIF_UC_ACTION
: -1);
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
if (type < 0) {
return EINVAL;
}
Eliminate ODPL_* from userspace-facing interface. Reviewed by Justin Pettit.
2011-01-26 07:14:04 -08:00
Remove unnecessary memset(). We already set all the fields of the upcall, so memsetting right before is unnecessary. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2013-12-17 15:54:30 -08:00
/* (Re)set ALL fields of '*upcall' on successful return. */
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
upcall->type = type;
util: New macro CONST_CAST. Casts are sometimes necessary. One common reason that they are necessary is for discarding a "const" qualifier. However, this can impede maintenance: if the type of the expression being cast changes, then the presence of the cast can hide a necessary change in the code that does the cast. Using CONST_CAST, instead of a bare cast, makes these changes visible. Inspired by my own work elsewhere: http://git.savannah.gnu.org/cgit/pspp.git/tree/src/libpspp/cast.h#n80 Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-07-13 16:00:29 -07:00
upcall->key = CONST_CAST(struct nlattr *,
nl_attr_get(a[OVS_PACKET_ATTR_KEY]));
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
upcall->key_len = nl_attr_get_size(a[OVS_PACKET_ATTR_KEY]);
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
odp_flow_key_hash(upcall->key, upcall->key_len, &upcall->ufid);
Allow OVS_USERSPACE_ATTR_USERDATA to be variable length. Until now, the optional OVS_USERSPACE_ATTR_USERDATA attribute had to be exactly 64 bits long, if it was present. However, 64 bits is not enough space to associate as much information with a flow as would be convenient for some userspace features now under development. This commit generalizes the attribute, allowing it to be any length. This generalization is backward-compatible: if userspace only uses 64-bit attributes, then it will not see any change in behavior. CC: Romain Lenglet <rlenglet@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2013-02-15 16:48:32 -08:00
upcall->userdata = a[OVS_PACKET_ATTR_USERDATA];
Extend OVS IPFIX exporter to export tunnel headers Extend IPFIX exporter to export tunnel headers when both input and output of the port. Add three other_config options in IPFIX table: enable-input-sampling, enable-output-sampling and enable-tunnel-sampling, to control whether sampling tunnel info, on which direction (input or output). Insert sampling action before output action and the output tunnel port is sent to datapath in the sampling action. Make datapath collect output tunnel info and send it back to userpace in upcall message with a new additional optional attribute. Add a tunnel ports map to make the tunnel port lookup faster in sampling upcalls in IPFIX exporter. Make the IPFIX exporter generate IPFIX template sets with enterprise elements for the tunnel info, save the tunnel info in IPFIX cache entries, and send IPFIX DATA with tunnel info. Add flowDirection element in IPFIX templates. Signed-off-by: Wenyu Zhang <wenyuz@vmware.com> Acked-by: Romain Lenglet <rlenglet@vmware.com> Acked-by: Ben Pfaff <blp@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
2014-08-17 20:19:36 -07:00
upcall->out_tun_key = a[OVS_PACKET_ATTR_EGRESS_TUN_KEY];
Extend sFlow agent to report tunnel and MPLS structures Packets are still sampled at ingress only, so the egress tunnel and/or MPLS structures are only included when there is just 1 output port. The actions are either provided by the datapath in the sample upcall or looked up in the userspace cache. The former is preferred because it is more reliable and does not present any new demands or constraints on the userspace cache, however the code falls back on the userspace lookup so that this solution can work with existing kernel datapath modules. If the lookup fails it is not critical: the compiled user-action-cookie is still available and provides the essential output port and output VLAN forwarding information just as before. The openvswitch actions can express almost any tunneling/mangling so the only totally faithful representation would be to somehow encode the whole list of flow actions in the sFlow output. However the standard sFlow tunnel structures can express most common real-world scenarios, so in parsing the actions we look for those and skip the encoding if we see anything unusual. For example, a single set(tunnel()) or tnl_push() is interpreted, but if a second such action is encountered then the egress tunnel reporting is suppressed. The sFlow standard allows "best effort" encoding so that if a field is not knowable or too onerous to look up then it can be left out. This is often the case for the layer-4 source port or even the src ip address of a tunnel. The assumption is that monitoring is enabled everywhere so a missing field can typically be seen at ingress to the next switch in the path. This patch also adds unit tests to check the sFlow encoding of set(tunnel()), tnl_push() and push_mpls() actions. The netlink attribute to request that actions be included in the upcall from the datapath is inserted for sFlow sampling only. To make that option be explicit would require further changes to the printing and parsing of actions in lib/odp-util.c, and to scripts in the test suite. Further enhancements to report on 802.1AD QinQ, 64-bit tunnel IDs, and NAT transformations can follow in future patches that make only incremental changes. Signed-off-by: Neil McKee <neil.mckee@inmon.com> [blp@nicira.com made stylistic and semantic changes] Signed-off-by: Ben Pfaff <blp@nicira.com>
2015-07-17 21:37:02 -07:00
upcall->actions = a[OVS_PACKET_ATTR_ACTIONS];
dpif-netlink: Allow MRU packet attribute. User space now may receive re-assembled IP fragments. The user space netlink handler can now accept packets with the new OVS_PACKET_ATTR_MRU attribute. This allows the kernel to assemble fragmented packets for the duration of OpenFlow processing, then re-fragment at output time. Most notably this occurs for packets that are sent through the connection tracker. Note that the MRU attribute is not exported at the OpenFlow layer. As such, if packets are reassembled by conntrack and subsequently sent to the controller, then OVS has no way to re-serialize the packets to their original size. Signed-off-by: Andy Zhou <azhou@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-26 15:52:34 -08:00
upcall->mru = a[OVS_PACKET_ATTR_MRU];
ofproto-dpif-upcall: Echo HASH attribute back to datapath. The kernel datapath may sent upcall with hash info, ovs-vswitchd should get it from upcall and then send it back. The reason is that: | When using the kernel datapath, the upcall don't | include skb hash info relatived. That will introduce | some problem, because the hash of skb is important | in kernel stack. For example, VXLAN module uses | it to select UDP src port. The tx queue selection | may also use the hash in stack. | | Hash is computed in different ways. Hash is random | for a TCP socket, and hash may be computed in hardware, | or software stack. Recalculation hash is not easy. | | There will be one upcall, without information of skb | hash, to ovs-vswitchd, for the first packet of a TCP | session. The rest packets will be processed in Open vSwitch | modules, hash kept. If this tcp session is forward to | VXLAN module, then the UDP src port of first tcp packet | is different from rest packets. | | TCP packets may come from the host or dockers, to Open vSwitch. | To fix it, we store the hash info to upcall, and restore hash | when packets sent back. Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2019-October/364062.html Link: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=bd1903b7c4596ba6f7677d0dfefd05ba5876707d Signed-off-by: Tonghao Zhang <xiangxia.m.yue@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-11-15 10:58:59 +08:00
upcall->hash = a[OVS_PACKET_ATTR_HASH];
dpif: Allow execute to modify the packet. Allowing the packet to be modified by execution allows less data copying for userspace action execution. Some users of the dpif_execute already expect that the packet may be modified. This patch makes this behavior uniform and makes the userspace datapath and the execution helpers modify the packet as it is being executed. Userspace action now steals the packet if given permission, as the packet is normally not needed after it. The only exception is the sample action, and this is accounted for my keeping track of any actions that could be following the userspace action. The packet in dpif_upcall is changed from a pointer to a struct, allowing the packet to be honest about it's headroom. After this change the packet can safely be pushed on over the precarious 4 byte limit earlier allowed by the netlink data preceding the packet. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2013-12-16 08:14:52 -08:00
/* Allow overwriting the netlink attribute header without reallocating. */
dp-packet: Remove ofpbuf dependency. Currently dp-packet make use of ofpbuf for managing packet buffers. That complicates ofpbuf, by making dp-packet independent of ofpbuf both libraries can be optimized for their own use case. This avoids mapping operation between ofpbuf and dp_packet in datapath upcalls. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-22 03:21:09 -08:00
dp_packet_use_stub(&upcall->packet,
dpif: Allow execute to modify the packet. Allowing the packet to be modified by execution allows less data copying for userspace action execution. Some users of the dpif_execute already expect that the packet may be modified. This patch makes this behavior uniform and makes the userspace datapath and the execution helpers modify the packet as it is being executed. Userspace action now steals the packet if given permission, as the packet is normally not needed after it. The only exception is the sample action, and this is accounted for my keeping track of any actions that could be following the userspace action. The packet in dpif_upcall is changed from a pointer to a struct, allowing the packet to be honest about it's headroom. After this change the packet can safely be pushed on over the precarious 4 byte limit earlier allowed by the netlink data preceding the packet. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2013-12-16 08:14:52 -08:00
CONST_CAST(struct nlattr *,
nl_attr_get(a[OVS_PACKET_ATTR_PACKET])) - 1,
nl_attr_get_size(a[OVS_PACKET_ATTR_PACKET]) +
sizeof(struct nlattr));
dp-packet: Remove ofpbuf dependency. Currently dp-packet make use of ofpbuf for managing packet buffers. That complicates ofpbuf, by making dp-packet independent of ofpbuf both libraries can be optimized for their own use case. This avoids mapping operation between ofpbuf and dp_packet in datapath upcalls. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2015-02-22 03:21:09 -08:00
dp_packet_set_data(&upcall->packet,
(char *)dp_packet_data(&upcall->packet) + sizeof(struct nlattr));
dp_packet_set_size(&upcall->packet, nl_attr_get_size(a[OVS_PACKET_ATTR_PACKET]));
dpif: Allow execute to modify the packet. Allowing the packet to be modified by execution allows less data copying for userspace action execution. Some users of the dpif_execute already expect that the packet may be modified. This patch makes this behavior uniform and makes the userspace datapath and the execution helpers modify the packet as it is being executed. Userspace action now steals the packet if given permission, as the packet is normally not needed after it. The only exception is the sample action, and this is accounted for my keeping track of any actions that could be following the userspace action. The packet in dpif_upcall is changed from a pointer to a struct, allowing the packet to be honest about it's headroom. After this change the packet can safely be pushed on over the precarious 4 byte limit earlier allowed by the netlink data preceding the packet. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2013-12-16 08:14:52 -08:00
userspace: Add packet_type in dp_packet and flow This commit adds a packet_type attribute to the structs dp_packet and flow to explicitly carry the type of the packet as prepration for the introduction of the so-called packet type-aware pipeline (PTAP) in OVS. The packet_type is a big-endian 32 bit integer with the encoding as specified in OpenFlow verion 1.5. The upper 16 bits contain the packet type name space. Pre-defined values are defined in openflow-common.h: enum ofp_header_type_namespaces { OFPHTN_ONF = 0, /* ONF namespace. */ OFPHTN_ETHERTYPE = 1, /* ns_type is an Ethertype. */ OFPHTN_IP_PROTO = 2, /* ns_type is a IP protocol number. */ OFPHTN_UDP_TCP_PORT = 3, /* ns_type is a TCP or UDP port. */ OFPHTN_IPV4_OPTION = 4, /* ns_type is an IPv4 option number. */ }; The lower 16 bits specify the actual type in the context of the name space. Only name spaces 0 and 1 will be supported for now. For name space OFPHTN_ONF the relevant packet type is 0 (Ethernet). This is the default packet_type in OVS and the only one supported so far. Packets of type (OFPHTN_ONF, 0) are called Ethernet packets. In name space OFPHTN_ETHERTYPE the type is the Ethertype of the packet. A packet of type (OFPHTN_ETHERTYPE, <Ethertype>) is a standard L2 packet whith the Ethernet header (and any VLAN tags) removed to expose the L3 (or L2.5) payload of the packet. These will simply be called L3 packets. The Ethernet address fields dl_src and dl_dst in struct flow are not applicable for an L3 packet and must be zero. However, to maintain compatibility with the large code base, we have chosen to copy the Ethertype of an L3 packet into the the dl_type field of struct flow. This does not mean that it will be possible to match on dl_type for L3 packets with PTAP later on. Matching must be done on packet_type instead. New dp_packets are initialized with packet_type Ethernet. Ports that receive L3 packets will have to explicitly adjust the packet_type. Signed-off-by: Jean Tourrilhes <jt@labs.hpe.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-04-25 16:29:59 +00:00
if (nl_attr_find__(upcall->key, upcall->key_len, OVS_KEY_ATTR_ETHERNET)) {
/* Ethernet frame */
upcall->packet.packet_type = htonl(PT_ETH);
} else {
/* Non-Ethernet packet. Get the Ethertype from the NL attributes */
ovs_be16 ethertype = 0;
const struct nlattr *et_nla = nl_attr_find__(upcall->key,
upcall->key_len,
OVS_KEY_ATTR_ETHERTYPE);
if (et_nla) {
ethertype = nl_attr_get_be16(et_nla);
}
upcall->packet.packet_type = PACKET_TYPE_BE(OFPHTN_ETHERTYPE,
ntohs(ethertype));
dp_packet_set_l3(&upcall->packet, dp_packet_data(&upcall->packet));
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
*dp_ifindex = ovs_header->dp_ifindex;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
return 0;
}
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifdef _WIN32
#define PACKET_RECV_BATCH_SIZE 50
static int
dpif_netlink_recv_windows(struct dpif_netlink *dpif, uint32_t handler_id,
struct dpif_upcall *upcall, struct ofpbuf *buf)
OVS_REQ_RDLOCK(dpif->upcall_lock)
{
struct dpif_handler *handler;
int read_tries = 0;
struct dpif_windows_vport_sock *sock_pool;
uint32_t i;
if (!dpif->handlers) {
return EAGAIN;
}
/* Only one handler is supported currently. */
if (handler_id >= 1) {
return EAGAIN;
}
if (handler_id >= dpif->n_handlers) {
return EAGAIN;
}
handler = &dpif->handlers[handler_id];
sock_pool = handler->vport_sock_pool;
for (i = 0; i < VPORT_SOCK_POOL_SIZE; i++) {
for (;;) {
int dp_ifindex;
int error;
if (++read_tries > PACKET_RECV_BATCH_SIZE) {
return EAGAIN;
}
netlink: provide network namespace id from a msg. The netlink notification's ancillary data contains the network namespace id (netnsid) needed to identify the device correctly. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-03-29 23:05:26 -03:00
error = nl_sock_recv(sock_pool[i].nl_sock, buf, NULL, false);
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
if (error == ENOBUFS) {
/* ENOBUFS typically means that we've received so many
* packets that the buffer overflowed. Try again
* immediately because there's almost certainly a packet
* waiting for us. */
/* XXX: report_loss(dpif, ch, idx, handler_id); */
continue;
}
/* XXX: ch->last_poll = time_msec(); */
if (error) {
if (error == EAGAIN) {
break;
}
return error;
}
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
error = parse_odp_packet(buf, upcall, &dp_ifindex);
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
if (!error && dp_ifindex == dpif->dp_ifindex) {
return 0;
} else if (error) {
return error;
}
}
}
return EAGAIN;
}
#else
datapath: Report kernel's flow key when passing packets up to userspace. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to change the kernel's idea of the flow key separately from the userspace version. This commit takes one step in that direction by making the kernel report its idea of the flow that a packet belongs to whenever it passes a packet up to userspace. This means that userspace can intelligently figure out what to do: - If userspace's notion of the flow for the packet matches the kernel's, then nothing special is necessary. - If the kernel has a more specific notion for the flow than userspace, for example if the kernel decoded IPv6 headers but userspace stopped at the Ethernet type (because it does not understand IPv6), then again nothing special is necessary: userspace can still set up the flow in the usual way. - If userspace has a more specific notion for the flow than the kernel, for example if userspace decoded an IPv6 header but the kernel stopped at the Ethernet type, then userspace can forward the packet manually, without setting up a flow in the kernel. (This case is bad from a performance point of view, but at least it is correct.) This commit does not actually make userspace flexible enough to handle changes in the kernel flow key structure, although userspace does now have enough information to do that intelligently. This will have to wait for later commits. This commit is bigger than it would otherwise be because it is rolled together with changing "struct odp_msg" to a sequence of Netlink attributes. The alternative, to do each of those changes in a separate patch, seemed like overkill because it meant that either we would have to introduce and then kill off Netlink attributes for in_port and tun_id, if Netlink conversion went first, or shove yet another variable-length header into the stuff already after odp_msg, if adding the flow key to odp_msg went first. This commit will slow down performance of checksumming packets sent up to userspace. I'm not entirely pleased with how I did it. I considered a couple of alternatives, but none of them seemed that much better. Suggestions welcome. Not changing anything wasn't an option, unfortunately. At any rate some slowdown will become unavoidable when OVS actually starts using Netlink instead of just Netlink framing. (Actually, I thought of one option where we could avoid that: make userspace do the checksum instead, by passing csum_start and csum_offset as part of what goes to userspace. But that's not perfect either.) Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-24 14:59:57 -08:00
static int
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
dpif_netlink_recv_cpu_dispatch(struct dpif_netlink *dpif, uint32_t handler_id,
struct dpif_upcall *upcall, struct ofpbuf *buf)
OVS_REQ_RDLOCK(dpif->upcall_lock)
{
struct dpif_handler *handler;
int read_tries = 0;
if (!dpif->handlers || handler_id >= dpif->n_handlers) {
return EAGAIN;
}
handler = &dpif->handlers[handler_id];
for (;;) {
int dp_ifindex;
int error;
if (++read_tries > 50) {
return EAGAIN;
}
error = nl_sock_recv(handler->sock, buf, NULL, false);
if (error == ENOBUFS) {
/* ENOBUFS typically means that we've received so many
* packets that the buffer overflowed. Try again
* immediately because there's almost certainly a packet
* waiting for us. */
report_loss(dpif, NULL, 0, handler_id);
continue;
}
if (error) {
if (error == EAGAIN) {
break;
}
return error;
}
error = parse_odp_packet(buf, upcall, &dp_ifindex);
if (!error && dp_ifindex == dpif->dp_ifindex) {
return 0;
} else if (error) {
return error;
}
}
return EAGAIN;
}
static int
dpif_netlink_recv_vport_dispatch(struct dpif_netlink *dpif,
uint32_t handler_id,
struct dpif_upcall *upcall,
struct ofpbuf *buf)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
OVS_REQ_RDLOCK(dpif->upcall_lock)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
struct dpif_handler *handler;
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
int read_tries = 0;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (!dpif->handlers || handler_id >= dpif->n_handlers) {
return EAGAIN;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
handler = &dpif->handlers[handler_id];
if (handler->event_offset >= handler->n_events) {
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
int retval;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
handler->event_offset = handler->n_events = 0;
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv(). This optimization on its own provided about 37% benefit against a load of a single netperf CRR test, but at the same time it penalized ovs-benchmark by about 11%. We can get back the CRR performance loss, and more, other ways, so the first step is to revert this patch, temporarily accepting the performance loss.
2011-11-10 15:39:39 -08:00
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
do {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
retval = epoll_wait(handler->epoll_fd, handler->epoll_events,
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
dpif->uc_array_size, 0);
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
} while (retval < 0 && errno == EINTR);
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
if (retval < 0) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1);
Replace all uses of strerror() by ovs_strerror(), for thread safety. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-24 10:54:49 -07:00
VLOG_WARN_RL(&rl, "epoll_wait failed (%s)", ovs_strerror(errno));
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
} else if (retval > 0) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
handler->n_events = retval;
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
}
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
while (handler->event_offset < handler->n_events) {
int idx = handler->epoll_events[handler->event_offset].data.u32;
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
struct dpif_channel *ch = &dpif->channels[idx];
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
handler->event_offset++;
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv(). This optimization on its own provided about 37% benefit against a load of a single netperf CRR test, but at the same time it penalized ovs-benchmark by about 11%. We can get back the CRR performance loss, and more, other ways, so the first step is to revert this patch, temporarily accepting the performance loss.
2011-11-10 15:39:39 -08:00
for (;;) {
dpif-linux: Use poll() internally in dpif_linux_recv(). Using poll() internally in dpif_linux_recv(), instead of relying on the results of the main loop poll() call, brings netperf CRR performance back within 1% of par versus the code base before the poll_fd_woke() optimizations were introduced. It also increases the ovs-benchmark results by about 5% versus that baseline, too. My theory is that this is because the main loop takes long enough that a significant number of packets can arrive during the main loop itself, so this reduces the time before OVS gets to those packets.
2011-11-28 09:29:18 -08:00
int dp_ifindex;
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv(). This optimization on its own provided about 37% benefit against a load of a single netperf CRR test, but at the same time it penalized ovs-benchmark by about 11%. We can get back the CRR performance loss, and more, other ways, so the first step is to revert this patch, temporarily accepting the performance loss.
2011-11-10 15:39:39 -08:00
int error;
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv(). This optimization on its own provided about 37% benefit against a load of a single netperf CRR test, but at the same time it penalized ovs-benchmark by about 11%. We can get back the CRR performance loss, and more, other ways, so the first step is to revert this patch, temporarily accepting the performance loss.
2011-11-10 15:39:39 -08:00
if (++read_tries > 50) {
return EAGAIN;
}
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
netlink: provide network namespace id from a msg. The netlink notification's ancillary data contains the network namespace id (netnsid) needed to identify the device correctly. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-03-29 23:05:26 -03:00
error = nl_sock_recv(ch->sock, buf, NULL, false);
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
if (error == ENOBUFS) {
/* ENOBUFS typically means that we've received so many
* packets that the buffer overflowed. Try again
* immediately because there's almost certainly a packet
* waiting for us. */
dpif-linux: Pass 'struct dpif_linux *' to internal static functions. This commit reformats the dpif-linux module so that all internal static functions take 'struct dpif_linux *' as input argument. This will allow the adding of thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 16:33:17 -07:00
report_loss(dpif, ch, idx, handler_id);
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
continue;
}
ch->last_poll = time_msec();
netlink-socket: Make caller provide message receive buffers. Typically an nl_sock client can stack-allocate the buffer for receiving a Netlink message, which provides a performance boost. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-04-09 15:35:29 -07:00
if (error) {
if (error == EAGAIN) {
break;
}
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv(). This optimization on its own provided about 37% benefit against a load of a single netperf CRR test, but at the same time it penalized ovs-benchmark by about 11%. We can get back the CRR performance loss, and more, other ways, so the first step is to revert this patch, temporarily accepting the performance loss.
2011-11-10 15:39:39 -08:00
return error;
}
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
dpif: Turn dpif_flow_hash function into generic odp_flow_key_hash. Current implementation of dpif_flow_hash() doesn't depend on datapath interface and only complicates the callers by forcing them to figure out what is their current 'dpif'. If we'll need different hashing for different 'dpif's we'll implement an API for dpif-providers and each dpif implementation will be able to use their local function directly without calling it via dpif API. This change will allow us to not store 'dpif' pointer in the userspace datapath implementation which is broken and will be removed in next commits. This patch moves dpif_flow_hash() to odp-util module and replaces unused odp_flow_key_hash() by it, along with removing of unused 'dpif' argument. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-12-08 18:09:53 +01:00
error = parse_odp_packet(buf, upcall, &dp_ifindex);
dpif: Simplify the "listen mask" concept. At one point in the past, there were three separate queues between the kernel module and OVS userspace, each of which corresponded to a Netlink socket (or, before that, to a character device). It made sense to allow each of these to be enabled or disabled separately, hence the "listen mask" concept in the dpif layer. These days, the concept is much less clear-cut. Queuing is no longer on the basis of different classes of packets but instead striped across a collection of sockets based on input port. It doesn't really make sense to enable receiving packets on the basis of the kind of packet anymore. Accordingly, this commit simplifies the "listen_mask" to just a bool that either enables or disables receiving packets. It could be useful to enable or disable receiving packets on a per-vport basis, but the rest of the code isn't ready to make use of that so this commit doesn't generalize this much. Based on this discussion on ovs-dev: http://openvswitch.org/pipermail/dev/2011-October/012044.html Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-01-12 17:09:22 -08:00
if (!error && dp_ifindex == dpif->dp_ifindex) {
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv(). This optimization on its own provided about 37% benefit against a load of a single netperf CRR test, but at the same time it penalized ovs-benchmark by about 11%. We can get back the CRR performance loss, and more, other ways, so the first step is to revert this patch, temporarily accepting the performance loss.
2011-11-10 15:39:39 -08:00
return 0;
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
} else if (error) {
dpif-linux: Remove poll_fd_woke() optimization from dpif_linux_recv(). This optimization on its own provided about 37% benefit against a load of a single netperf CRR test, but at the same time it penalized ovs-benchmark by about 11%. We can get back the CRR performance loss, and more, other ways, so the first step is to revert this patch, temporarily accepting the performance loss.
2011-11-10 15:39:39 -08:00
return error;
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
}
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
}
dpif-linux: Use "epoll" instead of poll(). epoll appears to be much more efficient than poll() at least for static file descriptor sets. I can't otherwise explain why this patch increases netperf CRR performance by 20% above the previous commit, which is also about a 19% overall improvement versus the baseline from before the poll_fd_woke() optimization was removed.
2011-11-22 09:25:32 -08:00
}
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
return EAGAIN;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#endif
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_recv(struct dpif *dpif_, uint32_t handler_id,
struct dpif_upcall *upcall, struct ofpbuf *buf)
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
int error;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_rdlock(&dpif->upcall_lock);
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#ifdef _WIN32
error = dpif_netlink_recv_windows(dpif, handler_id, upcall, buf);
#else
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (dpif_netlink_upcall_per_cpu(dpif)) {
error = dpif_netlink_recv_cpu_dispatch(dpif, handler_id, upcall, buf);
} else {
error = dpif_netlink_recv_vport_dispatch(dpif,
handler_id, upcall, buf);
}
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
#endif
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_unlock(&dpif->upcall_lock);
dpif-linux: Make use of channels thread-safe. This seems to be the last remaining thread-unsafe code in dpif-linux. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-23 12:41:57 -07:00
return error;
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
#ifdef _WIN32
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static void
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
dpif_netlink_recv_wait_windows(struct dpif_netlink *dpif, uint32_t handler_id)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
OVS_REQ_RDLOCK(dpif->upcall_lock)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif-netlink: Add support for packet receive on Windows. In this patch, we add support in dpif-netlink.c to receive packets on Windows. Windows does not natively support epoll(). Even though there are mechanisms/interfaces that provide functionality similar to epoll(), we take a simple approach of using a pool of sockets. Here are some details of the implementaion to aid review: 1. There's pool of sockets per upcall handler. 2. The pool of sockets is initialized while setting up the handler in dpif_netlink_refresh_channels() primarily. 3. When sockets are to be allocated for a vport, we walk through the pool of sockets for all handlers and pick one of the sockets in each of the pool. Within a handler's pool, sockets are picked in a round-robin fashion. 4. We currently support only 1 handler, since there are some kernel changes needed for support more than 1 handler per vport. 5. The pool size is also set to 1 currently. The restructions imposed by #4 and #5 can be removed in the future without much code churn. Validation: 1. With a hacked up kernel which figures out the netlink socket that is designated to receive packets, we are cable to perform pings between 2 VMs on the same Hyper-V host. 2. Compiled the code in Linux as well. 3. Tested with pool size == 2 as well, though in this patch we set the pool size = 1. Signed-off-by: Nithin Raju <nithin@vmware.com> Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-10-23 08:27:34 -07:00
uint32_t i;
struct dpif_windows_vport_sock *sock_pool =
dpif->handlers[handler_id].vport_sock_pool;
/* Only one handler is supported currently. */
if (handler_id >= 1) {
return;
}
for (i = 0; i < VPORT_SOCK_POOL_SIZE; i++) {
nl_sock_wait(sock_pool[i].nl_sock, POLLIN);
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
#else
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static void
dpif_netlink_recv_wait_vport_dispatch(struct dpif_netlink *dpif,
uint32_t handler_id)
OVS_REQ_RDLOCK(dpif->upcall_lock)
{
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (dpif->handlers && handler_id < dpif->n_handlers) {
struct dpif_handler *handler = &dpif->handlers[handler_id];
poll_fd_wait(handler->epoll_fd, POLLIN);
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
}
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static void
dpif_netlink_recv_wait_cpu_dispatch(struct dpif_netlink *dpif,
uint32_t handler_id)
OVS_REQ_RDLOCK(dpif->upcall_lock)
{
if (dpif->handlers && handler_id < dpif->n_handlers) {
struct dpif_handler *handler = &dpif->handlers[handler_id];
poll_fd_wait(nl_sock_fd(handler->sock), POLLIN);
}
}
#endif
datapath: Drop queue information from odp_stats. This queue information will be available through the kernel socket layer once we move over to Netlink socket as transports, so we might as well get rid of the redundancy. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-04 17:00:36 -08:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_recv_wait(struct dpif *dpif_, uint32_t handler_id)
datapath: Drop queue information from odp_stats. This queue information will be available through the kernel socket layer once we move over to Netlink socket as transports, so we might as well get rid of the redundancy. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-04 17:00:36 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Prevent a single port from monopolizing upcalls. Currently it is possible for a client on a single port to generate a huge number of packets that miss in the kernel flow table and monopolize the userspace/kernel communication path. This effectively DoS's the machine because no new flow setups can take place. This adds some additional fairness by separating each upcall type for each object in the datapath onto a separate socket, each with its own queue. Userspace then reads round-robin from each socket so other flow setups can still succeed. Since the number of objects can potentially be large, we don't always have a unique socket for each. Instead, we create 16 sockets and spread the load around them in a round robin fashion. It's theoretically possible to do better than this with some kind of active load balancing scheme but this seems like a good place to start. Feature #6485
2011-09-16 15:23:37 -07:00
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
fat_rwlock_rdlock(&dpif->upcall_lock);
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
#ifdef _WIN32
dpif_netlink_recv_wait_windows(dpif, handler_id);
#else
if (dpif_netlink_upcall_per_cpu(dpif)) {
dpif_netlink_recv_wait_cpu_dispatch(dpif, handler_id);
} else {
dpif_netlink_recv_wait_vport_dispatch(dpif, handler_id);
}
#endif
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
fat_rwlock_unlock(&dpif->upcall_lock);
}
static void
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
dpif_netlink_recv_purge_vport_dispatch(struct dpif_netlink *dpif)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (dpif->handlers) {
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
size_t i;
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
if (!dpif->channels[0].sock) {
return;
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
for (i = 0; i < dpif->uc_array_size; i++ ) {
datapath: Drop queue information from odp_stats. This queue information will be available through the kernel socket layer once we move over to Netlink socket as transports, so we might as well get rid of the redundancy. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-04 17:00:36 -08:00
dpif-netlink: don't allocate per thread netlink sockets When using the kernel datapath, OVS allocates a pool of sockets to handle netlink events. The number of sockets is: ports * n-handler-threads, where n-handler-threads is user configurable and defaults to 3/4*number of cores. This because vswitchd starts n-handler-threads threads, each one with a netlink socket for every port of the switch. Every thread then, starts listening on events on its set of sockets with epoll(). On setup with lot of CPUs and ports, the number of sockets easily hits the process file descriptor limit, and ovs-vswitchd will exit with -EMFILE. Change the number of allocated sockets to just one per port by moving the socket array from a per handler structure to a per datapath one, and let all the handlers share the same sockets by using EPOLLEXCLUSIVE epoll flag which avoids duplicate events, on systems that support it. The patch was tested on a 56 core machine running Linux 4.18 and latest Open vSwitch. A bridge was created with 2000+ ports, some of them being veth interfaces with the peer outside the bridge. The latency of the upcall is measured by setting a single 'action=controller,local' OpenFlow rule to force all the packets going to the slow path and then to the local port. A tool[1] injects some packets to the veth outside the bridge, and measures the delay until the packet is captured on the local port. The rx timestamp is get from the socket ancillary data in the attribute SO_TIMESTAMPNS, to avoid having the scheduler delay in the measured time. The first test measures the average latency for an upcall generated from a single port. To measure it 100k packets, one every msec, are sent to a single port and the latencies are measured. The second test is meant to check latency fairness among ports, namely if latency is equal between ports or if some ports have lower priority. The previous test is repeated for every port, the average of the average latencies and the standard deviation between averages is measured. The third test serves to measure responsiveness under load. Heavy traffic is sent through all ports, latency and packet loss is measured on a single idle port. The fourth test is all about fairness. Heavy traffic is injected in all ports but one, latency and packet loss is measured on the single idle port. This is the test setup: # nproc 56 # ovs-vsctl show |grep -c Port 2223 # ovs-ofctl dump-flows ovs_upc_br cookie=0x0, duration=4.827s, table=0, n_packets=0, n_bytes=0, actions=CONTROLLER:65535,LOCAL # uname -a Linux fc28 4.18.7-200.fc28.x86_64 #1 SMP Mon Sep 10 15:44:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux And these are the results of the tests: Stock OVS Patched netlink sockets in use by vswitchd lsof -p $(pidof ovs-vswitchd) \ |grep -c GENERIC 91187 2227 Test 1 one port latency min/avg/max/mdev (us) 2.7/6.6/238.7/1.8 1.6/6.8/160.6/1.7 Test 2 all port avg latency/mdev (us) 6.51/0.97 6.86/0.17 Test 3 single port latency under load avg/mdev (us) 7.5/5.9 3.8/4.8 packet loss 95 % 62 % Test 4 idle port latency under load min/avg/max/mdev (us) 0.8/1.5/210.5/0.9 1.0/2.1/344.5/1.2 packet loss 94 % 4 % CPU and RAM usage seems not to be affected, the resource usage of vswitchd idle with 2000+ ports is unchanged: # ps u $(pidof ovs-vswitchd) USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND openvsw+ 5430 54.3 0.3 4263964 510968 pts/1 RLl+ 16:20 0:50 ovs-vswitchd Additionally, to check if vswitchd is thread safe with this patch, the following test was run for circa 48 hours: on a 56 core machine, a bridge with kernel datapath is filled with 2200 dummy interfaces and 22 veth, then 22 traffic generators are run in parallel piping traffic into the veths peers outside the bridge. To generate as many upcalls as possible, all packets were forced to the slowpath with an openflow rule like 'action=controller,local' and packet size was set to 64 byte. Also, to avoid overflowing the FDB early and slowing down the upcall processing, generated mac addresses were restricted to a small interval. vswitchd ran without problems for 48+ hours, obviously with all the handler threads with almost 99% CPU usage. [1] https://github.com/teknoraver/network-tools/blob/master/weed.c Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Flavio Leitner <fbl@sysclose.org>
2018-09-25 10:51:05 +02:00
nl_sock_drain(dpif->channels[i].sock);
dpif-linux: Give each port its own userspace-kernel channel. Userspace-kernel communication is a possible bottleneck when OVS is receiving a large number of flow set up requests. To help prevent a bad actor from consuming too much of this resource, we introduced channels to segegrate traffic. Previously, we created 17 channels and round-robin assigned ports to one of 16 channels (the 17th was reserved for use by the system). This meant if there were more than 16 ports, sharing of channels would occur. This commit creates a new channel for each port, so that there is no more sharing and better isolation. The special system port uses the "ovs-system"'s channel (port 0), since it is not heavily loaded. This also fixes an issue introduced in commit acf60855 (ofproto-dpif: Use a single underlying datapath across multiple bridges.) where ports that were added at run-time were given the special system channel. Issue #12073 Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-04 18:34:26 -08:00
}
datapath: Drop queue information from odp_stats. This queue information will be available through the kernel socket layer once we move over to Netlink socket as transports, so we might as well get rid of the redundancy. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-04 17:00:36 -08:00
}
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
static void
dpif_netlink_recv_purge_cpu_dispatch(struct dpif_netlink *dpif)
OVS_REQ_WRLOCK(dpif->upcall_lock)
{
int handler_id;
if (dpif->handlers) {
for (handler_id = 0; handler_id < dpif->n_handlers; handler_id++) {
struct dpif_handler *handler = &dpif->handlers[handler_id];
nl_sock_drain(handler->sock);
}
}
}
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_recv_purge(struct dpif *dpif_)
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif-linux: Add thread-safety annotations. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-04-17 17:16:34 -07:00
fat_rwlock_wrlock(&dpif->upcall_lock);
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (dpif_netlink_upcall_per_cpu(dpif)) {
dpif_netlink_recv_purge_cpu_dispatch(dpif);
} else {
dpif_netlink_recv_purge_vport_dispatch(dpif);
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
fat_rwlock_unlock(&dpif->upcall_lock);
datapath: Drop queue information from odp_stats. This queue information will be available through the kernel socket layer once we move over to Netlink socket as transports, so we might as well get rid of the redundancy. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-04 17:00:36 -08:00
}
bridge: Store datapath version into ovsdb OVS userspace are backward compatible with older Linux kernel modules. However, not having the most up-to-date datapath kernel modules can some times lead to user confusion. Storing the datapath version in OVSDB allows management software to check and optionally provide notifications to users. Signed-off-by: Andy Zhou <azhou@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-10-16 15:23:11 -07:00
static char *
dpif_netlink_get_datapath_version(void)
{
char *version_str = NULL;
#ifdef __linux__
#define MAX_VERSION_STR_SIZE 80
#define LINUX_DATAPATH_VERSION_FILE "/sys/module/openvswitch/version"
FILE *f;
f = fopen(LINUX_DATAPATH_VERSION_FILE, "r");
if (f) {
char *newline;
char version[MAX_VERSION_STR_SIZE];
if (fgets(version, MAX_VERSION_STR_SIZE, f)) {
newline = strchr(version, '\n');
if (newline) {
*newline = '\0';
}
version_str = xstrdup(version);
}
fclose(f);
}
#endif
return version_str;
}
dpif-netlink: Implement ct_dump_{start,next,done}. These member functions are used by the ct-dpif module to provide its services. They're implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 11:26:18 -07:00
struct dpif_netlink_ct_dump_state {
struct ct_dpif_dump_state up;
struct nl_ct_dump_state *nl_ct_dump;
};
static int
dpif_netlink_ct_dump_start(struct dpif *dpif OVS_UNUSED,
struct ct_dpif_dump_state **dump_,
dpctl: Add new 'ct-bkts' command. With the command: ovs-appctl dpctl/ct-bkts shows the number of connections per bucket. By using a threshold: ovs-appctl dpctl/ct-bkts gt=N for each bucket shows the number of connections when they are greater than N. Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com> Signed-off-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com> Co-authored-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com> Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-01 20:12:03 -07:00
const uint16_t *zone, int *ptot_bkts)
dpif-netlink: Implement ct_dump_{start,next,done}. These member functions are used by the ct-dpif module to provide its services. They're implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 11:26:18 -07:00
{
struct dpif_netlink_ct_dump_state *dump;
int err;
dump = xzalloc(sizeof *dump);
dpctl: Add new 'ct-bkts' command. With the command: ovs-appctl dpctl/ct-bkts shows the number of connections per bucket. By using a threshold: ovs-appctl dpctl/ct-bkts gt=N for each bucket shows the number of connections when they are greater than N. Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com> Signed-off-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com> Co-authored-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com> Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-01 20:12:03 -07:00
err = nl_ct_dump_start(&dump->nl_ct_dump, zone, ptot_bkts);
dpif-netlink: Implement ct_dump_{start,next,done}. These member functions are used by the ct-dpif module to provide its services. They're implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 11:26:18 -07:00
if (err) {
free(dump);
return err;
}
*dump_ = &dump->up;
return 0;
}
static int
dpif_netlink_ct_dump_next(struct dpif *dpif OVS_UNUSED,
struct ct_dpif_dump_state *dump_,
struct ct_dpif_entry *entry)
{
struct dpif_netlink_ct_dump_state *dump;
INIT_CONTAINER(dump, dump_, up);
return nl_ct_dump_next(dump->nl_ct_dump, entry);
}
static int
dpif_netlink_ct_dump_done(struct dpif *dpif OVS_UNUSED,
struct ct_dpif_dump_state *dump_)
{
struct dpif_netlink_ct_dump_state *dump;
INIT_CONTAINER(dump, dump_, up);
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
int err = nl_ct_dump_done(dump->nl_ct_dump);
dpif-netlink: Implement ct_dump_{start,next,done}. These member functions are used by the ct-dpif module to provide its services. They're implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 11:26:18 -07:00
free(dump);
return err;
}
dpif-netlink: Implement ct_flush. This member function is used by the ct-dpif module to provide its services. It's implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 10:34:26 -07:00
static int
ct-dpif,dpif-netlink: Support conntrack flush by ct 5-tuple This patch adds support of flushing a conntrack entry specified by the conntrack 5-tuple, and provides the implementation in dpif-netlink. The implementation of dpif-netlink in the linux datapath utilizes the NFNL_SUBSYS_CTNETLINK netlink subsystem to delete a conntrack entry in nf_conntrack. Future patches will add support for the userspace and Windows datapaths. VMWare-BZ: #1983178 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2017-12-07 10:40:03 -08:00
dpif_netlink_ct_flush(struct dpif *dpif OVS_UNUSED, const uint16_t *zone,
const struct ct_dpif_tuple *tuple)
dpif-netlink: Implement ct_flush. This member function is used by the ct-dpif module to provide its services. It's implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 10:34:26 -07:00
{
ct-dpif,dpif-netlink: Support conntrack flush by ct 5-tuple This patch adds support of flushing a conntrack entry specified by the conntrack 5-tuple, and provides the implementation in dpif-netlink. The implementation of dpif-netlink in the linux datapath utilizes the NFNL_SUBSYS_CTNETLINK netlink subsystem to delete a conntrack entry in nf_conntrack. Future patches will add support for the userspace and Windows datapaths. VMWare-BZ: #1983178 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2017-12-07 10:40:03 -08:00
if (tuple) {
return nl_ct_flush_tuple(tuple, zone ? *zone : 0);
} else if (zone) {
dpif-netlink: Implement ct_flush. This member function is used by the ct-dpif module to provide its services. It's implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 10:34:26 -07:00
return nl_ct_flush_zone(*zone);
} else {
return nl_ct_flush();
}
}
dpif-netlink: Implement ct_dump_{start,next,done}. These member functions are used by the ct-dpif module to provide its services. They're implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 11:26:18 -07:00
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
static int
dpif_netlink_ct_set_limits(struct dpif *dpif OVS_UNUSED,
const struct ovs_list *zone_limits)
{
if (ovs_ct_limit_family < 0) {
return EOPNOTSUPP;
}
struct ofpbuf *request = ofpbuf_new(NL_DUMP_BUFSIZE);
nl_msg_put_genlmsghdr(request, 0, ovs_ct_limit_family,
NLM_F_REQUEST | NLM_F_ECHO, OVS_CT_LIMIT_CMD_SET,
OVS_CT_LIMIT_VERSION);
struct ovs_header *ovs_header;
ovs_header = ofpbuf_put_uninit(request, sizeof *ovs_header);
ovs_header->dp_ifindex = 0;
size_t opt_offset;
opt_offset = nl_msg_start_nested(request, OVS_CT_LIMIT_ATTR_ZONE_LIMIT);
if (!ovs_list_is_empty(zone_limits)) {
struct ct_dpif_zone_limit *zone_limit;
LIST_FOR_EACH (zone_limit, node, zone_limits) {
dpif-netlink: Fix send of uninitialized memory in ct limit requests. ct limit requests never initializes the whole 'struct ovs_zone_limit' sending uninitialized stack memory to kernel: Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s) at 0x5E23867: sendmsg (in /usr/lib64/libpthread-2.28.so) by 0x54F761: nl_sock_transact_multiple__ (netlink-socket.c:858) by 0x54FB6E: nl_sock_transact_multiple.part.9 (netlink-socket.c:1079) by 0x54FCC0: nl_sock_transact_multiple (netlink-socket.c:1044) by 0x54FCC0: nl_sock_transact (netlink-socket.c:1108) by 0x550B6F: nl_transact (netlink-socket.c:1804) by 0x53BEA2: dpif_netlink_ct_get_limits (dpif-netlink.c:3052) by 0x588B57: dpctl_ct_get_limits (dpctl.c:2178) by 0x586FF2: dpctl_unixctl_handler (dpctl.c:2870) by 0x52C241: process_command (unixctl.c:310) by 0x52C241: run_connection (unixctl.c:344) by 0x52C241: unixctl_server_run (unixctl.c:395) by 0x407526: main (ovs-vswitchd.c:128) Address 0x10b87480 is 32 bytes inside a block of size 4,096 alloc'd at 0x4C30F0B: malloc (vg_replace_malloc.c:307) by 0x52CDE4: xmalloc (util.c:138) by 0x4F7E07: ofpbuf_init (ofpbuf.c:123) by 0x4F7E07: ofpbuf_new (ofpbuf.c:151) by 0x53BDE3: dpif_netlink_ct_get_limits (dpif-netlink.c:3025) by 0x588B57: dpctl_ct_get_limits (dpctl.c:2178) by 0x586FF2: dpctl_unixctl_handler (dpctl.c:2870) by 0x52C241: process_command (unixctl.c:310) by 0x52C241: run_connection (unixctl.c:344) by 0x52C241: unixctl_server_run (unixctl.c:395) by 0x407526: main (ovs-vswitchd.c:128) Uninitialised value was created by a stack allocation at 0x46AAA0: ct_dpif_get_limits (ct-dpif.c:197) Fix that by using designated initializers that will clear all the non-specified fields. Fixes: 906ff9d229ee ("dpif-netlink: Implement conntrack zone limit") Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Mark D. Gray <mark.d.gray@redhat.com>
2021-04-04 19:31:46 +02:00
struct ovs_zone_limit req_zone_limit = {
.zone_id = zone_limit->zone,
.limit = zone_limit->limit,
};
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
nl_msg_put(request, &req_zone_limit, sizeof req_zone_limit);
}
}
nl_msg_end_nested(request, opt_offset);
int err = nl_transact(NETLINK_GENERIC, request, NULL);
dpif-netlink: Free leaked ofpbuf by using ofpbuf_delete Found by valgrind. 256 bytes in 4 blocks are definitely lost in loss record 319 of 348 by 0x52E204: xmalloc (util.c:123) by 0x4F6172: ofpbuf_new (ofpbuf.c:151) by 0x53DEF2: dpif_netlink_ct_get_limits (dpif-netlink.c:2951) by 0x587881: dpctl_ct_get_limits (dpctl.c:1904) by 0x58566F: dpctl_unixctl_handler (dpctl.c:2589) by 0x52D660: process_command (unixctl.c:308) by 0x52D660: run_connection (unixctl.c:342) by 0x52D660: unixctl_server_run (unixctl.c:393) by 0x407366: main (ovs-vswitchd.c:126) Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-03-05 15:27:01 -08:00
ofpbuf_delete(request);
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
return err;
}
static int
dpif_netlink_zone_limits_from_ofpbuf(const struct ofpbuf *buf,
struct ovs_list *zone_limits)
{
static const struct nl_policy ovs_ct_limit_policy[] = {
[OVS_CT_LIMIT_ATTR_ZONE_LIMIT] = { .type = NL_A_NESTED,
.optional = true },
};
struct ofpbuf b = ofpbuf_const_initializer(buf->data, buf->size);
struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg);
struct genlmsghdr *genl = ofpbuf_try_pull(&b, sizeof *genl);
struct ovs_header *ovs_header = ofpbuf_try_pull(&b, sizeof *ovs_header);
struct nlattr *attr[ARRAY_SIZE(ovs_ct_limit_policy)];
if (!nlmsg || !genl || !ovs_header
|| nlmsg->nlmsg_type != ovs_ct_limit_family
|| !nl_policy_parse(&b, 0, ovs_ct_limit_policy, attr,
ARRAY_SIZE(ovs_ct_limit_policy))) {
return EINVAL;
}
if (!attr[OVS_CT_LIMIT_ATTR_ZONE_LIMIT]) {
return EINVAL;
}
int rem = NLA_ALIGN(
nl_attr_get_size(attr[OVS_CT_LIMIT_ATTR_ZONE_LIMIT]));
const struct ovs_zone_limit *zone_limit =
nl_attr_get(attr[OVS_CT_LIMIT_ATTR_ZONE_LIMIT]);
while (rem >= sizeof *zone_limit) {
ct-dpif: Handle default zone limit the same way as other limits. Internally handle default CT zone limit as other limits that can be passed via the list with special value -1. Currently, the -1 is treated by both datapaths as default, add static asserts to make sure that this remains the case in the future. This allows us to easily delete the default zone limit. Signed-off-by: Ales Musil <amusil@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-12-04 06:49:08 +01:00
if (zone_limit->zone_id >= OVS_ZONE_LIMIT_DEFAULT_ZONE &&
zone_limit->zone_id <= UINT16_MAX) {
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
ct_dpif_push_zone_limit(zone_limits, zone_limit->zone_id,
zone_limit->limit, zone_limit->count);
}
rem -= NLA_ALIGN(sizeof *zone_limit);
zone_limit = ALIGNED_CAST(struct ovs_zone_limit *,
(unsigned char *) zone_limit + NLA_ALIGN(sizeof *zone_limit));
}
return 0;
}
static int
dpif_netlink_ct_get_limits(struct dpif *dpif OVS_UNUSED,
const struct ovs_list *zone_limits_request,
struct ovs_list *zone_limits_reply)
{
if (ovs_ct_limit_family < 0) {
return EOPNOTSUPP;
}
struct ofpbuf *request = ofpbuf_new(NL_DUMP_BUFSIZE);
nl_msg_put_genlmsghdr(request, 0, ovs_ct_limit_family,
NLM_F_REQUEST | NLM_F_ECHO, OVS_CT_LIMIT_CMD_GET,
OVS_CT_LIMIT_VERSION);
struct ovs_header *ovs_header;
ovs_header = ofpbuf_put_uninit(request, sizeof *ovs_header);
ovs_header->dp_ifindex = 0;
if (!ovs_list_is_empty(zone_limits_request)) {
size_t opt_offset = nl_msg_start_nested(request,
OVS_CT_LIMIT_ATTR_ZONE_LIMIT);
struct ct_dpif_zone_limit *zone_limit;
LIST_FOR_EACH (zone_limit, node, zone_limits_request) {
ct-dpif: Handle default zone limit the same way as other limits. Internally handle default CT zone limit as other limits that can be passed via the list with special value -1. Currently, the -1 is treated by both datapaths as default, add static asserts to make sure that this remains the case in the future. This allows us to easily delete the default zone limit. Signed-off-by: Ales Musil <amusil@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-12-04 06:49:08 +01:00
struct ovs_zone_limit req_zone_limit = {
.zone_id = zone_limit->zone,
};
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
nl_msg_put(request, &req_zone_limit, sizeof req_zone_limit);
}
nl_msg_end_nested(request, opt_offset);
}
struct ofpbuf *reply;
int err = nl_transact(NETLINK_GENERIC, request, &reply);
if (err) {
goto out;
}
ct-dpif: Handle default zone limit the same way as other limits. Internally handle default CT zone limit as other limits that can be passed via the list with special value -1. Currently, the -1 is treated by both datapaths as default, add static asserts to make sure that this remains the case in the future. This allows us to easily delete the default zone limit. Signed-off-by: Ales Musil <amusil@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-12-04 06:49:08 +01:00
err = dpif_netlink_zone_limits_from_ofpbuf(reply, zone_limits_reply);
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
out:
dpif-netlink: Free leaked ofpbuf by using ofpbuf_delete Found by valgrind. 256 bytes in 4 blocks are definitely lost in loss record 319 of 348 by 0x52E204: xmalloc (util.c:123) by 0x4F6172: ofpbuf_new (ofpbuf.c:151) by 0x53DEF2: dpif_netlink_ct_get_limits (dpif-netlink.c:2951) by 0x587881: dpctl_ct_get_limits (dpctl.c:1904) by 0x58566F: dpctl_unixctl_handler (dpctl.c:2589) by 0x52D660: process_command (unixctl.c:308) by 0x52D660: run_connection (unixctl.c:342) by 0x52D660: unixctl_server_run (unixctl.c:393) by 0x407366: main (ovs-vswitchd.c:126) Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-03-05 15:27:01 -08:00
ofpbuf_delete(request);
ofpbuf_delete(reply);
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
return err;
}
static int
dpif_netlink_ct_del_limits(struct dpif *dpif OVS_UNUSED,
const struct ovs_list *zone_limits)
{
if (ovs_ct_limit_family < 0) {
return EOPNOTSUPP;
}
struct ofpbuf *request = ofpbuf_new(NL_DUMP_BUFSIZE);
nl_msg_put_genlmsghdr(request, 0, ovs_ct_limit_family,
NLM_F_REQUEST | NLM_F_ECHO, OVS_CT_LIMIT_CMD_DEL,
OVS_CT_LIMIT_VERSION);
struct ovs_header *ovs_header;
ovs_header = ofpbuf_put_uninit(request, sizeof *ovs_header);
ovs_header->dp_ifindex = 0;
if (!ovs_list_is_empty(zone_limits)) {
size_t opt_offset =
nl_msg_start_nested(request, OVS_CT_LIMIT_ATTR_ZONE_LIMIT);
struct ct_dpif_zone_limit *zone_limit;
LIST_FOR_EACH (zone_limit, node, zone_limits) {
dpif-netlink: Fix send of uninitialized memory in ct limit requests. ct limit requests never initializes the whole 'struct ovs_zone_limit' sending uninitialized stack memory to kernel: Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s) at 0x5E23867: sendmsg (in /usr/lib64/libpthread-2.28.so) by 0x54F761: nl_sock_transact_multiple__ (netlink-socket.c:858) by 0x54FB6E: nl_sock_transact_multiple.part.9 (netlink-socket.c:1079) by 0x54FCC0: nl_sock_transact_multiple (netlink-socket.c:1044) by 0x54FCC0: nl_sock_transact (netlink-socket.c:1108) by 0x550B6F: nl_transact (netlink-socket.c:1804) by 0x53BEA2: dpif_netlink_ct_get_limits (dpif-netlink.c:3052) by 0x588B57: dpctl_ct_get_limits (dpctl.c:2178) by 0x586FF2: dpctl_unixctl_handler (dpctl.c:2870) by 0x52C241: process_command (unixctl.c:310) by 0x52C241: run_connection (unixctl.c:344) by 0x52C241: unixctl_server_run (unixctl.c:395) by 0x407526: main (ovs-vswitchd.c:128) Address 0x10b87480 is 32 bytes inside a block of size 4,096 alloc'd at 0x4C30F0B: malloc (vg_replace_malloc.c:307) by 0x52CDE4: xmalloc (util.c:138) by 0x4F7E07: ofpbuf_init (ofpbuf.c:123) by 0x4F7E07: ofpbuf_new (ofpbuf.c:151) by 0x53BDE3: dpif_netlink_ct_get_limits (dpif-netlink.c:3025) by 0x588B57: dpctl_ct_get_limits (dpctl.c:2178) by 0x586FF2: dpctl_unixctl_handler (dpctl.c:2870) by 0x52C241: process_command (unixctl.c:310) by 0x52C241: run_connection (unixctl.c:344) by 0x52C241: unixctl_server_run (unixctl.c:395) by 0x407526: main (ovs-vswitchd.c:128) Uninitialised value was created by a stack allocation at 0x46AAA0: ct_dpif_get_limits (ct-dpif.c:197) Fix that by using designated initializers that will clear all the non-specified fields. Fixes: 906ff9d229ee ("dpif-netlink: Implement conntrack zone limit") Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Acked-by: Mark D. Gray <mark.d.gray@redhat.com>
2021-04-04 19:31:46 +02:00
struct ovs_zone_limit req_zone_limit = {
.zone_id = zone_limit->zone,
};
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
nl_msg_put(request, &req_zone_limit, sizeof req_zone_limit);
}
nl_msg_end_nested(request, opt_offset);
}
int err = nl_transact(NETLINK_GENERIC, request, NULL);
dpif-netlink: Free leaked ofpbuf by using ofpbuf_delete Found by valgrind. 256 bytes in 4 blocks are definitely lost in loss record 319 of 348 by 0x52E204: xmalloc (util.c:123) by 0x4F6172: ofpbuf_new (ofpbuf.c:151) by 0x53DEF2: dpif_netlink_ct_get_limits (dpif-netlink.c:2951) by 0x587881: dpctl_ct_get_limits (dpctl.c:1904) by 0x58566F: dpctl_unixctl_handler (dpctl.c:2589) by 0x52D660: process_command (unixctl.c:308) by 0x52D660: run_connection (unixctl.c:342) by 0x52D660: unixctl_server_run (unixctl.c:393) by 0x407366: main (ovs-vswitchd.c:126) Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-03-05 15:27:01 -08:00
ofpbuf_delete(request);
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
return err;
}
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
#define NL_TP_NAME_PREFIX "ovs_tp_"
struct dpif_netlink_timeout_policy_protocol {
uint16_t l3num;
uint8_t l4num;
};
enum OVS_PACKED_ENUM dpif_netlink_support_timeout_policy_protocol {
DPIF_NL_TP_AF_INET_TCP,
DPIF_NL_TP_AF_INET_UDP,
DPIF_NL_TP_AF_INET_ICMP,
DPIF_NL_TP_AF_INET6_TCP,
DPIF_NL_TP_AF_INET6_UDP,
DPIF_NL_TP_AF_INET6_ICMPV6,
DPIF_NL_TP_MAX
};
#define DPIF_NL_ALL_TP ((1UL << DPIF_NL_TP_MAX) - 1)
static struct dpif_netlink_timeout_policy_protocol tp_protos[] = {
[DPIF_NL_TP_AF_INET_TCP] = { .l3num = AF_INET, .l4num = IPPROTO_TCP },
[DPIF_NL_TP_AF_INET_UDP] = { .l3num = AF_INET, .l4num = IPPROTO_UDP },
[DPIF_NL_TP_AF_INET_ICMP] = { .l3num = AF_INET, .l4num = IPPROTO_ICMP },
[DPIF_NL_TP_AF_INET6_TCP] = { .l3num = AF_INET6, .l4num = IPPROTO_TCP },
[DPIF_NL_TP_AF_INET6_UDP] = { .l3num = AF_INET6, .l4num = IPPROTO_UDP },
[DPIF_NL_TP_AF_INET6_ICMPV6] = { .l3num = AF_INET6,
.l4num = IPPROTO_ICMPV6 },
};
static void
dpif_netlink_format_tp_name(uint32_t id, uint16_t l3num, uint8_t l4num,
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
char **tp_name)
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
{
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
struct ds ds = DS_EMPTY_INITIALIZER;
ds_put_format(&ds, "%s%"PRIu32"_", NL_TP_NAME_PREFIX, id);
ct_dpif_format_ipproto(&ds, l4num);
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
if (l3num == AF_INET) {
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
ds_put_cstr(&ds, "4");
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
} else if (l3num == AF_INET6 && l4num != IPPROTO_ICMPV6) {
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
ds_put_cstr(&ds, "6");
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
}
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
ovs_assert(ds.length < CTNL_TIMEOUT_NAME_MAX);
*tp_name = ds_steal_cstr(&ds);
}
static int
dpif_netlink_ct_get_timeout_policy_name(struct dpif *dpif OVS_UNUSED,
uint32_t tp_id, uint16_t dl_type,
uint8_t nw_proto, char **tp_name,
bool *is_generic)
{
dpif_netlink_format_tp_name(tp_id,
dl_type == ETH_TYPE_IP ? AF_INET : AF_INET6,
nw_proto, tp_name);
*is_generic = false;
return 0;
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
}
conntrack: Document all-zero IP SNAT behavior and add a test case. Currently, conntrack in the kernel has an undocumented feature referred to as all-zero IP address SNAT. Basically, when a source port collision is detected during the commit, the source port will be translated to an ephemeral port. If there is no collision, no SNAT is performed. This patchset documents this behavior and adds a self-test to verify it's not changing. In addition, a datapath feature flag is added for the all-zero IP SNAT case. This will help applications on top of OVS, like OVN, to determine this feature can be used. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Aaron Conole <aconole@redhat.com> Acked-by: Dumitru Ceara <dceara@redhat.com> Acked-by: Alin-Gabriel Serdean <aserdean@ovn.org> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-06-10 11:24:15 +02:00
static int
dpif_netlink_ct_get_features(struct dpif *dpif OVS_UNUSED,
enum ct_features *features)
{
if (features != NULL) {
#ifndef _WIN32
*features = CONNTRACK_F_ZERO_SNAT;
#else
*features = 0;
#endif
}
return 0;
}
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
#define CT_DPIF_NL_TP_TCP_MAPPINGS \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, SYN_SENT, SYN_SENT) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, SYN_RECV, SYN_RECV) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, ESTABLISHED, ESTABLISHED) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, FIN_WAIT, FIN_WAIT) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, CLOSE_WAIT, CLOSE_WAIT) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, LAST_ACK, LAST_ACK) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, TIME_WAIT, TIME_WAIT) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, CLOSE, CLOSE) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, SYN_SENT2, SYN_SENT2) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, RETRANSMIT, RETRANS) \
CT_DPIF_NL_TP_MAPPING(TCP, TCP, UNACK, UNACK)
#define CT_DPIF_NL_TP_UDP_MAPPINGS \
CT_DPIF_NL_TP_MAPPING(UDP, UDP, SINGLE, UNREPLIED) \
CT_DPIF_NL_TP_MAPPING(UDP, UDP, MULTIPLE, REPLIED)
#define CT_DPIF_NL_TP_ICMP_MAPPINGS \
CT_DPIF_NL_TP_MAPPING(ICMP, ICMP, FIRST, TIMEOUT)
#define CT_DPIF_NL_TP_ICMPV6_MAPPINGS \
CT_DPIF_NL_TP_MAPPING(ICMP, ICMPV6, FIRST, TIMEOUT)
#define CT_DPIF_NL_TP_MAPPING(PROTO1, PROTO2, ATTR1, ATTR2) \
if (tp->present & (1 << CT_DPIF_TP_ATTR_##PROTO1##_##ATTR1)) { \
nl_tp->present |= 1 << CTA_TIMEOUT_##PROTO2##_##ATTR2; \
nl_tp->attrs[CTA_TIMEOUT_##PROTO2##_##ATTR2] = \
tp->attrs[CT_DPIF_TP_ATTR_##PROTO1##_##ATTR1]; \
}
static void
dpif_netlink_get_nl_tp_tcp_attrs(const struct ct_dpif_timeout_policy *tp,
struct nl_ct_timeout_policy *nl_tp)
{
CT_DPIF_NL_TP_TCP_MAPPINGS
}
static void
dpif_netlink_get_nl_tp_udp_attrs(const struct ct_dpif_timeout_policy *tp,
struct nl_ct_timeout_policy *nl_tp)
{
CT_DPIF_NL_TP_UDP_MAPPINGS
}
static void
dpif_netlink_get_nl_tp_icmp_attrs(const struct ct_dpif_timeout_policy *tp,
struct nl_ct_timeout_policy *nl_tp)
{
CT_DPIF_NL_TP_ICMP_MAPPINGS
}
static void
dpif_netlink_get_nl_tp_icmpv6_attrs(const struct ct_dpif_timeout_policy *tp,
struct nl_ct_timeout_policy *nl_tp)
{
CT_DPIF_NL_TP_ICMPV6_MAPPINGS
}
#undef CT_DPIF_NL_TP_MAPPING
static void
dpif_netlink_get_nl_tp_attrs(const struct ct_dpif_timeout_policy *tp,
uint8_t l4num, struct nl_ct_timeout_policy *nl_tp)
{
nl_tp->present = 0;
if (l4num == IPPROTO_TCP) {
dpif_netlink_get_nl_tp_tcp_attrs(tp, nl_tp);
} else if (l4num == IPPROTO_UDP) {
dpif_netlink_get_nl_tp_udp_attrs(tp, nl_tp);
} else if (l4num == IPPROTO_ICMP) {
dpif_netlink_get_nl_tp_icmp_attrs(tp, nl_tp);
} else if (l4num == IPPROTO_ICMPV6) {
dpif_netlink_get_nl_tp_icmpv6_attrs(tp, nl_tp);
}
}
#define CT_DPIF_NL_TP_MAPPING(PROTO1, PROTO2, ATTR1, ATTR2) \
if (nl_tp->present & (1 << CTA_TIMEOUT_##PROTO2##_##ATTR2)) { \
if (tp->present & (1 << CT_DPIF_TP_ATTR_##PROTO1##_##ATTR1)) { \
if (tp->attrs[CT_DPIF_TP_ATTR_##PROTO1##_##ATTR1] != \
nl_tp->attrs[CTA_TIMEOUT_##PROTO2##_##ATTR2]) { \
VLOG_WARN_RL(&error_rl, "Inconsistent timeout policy %s " \
"attribute %s=%"PRIu32" while %s=%"PRIu32, \
nl_tp->name, "CTA_TIMEOUT_"#PROTO2"_"#ATTR2, \
nl_tp->attrs[CTA_TIMEOUT_##PROTO2##_##ATTR2], \
"CT_DPIF_TP_ATTR_"#PROTO1"_"#ATTR1, \
tp->attrs[CT_DPIF_TP_ATTR_##PROTO1##_##ATTR1]); \
} \
} else { \
tp->present |= 1 << CT_DPIF_TP_ATTR_##PROTO1##_##ATTR1; \
tp->attrs[CT_DPIF_TP_ATTR_##PROTO1##_##ATTR1] = \
nl_tp->attrs[CTA_TIMEOUT_##PROTO2##_##ATTR2]; \
} \
}
static void
dpif_netlink_set_ct_dpif_tp_tcp_attrs(const struct nl_ct_timeout_policy *nl_tp,
struct ct_dpif_timeout_policy *tp)
{
CT_DPIF_NL_TP_TCP_MAPPINGS
}
static void
dpif_netlink_set_ct_dpif_tp_udp_attrs(const struct nl_ct_timeout_policy *nl_tp,
struct ct_dpif_timeout_policy *tp)
{
CT_DPIF_NL_TP_UDP_MAPPINGS
}
static void
dpif_netlink_set_ct_dpif_tp_icmp_attrs(
const struct nl_ct_timeout_policy *nl_tp,
struct ct_dpif_timeout_policy *tp)
{
CT_DPIF_NL_TP_ICMP_MAPPINGS
}
static void
dpif_netlink_set_ct_dpif_tp_icmpv6_attrs(
const struct nl_ct_timeout_policy *nl_tp,
struct ct_dpif_timeout_policy *tp)
{
CT_DPIF_NL_TP_ICMPV6_MAPPINGS
}
#undef CT_DPIF_NL_TP_MAPPING
static void
dpif_netlink_set_ct_dpif_tp_attrs(const struct nl_ct_timeout_policy *nl_tp,
struct ct_dpif_timeout_policy *tp)
{
if (nl_tp->l4num == IPPROTO_TCP) {
dpif_netlink_set_ct_dpif_tp_tcp_attrs(nl_tp, tp);
} else if (nl_tp->l4num == IPPROTO_UDP) {
dpif_netlink_set_ct_dpif_tp_udp_attrs(nl_tp, tp);
} else if (nl_tp->l4num == IPPROTO_ICMP) {
dpif_netlink_set_ct_dpif_tp_icmp_attrs(nl_tp, tp);
} else if (nl_tp->l4num == IPPROTO_ICMPV6) {
dpif_netlink_set_ct_dpif_tp_icmpv6_attrs(nl_tp, tp);
}
}
#ifdef _WIN32
static int
dpif_netlink_ct_set_timeout_policy(struct dpif *dpif OVS_UNUSED,
const struct ct_dpif_timeout_policy *tp)
{
return EOPNOTSUPP;
}
static int
dpif_netlink_ct_get_timeout_policy(struct dpif *dpif OVS_UNUSED,
uint32_t tp_id,
struct ct_dpif_timeout_policy *tp)
{
return EOPNOTSUPP;
}
static int
dpif_netlink_ct_del_timeout_policy(struct dpif *dpif OVS_UNUSED,
uint32_t tp_id)
{
return EOPNOTSUPP;
}
static int
dpif_netlink_ct_timeout_policy_dump_start(struct dpif *dpif OVS_UNUSED,
void **statep)
{
return EOPNOTSUPP;
}
static int
dpif_netlink_ct_timeout_policy_dump_next(struct dpif *dpif OVS_UNUSED,
void *state,
struct ct_dpif_timeout_policy **tp)
{
return EOPNOTSUPP;
}
static int
dpif_netlink_ct_timeout_policy_dump_done(struct dpif *dpif OVS_UNUSED,
void *state)
{
return EOPNOTSUPP;
}
#else
static int
dpif_netlink_ct_set_timeout_policy(struct dpif *dpif OVS_UNUSED,
const struct ct_dpif_timeout_policy *tp)
{
int err = 0;
for (int i = 0; i < ARRAY_SIZE(tp_protos); ++i) {
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
struct nl_ct_timeout_policy nl_tp;
char *nl_tp_name;
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
dpif_netlink_format_tp_name(tp->id, tp_protos[i].l3num,
tp_protos[i].l4num, &nl_tp_name);
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
ovs_strlcpy(nl_tp.name, nl_tp_name, sizeof nl_tp.name);
free(nl_tp_name);
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
nl_tp.l3num = tp_protos[i].l3num;
nl_tp.l4num = tp_protos[i].l4num;
dpif_netlink_get_nl_tp_attrs(tp, tp_protos[i].l4num, &nl_tp);
err = nl_ct_set_timeout_policy(&nl_tp);
if (err) {
VLOG_WARN_RL(&error_rl, "failed to add timeout policy %s (%s)",
nl_tp.name, ovs_strerror(err));
goto out;
}
}
out:
return err;
}
static int
dpif_netlink_ct_get_timeout_policy(struct dpif *dpif OVS_UNUSED,
uint32_t tp_id,
struct ct_dpif_timeout_policy *tp)
{
int err = 0;
tp->id = tp_id;
tp->present = 0;
for (int i = 0; i < ARRAY_SIZE(tp_protos); ++i) {
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
struct nl_ct_timeout_policy nl_tp;
char *nl_tp_name;
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
dpif_netlink_format_tp_name(tp_id, tp_protos[i].l3num,
tp_protos[i].l4num, &nl_tp_name);
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
err = nl_ct_get_timeout_policy(nl_tp_name, &nl_tp);
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
if (err) {
VLOG_WARN_RL(&error_rl, "failed to get timeout policy %s (%s)",
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
nl_tp_name, ovs_strerror(err));
free(nl_tp_name);
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
goto out;
}
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
free(nl_tp_name);
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
dpif_netlink_set_ct_dpif_tp_attrs(&nl_tp, tp);
}
out:
return err;
}
/* Returns 0 if all the sub timeout policies are deleted or not exist in the
* kernel. Returns 1 if any sub timeout policy deletion failed. */
static int
dpif_netlink_ct_del_timeout_policy(struct dpif *dpif OVS_UNUSED,
uint32_t tp_id)
{
int ret = 0;
for (int i = 0; i < ARRAY_SIZE(tp_protos); ++i) {
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
char *nl_tp_name;
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
dpif_netlink_format_tp_name(tp_id, tp_protos[i].l3num,
tp_protos[i].l4num, &nl_tp_name);
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
int err = nl_ct_del_timeout_policy(nl_tp_name);
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
if (err == ENOENT) {
err = 0;
}
if (err) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(6, 6);
VLOG_INFO_RL(&rl, "failed to delete timeout policy %s (%s)",
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
nl_tp_name, ovs_strerror(err));
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
ret = 1;
}
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
free(nl_tp_name);
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
}
return ret;
}
struct dpif_netlink_ct_timeout_policy_dump_state {
struct nl_ct_timeout_policy_dump_state *nl_dump_state;
struct hmap tp_dump_map;
};
struct dpif_netlink_tp_dump_node {
struct hmap_node hmap_node; /* node in tp_dump_map. */
struct ct_dpif_timeout_policy *tp;
uint32_t l3_l4_present;
};
static struct dpif_netlink_tp_dump_node *
get_dpif_netlink_tp_dump_node_by_tp_id(uint32_t tp_id,
struct hmap *tp_dump_map)
{
struct dpif_netlink_tp_dump_node *tp_dump_node;
HMAP_FOR_EACH_WITH_HASH (tp_dump_node, hmap_node, hash_int(tp_id, 0),
tp_dump_map) {
if (tp_dump_node->tp->id == tp_id) {
return tp_dump_node;
}
}
return NULL;
}
static void
update_dpif_netlink_tp_dump_node(
const struct nl_ct_timeout_policy *nl_tp,
struct dpif_netlink_tp_dump_node *tp_dump_node)
{
dpif_netlink_set_ct_dpif_tp_attrs(nl_tp, tp_dump_node->tp);
for (int i = 0; i < DPIF_NL_TP_MAX; ++i) {
if (nl_tp->l3num == tp_protos[i].l3num &&
nl_tp->l4num == tp_protos[i].l4num) {
tp_dump_node->l3_l4_present |= 1 << i;
break;
}
}
}
static int
dpif_netlink_ct_timeout_policy_dump_start(struct dpif *dpif OVS_UNUSED,
void **statep)
{
struct dpif_netlink_ct_timeout_policy_dump_state *dump_state;
*statep = dump_state = xzalloc(sizeof *dump_state);
int err = nl_ct_timeout_policy_dump_start(&dump_state->nl_dump_state);
if (err) {
free(dump_state);
return err;
}
hmap_init(&dump_state->tp_dump_map);
return 0;
}
static void
get_and_cleanup_tp_dump_node(struct hmap *hmap,
struct dpif_netlink_tp_dump_node *tp_dump_node,
struct ct_dpif_timeout_policy *tp)
{
hmap_remove(hmap, &tp_dump_node->hmap_node);
*tp = *tp_dump_node->tp;
free(tp_dump_node->tp);
free(tp_dump_node);
}
static int
dpif_netlink_ct_timeout_policy_dump_next(struct dpif *dpif OVS_UNUSED,
void *state,
struct ct_dpif_timeout_policy *tp)
{
struct dpif_netlink_ct_timeout_policy_dump_state *dump_state = state;
struct dpif_netlink_tp_dump_node *tp_dump_node;
int err;
/* Dumps all the timeout policies in the kernel. */
do {
struct nl_ct_timeout_policy nl_tp;
uint32_t tp_id;
err = nl_ct_timeout_policy_dump_next(dump_state->nl_dump_state,
&nl_tp);
if (err) {
break;
}
/* We only interest in OVS installed timeout policies. */
if (!ovs_scan(nl_tp.name, NL_TP_NAME_PREFIX"%"PRIu32, &tp_id)) {
continue;
}
tp_dump_node = get_dpif_netlink_tp_dump_node_by_tp_id(
tp_id, &dump_state->tp_dump_map);
if (!tp_dump_node) {
tp_dump_node = xzalloc(sizeof *tp_dump_node);
tp_dump_node->tp = xzalloc(sizeof *tp_dump_node->tp);
tp_dump_node->tp->id = tp_id;
hmap_insert(&dump_state->tp_dump_map, &tp_dump_node->hmap_node,
hash_int(tp_id, 0));
}
update_dpif_netlink_tp_dump_node(&nl_tp, tp_dump_node);
/* Returns one ct_dpif_timeout_policy if we gather all the L3/L4
* sub-pieces. */
if (tp_dump_node->l3_l4_present == DPIF_NL_ALL_TP) {
get_and_cleanup_tp_dump_node(&dump_state->tp_dump_map,
tp_dump_node, tp);
break;
}
} while (true);
/* Dump the incomplete timeout policies. */
if (err == EOF) {
if (!hmap_is_empty(&dump_state->tp_dump_map)) {
struct hmap_node *hmap_node = hmap_first(&dump_state->tp_dump_map);
tp_dump_node = CONTAINER_OF(hmap_node,
struct dpif_netlink_tp_dump_node,
hmap_node);
get_and_cleanup_tp_dump_node(&dump_state->tp_dump_map,
tp_dump_node, tp);
return 0;
}
}
return err;
}
static int
dpif_netlink_ct_timeout_policy_dump_done(struct dpif *dpif OVS_UNUSED,
void *state)
{
struct dpif_netlink_ct_timeout_policy_dump_state *dump_state = state;
struct dpif_netlink_tp_dump_node *tp_dump_node;
int err = nl_ct_timeout_policy_dump_done(dump_state->nl_dump_state);
HMAP_FOR_EACH_POP (tp_dump_node, hmap_node, &dump_state->tp_dump_map) {
free(tp_dump_node->tp);
free(tp_dump_node);
}
hmap_destroy(&dump_state->tp_dump_map);
free(dump_state);
return err;
}
#endif
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
/* Meters */
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
/* Set of supported meter flags */
#define DP_SUPPORTED_METER_FLAGS_MASK \
(OFPMF13_STATS | OFPMF13_PKTPS | OFPMF13_KBPS | OFPMF13_BURST)
dpif-netlink: Probe for broken Linux meter implementations. Meter support was introduced in Linux 4.15. In some versions of Linux 4.15, 4.16, and 4.17, there was a bug that never set the id when the meter was created, so all meters essentially had an id of zero. This commit adds a probe to check for that condition and disable meters on those kernels. Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-08 17:31:17 -07:00
/* Meter support was introduced in Linux 4.15. In some versions of
* Linux 4.15, 4.16, and 4.17, there was a bug that never set the id
* when the meter was created, so all meters essentially had an id of
* zero. Check for that condition and disable meters on those kernels. */
static bool probe_broken_meters(struct dpif *);
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
static void
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
dpif_netlink_meter_init(struct dpif_netlink *dpif, struct ofpbuf *buf,
void *stub, size_t size, uint32_t command)
{
ofpbuf_use_stub(buf, stub, size);
nl_msg_put_genlmsghdr(buf, 0, ovs_meter_family, NLM_F_REQUEST | NLM_F_ECHO,
command, OVS_METER_VERSION);
struct ovs_header *ovs_header;
ovs_header = ofpbuf_put_uninit(buf, sizeof *ovs_header);
ovs_header->dp_ifindex = dpif->dp_ifindex;
}
/* Execute meter 'request' in the kernel datapath. If the command
* fails, returns a positive errno value. Otherwise, stores the reply
* in '*replyp', parses the policy according to 'reply_policy' into the
* array of Netlink attribute in 'a', and returns 0. On success, the
* caller is responsible for calling ofpbuf_delete() on '*replyp'
* ('replyp' will contain pointers into 'a'). */
static int
dpif_netlink_meter_transact(struct ofpbuf *request, struct ofpbuf **replyp,
const struct nl_policy *reply_policy,
struct nlattr **a, size_t size_a)
{
int error = nl_transact(NETLINK_GENERIC, request, replyp);
ofpbuf_uninit(request);
if (error) {
return error;
}
struct nlmsghdr *nlmsg = ofpbuf_try_pull(*replyp, sizeof *nlmsg);
struct genlmsghdr *genl = ofpbuf_try_pull(*replyp, sizeof *genl);
struct ovs_header *ovs_header = ofpbuf_try_pull(*replyp,
sizeof *ovs_header);
if (!nlmsg || !genl || !ovs_header
|| nlmsg->nlmsg_type != ovs_meter_family
|| !nl_policy_parse(*replyp, 0, reply_policy, a, size_a)) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
VLOG_DBG_RL(&rl,
"Kernel module response to meter tranaction is invalid");
return EINVAL;
}
return 0;
}
static void
dpif_netlink_meter_get_features(const struct dpif *dpif_,
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
struct ofputil_meter_features *features)
{
dpif-netlink: Probe for broken Linux meter implementations. Meter support was introduced in Linux 4.15. In some versions of Linux 4.15, 4.16, and 4.17, there was a bug that never set the id when the meter was created, so all meters essentially had an id of zero. This commit adds a probe to check for that condition and disable meters on those kernels. Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-08 17:31:17 -07:00
if (probe_broken_meters(CONST_CAST(struct dpif *, dpif_))) {
return;
}
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
struct ofpbuf buf, *msg;
uint64_t stub[1024 / 8];
static const struct nl_policy ovs_meter_features_policy[] = {
[OVS_METER_ATTR_MAX_METERS] = { .type = NL_A_U32 },
[OVS_METER_ATTR_MAX_BANDS] = { .type = NL_A_U32 },
[OVS_METER_ATTR_BANDS] = { .type = NL_A_NESTED, .optional = true },
};
struct nlattr *a[ARRAY_SIZE(ovs_meter_features_policy)];
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
dpif_netlink_meter_init(dpif, &buf, stub, sizeof stub,
OVS_METER_CMD_FEATURES);
if (dpif_netlink_meter_transact(&buf, &msg, ovs_meter_features_policy, a,
ARRAY_SIZE(ovs_meter_features_policy))) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
VLOG_INFO_RL(&rl,
"dpif_netlink_meter_transact OVS_METER_CMD_FEATURES failed");
return;
}
features->max_meters = nl_attr_get_u32(a[OVS_METER_ATTR_MAX_METERS]);
features->max_bands = nl_attr_get_u32(a[OVS_METER_ATTR_MAX_BANDS]);
/* Bands is a nested attribute of zero or more nested
* band attributes. */
if (a[OVS_METER_ATTR_BANDS]) {
const struct nlattr *nla;
size_t left;
NL_NESTED_FOR_EACH (nla, left, a[OVS_METER_ATTR_BANDS]) {
const struct nlattr *band_nla;
size_t band_left;
NL_NESTED_FOR_EACH (band_nla, band_left, nla) {
if (nl_attr_type(band_nla) == OVS_BAND_ATTR_TYPE) {
if (nl_attr_get_size(band_nla) == sizeof(uint32_t)) {
switch (nl_attr_get_u32(band_nla)) {
case OVS_METER_BAND_TYPE_DROP:
features->band_types |= 1 << OFPMBT13_DROP;
break;
}
}
}
}
}
}
features->capabilities = DP_SUPPORTED_METER_FLAGS_MASK;
ofpbuf_delete(msg);
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
}
static int
dpif-netlink: Prevent abort in probe_broken_meters(). Commit 92d0d515d ("dpif-netlink: Probe for broken Linux meter implementations.") introduced a deadlock on the 'once' structure declared in probe_broken_meters() with the following callstack: probe_broken_meters() probe_broken_meters__() dpif_netlink_meter_set() probe_broken_meters() This commit introduce a modified version of dpif_netlink_meter_set() that sets a meter without calling the probe. Reported-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-17 12:48:54 -07:00
dpif_netlink_meter_set__(struct dpif *dpif_, ofproto_meter_id meter_id,
struct ofputil_meter_config *config)
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
{
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct ofpbuf buf, *msg;
uint64_t stub[1024 / 8];
static const struct nl_policy ovs_meter_set_response_policy[] = {
[OVS_METER_ATTR_ID] = { .type = NL_A_U32 },
};
struct nlattr *a[ARRAY_SIZE(ovs_meter_set_response_policy)];
if (config->flags & ~DP_SUPPORTED_METER_FLAGS_MASK) {
return EBADF; /* Unsupported flags set */
}
for (size_t i = 0; i < config->n_bands; i++) {
switch (config->bands[i].type) {
case OFPMBT13_DROP:
break;
default:
return ENODEV; /* Unsupported band type */
}
}
dpif_netlink_meter_init(dpif, &buf, stub, sizeof stub, OVS_METER_CMD_SET);
dpif: Don't pass in '*meter_id' to meter_set commands. The original intent of the API appears to be that the underlying DPIF implementaion would choose a local meter id. However, neither of the existing datapath meter implementations (userspace or Linux) implemented that; they expected a valid meter id to be passed in, otherwise they returned an error. This commit follows the existing implementations and makes the API somewhat cleaner. Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-07 19:51:26 -07:00
nl_msg_put_u32(&buf, OVS_METER_ATTR_ID, meter_id.uint32);
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
if (config->flags & OFPMF13_KBPS) {
nl_msg_put_flag(&buf, OVS_METER_ATTR_KBPS);
}
size_t bands_offset = nl_msg_start_nested(&buf, OVS_METER_ATTR_BANDS);
/* Bands */
for (size_t i = 0; i < config->n_bands; ++i) {
struct ofputil_meter_band * band = &config->bands[i];
uint32_t band_type;
size_t band_offset = nl_msg_start_nested(&buf, OVS_BAND_ATTR_UNSPEC);
switch (band->type) {
case OFPMBT13_DROP:
band_type = OVS_METER_BAND_TYPE_DROP;
break;
default:
band_type = OVS_METER_BAND_TYPE_UNSPEC;
}
nl_msg_put_u32(&buf, OVS_BAND_ATTR_TYPE, band_type);
nl_msg_put_u32(&buf, OVS_BAND_ATTR_RATE, band->rate);
nl_msg_put_u32(&buf, OVS_BAND_ATTR_BURST,
config->flags & OFPMF13_BURST ?
band->burst_size : band->rate);
nl_msg_end_nested(&buf, band_offset);
}
nl_msg_end_nested(&buf, bands_offset);
int error = dpif_netlink_meter_transact(&buf, &msg,
ovs_meter_set_response_policy, a,
ARRAY_SIZE(ovs_meter_set_response_policy));
if (error) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
VLOG_INFO_RL(&rl,
"dpif_netlink_meter_transact OVS_METER_CMD_SET failed");
return error;
}
dpif: Don't pass in '*meter_id' to meter_set commands. The original intent of the API appears to be that the underlying DPIF implementaion would choose a local meter id. However, neither of the existing datapath meter implementations (userspace or Linux) implemented that; they expected a valid meter id to be passed in, otherwise they returned an error. This commit follows the existing implementations and makes the API somewhat cleaner. Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-07 19:51:26 -07:00
if (nl_attr_get_u32(a[OVS_METER_ATTR_ID]) != meter_id.uint32) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
VLOG_INFO_RL(&rl,
"Kernel returned a different meter id than requested");
}
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
ofpbuf_delete(msg);
return 0;
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
}
dpif-netlink: Prevent abort in probe_broken_meters(). Commit 92d0d515d ("dpif-netlink: Probe for broken Linux meter implementations.") introduced a deadlock on the 'once' structure declared in probe_broken_meters() with the following callstack: probe_broken_meters() probe_broken_meters__() dpif_netlink_meter_set() probe_broken_meters() This commit introduce a modified version of dpif_netlink_meter_set() that sets a meter without calling the probe. Reported-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-17 12:48:54 -07:00
static int
dpif_netlink_meter_set(struct dpif *dpif_, ofproto_meter_id meter_id,
struct ofputil_meter_config *config)
{
dpif-netlink: Offloading meter to tc police action OVS meters are created in advance and openflow rules refer to them by their unique ID. New tc_police API is used to offload them. By calling the API, police actions are created and meters are mapped to them. These actions then can be used in tc filter rules by the index. Signed-off-by: Jianbo Liu <jianbol@nvidia.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: Simon Horman <simon.horman@corigine.com>
2022-07-08 03:06:29 +00:00
int err;
dpif-netlink: Prevent abort in probe_broken_meters(). Commit 92d0d515d ("dpif-netlink: Probe for broken Linux meter implementations.") introduced a deadlock on the 'once' structure declared in probe_broken_meters() with the following callstack: probe_broken_meters() probe_broken_meters__() dpif_netlink_meter_set() probe_broken_meters() This commit introduce a modified version of dpif_netlink_meter_set() that sets a meter without calling the probe. Reported-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-17 12:48:54 -07:00
if (probe_broken_meters(dpif_)) {
return ENOMEM;
}
dpif-netlink: Offloading meter to tc police action OVS meters are created in advance and openflow rules refer to them by their unique ID. New tc_police API is used to offload them. By calling the API, police actions are created and meters are mapped to them. These actions then can be used in tc filter rules by the index. Signed-off-by: Jianbo Liu <jianbol@nvidia.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: Simon Horman <simon.horman@corigine.com>
2022-07-08 03:06:29 +00:00
err = dpif_netlink_meter_set__(dpif_, meter_id, config);
if (!err && netdev_is_flow_api_enabled()) {
meter_offload_set(meter_id, config);
}
return err;
dpif-netlink: Prevent abort in probe_broken_meters(). Commit 92d0d515d ("dpif-netlink: Probe for broken Linux meter implementations.") introduced a deadlock on the 'once' structure declared in probe_broken_meters() with the following callstack: probe_broken_meters() probe_broken_meters__() dpif_netlink_meter_set() probe_broken_meters() This commit introduce a modified version of dpif_netlink_meter_set() that sets a meter without calling the probe. Reported-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-17 12:48:54 -07:00
}
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
/* Retrieve statistics and/or delete meter 'meter_id'. Statistics are
* stored in 'stats', if it is not null. If 'command' is
* OVS_METER_CMD_DEL, the meter is deleted and statistics are optionally
* retrieved. If 'command' is OVS_METER_CMD_GET, then statistics are
* simply retrieved. */
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
static int
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
dpif_netlink_meter_get_stats(const struct dpif *dpif_,
ofproto_meter_id meter_id,
struct ofputil_meter_stats *stats,
uint16_t max_bands,
enum ovs_meter_cmd command)
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
{
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct ofpbuf buf, *msg;
uint64_t stub[1024 / 8];
static const struct nl_policy ovs_meter_stats_policy[] = {
[OVS_METER_ATTR_ID] = { .type = NL_A_U32, .optional = true},
[OVS_METER_ATTR_STATS] = { NL_POLICY_FOR(struct ovs_flow_stats),
.optional = true},
[OVS_METER_ATTR_BANDS] = { .type = NL_A_NESTED, .optional = true },
};
struct nlattr *a[ARRAY_SIZE(ovs_meter_stats_policy)];
dpif_netlink_meter_init(dpif, &buf, stub, sizeof stub, command);
nl_msg_put_u32(&buf, OVS_METER_ATTR_ID, meter_id.uint32);
int error = dpif_netlink_meter_transact(&buf, &msg,
ovs_meter_stats_policy, a,
ARRAY_SIZE(ovs_meter_stats_policy));
if (error) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
VLOG_INFO_RL(&rl, "dpif_netlink_meter_transact %s failed",
command == OVS_METER_CMD_GET ? "get" : "del");
return error;
}
if (stats
&& a[OVS_METER_ATTR_ID]
&& a[OVS_METER_ATTR_STATS]
&& nl_attr_get_u32(a[OVS_METER_ATTR_ID]) == meter_id.uint32) {
/* return stats */
const struct ovs_flow_stats *stat;
const struct nlattr *nla;
size_t left;
stat = nl_attr_get(a[OVS_METER_ATTR_STATS]);
stats->packet_in_count = get_32aligned_u64(&stat->n_packets);
stats->byte_in_count = get_32aligned_u64(&stat->n_bytes);
if (a[OVS_METER_ATTR_BANDS]) {
size_t n_bands = 0;
NL_NESTED_FOR_EACH (nla, left, a[OVS_METER_ATTR_BANDS]) {
const struct nlattr *band_nla;
band_nla = nl_attr_find_nested(nla, OVS_BAND_ATTR_STATS);
if (band_nla && nl_attr_get_size(band_nla) \
== sizeof(struct ovs_flow_stats)) {
stat = nl_attr_get(band_nla);
if (n_bands < max_bands) {
stats->bands[n_bands].packet_count
= get_32aligned_u64(&stat->n_packets);
stats->bands[n_bands].byte_count
= get_32aligned_u64(&stat->n_bytes);
++n_bands;
}
} else {
stats->bands[n_bands].packet_count = 0;
stats->bands[n_bands].byte_count = 0;
++n_bands;
}
}
stats->n_bands = n_bands;
} else {
/* For a non-existent meter, return 0 stats. */
stats->n_bands = 0;
}
}
ofpbuf_delete(msg);
return error;
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
}
static int
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
dpif_netlink_meter_get(const struct dpif *dpif, ofproto_meter_id meter_id,
struct ofputil_meter_stats *stats, uint16_t max_bands)
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
{
dpif-netlink: Offloading meter to tc police action OVS meters are created in advance and openflow rules refer to them by their unique ID. New tc_police API is used to offload them. By calling the API, police actions are created and meters are mapped to them. These actions then can be used in tc filter rules by the index. Signed-off-by: Jianbo Liu <jianbol@nvidia.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: Simon Horman <simon.horman@corigine.com>
2022-07-08 03:06:29 +00:00
int err;
err = dpif_netlink_meter_get_stats(dpif, meter_id, stats, max_bands,
OVS_METER_CMD_GET);
if (!err && netdev_is_flow_api_enabled()) {
meter_offload_get(meter_id, stats);
}
return err;
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
}
static int
dpif_netlink_meter_del(struct dpif *dpif, ofproto_meter_id meter_id,
struct ofputil_meter_stats *stats, uint16_t max_bands)
{
dpif-netlink: Offloading meter to tc police action OVS meters are created in advance and openflow rules refer to them by their unique ID. New tc_police API is used to offload them. By calling the API, police actions are created and meters are mapped to them. These actions then can be used in tc filter rules by the index. Signed-off-by: Jianbo Liu <jianbol@nvidia.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: Simon Horman <simon.horman@corigine.com>
2022-07-08 03:06:29 +00:00
int err;
err = dpif_netlink_meter_get_stats(dpif, meter_id, stats,
max_bands, OVS_METER_CMD_DEL);
if (!err && netdev_is_flow_api_enabled()) {
meter_offload_del(meter_id, stats);
}
return err;
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
}
dpif-netlink: Probe for broken Linux meter implementations. Meter support was introduced in Linux 4.15. In some versions of Linux 4.15, 4.16, and 4.17, there was a bug that never set the id when the meter was created, so all meters essentially had an id of zero. This commit adds a probe to check for that condition and disable meters on those kernels. Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-08 17:31:17 -07:00
static bool
probe_broken_meters__(struct dpif *dpif)
{
/* This test is destructive if a probe occurs while ovs-vswitchd is
* running (e.g., an ovs-dpctl meter command is called), so choose a
* random high meter id to make this less likely to occur. */
ofproto_meter_id id1 = { 54545401 };
ofproto_meter_id id2 = { 54545402 };
struct ofputil_meter_band band = {OFPMBT13_DROP, 0, 1, 0};
struct ofputil_meter_config config1 = { 1, OFPMF13_KBPS, 1, &band};
struct ofputil_meter_config config2 = { 2, OFPMF13_KBPS, 1, &band};
/* Try adding two meters and make sure that they both come back with
dpif-netlink: Prevent abort in probe_broken_meters(). Commit 92d0d515d ("dpif-netlink: Probe for broken Linux meter implementations.") introduced a deadlock on the 'once' structure declared in probe_broken_meters() with the following callstack: probe_broken_meters() probe_broken_meters__() dpif_netlink_meter_set() probe_broken_meters() This commit introduce a modified version of dpif_netlink_meter_set() that sets a meter without calling the probe. Reported-by: Numan Siddique <nusiddiq@redhat.com> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-17 12:48:54 -07:00
* the proper meter id. Use the "__" version so that we don't cause
* a recurve deadlock. */
dpif_netlink_meter_set__(dpif, id1, &config1);
dpif_netlink_meter_set__(dpif, id2, &config2);
dpif-netlink: Probe for broken Linux meter implementations. Meter support was introduced in Linux 4.15. In some versions of Linux 4.15, 4.16, and 4.17, there was a bug that never set the id when the meter was created, so all meters essentially had an id of zero. This commit adds a probe to check for that condition and disable meters on those kernels. Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2018-08-08 17:31:17 -07:00
if (dpif_netlink_meter_get(dpif, id1, NULL, 0)
|| dpif_netlink_meter_get(dpif, id2, NULL, 0)) {
VLOG_INFO("The kernel module has a broken meter implementation.");
return true;
}
dpif_netlink_meter_del(dpif, id1, NULL, 0);
dpif_netlink_meter_del(dpif, id2, NULL, 0);
return false;
}
static bool
probe_broken_meters(struct dpif *dpif)
{
/* This is a once-only test because currently OVS only has at most a single
* Netlink capable datapath on any given platform. */
static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
static bool broken_meters = false;
if (ovsthread_once_start(&once)) {
broken_meters = probe_broken_meters__(dpif);
ovsthread_once_done(&once);
}
return broken_meters;
}
dpctl: dpif: Allow viewing and configuring dp cache sizes. This patch adds a general way of viewing/configuring datapath cache sizes. With an implementation for the netlink interface. The ovs-dpctl/ovs-appctl show commands will display the current cache sizes configured: $ ovs-dpctl show system@ovs-system: lookups: hit:25 missed:63 lost:0 flows: 0 masks: hit:282 total:0 hit/pkt:3.20 cache: hit:4 hit-rate:4.54% caches: masks-cache: size:256 port 0: ovs-system (internal) port 1: br-int (internal) port 2: genev_sys_6081 (geneve: packet_type=ptap) port 3: br-ex (internal) port 4: eth2 port 5: sw0p1 (internal) port 6: sw0p3 (internal) A specific cache can be configured as follows: $ ovs-appctl dpctl/cache-set-size DP CACHE SIZE $ ovs-dpctl cache-set-size DP CACHE SIZE For example to disable the cache do: $ ovs-dpctl cache-set-size system@ovs-system masks-cache 0 Setting cache size successful, new size 0. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:58 +02:00
static int
dpif_netlink_cache_get_supported_levels(struct dpif *dpif_, uint32_t *levels)
{
struct dpif_netlink_dp dp;
struct ofpbuf *buf;
int error;
/* If available, in the kernel we support one level of cache.
* Unfortunately, there is no way to detect if the older kernel module has
* the cache feature. For now, we only report the cache information if the
* kernel module reports the OVS_DP_ATTR_MASKS_CACHE_SIZE attribute. */
*levels = 0;
error = dpif_netlink_dp_get(dpif_, &dp, &buf);
if (!error) {
if (dp.cache_size != UINT32_MAX) {
*levels = 1;
}
ofpbuf_delete(buf);
}
return error;
}
static int
dpif_netlink_cache_get_name(struct dpif *dpif_ OVS_UNUSED, uint32_t level,
const char **name)
{
if (level != 0) {
return EINVAL;
}
*name = "masks-cache";
return 0;
}
static int
dpif_netlink_cache_get_size(struct dpif *dpif_, uint32_t level, uint32_t *size)
{
struct dpif_netlink_dp dp;
struct ofpbuf *buf;
int error;
if (level != 0) {
return EINVAL;
}
error = dpif_netlink_dp_get(dpif_, &dp, &buf);
if (!error) {
ofpbuf_delete(buf);
if (dp.cache_size == UINT32_MAX) {
return EOPNOTSUPP;
}
*size = dp.cache_size;
}
return error;
}
static int
dpif_netlink_cache_set_size(struct dpif *dpif_, uint32_t level, uint32_t size)
{
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_netlink_dp request, reply;
struct ofpbuf *bufp;
int error;
size = ROUND_UP_POW2(size);
if (level != 0) {
return EINVAL;
}
dpif_netlink_dp_init(&request);
request.cmd = OVS_DP_CMD_SET;
request.name = dpif_->base_name;
request.dp_ifindex = dpif->dp_ifindex;
request.cache_size = size;
/* We need to set the dpif user_features, as the kernel module assumes the
* OVS_DP_ATTR_USER_FEATURES attribute is always present. If not, it will
* reset all the features. */
request.user_features = dpif->user_features;
error = dpif_netlink_dp_transact(&request, &reply, &bufp);
if (!error) {
ofpbuf_delete(bufp);
if (reply.cache_size != size) {
return EINVAL;
}
}
return error;
}
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
const struct dpif_class dpif_netlink_class = {
dpif: Update dpif interface to match netdev. This brings over some features that were added to the netdev interface, most notably the separation between the name and the type. In addition to being cleaner, this also avoids problems where it is expected that the local port has the same name as the datapath.
2010-01-22 14:37:10 -05:00
"system",
vswitchd: Always cleanup userspace datapath. 'netdev' datapath is implemented within ovs-vswitchd process and can not exist without it, so it should be gracefully terminated with a full cleanup of resources upon ovs-vswitchd exit. This change forces dpif cleanup for 'netdev' datapath regardless of passing '--cleanup' to 'ovs-appctl exit'. Such solution allowes to not pass this additional option everytime for userspace datapath installations and also allowes to not terminate system datapath in setups where both datapaths runs at the same time. The main part is that dpif_port_del() will lead to netdev_close() and subsequent netdev_class->destroy(dev) which will stop HW NICs and free their resources. For vhost-user interfaces it will invoke vhost driver unregistering with a properly closed vhost-user connection. For upcoming AF_XDP netdev this will allow to gracefully destroy xdp sockets and unload xdp programs from linux interfaces. Another important thing is that port deletion will also trigger flushing of flows offloaded to HW NICs. Exception made for 'internal' ports that could have user ip/route configuration. These ports will not be removed without '--cleanup'. This change fixes OVS disappearing from the DPDK point of view (keeping HW NICs improperly configured, sudden closing of vhost-user connections) and will help with linux devices clearing with upcoming AF_XDP netdev support. Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Tested-by: William Tu <u9012063@gmail.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Ben Pfaff <blp@ovn.org>
2019-06-24 17:20:17 +03:00
false, /* cleanup_required */
ofproto-dpif-upcall: Reset ukey's last stats value if the datapath changed. When the ukey's action set changes, it could cause the flow to use a different datapath, for example, when it moves from tc to kernel. This will cause the the cached previous datapath statistics to be used. This change will reset the cached statistics when a change in datapath is discovered. Reviewed-by: Simon Horman <simon.horman@corigine.com> Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-02-27 16:29:26 +01:00
false, /* synced_dp_layers */
dpif-provider: Add class init function. This init function is called when the dpif class is registered. It will be used by following commits Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2015-04-10 19:09:49 +01:00
NULL, /* init */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_enumerate,
Add functions to determine how port should be opened based on type. Depending on the port and type of datapath, a port may need to be opened as a different type of device than it's configured. For example, an "internal" port on a "dummy" datapath should opened as a "dummy" port. This commit adds the ability for a dpif to provide this information to a caller. It will be used in a future commit. Signed-off-by: Justin Pettit <jpettit@nicira.com>
2012-11-14 15:50:20 -08:00
NULL,
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_open,
dpif_netlink_close,
dpif_netlink_destroy,
dpif_netlink_run,
dpif-linux: Make port change notification thread-safe. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2013-07-22 15:00:49 -07:00
NULL, /* wait */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_get_stats,
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
dpif_netlink_set_features,
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_add,
dpif_netlink_port_del,
bridge: Pass interface's configuration to datapath. This commit adds functionality to pass value of 'other_config' column of 'Interface' table to datapath. This may be used to pass not directly connected with netdev options and configure behaviour of the datapath for different ports. For example: pinning of rx queues to polling threads in dpif-netdev. Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
2016-07-27 17:44:42 +03:00
NULL, /* port_set_config */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_port_query_by_number,
dpif_netlink_port_query_by_name,
dpif_netlink_port_get_pid,
dpif_netlink_port_dump_start,
dpif_netlink_port_dump_next,
dpif_netlink_port_dump_done,
dpif_netlink_port_poll,
dpif_netlink_port_poll_wait,
dpif_netlink_flow_flush,
dpif_netlink_flow_dump_create,
dpif_netlink_flow_dump_destroy,
dpif_netlink_flow_dump_thread_create,
dpif_netlink_flow_dump_thread_destroy,
dpif_netlink_flow_dump_next,
dpif_netlink_operate,
dpctl: Add function to read hardware offload statistics. Expose a function to query datapath offload statistics. This function is separate from the current one in netdev-offload as it exposes more detailed statistics from the datapath, instead of only from the netdev-offload provider. Each datapath is meant to use the custom counters as it sees fit for its handling of hardware offloads. Call the new API from dpctl. Signed-off-by: Gaetan Rivet <grive@u256.net> Reviewed-by: Eli Britstein <elibr@nvidia.com> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-08 11:47:31 +02:00
NULL, /* offload_stats_get */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_recv_set,
dpif_netlink_handlers_set,
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
dpif_netlink_number_handlers_required,
dpif-netdev: Pass Openvswitch other_config smap to dpif. Currently we parse the 'other_config' column in Openvswitch table in bridge.c. We extract the values (just 'pmd-cpu-mask' for now) and we pass them down to the datapath, via different layers. If we want to pass other values to dpif-netdev.c (like we recently discussed) we would have to touch ofproto.c, ofproto-dpif.c and dpif.c. This patch sends the entire other_config column to dpif-netdev, so that dpif-netdev can extract the values it's interested in. No functional change. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Ben Pfaff <blp@ovn.org>
2017-01-27 16:41:36 -08:00
NULL, /* set_config */
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_queue_to_priority,
dpif_netlink_recv,
dpif_netlink_recv_wait,
dpif_netlink_recv_purge,
dpif-netdev: Purge all ukeys when reconfigure pmd. When dpdk configuration changes, all pmd threads are recreated and rx queues of each port are reloaded. After this process, rx queue could be mapped to a different pmd thread other than the one before reconfiguration. However, this is totally transparent to ofproto layer modules. So, if the ofproto-dpif-upcall module still holds ukeys generated before pmd thread recreation, this old ukey will collide with the ukey for the new upcalls from same traffic flow, causing flow installation failure. To fix the bug, this commit adds a new call-back function in dpif layer for notifying upper layer the purging of datapath (e.g. pmd thread deletion in dpif-netdev). So, the ofproto-dpif-upcall module can react properly with deleting the ukeys and with collecting flows' last stats. Reported-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Alex Wang <ee07b291@gmail.com> Acked-by: Daniele Di Proietto <diproiettod@vmware.com> Tested-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joestringer@nicira.com>
2015-08-25 16:36:46 -07:00
NULL, /* register_dp_purge_cb */
dpif-netdev: Polling threads directly call ofproto upcall functions. Typically, kernel datapath threads send upcalls to userspace where handler threads process the upcalls. For TAP and DPDK devices, the datapath threads operate in userspace, so there is no need for separate handler threads. This patch allows userspace datapath threads to directly call the ofproto upcall functions, eliminating the need for handler threads for datapaths of type 'netdev'. Signed-off-by: Ryan Wilson <wryan@nicira.com> Signed-off-by: Ethan Jackson <ethan@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-07-26 06:51:55 +00:00
NULL, /* register_upcall_cb */
NULL, /* enable_upcall */
NULL, /* disable_upcall */
bridge: Store datapath version into ovsdb OVS userspace are backward compatible with older Linux kernel modules. However, not having the most up-to-date datapath kernel modules can some times lead to user confusion. Storing the datapath version in OVSDB allows management software to check and optionally provide notifications to users. Signed-off-by: Andy Zhou <azhou@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-10-16 15:23:11 -07:00
dpif_netlink_get_datapath_version, /* get_datapath_version */
dpif-netlink: Implement ct_dump_{start,next,done}. These member functions are used by the ct-dpif module to provide its services. They're implemented using the netlink-conntrack module. N.B. The Linux kernel datapaths share the connection tracker among them and with the rest of the system. Therefore the operations are not really dpif specific. Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
2015-10-28 11:26:18 -07:00
dpif_netlink_ct_dump_start,
dpif_netlink_ct_dump_next,
dpif_netlink_ct_dump_done,
conntrack: Allow to dump userspace conntrack expectations. The patch introduces a new commands ovs-appctl dpctl/dump-conntrack-exp that allows to dump the existing expectations for the userspace ct. Signed-off-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-06-23 12:33:43 +02:00
NULL, /* ct_exp_dump_start */
NULL, /* ct_exp_dump_next */
NULL, /* ct_exp_dump_done */
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
dpif_netlink_ct_flush,
dpctl conntrack: Add get and set maxconns command. Get and set dpctl commands are added for conntrack maxconns. These commands are only supported in the userspace datapath at this time. Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com> Co-authored-by: Antonio Fischetti <antonio.fischetti@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-01-08 15:18:42 -08:00
NULL, /* ct_set_maxconns */
NULL, /* ct_get_maxconns */
dpctl conntrack: Add get number of connections. A get command is added for number of conntrack connections. This command is only supported in the userspace datapath at this time. Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com> Co-authored-by: Antonio Fischetti <antonio.fischetti@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-01-08 15:18:43 -08:00
NULL, /* ct_get_nconns */
conntrack: Add option to disable TCP sequence checking. This may be needed in some special cases, such as to support some hardware offload implementations. Note that disabling TCP sequence number verification is not an optimization in itself, but supporting some hardware offload implementations may offer better performance. TCP sequence number verification is enabled by default. This option is only available for the userspace datapath. Access to this option is presently provided via 'dpctl' commands as the need for this option is quite node specific, by virtue of which nics are in use on a given node. A test is added to verify this option. Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2019-May/359188.html Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-09-25 14:09:41 -07:00
NULL, /* ct_set_tcp_seq_chk */
NULL, /* ct_get_tcp_seq_chk */
ovs-dpctl: Add new command dpctl/ct-[sg]et-sweep-interval. Since 3d9c1b855a5f ("conntrack: Replace timeout based expiration lists with rculists.") the sweep interval changed as well as the constraints related to the sweeper. Being able to change the default reschedule time may be convenient in some conditions, like debugging. This patch introduces new commands allowing to get and set the sweep interval in ms. Signed-off-by: Paolo Valerio <pvalerio@redhat.com> Reviewed-by: Simon Horman <simon.horman@corigine.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-04-06 12:10:22 +02:00
NULL, /* ct_set_sweep_interval */
NULL, /* ct_get_sweep_interval */
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
dpif_netlink_ct_set_limits,
dpif_netlink_ct_get_limits,
dpif_netlink_ct_del_limits,
ct-dpif, dpif-netlink: Add conntrack timeout policy support This patch first defines the dpif interface for a datapath to support adding, deleting, getting and dumping conntrack timeout policy. The timeout policy is identified by a 4 bytes unsigned integer in datapath, and it currently support timeout for TCP, UDP, and ICMP protocols. Moreover, this patch provides the implementation for Linux kernel datapath in dpif-netlink. In Linux kernel, the timeout policy is maintained per L3/L4 protocol, and it is identified by 32 bytes null terminated string. On the other hand, in vswitchd, the timeout policy is a generic one that consists of all the supported L4 protocols. Therefore, one of the main task in dpif-netlink is to break down the generic timeout policy into 6 sub policies (ipv4 tcp, udp, icmp, and ipv6 tcp, udp, icmp), and push down the configuration using the netlink API in netlink-conntrack.c. This patch also adds missing symbols in the windows datapath so that the build on windows can pass. Appveyor CI: * https://ci.appveyor.com/project/YiHungWei/ovs/builds/26387754 Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:24 -07:00
dpif_netlink_ct_set_timeout_policy,
dpif_netlink_ct_get_timeout_policy,
dpif_netlink_ct_del_timeout_policy,
dpif_netlink_ct_timeout_policy_dump_start,
dpif_netlink_ct_timeout_policy_dump_next,
dpif_netlink_ct_timeout_policy_dump_done,
ofproto-dpif-xlate: Translate timeout policy in ct action This patch derives the timeout policy based on ct zone from the internal data structure that we maintain on dpif layer. It also adds a system traffic test to verify the zone-based conntrack timeout feature. The test uses ovs-vsctl commands to configure the customized ICMP and UDP timeout on zone 5 to a shorter period. It then injects ICMP and UDP traffic to conntrack, and checks if the corresponding conntrack entry expires after the predefined timeout. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> ofproto-dpif: Checks if datapath supports OVS_CT_ATTR_TIMEOUT This patch checks whether datapath supports OVS_CT_ATTR_TIMEOUT. With this check, ofproto-dpif-xlate can use this information to decide whether to translate the ct timeout policy. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2019-08-28 15:14:29 -07:00
dpif_netlink_ct_get_timeout_policy_name,
conntrack: Document all-zero IP SNAT behavior and add a test case. Currently, conntrack in the kernel has an undocumented feature referred to as all-zero IP address SNAT. Basically, when a source port collision is detected during the commit, the source port will be translated to an ephemeral port. If there is no collision, no SNAT is performed. This patchset documents this behavior and adds a self-test to verify it's not changing. In addition, a datapath feature flag is added for the all-zero IP SNAT case. This will help applications on top of OVS, like OVN, to determine this feature can be used. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Aaron Conole <aconole@redhat.com> Acked-by: Dumitru Ceara <dceara@redhat.com> Acked-by: Alin-Gabriel Serdean <aserdean@ovn.org> Acked-by: Paolo Valerio <pvalerio@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-06-10 11:24:15 +02:00
dpif_netlink_ct_get_features,
Userspace datapath: Add fragmentation handling. Fragmentation handling is added for supporting conntrack. Both v4 and v6 are supported. After discussion with several people, I decided to not store configuration state in the database to be more consistent with the kernel in future, similarity with other conntrack configuration which will not be in the database as well and overall simplicity. Accordingly, fragmentation handling is enabled by default. This patch enables fragmentation tests for the userspace datapath. Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-02-13 15:34:21 -08:00
NULL, /* ipf_set_enabled */
NULL, /* ipf_set_min_frag */
NULL, /* ipf_set_max_nfrags */
NULL, /* ipf_get_status */
NULL, /* ipf_dump_start */
NULL, /* ipf_dump_next */
NULL, /* ipf_dump_done */
dpif: Meter framework. Add DPIF-level infrastructure for meters. Allow meter_set to modify the meter configuration (e.g. set the burst size if unspecified). Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
2017-02-23 11:27:54 -08:00
dpif_netlink_meter_get_features,
dpif_netlink_meter_set,
dpif_netlink_meter_get,
dpif_netlink_meter_del,
userspace: Avoid dp_hash recirculation for balance-tcp bond mode. Problem: In OVS, flows with output over a bond interface of type “balance-tcp” gets translated by the ofproto layer into "HASH" and "RECIRC" datapath actions. After recirculation, the packet is forwarded to the bond member port based on 8-bits of the datapath hash value computed through dp_hash. This causes performance degradation in the following ways: 1. The recirculation of the packet implies another lookup of the packet’s flow key in the exact match cache (EMC) and potentially Megaflow classifier (DPCLS). This is the biggest cost factor. 2. The recirculated packets have a new “RSS” hash and compete with the original packets for the scarce number of EMC slots. This implies more EMC misses and potentially EMC thrashing causing costly DPCLS lookups. 3. The 256 extra megaflow entries per bond for dp_hash bond selection put additional load on the revalidation threads. Owing to this performance degradation, deployments stick to “balance-slb” bond mode even though it does not do active-active load balancing for VXLAN- and GRE-tunnelled traffic because all tunnel packet have the same source MAC address. Proposed optimization: This proposal introduces a new load-balancing output action instead of recirculation. Maintain one table per-bond (could just be an array of uint16's) and program it the same way internal flows are created today for each possible hash value (256 entries) from ofproto layer. Use this table to load-balance flows as part of output action processing. Currently xlate_normal() -> output_normal() -> bond_update_post_recirc_rules() -> bond_may_recirc() and compose_output_action__() generate 'dp_hash(hash_l4(0))' and 'recirc(<RecircID>)' actions. In this case the RecircID identifies the bond. For the recirculated packets the ofproto layer installs megaflow entries that match on RecircID and masked dp_hash and send them to the corresponding output port. Instead, we will now generate action as 'lb_output(<bond id>)' This combines hash computation (only if needed, else re-use RSS hash) and inline load-balancing over the bond. This action is used *only* for balance-tcp bonds in userspace datapath (the OVS kernel datapath remains unchanged). Example: Current scheme: With 8 UDP flows (with random UDP src port): flow-dump from pmd on cpu core: 2 recirc_id(0),in_port(7),<...> actions:hash(hash_l4(0)),recirc(0x1) recirc_id(0x1),dp_hash(0xf8e02b7e/0xff),<...> actions:2 recirc_id(0x1),dp_hash(0xb236c260/0xff),<...> actions:1 recirc_id(0x1),dp_hash(0x7d89eb18/0xff),<...> actions:1 recirc_id(0x1),dp_hash(0xa78d75df/0xff),<...> actions:2 recirc_id(0x1),dp_hash(0xb58d846f/0xff),<...> actions:2 recirc_id(0x1),dp_hash(0x24534406/0xff),<...> actions:1 recirc_id(0x1),dp_hash(0x3cf32550/0xff),<...> actions:1 New scheme: We can do with a single flow entry (for any number of new flows): in_port(7),<...> actions:lb_output(1) A new CLI has been added to dump datapath bond cache as given below. # ovs-appctl dpif-netdev/bond-show [dp] Bond cache: bond-id 1 : bucket 0 - slave 2 bucket 1 - slave 1 bucket 2 - slave 2 bucket 3 - slave 1 Co-authored-by: Manohar Krishnappa Chidambaraswamy <manukc@gmail.com> Signed-off-by: Manohar Krishnappa Chidambaraswamy <manukc@gmail.com> Signed-off-by: Vishal Deep Ajmera <vishal.deep.ajmera@ericsson.com> Tested-by: Matteo Croce <mcroce@redhat.com> Tested-by: Adrian Moreno <amorenoz@redhat.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2020-05-22 10:50:05 +02:00
NULL, /* bond_add */
NULL, /* bond_del */
NULL, /* bond_stats_get */
dpctl: dpif: Allow viewing and configuring dp cache sizes. This patch adds a general way of viewing/configuring datapath cache sizes. With an implementation for the netlink interface. The ovs-dpctl/ovs-appctl show commands will display the current cache sizes configured: $ ovs-dpctl show system@ovs-system: lookups: hit:25 missed:63 lost:0 flows: 0 masks: hit:282 total:0 hit/pkt:3.20 cache: hit:4 hit-rate:4.54% caches: masks-cache: size:256 port 0: ovs-system (internal) port 1: br-int (internal) port 2: genev_sys_6081 (geneve: packet_type=ptap) port 3: br-ex (internal) port 4: eth2 port 5: sw0p1 (internal) port 6: sw0p3 (internal) A specific cache can be configured as follows: $ ovs-appctl dpctl/cache-set-size DP CACHE SIZE $ ovs-dpctl cache-set-size DP CACHE SIZE For example to disable the cache do: $ ovs-dpctl cache-set-size system@ovs-system masks-cache 0 Setting cache size successful, new size 0. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:58 +02:00
dpif_netlink_cache_get_supported_levels,
dpif_netlink_cache_get_name,
dpif_netlink_cache_get_size,
dpif_netlink_cache_set_size,
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_init(void)
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
{
dpif: Serialize initialization. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-23 14:35:29 -07:00
static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
static int error;
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
dpif: Serialize initialization. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-23 14:35:29 -07:00
if (ovsthread_once_start(&once)) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
error = nl_lookup_genl_family(OVS_DATAPATH_FAMILY,
&ovs_datapath_family);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
if (error) {
netdev-linux: fail ops not supporting remote netns. When the netdev is in another namespace and the operation doesn't support network namespaces, return the correct error. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-03-29 23:05:31 -03:00
VLOG_INFO("Generic Netlink family '%s' does not exist. "
dpif-netlink: Only warn when OVS datapath Netlink family is unavailable. OVS using DPDK (or the userspace datapath without DPDK) can still function correctly without the module loaded. Signed-off-by: Ciara Loftus <ciara.loftus@intel.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-05-17 14:28:39 +01:00
"The Open vSwitch kernel module is probably not loaded.",
OVS_DATAPATH_FAMILY);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
}
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
if (!error) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
error = nl_lookup_genl_family(OVS_VPORT_FAMILY, &ovs_vport_family);
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
}
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
if (!error) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
error = nl_lookup_genl_family(OVS_FLOW_FAMILY, &ovs_flow_family);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
}
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
if (!error) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
error = nl_lookup_genl_family(OVS_PACKET_FAMILY,
&ovs_packet_family);
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
}
dpif-linux: Stop listening for RTNL notifications. Currently dpif-linux listens for vport change events using rtnetlink notifications. This patch switches to the ovs genl notification system. Feature #6809.
2011-08-24 16:21:10 -07:00
if (!error) {
error = nl_lookup_genl_mcgroup(OVS_VPORT_FAMILY, OVS_VPORT_MCGROUP,
datapath: Cleanup netlink compat code. Patch removes genl, netlink, rtnl compat code and dpif-linux fallback-id compat code. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2013-08-26 23:53:17 -07:00
&ovs_vport_mcgroup);
dpif-linux: Stop listening for RTNL notifications. Currently dpif-linux listens for vport change events using rtnetlink notifications. This patch switches to the ovs genl notification system. Feature #6809.
2011-08-24 16:21:10 -07:00
}
dpif-netlink: Add meter support. To work with kernel datapath that supports meter. Signed-off-by: Andy Zhou <azhou@ovn.org> Co-authored-by: Justin Pettit <jpettit@ovn.org> Signed-off-by: Justin Pettit <jpettit@ovn.org> Acked-by: Alin Gabriel Serdean <aserdean@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
2017-11-17 02:15:47 -08:00
if (!error) {
if (nl_lookup_genl_family(OVS_METER_FAMILY, &ovs_meter_family)) {
VLOG_INFO("The kernel module does not support meters.");
}
}
dpif-netlink: Implement conntrack zone limit This patch provides the implementation of conntrack zone limit in dpif-netlink. It basically utilizes the netlink API to communicate with OVS kernel module to set, delete, and get conntrack zone limit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Justin Pettit <jpettit@ovn.org>
2018-08-17 02:05:09 -07:00
if (nl_lookup_genl_family(OVS_CT_LIMIT_FAMILY,
&ovs_ct_limit_family) < 0) {
VLOG_INFO("Generic Netlink family '%s' does not exist. "
"Please update the Open vSwitch kernel module to enable "
"the conntrack limit feature.", OVS_CT_LIMIT_FAMILY);
}
dpif: Serialize initialization. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-23 14:35:29 -07:00
dpif-netlink: Probe for out-of-tree tunnels, decides used interface On dpif init, probe for whether tunnels are created using in-tree (upstream linux) or out-of-tree (OVS). This is done by probing for the existence of "ovs_geneve" via rtnetlink. This is used to determine how to create the tunnel devices. For out-of-tree tunnels, only try genetlink/compat. For in-tree kernel tunnels, try rtnetlink then fallback to genetlink. Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Joe Stringer <joe@ovn.org>
2017-05-18 16:10:33 -04:00
ovs_tunnels_out_of_tree = dpif_netlink_rtnl_probe_oot_tunnels();
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
unixctl_command_register("dpif-netlink/dispatch-mode", "", 0, 0,
dpif_netlink_unixctl_dispatch_mode, NULL);
dpif: Serialize initialization. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-23 14:35:29 -07:00
ovsthread_once_done(&once);
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
}
return error;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
bool
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_is_internal_device(const char *name)
datapath: Drop datapath index and port number from Ethtool output. I introduced this a long time ago as an efficient way for userspace to find out whether and where an internal device was attached, but I've always considered it an ugly kluge. Now that ODP_VPORT_QUERY can fetch a vport's info regardless of datapath, it is no longer necessary. This commit stops using Ethtool for this purpose and drops the feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-29 14:20:16 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport reply;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
struct ofpbuf *buf;
datapath: Drop datapath index and port number from Ethtool output. I introduced this a long time ago as an efficient way for userspace to find out whether and where an internal device was attached, but I've always considered it an ugly kluge. Now that ODP_VPORT_QUERY can fetch a vport's info regardless of datapath, it is no longer necessary. This commit stops using Ethtool for this purpose and drops the feature. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2010-12-29 14:20:16 -08:00
int error;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_vport_get(name, &reply, &buf);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
if (!error) {
ofpbuf_delete(buf);
dpif-linux: Avoid logging error on ENOENT in dpif_linux_is_internal_device(). ENOENT can be returned if the kernel module isn't loaded. If that's the case then we've already logged that and there's no point in logging it again.
2011-04-08 16:38:42 -07:00
} else if (error != ENODEV && error != ENOENT) {
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
VLOG_WARN_RL(&error_rl, "%s: vport query failed (%s)",
Replace all uses of strerror() by ovs_strerror(), for thread safety. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-24 10:54:49 -07:00
name, ovs_strerror(error));
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
return reply.type == OVS_VPORT_TYPE_INTERNAL;
dpif: Make dpifs abstract, to allow multiple datapath implementations. This commit initially introduces only a single datapath implementation, which is the same as the original one, but it paves the way for additional implementations, such as the upcoming userspace datapath.
2009-06-17 14:35:35 -07:00
}
Windows: Add conntrack dump and flush support in userspace Modify dpif-netlink.c and netlink-conntrack.c to send down dump and flush command to Windows datapath. Include netlink-conntrack.c and netlink-conntrack.h in automake.mk for Windows binaries. Windows currently supports only NETLINK_GENERIC port. In order to support the NETLINK_NETFILTER messages, the port id is being overwritten to NETLINK_GENERIC on Windows and datapath has been updated to support the new message format. Signed-off-by: Sairam Venugopal <vsairam@vmware.com> Acked-by: Paul-Daniel Boca <pboca@cloudbasesolutions.com> Acked-by: Nithin Raju <nithin@vmware.com> Acked-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
2016-07-01 13:49:34 -07:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* Parses the contents of 'buf', which contains a "struct ovs_header" followed
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
* by Netlink attributes, into 'vport'. Returns 0 if successful, otherwise a
* positive errno value.
*
* 'vport' will contain pointers into 'buf', so the caller should not free
* 'buf' while 'vport' is still in use. */
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_from_ofpbuf(struct dpif_netlink_vport *vport,
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
const struct ofpbuf *buf)
{
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
static const struct nl_policy ovs_vport_policy[] = {
[OVS_VPORT_ATTR_PORT_NO] = { .type = NL_A_U32 },
[OVS_VPORT_ATTR_TYPE] = { .type = NL_A_U32 },
[OVS_VPORT_ATTR_NAME] = { .type = NL_A_STRING, .max_len = IFNAMSIZ },
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
[OVS_VPORT_ATTR_UPCALL_PID] = { .type = NL_A_UNSPEC },
netlink: New macro NL_POLICY_FOR.
2011-11-07 09:21:17 -08:00
[OVS_VPORT_ATTR_STATS] = { NL_POLICY_FOR(struct ovs_vport_stats),
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
.optional = true },
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
[OVS_VPORT_ATTR_OPTIONS] = { .type = NL_A_NESTED, .optional = true },
netnsid: update device only if netnsid matches. Recent kernels provide the network namespace ID of a port, so use that to discover where the port currently is. A network device in another network namespace could have the same name, so once the socket starts listening to other network namespaces, it is necessary to confirm the netnsid. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-03-29 23:05:27 -03:00
[OVS_VPORT_ATTR_NETNSID] = { .type = NL_A_U32, .optional = true },
dpctl: Add support to count upcall packets. Add support to count upcall packets per port, both succeed and failed, which is a better way to see how many packets upcalled on each interface. Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: wangchuanlei <wangchuanlei@inspur.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-01-18 20:31:17 -05:00
[OVS_VPORT_ATTR_UPCALL_STATS] = { .type = NL_A_NESTED,
.optional = true },
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(vport);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
ofpbuf: New function ofpbuf_const_initializer(). A number of times I've looked at code and thought that it would be easier to understand if I could write an initializer instead of ofpbuf_use_const(). This commit adds a function for that purpose and adapts a lot of code to use it, in the places where I thought it made the code better. In theory this could improve code generation since the new function can be inlined whereas ofpbuf_use_const() isn't. But I guess that's probably insignificant; the intent of this change is code readability. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-18 15:13:09 -08:00
struct ofpbuf b = ofpbuf_const_initializer(buf->data, buf->size);
struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg);
struct genlmsghdr *genl = ofpbuf_try_pull(&b, sizeof *genl);
struct ovs_header *ovs_header = ofpbuf_try_pull(&b, sizeof *ovs_header);
struct nlattr *a[ARRAY_SIZE(ovs_vport_policy)];
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (!nlmsg || !genl || !ovs_header
|| nlmsg->nlmsg_type != ovs_vport_family
|| !nl_policy_parse(&b, 0, ovs_vport_policy, a,
ARRAY_SIZE(ovs_vport_policy))) {
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
return EINVAL;
}
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
vport->cmd = genl->cmd;
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
vport->dp_ifindex = ovs_header->dp_ifindex;
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
vport->port_no = nl_attr_get_odp_port(a[OVS_VPORT_ATTR_PORT_NO]);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
vport->type = nl_attr_get_u32(a[OVS_VPORT_ATTR_TYPE]);
vport->name = nl_attr_get_string(a[OVS_VPORT_ATTR_NAME]);
datapath: Use unicast Netlink sockets for upcalls. Currently we publish several multicast groups for upcalls and let userspace sockets subscribe to them. The benefit of this is mostly that userspace is the one doing the subscription - the actual multicast capability is not currently used and probably wouldn't be even if we moved to a multiprocess model. Despite the convenience, multicast sockets have a number of disadvantages, primarily that we only have a limited number of them so there could be collisions. In addition, unicast sockets give additional flexibility to userspace by allowing every object to potentially have a different socket chosen by userspace for upcalls. Finally, any future optimizations for upcalls to reduce copying will likely not be compatible with multicast anyways so disallowing it potentially simplifies things. We also never unregistered the multicast groups registered for upcalls and leaked them on module unload. As a side effect, this solves that problem. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-09-14 13:05:09 -07:00
if (a[OVS_VPORT_ATTR_UPCALL_PID]) {
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
vport->n_upcall_pids = nl_attr_get_size(a[OVS_VPORT_ATTR_UPCALL_PID])
/ (sizeof *vport->upcall_pids);
vport->upcall_pids = nl_attr_get(a[OVS_VPORT_ATTR_UPCALL_PID]);
datapath: Use unicast Netlink sockets for upcalls. Currently we publish several multicast groups for upcalls and let userspace sockets subscribe to them. The benefit of this is mostly that userspace is the one doing the subscription - the actual multicast capability is not currently used and probably wouldn't be even if we moved to a multiprocess model. Despite the convenience, multicast sockets have a number of disadvantages, primarily that we only have a limited number of them so there could be collisions. In addition, unicast sockets give additional flexibility to userspace by allowing every object to potentially have a different socket chosen by userspace for upcalls. Finally, any future optimizations for upcalls to reduce copying will likely not be compatible with multicast anyways so disallowing it potentially simplifies things. We also never unregistered the multicast groups registered for upcalls and leaked them on module unload. As a side effect, this solves that problem. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-09-14 13:05:09 -07:00
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (a[OVS_VPORT_ATTR_STATS]) {
vport->stats = nl_attr_get(a[OVS_VPORT_ATTR_STATS]);
}
dpctl: Add support to count upcall packets. Add support to count upcall packets per port, both succeed and failed, which is a better way to see how many packets upcalled on each interface. Acked-by: Eelco Chaudron <echaudro@redhat.com> Signed-off-by: wangchuanlei <wangchuanlei@inspur.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2023-01-18 20:31:17 -05:00
if (a[OVS_VPORT_ATTR_UPCALL_STATS]) {
const struct nlattr *nla;
size_t left;
NL_NESTED_FOR_EACH (nla, left, a[OVS_VPORT_ATTR_UPCALL_STATS]) {
if (nl_attr_type(nla) == OVS_VPORT_UPCALL_ATTR_SUCCESS) {
vport->upcall_success = nl_attr_get_u64(nla);
} else if (nl_attr_type(nla) == OVS_VPORT_UPCALL_ATTR_FAIL) {
vport->upcall_fail = nl_attr_get_u64(nla);
}
}
} else {
vport->upcall_success = UINT64_MAX;
vport->upcall_fail = UINT64_MAX;
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (a[OVS_VPORT_ATTR_OPTIONS]) {
vport->options = nl_attr_get(a[OVS_VPORT_ATTR_OPTIONS]);
vport->options_len = nl_attr_get_size(a[OVS_VPORT_ATTR_OPTIONS]);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
netnsid: update device only if netnsid matches. Recent kernels provide the network namespace ID of a port, so use that to discover where the port currently is. A network device in another network namespace could have the same name, so once the socket starts listening to other network namespaces, it is necessary to confirm the netnsid. Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2018-03-29 23:05:27 -03:00
if (a[OVS_VPORT_ATTR_NETNSID]) {
netnsid_set(&vport->netnsid,
nl_attr_get_u32(a[OVS_VPORT_ATTR_NETNSID]));
} else {
netnsid_set_local(&vport->netnsid);
}
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
return 0;
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* Appends to 'buf' (which must initially be empty) a "struct ovs_header"
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
* followed by Netlink attributes corresponding to 'vport'. */
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_to_ofpbuf(const struct dpif_netlink_vport *vport,
struct ofpbuf *buf)
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
{
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
struct ovs_header *ovs_header;
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_genlmsghdr(buf, 0, ovs_vport_family, NLM_F_REQUEST | NLM_F_ECHO,
datapath: Define constants for versions of GENL families. Currently we hard code the versions of our GENL families to 1 but it's nicer to have symbolic constants. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-10-22 18:22:18 -07:00
vport->cmd, OVS_VPORT_VERSION);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
ovs_header = ofpbuf_put_uninit(buf, sizeof *ovs_header);
ovs_header->dp_ifindex = vport->dp_ifindex;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
if (vport->port_no != ODPP_NONE) {
nl_msg_put_odp_port(buf, OVS_VPORT_ATTR_PORT_NO, vport->port_no);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (vport->type != OVS_VPORT_TYPE_UNSPEC) {
nl_msg_put_u32(buf, OVS_VPORT_ATTR_TYPE, vport->type);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
if (vport->name) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_string(buf, OVS_VPORT_ATTR_NAME, vport->name);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
if (vport->upcall_pids) {
nl_msg_put_unspec(buf, OVS_VPORT_ATTR_UPCALL_PID,
vport->upcall_pids,
vport->n_upcall_pids * sizeof *vport->upcall_pids);
dpif-linux: Don't reset kernel upcall_pids unintentionally. Commit b063d9f0 "datapath: Use unicast Netlink sockets for upcalls" that introduced an 'upcall_pid' member into struct dpif_linux_vport, struct dpif_linux_dp, and struct dpif_linux_flow neglected to do so only if the member was nonzero. This caused every datapath, vport, and flow operation to supply an upcall_pid. In particular, the netdev_set_config() called at startup when a vport already existed caused the upcall_pid for that vport to be reset to 0, which in turn caused all packets received on the vport to be dropped instead of forwarded to ovs-vswitchd. Reported-by: Shih-Hao Li <shli@nicira.com> Bug #7714.
2011-10-07 16:41:36 -07:00
}
datapath: Use unicast Netlink sockets for upcalls. Currently we publish several multicast groups for upcalls and let userspace sockets subscribe to them. The benefit of this is mostly that userspace is the one doing the subscription - the actual multicast capability is not currently used and probably wouldn't be even if we moved to a multiprocess model. Despite the convenience, multicast sockets have a number of disadvantages, primarily that we only have a limited number of them so there could be collisions. In addition, unicast sockets give additional flexibility to userspace by allowing every object to potentially have a different socket chosen by userspace for upcalls. Finally, any future optimizations for upcalls to reduce copying will likely not be compatible with multicast anyways so disallowing it potentially simplifies things. We also never unregistered the multicast groups registered for upcalls and leaked them on module unload. As a side effect, this solves that problem. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-09-14 13:05:09 -07:00
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
if (vport->stats) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_unspec(buf, OVS_VPORT_ATTR_STATS,
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
vport->stats, sizeof *vport->stats);
}
if (vport->options) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_nested(buf, OVS_VPORT_ATTR_OPTIONS,
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
vport->options, vport->options_len);
}
}
/* Clears 'vport' to "empty" values. */
void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(struct dpif_netlink_vport *vport)
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
{
memset(vport, 0, sizeof *vport);
Create specific types for ofp and odp port Until now, datapath ports and openflow ports were both represented by unsigned integers of various sizes. With implicit conversions, etc., it is easy to mix them up and use one where the other is expected. This commit creates two typedefs, ofp_port_t and odp_port_t. Both of these two types are marked by "__attribute__((bitwise))" so that sparse can be used to detect any misuse. Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 16:58:44 -07:00
vport->port_no = ODPP_NONE;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
/* Executes 'request' in the kernel datapath. If the command fails, returns a
* positive errno value. Otherwise, if 'reply' and 'bufp' are null, returns 0
* without doing anything else. If 'reply' and 'bufp' are nonnull, then the
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
* result of the command is expected to be an ovs_vport also, which is decoded
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
* and stored in '*reply' and '*bufp'. The caller must free '*bufp' when the
* reply is no longer needed ('reply' will contain pointers into '*bufp'). */
int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_transact(const struct dpif_netlink_vport *request,
struct dpif_netlink_vport *reply,
struct ofpbuf **bufp)
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
{
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
struct ofpbuf *request_buf;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
int error;
Replace most uses of assert by ovs_assert. This is a straight search-and-replace, except that I also removed #include <assert.h> from each file where there were no assert calls left. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2012-11-06 13:14:55 -08:00
ovs_assert((reply != NULL) == (bufp != NULL));
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_init();
dpif-linux: Avoid segfault on netdev_get_stats() without kernel module. netdev_linux_get_stats() calls into netdev_vport_get_stats(), which in turn attempts a transaction on genl_sock. If the kernel module isn't loaded, then genl_sock won't be there, and in any case there's nothing that guarantees that it's been initialized yet. This fixes the problem by ensuring that dpif_linux was initialized properly before attempting a transaction on genl_sock. Reported-by: Aaron Rosen <arosen@clemson.edu>
2011-04-08 16:37:22 -07:00
if (error) {
if (reply) {
*bufp = NULL;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(reply);
dpif-linux: Avoid segfault on netdev_get_stats() without kernel module. netdev_linux_get_stats() calls into netdev_vport_get_stats(), which in turn attempts a transaction on genl_sock. If the kernel module isn't loaded, then genl_sock won't be there, and in any case there's nothing that guarantees that it's been initialized yet. This fixes the problem by ensuring that dpif_linux was initialized properly before attempting a transaction on genl_sock. Reported-by: Aaron Rosen <arosen@clemson.edu>
2011-04-08 16:37:22 -07:00
}
return error;
}
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
request_buf = ofpbuf_new(1024);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_to_ofpbuf(request, request_buf);
netlink-socket: Simplify use of transactions and dumps. This disentangles "struct nl_dump" from "struct nl_sock", clearing the way to make the use of either one thread-safe in an obviously correct manner. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-29 13:57:50 -07:00
error = nl_transact(NETLINK_GENERIC, request_buf, bufp);
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
ofpbuf_delete(request_buf);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
if (reply) {
if (!error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_vport_from_ofpbuf(reply, *bufp);
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
}
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
if (error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(reply);
datapath: Convert ODP_VPORT_* to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:59:03 -08:00
ofpbuf_delete(*bufp);
*bufp = NULL;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
}
return error;
}
/* Obtains information about the kernel vport named 'name' and stores it into
* '*reply' and '*bufp'. The caller must free '*bufp' when the reply is no
* longer needed ('reply' will contain pointers into '*bufp'). */
int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_get(const char *name, struct dpif_netlink_vport *reply,
struct ofpbuf **bufp)
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_vport request;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_vport_init(&request);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
request.cmd = OVS_VPORT_CMD_GET;
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
request.name = name;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return dpif_netlink_vport_transact(&request, reply, bufp);
datapath: Change userspace vport interface to use Netlink attributes. One of the goals for Open vSwitch is to decouple kernel and userspace software, so that either one can be upgraded or rolled back independent of the other. To do this in full generality, it must be possible to add new features to the kernel vport layer without changing userspace software. The customary way to do this in the Linux networking stack is to use Netlink and in particular Netlink attributes. This commit adopts that model for the vport layer. It does not yet actually start using the Netlink socket layer, which will come later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 12:28:59 -08:00
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* Parses the contents of 'buf', which contains a "struct ovs_header" followed
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
* by Netlink attributes, into 'dp'. Returns 0 if successful, otherwise a
* positive errno value.
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
*
* 'dp' will contain pointers into 'buf', so the caller should not free 'buf'
* while 'dp' is still in use. */
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_from_ofpbuf(struct dpif_netlink_dp *dp, const struct ofpbuf *buf)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
static const struct nl_policy ovs_datapath_policy[] = {
[OVS_DP_ATTR_NAME] = { .type = NL_A_STRING, .max_len = IFNAMSIZ },
netlink: New macro NL_POLICY_FOR.
2011-11-07 09:21:17 -08:00
[OVS_DP_ATTR_STATS] = { NL_POLICY_FOR(struct ovs_dp_stats),
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
.optional = true },
dpif-linux: collect and display mega flow mask stats Signed-off-by: Andy Zhou <azhou@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-10-21 14:37:34 -07:00
[OVS_DP_ATTR_MEGAFLOW_STATS] = {
NL_POLICY_FOR(struct ovs_dp_megaflow_stats),
.optional = true },
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
[OVS_DP_ATTR_USER_FEATURES] = {
.type = NL_A_U32,
.optional = true },
dpctl: dpif: Allow viewing and configuring dp cache sizes. This patch adds a general way of viewing/configuring datapath cache sizes. With an implementation for the netlink interface. The ovs-dpctl/ovs-appctl show commands will display the current cache sizes configured: $ ovs-dpctl show system@ovs-system: lookups: hit:25 missed:63 lost:0 flows: 0 masks: hit:282 total:0 hit/pkt:3.20 cache: hit:4 hit-rate:4.54% caches: masks-cache: size:256 port 0: ovs-system (internal) port 1: br-int (internal) port 2: genev_sys_6081 (geneve: packet_type=ptap) port 3: br-ex (internal) port 4: eth2 port 5: sw0p1 (internal) port 6: sw0p3 (internal) A specific cache can be configured as follows: $ ovs-appctl dpctl/cache-set-size DP CACHE SIZE $ ovs-dpctl cache-set-size DP CACHE SIZE For example to disable the cache do: $ ovs-dpctl cache-set-size system@ovs-system masks-cache 0 Setting cache size successful, new size 0. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:58 +02:00
[OVS_DP_ATTR_MASKS_CACHE_SIZE] = {
.type = NL_A_U32,
.optional = true },
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_init(dp);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
ofpbuf: New function ofpbuf_const_initializer(). A number of times I've looked at code and thought that it would be easier to understand if I could write an initializer instead of ofpbuf_use_const(). This commit adds a function for that purpose and adapts a lot of code to use it, in the places where I thought it made the code better. In theory this could improve code generation since the new function can be inlined whereas ofpbuf_use_const() isn't. But I guess that's probably insignificant; the intent of this change is code readability. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-18 15:13:09 -08:00
struct ofpbuf b = ofpbuf_const_initializer(buf->data, buf->size);
struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg);
struct genlmsghdr *genl = ofpbuf_try_pull(&b, sizeof *genl);
struct ovs_header *ovs_header = ofpbuf_try_pull(&b, sizeof *ovs_header);
struct nlattr *a[ARRAY_SIZE(ovs_datapath_policy)];
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (!nlmsg || !genl || !ovs_header
|| nlmsg->nlmsg_type != ovs_datapath_family
|| !nl_policy_parse(&b, 0, ovs_datapath_policy, a,
ARRAY_SIZE(ovs_datapath_policy))) {
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
return EINVAL;
}
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
dp->cmd = genl->cmd;
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
dp->dp_ifindex = ovs_header->dp_ifindex;
dp->name = nl_attr_get_string(a[OVS_DP_ATTR_NAME]);
if (a[OVS_DP_ATTR_STATS]) {
odp-netlink.h: Use 32-bit aligned 64-bit types. Open vSwitch userspace uses special types to indicate that a particular object may not be naturally aligned. Netlink is one source of such problems: in Netlink, 64-bit integers are often aligned only on 32-bit boundaries. This commit changes the odp-netlink.h that is transformed from <linux/openvswitch.h> to use these types to make it harder to accidentally access a misaligned 64-bit member. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2014-06-13 15:28:29 -07:00
dp->stats = nl_attr_get(a[OVS_DP_ATTR_STATS]);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
datapath: Convert upcalls and ODP_EXECUTE to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 13:41:54 -08:00
dpif-linux: collect and display mega flow mask stats Signed-off-by: Andy Zhou <azhou@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-10-21 14:37:34 -07:00
if (a[OVS_DP_ATTR_MEGAFLOW_STATS]) {
odp-netlink.h: Use 32-bit aligned 64-bit types. Open vSwitch userspace uses special types to indicate that a particular object may not be naturally aligned. Netlink is one source of such problems: in Netlink, 64-bit integers are often aligned only on 32-bit boundaries. This commit changes the odp-netlink.h that is transformed from <linux/openvswitch.h> to use these types to make it harder to accidentally access a misaligned 64-bit member. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2014-06-13 15:28:29 -07:00
dp->megaflow_stats = nl_attr_get(a[OVS_DP_ATTR_MEGAFLOW_STATS]);
dpif-linux: collect and display mega flow mask stats Signed-off-by: Andy Zhou <azhou@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-10-21 14:37:34 -07:00
}
dpif: Add support to set user features This enables user features on the kernel datapath via the DP_CMD_SET command, and also retrieves them to check for actual support and not just an older kernel ignoring the requested features. This will be used in next patch to enable recirc_id sharing with tc. Signed-off-by: Paul Blakey <paulb@mellanox.com> Reviewed-by: Roi Dayan <roid@mellanox.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
2019-12-22 12:16:38 +02:00
if (a[OVS_DP_ATTR_USER_FEATURES]) {
dp->user_features = nl_attr_get_u32(a[OVS_DP_ATTR_USER_FEATURES]);
}
dpctl: dpif: Allow viewing and configuring dp cache sizes. This patch adds a general way of viewing/configuring datapath cache sizes. With an implementation for the netlink interface. The ovs-dpctl/ovs-appctl show commands will display the current cache sizes configured: $ ovs-dpctl show system@ovs-system: lookups: hit:25 missed:63 lost:0 flows: 0 masks: hit:282 total:0 hit/pkt:3.20 cache: hit:4 hit-rate:4.54% caches: masks-cache: size:256 port 0: ovs-system (internal) port 1: br-int (internal) port 2: genev_sys_6081 (geneve: packet_type=ptap) port 3: br-ex (internal) port 4: eth2 port 5: sw0p1 (internal) port 6: sw0p3 (internal) A specific cache can be configured as follows: $ ovs-appctl dpctl/cache-set-size DP CACHE SIZE $ ovs-dpctl cache-set-size DP CACHE SIZE For example to disable the cache do: $ ovs-dpctl cache-set-size system@ovs-system masks-cache 0 Setting cache size successful, new size 0. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:58 +02:00
if (a[OVS_DP_ATTR_MASKS_CACHE_SIZE]) {
dp->cache_size = nl_attr_get_u32(a[OVS_DP_ATTR_MASKS_CACHE_SIZE]);
} else {
dp->cache_size = UINT32_MAX;
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
return 0;
}
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
/* Appends to 'buf' the Generic Netlink message described by 'dp'. */
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_to_ofpbuf(const struct dpif_netlink_dp *dp, struct ofpbuf *buf)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
struct ovs_header *ovs_header;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_genlmsghdr(buf, 0, ovs_datapath_family,
datapath: Define constants for versions of GENL families. Currently we hard code the versions of our GENL families to 1 but it's nicer to have symbolic constants. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-10-22 18:22:18 -07:00
NLM_F_REQUEST | NLM_F_ECHO, dp->cmd,
OVS_DATAPATH_VERSION);
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
ovs_header = ofpbuf_put_uninit(buf, sizeof *ovs_header);
ovs_header->dp_ifindex = dp->dp_ifindex;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
if (dp->name) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_string(buf, OVS_DP_ATTR_NAME, dp->name);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
dpif-linux: Don't reset kernel upcall_pids unintentionally. Commit b063d9f0 "datapath: Use unicast Netlink sockets for upcalls" that introduced an 'upcall_pid' member into struct dpif_linux_vport, struct dpif_linux_dp, and struct dpif_linux_flow neglected to do so only if the member was nonzero. This caused every datapath, vport, and flow operation to supply an upcall_pid. In particular, the netdev_set_config() called at startup when a vport already existed caused the upcall_pid for that vport to be reset to 0, which in turn caused all packets received on the vport to be dropped instead of forwarded to ovs-vswitchd. Reported-by: Shih-Hao Li <shli@nicira.com> Bug #7714.
2011-10-07 16:41:36 -07:00
if (dp->upcall_pid) {
nl_msg_put_u32(buf, OVS_DP_ATTR_UPCALL_PID, *dp->upcall_pid);
}
datapath: Use unicast Netlink sockets for upcalls. Currently we publish several multicast groups for upcalls and let userspace sockets subscribe to them. The benefit of this is mostly that userspace is the one doing the subscription - the actual multicast capability is not currently used and probably wouldn't be even if we moved to a multiprocess model. Despite the convenience, multicast sockets have a number of disadvantages, primarily that we only have a limited number of them so there could be collisions. In addition, unicast sockets give additional flexibility to userspace by allowing every object to potentially have a different socket chosen by userspace for upcalls. Finally, any future optimizations for upcalls to reduce copying will likely not be compatible with multicast anyways so disallowing it potentially simplifies things. We also never unregistered the multicast groups registered for upcalls and leaked them on module unload. As a side effect, this solves that problem. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-09-14 13:05:09 -07:00
linux: Report supported user features to the kernel Following commit (''netlink: Do not enforce alignment of last Netlink attribute''), signal the ability to receive unaligned Netlink messages to the datapath to enable utilization of zerocopy optimizations. Opening a datapath is now done by issueing a OVS_DP_CMD_SET in order to overwrite previously set user features. Signed-off-by: Thomas Graf <tgraf@redhat.com> Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
2013-12-19 16:20:42 +01:00
if (dp->user_features) {
nl_msg_put_u32(buf, OVS_DP_ATTR_USER_FEATURES, dp->user_features);
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (dp->upcall_pids) {
nl_msg_put_unspec(buf, OVS_DP_ATTR_PER_CPU_PIDS, dp->upcall_pids,
sizeof *dp->upcall_pids * dp->n_upcall_pids);
}
dpctl: dpif: Allow viewing and configuring dp cache sizes. This patch adds a general way of viewing/configuring datapath cache sizes. With an implementation for the netlink interface. The ovs-dpctl/ovs-appctl show commands will display the current cache sizes configured: $ ovs-dpctl show system@ovs-system: lookups: hit:25 missed:63 lost:0 flows: 0 masks: hit:282 total:0 hit/pkt:3.20 cache: hit:4 hit-rate:4.54% caches: masks-cache: size:256 port 0: ovs-system (internal) port 1: br-int (internal) port 2: genev_sys_6081 (geneve: packet_type=ptap) port 3: br-ex (internal) port 4: eth2 port 5: sw0p1 (internal) port 6: sw0p3 (internal) A specific cache can be configured as follows: $ ovs-appctl dpctl/cache-set-size DP CACHE SIZE $ ovs-dpctl cache-set-size DP CACHE SIZE For example to disable the cache do: $ ovs-dpctl cache-set-size system@ovs-system masks-cache 0 Setting cache size successful, new size 0. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:58 +02:00
if (dp->cache_size != UINT32_MAX) {
nl_msg_put_u32(buf, OVS_DP_ATTR_MASKS_CACHE_SIZE, dp->cache_size);
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* Skip OVS_DP_ATTR_STATS since we never have a reason to serialize it. */
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
/* Clears 'dp' to "empty" values. */
Add missing "static" keywords. Found by sparse.
2011-05-04 13:58:10 -07:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_init(struct dpif_netlink_dp *dp)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
memset(dp, 0, sizeof *dp);
dpctl: dpif: Allow viewing and configuring dp cache sizes. This patch adds a general way of viewing/configuring datapath cache sizes. With an implementation for the netlink interface. The ovs-dpctl/ovs-appctl show commands will display the current cache sizes configured: $ ovs-dpctl show system@ovs-system: lookups: hit:25 missed:63 lost:0 flows: 0 masks: hit:282 total:0 hit/pkt:3.20 cache: hit:4 hit-rate:4.54% caches: masks-cache: size:256 port 0: ovs-system (internal) port 1: br-int (internal) port 2: genev_sys_6081 (geneve: packet_type=ptap) port 3: br-ex (internal) port 4: eth2 port 5: sw0p1 (internal) port 6: sw0p3 (internal) A specific cache can be configured as follows: $ ovs-appctl dpctl/cache-set-size DP CACHE SIZE $ ovs-dpctl cache-set-size DP CACHE SIZE For example to disable the cache do: $ ovs-dpctl cache-set-size system@ovs-system masks-cache 0 Setting cache size successful, new size 0. Signed-off-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Paolo Valerio <pvalerio@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-09-06 10:53:58 +02:00
dp->cache_size = UINT32_MAX;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_dump_start(struct nl_dump *dump)
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink_dp request;
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
struct ofpbuf *buf;
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_init(&request);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
request.cmd = OVS_DP_CMD_GET;
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
buf = ofpbuf_new(1024);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_to_ofpbuf(&request, buf);
netlink-socket: Simplify use of transactions and dumps. This disentangles "struct nl_dump" from "struct nl_sock", clearing the way to make the use of either one thread-safe in an obviously correct manner. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-29 13:57:50 -07:00
nl_dump_start(dump, NETLINK_GENERIC, buf);
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
ofpbuf_delete(buf);
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
/* Executes 'request' in the kernel datapath. If the command fails, returns a
* positive errno value. Otherwise, if 'reply' and 'bufp' are null, returns 0
* without doing anything else. If 'reply' and 'bufp' are nonnull, then the
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
* result of the command is expected to be of the same form, which is decoded
* and stored in '*reply' and '*bufp'. The caller must free '*bufp' when the
* reply is no longer needed ('reply' will contain pointers into '*bufp'). */
Add missing "static" keywords. Found by sparse.
2011-05-04 13:58:10 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_transact(const struct dpif_netlink_dp *request,
struct dpif_netlink_dp *reply, struct ofpbuf **bufp)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
struct ofpbuf *request_buf;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
int error;
Replace most uses of assert by ovs_assert. This is a straight search-and-replace, except that I also removed #include <assert.h> from each file where there were no assert calls left. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2012-11-06 13:14:55 -08:00
ovs_assert((reply != NULL) == (bufp != NULL));
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
request_buf = ofpbuf_new(1024);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_to_ofpbuf(request, request_buf);
netlink-socket: Simplify use of transactions and dumps. This disentangles "struct nl_dump" from "struct nl_sock", clearing the way to make the use of either one thread-safe in an obviously correct manner. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-29 13:57:50 -07:00
error = nl_transact(NETLINK_GENERIC, request_buf, bufp);
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
ofpbuf_delete(request_buf);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
if (reply) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_init(reply);
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
if (!error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_dp_from_ofpbuf(reply, *bufp);
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
if (error) {
datapath: Convert ODP_DP_* commands to use AF_NETLINK socket layer. This commit calls genl_lock() and thus doesn't support Linux before 2.6.35, which wasn't exported before that version. That problem will be fixed once the whole userspace interface transitions to Generic Netlink a few commits from now. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 13:55:04 -08:00
ofpbuf_delete(*bufp);
*bufp = NULL;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
}
return error;
}
/* Obtains information about 'dpif_' and stores it into '*reply' and '*bufp'.
* The caller must free '*bufp' when the reply is no longer needed ('reply'
* will contain pointers into '*bufp'). */
Add missing "static" keywords. Found by sparse.
2011-05-04 13:58:10 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_get(const struct dpif *dpif_, struct dpif_netlink_dp *reply,
struct ofpbuf **bufp)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
struct dpif_netlink *dpif = dpif_netlink_cast(dpif_);
struct dpif_netlink_dp request;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_dp_init(&request);
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
request.cmd = OVS_DP_CMD_GET;
datapath: Change dp_idx to dp_ifindex, the ifindex of the local port. I can't see any real value in maintaining a dp_idx separate from the ifindex of the local port. With the current implementation it also artificially limits the number of datapaths. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-21 17:01:56 -08:00
request.dp_ifindex = dpif->dp_ifindex;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
return dpif_netlink_dp_transact(&request, reply, bufp);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* Parses the contents of 'buf', which contains a "struct ovs_header" followed
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
* by Netlink attributes, into 'flow'. Returns 0 if successful, otherwise a
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
* positive errno value.
*
* 'flow' will contain pointers into 'buf', so the caller should not free 'buf'
* while 'flow' is still in use. */
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_from_ofpbuf(struct dpif_netlink_flow *flow,
const struct ofpbuf *buf)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
static const struct nl_policy ovs_flow_policy[__OVS_FLOW_ATTR_MAX] = {
[OVS_FLOW_ATTR_KEY] = { .type = NL_A_NESTED, .optional = true },
ovs-dpctl: Add mega flow support Added support to allow mega flow specified and displayed. ovs-dpctl tool is mainly used as debugging tool. This patch also implements the low level user space routines to send and receive mega flow netlink messages. Those netlink suppor routines are required for forthcoming user space mega flow patches. Added a unit test to test parsing and display of mega flows. Ethan contributed the ovs-dpctl mega flow output function. Co-authored-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 07:15:10 +00:00
[OVS_FLOW_ATTR_MASK] = { .type = NL_A_NESTED, .optional = true },
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
[OVS_FLOW_ATTR_ACTIONS] = { .type = NL_A_NESTED, .optional = true },
netlink: New macro NL_POLICY_FOR.
2011-11-07 09:21:17 -08:00
[OVS_FLOW_ATTR_STATS] = { NL_POLICY_FOR(struct ovs_flow_stats),
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
.optional = true },
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
[OVS_FLOW_ATTR_TCP_FLAGS] = { .type = NL_A_U8, .optional = true },
[OVS_FLOW_ATTR_USED] = { .type = NL_A_U64, .optional = true },
netlink: Introduce helpers for 128-bit integer attributes. Use the helpers in appropriate places. In most cases, this fixes a misaligned reference, since ovs_be128 and ovs_u128 require 8-byte alignment but Netlink only guarantees 4-byte. Found by GCC -fsanitize=undefined. Reported-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Lance Richardson <lrichard@redhat.com>
2017-06-14 09:07:45 -07:00
[OVS_FLOW_ATTR_UFID] = { .type = NL_A_U128, .optional = true },
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* The kernel never uses OVS_FLOW_ATTR_CLEAR. */
dpif: Use OVS_FLOW_ATTR_PROBE. Use the new OVS_FLOW_ATTR_PROBE flag when probing for datapath feature support. Suppress also dpif error logging when requested, as probe failures are already logged at ofproto-dpif. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-12 11:20:13 -07:00
/* The kernel never uses OVS_FLOW_ATTR_PROBE. */
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
/* The kernel never uses OVS_FLOW_ATTR_UFID_FLAGS. */
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
};
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_init(flow);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
ofpbuf: New function ofpbuf_const_initializer(). A number of times I've looked at code and thought that it would be easier to understand if I could write an initializer instead of ofpbuf_use_const(). This commit adds a function for that purpose and adapts a lot of code to use it, in the places where I thought it made the code better. In theory this could improve code generation since the new function can be inlined whereas ofpbuf_use_const() isn't. But I guess that's probably insignificant; the intent of this change is code readability. Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-18 15:13:09 -08:00
struct ofpbuf b = ofpbuf_const_initializer(buf->data, buf->size);
struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg);
struct genlmsghdr *genl = ofpbuf_try_pull(&b, sizeof *genl);
struct ovs_header *ovs_header = ofpbuf_try_pull(&b, sizeof *ovs_header);
struct nlattr *a[ARRAY_SIZE(ovs_flow_policy)];
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (!nlmsg || !genl || !ovs_header
|| nlmsg->nlmsg_type != ovs_flow_family
|| !nl_policy_parse(&b, 0, ovs_flow_policy, a,
ARRAY_SIZE(ovs_flow_policy))) {
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
return EINVAL;
}
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
if (!a[OVS_FLOW_ATTR_KEY] && !a[OVS_FLOW_ATTR_UFID]) {
return EINVAL;
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
flow->nlmsg_flags = nlmsg->nlmsg_flags;
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
flow->dp_ifindex = ovs_header->dp_ifindex;
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
if (a[OVS_FLOW_ATTR_KEY]) {
flow->key = nl_attr_get(a[OVS_FLOW_ATTR_KEY]);
flow->key_len = nl_attr_get_size(a[OVS_FLOW_ATTR_KEY]);
}
ovs-dpctl: Add mega flow support Added support to allow mega flow specified and displayed. ovs-dpctl tool is mainly used as debugging tool. This patch also implements the low level user space routines to send and receive mega flow netlink messages. Those netlink suppor routines are required for forthcoming user space mega flow patches. Added a unit test to test parsing and display of mega flows. Ethan contributed the ovs-dpctl mega flow output function. Co-authored-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 07:15:10 +00:00
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
if (a[OVS_FLOW_ATTR_UFID]) {
netlink: Introduce helpers for 128-bit integer attributes. Use the helpers in appropriate places. In most cases, this fixes a misaligned reference, since ovs_be128 and ovs_u128 require 8-byte alignment but Netlink only guarantees 4-byte. Found by GCC -fsanitize=undefined. Reported-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Lance Richardson <lrichard@redhat.com>
2017-06-14 09:07:45 -07:00
flow->ufid = nl_attr_get_u128(a[OVS_FLOW_ATTR_UFID]);
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
flow->ufid_present = true;
}
ovs-dpctl: Add mega flow support Added support to allow mega flow specified and displayed. ovs-dpctl tool is mainly used as debugging tool. This patch also implements the low level user space routines to send and receive mega flow netlink messages. Those netlink suppor routines are required for forthcoming user space mega flow patches. Added a unit test to test parsing and display of mega flows. Ethan contributed the ovs-dpctl mega flow output function. Co-authored-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Ethan Jackson <ethan@nicira.com> Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-06-19 07:15:10 +00:00
if (a[OVS_FLOW_ATTR_MASK]) {
flow->mask = nl_attr_get(a[OVS_FLOW_ATTR_MASK]);
flow->mask_len = nl_attr_get_size(a[OVS_FLOW_ATTR_MASK]);
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (a[OVS_FLOW_ATTR_ACTIONS]) {
flow->actions = nl_attr_get(a[OVS_FLOW_ATTR_ACTIONS]);
flow->actions_len = nl_attr_get_size(a[OVS_FLOW_ATTR_ACTIONS]);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (a[OVS_FLOW_ATTR_STATS]) {
flow->stats = nl_attr_get(a[OVS_FLOW_ATTR_STATS]);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (a[OVS_FLOW_ATTR_TCP_FLAGS]) {
flow->tcp_flags = nl_attr_get(a[OVS_FLOW_ATTR_TCP_FLAGS]);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
if (a[OVS_FLOW_ATTR_USED]) {
flow->used = nl_attr_get(a[OVS_FLOW_ATTR_USED]);
dpif-linux: Read flow used time. We were never storing the flow used time from the Netlink message into our local struct, which caused flows to timeout prematurely. Acked-by: Ben Pfaff <blp@nicira.com>
2011-01-29 09:41:59 -08:00
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
return 0;
}
userspace: Switching of L3 packets in L2 pipeline Ports have a new layer3 attribute if they send/receive L3 packets. The packet_type included in structs dp_packet and flow is considered in ofproto-dpif. The classical L2 match fields (dl_src, dl_dst, dl_type, and vlan_tci, vlan_vid, vlan_pcp) now have Ethernet as pre-requisite. A dummy ethernet header is pushed to L3 packets received from L3 ports before the the pipeline processing starts. The ethernet header is popped before sending a packet to a L3 port. For datapath ports that can receive L2 or L3 packets, the packet_type becomes part of the flow key for datapath flows and is handled appropriately in dpif-netdev. In the 'else' branch in flow_put_on_pmd() function, the additional check flow_equal(&match.flow, &netdev_flow->flow) was removed, as a) the dpcls lookup is sufficient to uniquely identify a flow and b) it caused false negatives because the flow in netdev->flow may not properly masked. In dpif_netdev_flow_put() we now use the same method for constructing the netdev_flow_key as the one used when adding the flow to the dplcs to make sure these always match. The function netdev_flow_key_from_flow() used so far was not only inefficient but sometimes caused mismatches and subsequent flow update failures. The kernel datapath does not support the packet_type match field. Instead it encodes the packet type implictly by the presence or absence of the Ethernet attribute in the flow key and mask. This patch filters the PACKET_TYPE attribute out of netlink flow key and mask to be sent to the kernel datapath. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-06-02 16:16:17 +00:00
/*
dpif-netlink: For non-Ethernet, use Ethertype from packet_type. For non-Ethernet flows, when fixing up the netlink message we need make sure to pass down a valid Ethertype. The kernel does not understand packet_type so it's implicitly encoded by the absence of _ETHERNET and exact match of _ETHERTYPE. Without this change match_validate in the kernel complains when trying to match packets from L3 tunnels. e.g.   openvswitch: netlink: Unexpected mask (mask=110088, allowed=3d9804c) The mask use to always be set in xlate_wc_init() and xlate_wc_finish(), but that changed for non-Ethernet frames with the commit listed below. Fixes: 3d4b2e6eb74e ("userspace: Add OXM field MFF_PACKET_TYPE") Signed-off-by: Joe Stringer <joe@ovn.org> Co-authored-by: Eric Garver <e@erig.me> Acked-by: Eric Garver <e@erig.me>
2017-07-18 15:32:44 -07:00
* If PACKET_TYPE attribute is present in 'data', it filters PACKET_TYPE out.
* If the flow is not Ethernet, the OVS_KEY_ATTR_PACKET_TYPE is converted to
* OVS_KEY_ATTR_ETHERTYPE. Puts 'data' to 'buf'.
userspace: Switching of L3 packets in L2 pipeline Ports have a new layer3 attribute if they send/receive L3 packets. The packet_type included in structs dp_packet and flow is considered in ofproto-dpif. The classical L2 match fields (dl_src, dl_dst, dl_type, and vlan_tci, vlan_vid, vlan_pcp) now have Ethernet as pre-requisite. A dummy ethernet header is pushed to L3 packets received from L3 ports before the the pipeline processing starts. The ethernet header is popped before sending a packet to a L3 port. For datapath ports that can receive L2 or L3 packets, the packet_type becomes part of the flow key for datapath flows and is handled appropriately in dpif-netdev. In the 'else' branch in flow_put_on_pmd() function, the additional check flow_equal(&match.flow, &netdev_flow->flow) was removed, as a) the dpcls lookup is sufficient to uniquely identify a flow and b) it caused false negatives because the flow in netdev->flow may not properly masked. In dpif_netdev_flow_put() we now use the same method for constructing the netdev_flow_key as the one used when adding the flow to the dplcs to make sure these always match. The function netdev_flow_key_from_flow() used so far was not only inefficient but sometimes caused mismatches and subsequent flow update failures. The kernel datapath does not support the packet_type match field. Instead it encodes the packet type implictly by the presence or absence of the Ethernet attribute in the flow key and mask. This patch filters the PACKET_TYPE attribute out of netlink flow key and mask to be sent to the kernel datapath. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-06-02 16:16:17 +00:00
*/
static void
put_exclude_packet_type(struct ofpbuf *buf, uint16_t type,
const struct nlattr *data, uint16_t data_len)
{
const struct nlattr *packet_type;
packet_type = nl_attr_find__(data, data_len, OVS_KEY_ATTR_PACKET_TYPE);
if (packet_type) {
/* exclude PACKET_TYPE Netlink attribute. */
ovs_assert(NLA_ALIGN(packet_type->nla_len) == NL_A_U32_SIZE);
size_t packet_type_len = NL_A_U32_SIZE;
size_t first_chunk_size = (uint8_t *)packet_type - (uint8_t *)data;
size_t second_chunk_size = data_len - first_chunk_size
- packet_type_len;
struct nlattr *next_attr = nl_attr_next(packet_type);
dpif-netlink: Use netlink helpers for packet_type. Rather than open-coding access to netlink attribute pointers in put_exclude_packet_type(), make use of the netlink attribute helpers. This simplifies the following bugfix. Signed-off-by: Joe Stringer <joe@ovn.org> Acked-by: Eric Garver <e@erig.me>
2017-07-18 15:32:43 -07:00
size_t ofs;
userspace: Switching of L3 packets in L2 pipeline Ports have a new layer3 attribute if they send/receive L3 packets. The packet_type included in structs dp_packet and flow is considered in ofproto-dpif. The classical L2 match fields (dl_src, dl_dst, dl_type, and vlan_tci, vlan_vid, vlan_pcp) now have Ethernet as pre-requisite. A dummy ethernet header is pushed to L3 packets received from L3 ports before the the pipeline processing starts. The ethernet header is popped before sending a packet to a L3 port. For datapath ports that can receive L2 or L3 packets, the packet_type becomes part of the flow key for datapath flows and is handled appropriately in dpif-netdev. In the 'else' branch in flow_put_on_pmd() function, the additional check flow_equal(&match.flow, &netdev_flow->flow) was removed, as a) the dpcls lookup is sufficient to uniquely identify a flow and b) it caused false negatives because the flow in netdev->flow may not properly masked. In dpif_netdev_flow_put() we now use the same method for constructing the netdev_flow_key as the one used when adding the flow to the dplcs to make sure these always match. The function netdev_flow_key_from_flow() used so far was not only inefficient but sometimes caused mismatches and subsequent flow update failures. The kernel datapath does not support the packet_type match field. Instead it encodes the packet type implictly by the presence or absence of the Ethernet attribute in the flow key and mask. This patch filters the PACKET_TYPE attribute out of netlink flow key and mask to be sent to the kernel datapath. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-06-02 16:16:17 +00:00
dpif-netlink: Use netlink helpers for packet_type. Rather than open-coding access to netlink attribute pointers in put_exclude_packet_type(), make use of the netlink attribute helpers. This simplifies the following bugfix. Signed-off-by: Joe Stringer <joe@ovn.org> Acked-by: Eric Garver <e@erig.me>
2017-07-18 15:32:43 -07:00
ofs = nl_msg_start_nested(buf, type);
nl_msg_put(buf, data, first_chunk_size);
nl_msg_put(buf, next_attr, second_chunk_size);
dpif-netlink: For non-Ethernet, use Ethertype from packet_type. For non-Ethernet flows, when fixing up the netlink message we need make sure to pass down a valid Ethertype. The kernel does not understand packet_type so it's implicitly encoded by the absence of _ETHERNET and exact match of _ETHERTYPE. Without this change match_validate in the kernel complains when trying to match packets from L3 tunnels. e.g.   openvswitch: netlink: Unexpected mask (mask=110088, allowed=3d9804c) The mask use to always be set in xlate_wc_init() and xlate_wc_finish(), but that changed for non-Ethernet frames with the commit listed below. Fixes: 3d4b2e6eb74e ("userspace: Add OXM field MFF_PACKET_TYPE") Signed-off-by: Joe Stringer <joe@ovn.org> Co-authored-by: Eric Garver <e@erig.me> Acked-by: Eric Garver <e@erig.me>
2017-07-18 15:32:44 -07:00
if (!nl_attr_find__(data, data_len, OVS_KEY_ATTR_ETHERNET)) {
ovs_be16 pt = pt_ns_type_be(nl_attr_get_be32(packet_type));
const struct nlattr *nla;
dpif-netlink: Fix a bug that causes duplicate key error in datapath Kmod tests 122 and 123 failed and kernel reports a "Duplicate key of type 6" error. Further debugging reveals that nl_attr_find__() should start looking for OVS_KEY_ATTR_ETHERTYPE from offset returned by a previous called nl_msg_start_nested(). This patch fixes it. Tests 122 and 123 were skipped by kernel 4.15 and older versions. Kernel 4.16 and later kernels start showing this failure. Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2019-01-31 15:10:00 -08:00
nla = nl_attr_find(buf, ofs + NLA_HDRLEN, OVS_KEY_ATTR_ETHERTYPE);
dpif-netlink: For non-Ethernet, use Ethertype from packet_type. For non-Ethernet flows, when fixing up the netlink message we need make sure to pass down a valid Ethertype. The kernel does not understand packet_type so it's implicitly encoded by the absence of _ETHERNET and exact match of _ETHERTYPE. Without this change match_validate in the kernel complains when trying to match packets from L3 tunnels. e.g.   openvswitch: netlink: Unexpected mask (mask=110088, allowed=3d9804c) The mask use to always be set in xlate_wc_init() and xlate_wc_finish(), but that changed for non-Ethernet frames with the commit listed below. Fixes: 3d4b2e6eb74e ("userspace: Add OXM field MFF_PACKET_TYPE") Signed-off-by: Joe Stringer <joe@ovn.org> Co-authored-by: Eric Garver <e@erig.me> Acked-by: Eric Garver <e@erig.me>
2017-07-18 15:32:44 -07:00
if (nla) {
ovs_be16 *ethertype;
ethertype = CONST_CAST(ovs_be16 *, nl_attr_get(nla));
*ethertype = pt;
} else {
nl_msg_put_be16(buf, OVS_KEY_ATTR_ETHERTYPE, pt);
}
}
dpif-netlink: Use netlink helpers for packet_type. Rather than open-coding access to netlink attribute pointers in put_exclude_packet_type(), make use of the netlink attribute helpers. This simplifies the following bugfix. Signed-off-by: Joe Stringer <joe@ovn.org> Acked-by: Eric Garver <e@erig.me>
2017-07-18 15:32:43 -07:00
nl_msg_end_nested(buf, ofs);
userspace: Switching of L3 packets in L2 pipeline Ports have a new layer3 attribute if they send/receive L3 packets. The packet_type included in structs dp_packet and flow is considered in ofproto-dpif. The classical L2 match fields (dl_src, dl_dst, dl_type, and vlan_tci, vlan_vid, vlan_pcp) now have Ethernet as pre-requisite. A dummy ethernet header is pushed to L3 packets received from L3 ports before the the pipeline processing starts. The ethernet header is popped before sending a packet to a L3 port. For datapath ports that can receive L2 or L3 packets, the packet_type becomes part of the flow key for datapath flows and is handled appropriately in dpif-netdev. In the 'else' branch in flow_put_on_pmd() function, the additional check flow_equal(&match.flow, &netdev_flow->flow) was removed, as a) the dpcls lookup is sufficient to uniquely identify a flow and b) it caused false negatives because the flow in netdev->flow may not properly masked. In dpif_netdev_flow_put() we now use the same method for constructing the netdev_flow_key as the one used when adding the flow to the dplcs to make sure these always match. The function netdev_flow_key_from_flow() used so far was not only inefficient but sometimes caused mismatches and subsequent flow update failures. The kernel datapath does not support the packet_type match field. Instead it encodes the packet type implictly by the presence or absence of the Ethernet attribute in the flow key and mask. This patch filters the PACKET_TYPE attribute out of netlink flow key and mask to be sent to the kernel datapath. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-06-02 16:16:17 +00:00
} else {
nl_msg_put_unspec(buf, type, data, data_len);
}
}
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
/* Appends to 'buf' (which must initially be empty) a "struct ovs_header"
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
* followed by Netlink attributes corresponding to 'flow'. */
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_to_ofpbuf(const struct dpif_netlink_flow *flow,
struct ofpbuf *buf)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
struct ovs_header *ovs_header;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_genlmsghdr(buf, 0, ovs_flow_family,
dpif-linux: Only ask datapath to echo back results when they will be used. A fair number of datapath flow operations optionally report back results to the requester based on whether NLM_F_ECHO is set in the request. When userspace isn't going to use those results anyway, it wastes memory to store them and a system call to retrieve them. This commit omits the NLM_F_ECHO bit in cases where the caller isn't going to use the results. (NLM_F_ECHO has no effect on operations whose entire purpose is to retrieve data, e.g. "get" and "dump" operations, so we need not bother to set it for those.) This improves "ovs-benchmark rate" results in my testing by about 4%.
2011-09-27 16:07:23 -07:00
NLM_F_REQUEST | flow->nlmsg_flags,
datapath: Define constants for versions of GENL families. Currently we hard code the versions of our GENL families to 1 but it's nicer to have symbolic constants. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2011-10-22 18:22:18 -07:00
flow->cmd, OVS_FLOW_VERSION);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
ovs_header = ofpbuf_put_uninit(buf, sizeof *ovs_header);
ovs_header->dp_ifindex = flow->dp_ifindex;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
if (flow->ufid_present) {
netlink: Introduce helpers for 128-bit integer attributes. Use the helpers in appropriate places. In most cases, this fixes a misaligned reference, since ovs_be128 and ovs_u128 require 8-byte alignment but Netlink only guarantees 4-byte. Found by GCC -fsanitize=undefined. Reported-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Lance Richardson <lrichard@redhat.com>
2017-06-14 09:07:45 -07:00
nl_msg_put_u128(buf, OVS_FLOW_ATTR_UFID, flow->ufid);
dpif: Index flows using unique identifiers. This patch modifies the dpif interface to allow flows to be manipulated using a 128-bit identifier. This allows revalidator threads to perform datapath operations faster, as they do not need to serialise the entire flow key for operations like flow_get and flow_delete. In conjunction with a future patch to simplify the dump interface, this provides a significant performance benefit for revalidation. When handlers assemble flow_put operations, they specify a unique identifier (UFID) for each flow as it is passed down to the datapath to be stored with the flow. The UFID is currently provided to handlers by the dpif during upcall processing. When revalidators assemble flow_get or flow_del operations, they may specify the UFID for the flow along with the key. The dpif will decide whether to send only the UFID to the datapath, or both the UFID and flow key. The former is preferred for newer datapaths that support UFID, while the latter is used for backwards compatibility. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-24 16:26:35 +12:00
}
if (flow->ufid_terse) {
nl_msg_put_u32(buf, OVS_FLOW_ATTR_UFID_FLAGS,
OVS_UFID_F_OMIT_KEY | OVS_UFID_F_OMIT_MASK
| OVS_UFID_F_OMIT_ACTIONS);
}
dpif: Minimize memory copy for revalidation. One of the limiting factors on the number of flows that can be supported in the datapath is the overhead of assembling flow dump messages in the datapath. This patch modifies the dpif to allow revalidators to skip dumping the key, mask and actions from the datapath, by making use of the unique flow identifiers introduced in earlier patches. For each flow dump, the dpif user specifies whether to skip these attributes, allowing the common case to only dump a pair of 128-bit ID and flow stats. With datapath support, this increases the number of flows that a revalidator can handle per second by 50% or more. Support in dpif-netdev and dpif-netlink is added in this patch; kernel support is left for future patches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-10-06 11:14:08 +13:00
if (!flow->ufid_terse || !flow->ufid_present) {
if (flow->key_len) {
userspace: Switching of L3 packets in L2 pipeline Ports have a new layer3 attribute if they send/receive L3 packets. The packet_type included in structs dp_packet and flow is considered in ofproto-dpif. The classical L2 match fields (dl_src, dl_dst, dl_type, and vlan_tci, vlan_vid, vlan_pcp) now have Ethernet as pre-requisite. A dummy ethernet header is pushed to L3 packets received from L3 ports before the the pipeline processing starts. The ethernet header is popped before sending a packet to a L3 port. For datapath ports that can receive L2 or L3 packets, the packet_type becomes part of the flow key for datapath flows and is handled appropriately in dpif-netdev. In the 'else' branch in flow_put_on_pmd() function, the additional check flow_equal(&match.flow, &netdev_flow->flow) was removed, as a) the dpcls lookup is sufficient to uniquely identify a flow and b) it caused false negatives because the flow in netdev->flow may not properly masked. In dpif_netdev_flow_put() we now use the same method for constructing the netdev_flow_key as the one used when adding the flow to the dplcs to make sure these always match. The function netdev_flow_key_from_flow() used so far was not only inefficient but sometimes caused mismatches and subsequent flow update failures. The kernel datapath does not support the packet_type match field. Instead it encodes the packet type implictly by the presence or absence of the Ethernet attribute in the flow key and mask. This patch filters the PACKET_TYPE attribute out of netlink flow key and mask to be sent to the kernel datapath. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-06-02 16:16:17 +00:00
put_exclude_packet_type(buf, OVS_FLOW_ATTR_KEY, flow->key,
flow->key_len);
dpif: Minimize memory copy for revalidation. One of the limiting factors on the number of flows that can be supported in the datapath is the overhead of assembling flow dump messages in the datapath. This patch modifies the dpif to allow revalidators to skip dumping the key, mask and actions from the datapath, by making use of the unique flow identifiers introduced in earlier patches. For each flow dump, the dpif user specifies whether to skip these attributes, allowing the common case to only dump a pair of 128-bit ID and flow stats. With datapath support, this increases the number of flows that a revalidator can handle per second by 50% or more. Support in dpif-netdev and dpif-netlink is added in this patch; kernel support is left for future patches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-10-06 11:14:08 +13:00
}
if (flow->mask_len) {
userspace: Switching of L3 packets in L2 pipeline Ports have a new layer3 attribute if they send/receive L3 packets. The packet_type included in structs dp_packet and flow is considered in ofproto-dpif. The classical L2 match fields (dl_src, dl_dst, dl_type, and vlan_tci, vlan_vid, vlan_pcp) now have Ethernet as pre-requisite. A dummy ethernet header is pushed to L3 packets received from L3 ports before the the pipeline processing starts. The ethernet header is popped before sending a packet to a L3 port. For datapath ports that can receive L2 or L3 packets, the packet_type becomes part of the flow key for datapath flows and is handled appropriately in dpif-netdev. In the 'else' branch in flow_put_on_pmd() function, the additional check flow_equal(&match.flow, &netdev_flow->flow) was removed, as a) the dpcls lookup is sufficient to uniquely identify a flow and b) it caused false negatives because the flow in netdev->flow may not properly masked. In dpif_netdev_flow_put() we now use the same method for constructing the netdev_flow_key as the one used when adding the flow to the dplcs to make sure these always match. The function netdev_flow_key_from_flow() used so far was not only inefficient but sometimes caused mismatches and subsequent flow update failures. The kernel datapath does not support the packet_type match field. Instead it encodes the packet type implictly by the presence or absence of the Ethernet attribute in the flow key and mask. This patch filters the PACKET_TYPE attribute out of netlink flow key and mask to be sent to the kernel datapath. Signed-off-by: Lorand Jakab <lojakab@cisco.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: Yi Yang <yi.y.yang@intel.com> Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com> Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-06-02 16:16:17 +00:00
put_exclude_packet_type(buf, OVS_FLOW_ATTR_MASK, flow->mask,
flow->mask_len);
dpif: Minimize memory copy for revalidation. One of the limiting factors on the number of flows that can be supported in the datapath is the overhead of assembling flow dump messages in the datapath. This patch modifies the dpif to allow revalidators to skip dumping the key, mask and actions from the datapath, by making use of the unique flow identifiers introduced in earlier patches. For each flow dump, the dpif user specifies whether to skip these attributes, allowing the common case to only dump a pair of 128-bit ID and flow stats. With datapath support, this increases the number of flows that a revalidator can handle per second by 50% or more. Support in dpif-netdev and dpif-netlink is added in this patch; kernel support is left for future patches. Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-10-06 11:14:08 +13:00
}
if (flow->actions || flow->actions_len) {
nl_msg_put_unspec(buf, OVS_FLOW_ATTR_ACTIONS,
flow->actions, flow->actions_len);
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
/* We never need to send these to the kernel. */
Replace most uses of assert by ovs_assert. This is a straight search-and-replace, except that I also removed #include <assert.h> from each file where there were no assert calls left. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2012-11-06 13:14:55 -08:00
ovs_assert(!flow->stats);
ovs_assert(!flow->tcp_flags);
ovs_assert(!flow->used);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
if (flow->clear) {
datapath: Use "OVS_*" as opposed to "ODP_*" for user<->kernel interactions. The prefix "ODP_*" is not overly descriptive in the context of the larger Linux tree. This commit changes the prefix to "OVS_*" for the userpace to kernel interactions. The userspace libraries still use "ODP_" in many of their interfaces since it is more descriptive in the OVS oeuvre. Feature #6904 Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-08-18 10:35:40 -07:00
nl_msg_put_flag(buf, OVS_FLOW_ATTR_CLEAR);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
dpif: Use OVS_FLOW_ATTR_PROBE. Use the new OVS_FLOW_ATTR_PROBE flag when probing for datapath feature support. Suppress also dpif error logging when requested, as probe failures are already logged at ofproto-dpif. Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2014-09-12 11:20:13 -07:00
if (flow->probe) {
nl_msg_put_flag(buf, OVS_FLOW_ATTR_PROBE);
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
/* Clears 'flow' to "empty" values. */
Add missing "static" keywords. Found by sparse.
2011-05-04 13:58:10 -07:00
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_init(struct dpif_netlink_flow *flow)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
memset(flow, 0, sizeof *flow);
}
/* Executes 'request' in the kernel datapath. If the command fails, returns a
* positive errno value. Otherwise, if 'reply' and 'bufp' are null, returns 0
* without doing anything else. If 'reply' and 'bufp' are nonnull, then the
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
* result of the command is expected to be a flow also, which is decoded and
* stored in '*reply' and '*bufp'. The caller must free '*bufp' when the reply
* is no longer needed ('reply' will contain pointers into '*bufp'). */
Add missing "static" keywords. Found by sparse.
2011-05-04 13:58:10 -07:00
static int
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_transact(struct dpif_netlink_flow *request,
struct dpif_netlink_flow *reply,
struct ofpbuf **bufp)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
struct ofpbuf *request_buf;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
int error;
Replace most uses of assert by ovs_assert. This is a straight search-and-replace, except that I also removed #include <assert.h> from each file where there were no assert calls left. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2012-11-06 13:14:55 -08:00
ovs_assert((reply != NULL) == (bufp != NULL));
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
dpif-linux: Only ask datapath to echo back results when they will be used. A fair number of datapath flow operations optionally report back results to the requester based on whether NLM_F_ECHO is set in the request. When userspace isn't going to use those results anyway, it wastes memory to store them and a system call to retrieve them. This commit omits the NLM_F_ECHO bit in cases where the caller isn't going to use the results. (NLM_F_ECHO has no effect on operations whose entire purpose is to retrieve data, e.g. "get" and "dump" operations, so we need not bother to set it for those.) This improves "ovs-benchmark rate" results in my testing by about 4%.
2011-09-27 16:07:23 -07:00
if (reply) {
request->nlmsg_flags |= NLM_F_ECHO;
}
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
request_buf = ofpbuf_new(1024);
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_to_ofpbuf(request, request_buf);
netlink-socket: Simplify use of transactions and dumps. This disentangles "struct nl_dump" from "struct nl_sock", clearing the way to make the use of either one thread-safe in an obviously correct manner. Signed-off-by: Ben Pfaff <blp@nicira.com>
2013-04-29 13:57:50 -07:00
error = nl_transact(NETLINK_GENERIC, request_buf, bufp);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
ofpbuf_delete(request_buf);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
if (reply) {
if (!error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
error = dpif_netlink_flow_from_ofpbuf(reply, *bufp);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
}
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
if (error) {
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_init(reply);
datapath: Convert ODP_FLOW_* commands to use AF_NETLINK socket layer. This completes the transition to the Generic Netlink interface, and so this commit restores support for Linux 2.6.18 and later. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-28 14:00:51 -08:00
ofpbuf_delete(*bufp);
*bufp = NULL;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
}
}
return error;
}
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
dpif_netlink_flow_get_stats(const struct dpif_netlink_flow *flow,
struct dpif_flow_stats *stats)
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
{
if (flow->stats) {
odp-netlink.h: Use 32-bit aligned 64-bit types. Open vSwitch userspace uses special types to indicate that a particular object may not be naturally aligned. Netlink is one source of such problems: in Netlink, 64-bit integers are often aligned only on 32-bit boundaries. This commit changes the odp-netlink.h that is transformed from <linux/openvswitch.h> to use these types to make it harder to accidentally access a misaligned 64-bit member. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2014-06-13 15:28:29 -07:00
stats->n_packets = get_32aligned_u64(&flow->stats->n_packets);
stats->n_bytes = get_32aligned_u64(&flow->stats->n_bytes);
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
} else {
stats->n_packets = 0;
stats->n_bytes = 0;
}
dpif-linux: Use get_32aligned_u64() in an appropriate place.
2011-10-04 15:25:14 -07:00
stats->used = flow->used ? get_32aligned_u64(flow->used) : 0;
datapath: Convert datapath operations to use Netlink framing. Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
2011-01-26 15:42:00 -08:00
stats->tcp_flags = flow->tcp_flags ? *flow->tcp_flags : 0;
}
Windows: Add conntrack dump and flush support in userspace Modify dpif-netlink.c and netlink-conntrack.c to send down dump and flush command to Windows datapath. Include netlink-conntrack.c and netlink-conntrack.h in automake.mk for Windows binaries. Windows currently supports only NETLINK_GENERIC port. In order to support the NETLINK_NETFILTER messages, the port id is being overwritten to NETLINK_GENERIC on Windows and datapath has been updated to support the new message format. Signed-off-by: Sairam Venugopal <vsairam@vmware.com> Acked-by: Paul-Daniel Boca <pboca@cloudbasesolutions.com> Acked-by: Nithin Raju <nithin@vmware.com> Acked-by: Nithin Raju <nithin@vmware.com> Signed-off-by: Gurucharan Shetty <guru@ovn.org>
2016-07-01 13:49:34 -07:00
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
/* Logs information about a packet that was recently lost in 'ch' (in
* 'dpif_'). */
static void
dpif-linux: Rename dpif-netlink; change to compile with MSVC. The patch contains the necessary modifications to compile and also to run under MSVC. Added the files to the build system and also changed dpif_linux to be under a more generic name dpif_windows. Added a TODO under the windows part in case we want to implement another counterpart for epoll functions. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
2014-09-18 04:17:54 -07:00
report_loss(struct dpif_netlink *dpif, struct dpif_channel *ch, uint32_t ch_idx,
dpif-linux: Implement the API functions to allow multiple handler threads read upcall. Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
2014-02-26 10:10:29 -08:00
uint32_t handler_id)
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
{
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 5);
struct ds s;
dpif-linux: Report dropped lost messages at WARN level. Messages about packets being lost are logged at level WARN, but when they were generated at a high rate, those consolidated messages were logged at ERR. This changes to consolidated messages to be logged at WARN, too. Thanks to Ben Pfaff for quickly suggesting the culprit. Bug #14783 Reported-by: James Schmidt <jschmidt@nicira.com> Signed-off-by: Justin Pettit <jpettit@nicira.com>
2013-01-25 14:29:41 -08:00
if (VLOG_DROP_WARN(&rl)) {
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
return;
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
if (dpif_netlink_upcall_per_cpu(dpif)) {
VLOG_WARN("%s: lost packet on handler %u",
dpif_name(&dpif->dpif), handler_id);
} else {
ds_init(&s);
if (ch->last_poll != LLONG_MIN) {
ds_put_format(&s, " (last polled %lld ms ago)",
time_msec() - ch->last_poll);
}
VLOG_WARN("%s: lost packet on port channel %u of handler %u%s",
dpif_name(&dpif->dpif), ch_idx, handler_id, ds_cstr(&s));
ds_destroy(&s);
}
}
static void
dpif_netlink_unixctl_dispatch_mode(struct unixctl_conn *conn,
int argc OVS_UNUSED,
const char *argv[] OVS_UNUSED,
void *aux OVS_UNUSED)
{
struct ds reply = DS_EMPTY_INITIALIZER;
struct nl_dump dump;
uint64_t reply_stub[NL_DUMP_BUFSIZE / 8];
struct ofpbuf msg, buf;
int error;
error = dpif_netlink_init();
if (error) {
return;
}
ofpbuf_use_stub(&buf, reply_stub, sizeof reply_stub);
dpif_netlink_dp_dump_start(&dump);
while (nl_dump_next(&dump, &msg, &buf)) {
struct dpif_netlink_dp dp;
if (!dpif_netlink_dp_from_ofpbuf(&dp, &msg)) {
ds_put_format(&reply, "%s: ", dp.name);
if (dp.user_features & OVS_DP_F_DISPATCH_UPCALL_PER_CPU) {
ds_put_format(&reply, "per-cpu dispatch mode");
} else {
ds_put_format(&reply, "per-vport dispatch mode");
}
ds_put_format(&reply, "\n");
}
}
ofpbuf_uninit(&buf);
error = nl_dump_done(&dump);
if (!error) {
unixctl_command_reply(conn, ds_cstr(&reply));
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
}
dpif-netlink: Introduce per-cpu upcall dispatch. The Open vSwitch kernel module uses the upcall mechanism to send packets from kernel space to user space when it misses in the kernel space flow table. The upcall sends packets via a Netlink socket. Currently, a Netlink socket is created for every vport. In this way, there is a 1:1 mapping between a vport and a Netlink socket. When a packet is received by a vport, if it needs to be sent to user space, it is sent via the corresponding Netlink socket. This mechanism, with various iterations of the corresponding user space code, has seen some limitations and issues: * On systems with a large number of vports, there is correspondingly a large number of Netlink sockets which can limit scaling. (https://bugzilla.redhat.com/show_bug.cgi?id=1526306) * Packet reordering on upcalls. (https://bugzilla.redhat.com/show_bug.cgi?id=1844576) * A thundering herd issue. (https://bugzilla.redhat.com/show_bug.cgi?id=1834444) This patch introduces an alternative, feature-negotiated, upcall mode using a per-cpu dispatch rather than a per-vport dispatch. In this mode, the Netlink socket to be used for the upcall is selected based on the CPU of the thread that is executing the upcall. In this way, it resolves the issues above as: a) The number of Netlink sockets scales with the number of CPUs rather than the number of vports. b) Ordering per-flow is maintained as packets are distributed to CPUs based on mechanisms such as RSS and flows are distributed to a single user space thread. c) Packets from a flow can only wake up one user space thread. Reported-at: https://bugzilla.redhat.com/1844576 Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Acked-by: Aaron Conole <aconole@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-07-16 06:17:36 -04:00
ds_destroy(&reply);
dpif-linux: Log details when a packet is lost. Until now, when a packet was dropped in the kernel-to-user buffers, we logged the occurrence but nothing that would allow a person reading the log after the fact to learn why it was dropped. This commit adds details that identify the major sources of packets in the buffer, which should help. Signed-off-by: Ben Pfaff <blp@nicira.com>
2012-06-01 17:40:31 -04:00
}
Reference in New Issue Copy Permalink