An upcoming commit will add another parameter for parsing and formatting
actions. It is much easier to add these parameters if they are
encapsulated in a struct, so this commit first makes that change.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
Acked-by: Mark Michelson <mmichels@redhat.com>
Until now, classifier_remove() returned either null or the classifier rule
passed to it, which is an unusual interface. This commit changes it to
return true if it succeeds or false on failure.
In addition, most of classifier_remove()'s callers know ahead of time that
it must succeed, even though most of them didn't bother with an assertion,
so this commit adds a classifier_remove_assert() function as a helper.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Tested-by: Yifeng Sun <pkusunyifeng@gmail.com>
Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
I don't feel obligated to add a bunch of automatic tests for
flow_compose(), but this is handy for manual testing or for simple packet
generation.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Tested-by: Yifeng Sun <pkusunyifeng@gmail.com>
Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
This avoids a memory leak warning from valgrind.
ovn-sbctl and ovn-nbctl already followed this pattern.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: William Tu <u9012063@gmail.com>
Show DPDK version if Open vSwitch is compiled with DPDK support.
Version can be retrieved with `ovs-vswitchd --version` or from OVS logs.
Small change in ovs-ctl to avoid breakage on output change.
Signed-off-by: Matteo Croce <mcroce@redhat.com>
Acked-by: Kevin Traynor <ktraynor@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
"xxx" is often used to indicate items that the developer wanted to look
at again before committing. Flag those as a warning.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Aaron Conole <aconole@redhat.com>
When I tried using ovs-tcpundump, I got the following error message:
Traceback (most recent call last):
File ./ovs-tcpundump, line 64, in <module>
if m is None or int(m.group(1)) == 0:
ValueError: invalid literal for int() with base 10: '00a0'
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
NSH ttl is a 6-bit field ranged from 0 to 63, it should be
decremented by 1 every hop, if it is 0 or it is so after
decremented, the packet should be dropped and a packet-in
message is sent to main controller.
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Devs can configure bugtool plugin queries to be repeated using
repeat counters. The value of a repeat counter is an integer
greater than 1. The outputs of a repeated query are saved in the
same output file with date headers. Queries without repeat counter
will run only once. Users can set the delay between repeated
queries with the delay option. Default value for delay is 10
seconds.
Setting repeat counter value to "2" for traffic related queries.
Signed-off-by: David Patrik Pinter <david.patrik.pinter@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Bugtool extended with NUMA related, QoS related and RHEL specific
information.
Signed-off-by: David Patrik Pinter <david.patrik.pinter@ericsson.com>
Signed-off-by: Miklos Pelyva <miklos.pelyva@ericsson.com>
Co-authored-by: Miklos Pelyva <miklos.pelyva@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Introducing new query calling practice:
- single line query called directly from plugin xml
- multiple line query saved as script and the script is called
from plugin xml
Signed-off-by: David Patrik Pinter <david.patrik.pinter@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Introducing 'ovs-bugtool-ovs-ofctl-loop-over-bridges' bash script.
It calls ovs-ofctl commands given as first parameter for each
bridge with the corresponding open flow protocol option.
Usage:
ovs-bugtool-ovs-ofctl-loop-over-bridges "param1" "param2"
- param1: ovs-ofctl command to call (show, dump-flows, etc...)
- param2: optional, add further parts for the shell command
(like "| grep something")
Calling ovs-ofctl commands 'show' and 'dump-flows' with the
'ovs-bugtool-ovs-ofctl-loop-over-bridges' bash script.
Signed-off-by: David Patrik Pinter <david.patrik.pinter@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Move the functions related to "force-reload-kmod" and "restart" from
ovs-ctl.in to ovs-lib.in in order to permit other scripts to use them.
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Tested-by: Greg Rose <gvrose8192@gmail.com>
Reviewed-by: Greg Rose <gvrose8192@gmail.com>
FreeBSD insists that <sys/types.h> be included before <netinet/in.h> and
that <netinet/in.h> be included before <arpa/inet.h>. This adds guards to
the "sparse" headers to yield a warning if this order is violated. This
commit also adjusts the order of many #includes to suit this requirement.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
With this patch, "flush-conntrack" in ovs-dpctl and ovs-appctl accept
a conntrack 5-tuple to delete the conntrack entry specified by the 5-tuple.
For example, user can use the following command to flush a conntrack entry
in zone 5.
$ ovs-dpctl flush-conntrack zone=5 \
'ct_nw_src=10.1.1.2,ct_nw_dst=10.1.1.1,ct_nw_proto=17,ct_tp_src=2,ct_tp_dst=1'
$ ovs-appctl dpctl/flush-conntrack zone=5 \
'ct_nw_src=10.1.1.2,ct_nw_dst=10.1.1.1,ct_nw_proto=17,ct_tp_src=2,ct_tp_dst=1'
VMWare-BZ: #1983178
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Linux has a fixed size interface name, which will not change. This means
that attempts to dump interfaces whose names are larger than the max size
will result in an error making the tap device.
This commit brings a new function. When the generated name would be too
large, use a random number prefixed by 'ovsmi' instead.
Reported-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com>
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
From OVS 2.8, ovs-vswitchd, when it starts, will
load the kernel modules for tunnels. It has logic
inside it to choose either upstream kernel module
or vport-* kernel module.
So, when we run 'force-reload-kmod' to upgrade to
OVS 2.8 from a previous version, we do not need to
remember the vport-* kernel module that was previously
loaded. It is not really harmful to load vport-* kernel
module though.
On RHEL7.x and OVS 2.8, we use the upstream "geneve" kernel
module for tunnels.
But, on RHEL 7.x we have hit a bug caused by iptables
startup script which tries to remove all kernel modules
related to linux conntrack. It fails to unload openvswitch
kernel module because it has a reference count on it. But it
succeeds in unloading vport-geneve and in turn the upstream
"geneve" kernel module. This causes the tunnels to go down.
With this patch, we avoid the above situation, by not loading
vport-geneve kernel module. ovs-vswitchd when it starts will
load upstream geneve. And when "iptables stop" runs, since
"geneve" has nothing to do with conntrack, it spares it.
Ideally, we should fix this by incrementing the refcount
on the kernel modules.
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: William Tu <u9012063@gmail.com>
In ovs-lib there is a function named upgrade_db which tries to convert a
database after OVS {up,down}grades. This function uses ovsdb-tool to
check if the DB needs to be upgraded. If the upgrade fails,
it purges the DB and create an empty one.
ovsdb-tool returns "yes" or "no" to indicate if the DB needs upgrading,
but if the DB is corrupted it returns a list of errors.
Change a condition from "!= no" to "= yes" because in case of DB
corruption upgrade_db would purge the existing DB without writing
anything in the logs.
Signed-off-by: Matteo Croce <mcroce@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mark Michelson <mmichels@redhat.com>
Poll-loop is the core to implement main loop. It should be available in
libopenvswitch.
Signed-off-by: Xiao Liang <shaw.leon@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Rconn provides useful features over vconn. Make it available to library
users.
Signed-off-by: Xiao Liang <shaw.leon@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This is neeed since "echo -n" is not POSIX and may not work with some shells.
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Flavio Leitner <fbl@sysclose.org>
This patch makes ovs-save to use a file to restore flows instead of using
shell script here-document.
This is needed since eval + here-documents are much slower than reading a file
with the rules directly.
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Flavio Leitner <fbl@sysclose.org>
If possible, use OpenFlow 1.4 atomic bundle transaction to restore flows.
The patch uses also the highest enabled OpenFlow version to do the queries.
With the actual implementation, if you have the default OpenFlow version
disabled then ovs-save fails. This patch also fixes that problem.
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Add a command to delete all ports that have the other_config:transient value
set to true.
Acked-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
On RHEL 7.4 (with iproute-3.10.0-87), a DHCP provided
ipv4 address has the "dynamic" keyword set. For e.g
"ip addr show breth0 | grep inet" shows:
inet 10.116.248.91/20 brd 10.116.255.255 scope global dynamic breth0
inet6 fe80::250:56ff:fea8:fdf0/64 scope link
The keyword "dynamic" (according to 'man ip-address') is only
used for ipv6, but in this case this is not true. Our current
code will skip the ipv4 address restoration because of this.
With this commit, we special case "dynamic" keyword to be valid
in case of ipv4.
VMware-BZ: #1982196
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Lines should be counted for each file separately.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Aaron Conole <aconole@redhat.com>
Currently we call 'hostname -f' when ovs-vswitchd is not
running. If you are using ovs-vswitchd to provide your
primary networking, then 'hostname -f' will "hang" till it
times out. On the system this issue was discovered, this was
as long as 40 seconds. This is a problem during OVS restarts
or upgrades.
This commit calls 'hostname -f' after ovs-vswitchd has started.
VMware-BZ: #1972026
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Packet and Connection state is only available to the processing path
that follows the "recirc_table" argument of the ct() action. The
previous behavior made these states available until the end of the
pipeline. This commit changes the behavior so that the Packet and
Connection state are cleared for the current processing path whenever
ct() is called (in addition to reaching the end of the pipeline.)
A future commit will remove the behavior that a "send to controller"
action causes all packets for that flow to be handled via the slow-path.
The current behavior of connection tracking state makes that difficult
due to datapath actions containing multiple OpenFlow rules that may
contain different connection tracking states. This change will make
that future commit possible.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
The coding style states that BSD-style brace placement should be used,
and even single statements should be enclosed. Add checks to checkpatch
for this, particularly for 'else' statements.
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Aaron Conole <aconole@redhat.com>
The style guide states that lines should not end with '?' or ':'. Check
for this and report an error.
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Most of the prerequisite checks so far matched on filenames that ended
in some character followed by 'c' or 'h', rather than a filename that
ends in '.c' or '.h'. Fix this.
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
The 'Expressions' section of the coding style specifies that one space
should be on either side of infix binary and ternary operators. This
adds a check to checkpatch.py for most of these.
The regex won't match if there are speech marks on the line, because
the style should not apply to the contents of strings.
This check is left at warning level because there isn't a good way to
determine whether a line is within a multiline comment or string, so it
will occasionally flag such lines which contain hyphenated words.
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
It seems that awk in busybox doesn't think that an empty string is part of
a larger string, but that GNU awk does. This commit adds an extra test to
make _ovs_vsctl_check_startswith_string work either way.
This allows the following tests to pass with busybox awk:
vsctl bashcomp unit tests
7: vsctl-bashcomp - basic verification ok
8: vsctl-bashcomp - argument completion ok
Reported-by: Stuart Cardall <developer@it-offshore.co.uk>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Lance Richardson <lrichard@redhat.com>
Currently we look for files with the name of "dmesg"
in "/var/log". If it exists, we don't run the command
"dmesg". This is unreliable as the file does not always
contain the latest dmesg information.
Since OVS kernel module emits information to dmesg,
we need this information to debug bugs. So always
run the "dmesg" command and collect its output.
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Reviewed-by: Greg Rose <gvrose8192@gmail.com>
Tested-by: Greg Rose <gvrose8192@gmail.com>
Acked-by: Ben Pfaff <blp@ovn.org>
ovs-bugtool collects a lot of data. This can be time
consuming and can end up collecting a lot of redundant data.
A option "--ovs" was added a while ago to only collect
OVS relevent data. We missed adding the OVS logs to this
filter.
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Reviewed-by: Greg Rose <gvrose8192@gmail.com>
Tested-by: Greg Rose <gvrose8192@gmail.com>
Acked-by: Ben Pfaff <blp@ovn.org>
The ovs-ofctl "diff-flows" and "replace-flows" command compare the flows
in two flow tables. Until now, the "replace-flows" command has considered
certain almost meaningless differences related to the version of OpenFlow
used to add a flow as significant, which caused it to replace a flow by an
identical-in-practice version, e.g. in the following, the "replace-flows"
command prints a FLOW_MOD that adds the flow that was already added
previously:
$ cat > flows
actions=resubmit(,1)
$ ovs-vsctl add-br br0
$ ovs-ofctl del-flows br0
$ ovs-ofctl add-flows br0 flows
$ ovs-ofctl -vvconn replace-flows br0 flows 2>&1 | grep FLOW_MOD
Re-adding an existing flow has some effects, for example, it resets the
flow's duration, so it's better to avoid it.
This commit fixes the problem using the same trick previously used for a
similar problem with the "diff-flows" command, which was fixed in commit
98f7f427bf8b ("ovs-ofctl: Avoid printing false differences on "ovs-ofctl
diff-flows".").
Reported-by: Kevin Lin <kevin@quilt.io>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
Since commit c416eaf8c247 ("ovs-ctl: Remove code for upgrading from Open
vSwitch 1.9 and earlier.") the kernel configuration of the specified
network interfaces is not saved anymore for restart command so there is no
need to try to restore it.
CC: Ben Pfaff <blp@ovn.org>
Fixes: c416eaf8c247 ("ovs-ctl: Remove code for upgrading from Open vSwitch 1.9 and earlier.")
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Shadowing is when a variable with a given name in an inner scope hides a
different variable with the same name in a surrounding scope. This is
generally undesirable because it can confuse programmers. This commit
eliminates most of it.
Found with -Wshadow=local in GCC 7. The repo is not really ready to enable
this option by default because of a few cases that are harder to fix, and
harmless, such as nested use of CMAP_FOR_EACH.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
This commit adds support for the OpenFlow actions generic encap
and decap (as specified in ONF EXT-382) to the OVS control plane.
CLI syntax for encap action with properties:
encap(<header>)
encap(<header>(<prop>=<value>,<tlv>(<class>,<type>,<value>),...))
For example:
encap(ethernet)
encap(nsh(md_type=1))
encap(nsh(md_type=2,tlv(0x1000,10,0x12345678),tlv(0x2000,20,0xfedcba9876543210)))
CLI syntax for decap action:
decap()
decap(packet_type(ns=<pt_ns>,type=<pt_type>))
For example:
decap()
decap(packet_type(ns=0,type=0xfffe))
decap(packet_type(ns=1,type=0x894f))
The first header supported for encap and decap is "ethernet" to convert
packets between packet_type (1,Ethertype) and (0,0).
This commit also implements a skeleton for the translation of generic
encap and decap actions in ofproto-dpif and adds support to encap and
decap an Ethernet header.
In general translation of encap commits pending actions and then rewrites
struct flow in accordance with the new packet type and header. In the
case of encap(ethernet) it suffices to change the packet type from
(1, Ethertype) to (0,0) and set the dl_type accordingly. A new
pending_encap flag in xlate ctx is set to mark that an corresponding
datapath encap action must be triggered at the next commit. In the
case of encap(ethernet) ofproto generetas a push_eth action.
The general case for translation of decap() is to emit a datapath action
to decap the current outermost header and then recirculate the packet
to reparse the inner headers. In the special case of an Ethernet packet,
decap() just changes the packet type from (0,0) to (1, dl_type) without
a need to recirculate. The emission of the pop_eth action for the
datapath is postponed to the next commit.
Hence encap(ethernet) and decap() on an Ethernet packet are OF octions
that only incur a cost in the dataplane when a modifed packet is
actually committed, e.g. because it is sent out. They can freely be
used for normalizing the packet type in the OF pipeline without
degrading performance.
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Zoltan Balogh <zoltan.balogh@ericsson.com>
Co-authored-by: Zoltan Balogh <zoltan.balogh@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
With the command:
ovs-appctl dpctl/ct-bkts
shows the number of connections per bucket.
By using a threshold:
ovs-appctl dpctl/ct-bkts gt=N
for each bucket shows the number of connections when they
are greater than N.
Signed-off-by: Antonio Fischetti <antonio.fischetti@intel.com>
Signed-off-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com>
Co-authored-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com>
Signed-off-by: Darrell Ball <dlu998@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
It's better to see real commits instead of 'HEAD~n'.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
Currently to check more than one patch or file it's required
to invoke script for each file separately.
Fix that by iterating over all the passed filenames.
Note: If '-f' option passed, all the files treated as usual files.
Without '-f' all the files treated as patch files.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
Currently, result status printed only for patch files.
It'll be nice to have results for other checking types.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
Local Gerrit Change-Ids are not welcome in common repository.
Inspired by checkpatch.pl from Linux Kernel.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
Suggest the author to use the OVS wrapper of the assert function.
Signed-off-by: Bhanuprakash Bodireddy <bhanuprakash.bodireddy@intel.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Aaron Conole <aconole@redhat.com>
