When the sources are pulled directly from Git, it is necessary to run
"./boot.sh" before "./configure" can be run. This commit documents that
useful bit of information.
When querying flow stats allow the TCP flags to be reset. Since
the datapath ORs together all flags that have previously been
seen it is otherwise impossible to determine the set of flags from
after a particular time.
We zero the stats on sub-rules after they expire to prevent them
from being counted twice in their super-rule if they are reinstalled.
However, for exact-match sub-rules this means that the OpenFlow stats
are always zero. This changes that to only zero the stats for
non exact match rules.
Bug #1911
This makes several minor streamlining changes to dump-vif-details,
and moves the try statement in dump_vif_info to exclude session
initialization, so that finally will not obscure the original exception
with a new exception related to the session variable when logins fail.
A few of the fields in the OpenFlow flow expiration message were being
sent in host-byte order. This properly converts them to network.
Thanks to David Erickson for catching this!
Previously NetFlow expiration messages always contained 0 as the
output interface index. This changes that to report the OpenFlow
interface instead.
Feature #1202
When printing a flow, there were two references to "port": one the
interface the packet arrived on and the other the L4 ports. This could
be a bit confusing to new users looking at the output of a command such
as "ovs-ofctl dump-flows". This commit changes the incoming interface
field from "port" to "in_port".
Without removing SA_RESTART from the SIGALRM handler, the fcntl call will
never return, even after the signal handler is invoked and returns.
We haven't seen a problem in practice, at least not recently, but that's
probably just luck combined with not holding the configuration file lock
for very long.
This merge took a little bit of care due to two issues:
- Crossport of "interface-reconfigure" fixes from master back to
citrix that had happened and needed to be canceled out of the merge.
- New script "refresh-xs-network-uuids" added on citrix branch that
needed to be moved from /root/vswitch/scripts to
/usr/share/vswitch/scripts.
When revalidating NORMAL flows we consult the learning table, which
could be empty if a packet hasn't come to userspace in a while or we
just did a bridge flush. If there is no learning entry then existing
flows will begin flooding packets until a new flow is setup. The
problem is worse with bonding because we can receive one of the flooded
packets back on a bond slave and learn that port, causing us to send
traffic to the wrong location.
Previously when deciding whether to migrate a hash between slaves
we would never move it if it would cause more load on the new slave
than the old. This could lead to a situation where the slaves would
be imbalanced but no migration would occur since it would flip the
load. This will do the migration if it will decrease the ratio.
Bug NIC-49
Drop packets received on a bond port if we have learned a different
source port for that MAC. We were already doing this for multicast
packets but extend the logic to unicast packets as well since the
same situation can occur if the connected switch has not learned the
MAC address and is flooding. Otherwise vSwitch will learn the bond
port as the source of that MAC.
Bug #2167
A change on master to use ovs-vsctl instead of state files for VLANs
was ported to the citrix branch, which does not have ovs-vsctl. The
interface reconfigure portion, which does not store the state files
was ported but the vif-hotput script portion was not. This restores
interface reconfigure to again save the state files.
Bug #2187
When adding the VLAN key the name of the vif was from a variable in
use on only the xs5.7 branch. This uses the correct variable name
for the master branch
This changes the interface of each of the command implementations, making
them take the configuration as an argument and return the output. This
will make it easier to support alternate output formats and to execute more
than one command per invocation (both happening in upcoming commits).
The 'bridge' argument to ovs-vsctl's del-port command is only supplied as
a form of error checking. Sometimes the name of the bridge isn't readily
available, so for such situations this commit allows the user to omit the
name of the bridge entirely.
CC: Ian Campbell <Ian.Campbell@citrix.com>
This feature, which has been in ovs-cfg-mod for some time as the "-c"
option, makes it much easier to see what changes ovs-vsctl actually makes
to ovs-vswitchd.conf.
CC: <Ian.Campbell@citrix.com>
Open vSwitch uses an interval timer signal to tell it that its cached idea
of the current time has expired. However, this didn't work in a daemon
detached from the foreground session (invoked with --detach) because a
child created with fork() does not inherit the parent's interval timer and
we did not re-set it after calling fork().
This commit fixes the problem by setting the interval timer back up after
calling fork() from daemonize().
This fix is based on code inspection (which was then verified to be correct
through testing). It may not fix any actual problems in practice, because
time_refresh() is called every time through the poll loop, and the poll
loop typically runs more quickly than the periodic timer fires (1 ms or so
average in ovs-vswitchd, vs. 100 ms timer interval).
In Linux 2.6.30, the rtnl_notify() return type was changed from int to
void along with the following commit message:
This patch also modifies the rtnetlink code to ignore the return
value of rtnl_notify() in all callers. The function rtnl_notify()
(before this patch) returned the error of the unicast notification
which makes rtnl_set_sk_err() reports errors to all listeners. This
is not of any help since the origin of the change (the socket that
requested the echoing) notices the ENOBUFS error if the notification
fails and should resync itself.
Thus there's no point in checking the return value, even in older versions
of the kernel, and so this commit changes our code to ignore it, even
on older kernel versions. We also update the rtnl_notify() wrapper macros
to make the return type void on older kernel versions.
This has not been tested, just built.
Thanks to Mikio for spurring me to try building with Linux 2.6.29 and
2.6.30.
We check that a packet is not sent out the on the in port on the
same VLAN when performing RSPAN. However, we were comparing the
vlan tag from a packet after implicit tagging with a tag from
before implicit tagging. This ensures that we always compare them
before such tagging.
Centos 5.3 backports more functions from later kernel versions to 2.6.18,
so the kernel version number is no longer a reliable way to check for these
functions. Thus, add a "configure" test for them.
Reported-by: Paulo Cravero <pcravero@as2594.net>
This header was included in the Git tree but we failed to distribute it
as part of the tarball.
This problem was found by inspection. I am not aware of an actual problem
this fixes.
This commit copies the interface-reconfigure script from "master" into
"citrix" and fixes up a few incompatibilities: the location of ovs-cfg-mod,
which in master is in /usr/bin and in citrix is in /root/vswitch/bin, and
the RPM spec file fragments needed to initialize the database cache.
The purpose of this commit is to obtain the bug fixes that have been
applied (mainly by Ian Campbell) to "master" but which are not in "citrix".
It's difficult to understand the changes from this commit alone. It is
more meaningful to compare the resulting files against those currently
on the master branch.
When the stats for a currently active flow are requested this
ensures that the packets not handled by the kernel are counted
immediately. Before, these packets would only be counted once
the kernel flow expired and the counts were combined.
In order to avoid loops we check that the input and output ports
are not equal. When selecting mirror outputs for RSPAN we were
checking interfaces instead of ports. This lead to loops when
using RSPAN with bonded ports.
Bug #2118
The VLAN PCP mask is in the rightmost bits of the vlan_pcp member but we
were checking for it in its position in the VLAN tag field instead.
Slightly modified from Jean's original patch by adding and using the
VLAN_PCP_SHIFT macro.
By default, the "configure" script picks a sysconfdir of $prefix/etc,
which works out to /usr/etc in our case. That's wrong, of course--it
should be /etc--but we didn't notice until now because sysconfdir was
only used in ovs-vsctl, which in turn wasn't used at all on a XenServer
system until recently.
This bug is present on all branches, but it is only potentially visible
on "master" and "xs5.7", since only those have ovs-vsctl. It is only
actually visible on "xs5.7", since that is the only branch where the
system uses ovs-vsctl itself (from /etc/xensource/scripts/vif), but this
is being committed to master in case we start using ovs-vsctl there too.
Reported-by: Henrik Amren <henrik@nicira.com>
NetFlow v5 allows up to 30 records per packet but we were incorrectly
limiting to 29. This corrects that and also uses the count of the
number of records in the header rather than the packet size since
it is easier to reason about.
Bug #2103
Brings the fake bond interface up and down to match our notion of
whether the bond is currently active. This solves an issue where
XenCenter would always show the bond as disconnected.
Bug #1703
