Comments are more freeform than code, so this patch tries to ignore many
checks on comment lines. It assumes that any line that begins with "/*"
or "* " is a comment line. (Without a following space, "*" might be
something like "*x = 1;".)
Suggested-by: Joe Stringer <joe@ovn.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Aaron Conole <aconole@redhat.com>
It's becoming more common that OSes include "ip" but not "ifconfig", so
it's best to avoid using the latter. This commit removes most references
to "ifconfig" and replaces them by "ip". It also adds a build-time check
to make it harder to introduce new uses of "ifconfig".
There are important differences between "ifconfig" and "ip":
- An "ifconfig" command that sets an IP address also brings the interface
up, but a similar "ip addr add" command does not, so it is often necessary
(or at least precautionary) to add an "ip link set <dev> up" command.
- "ifconfig" can infer a netmask from an IP adddress, but "ip" always
assumes /32 if none is given.
- "ifconfig" with address 0.0.0.0 removes any configured IP address, but
"ip addr add" does not, so "ifconfig <dev> 0.0.0.0" must be replaced by
"ip addr del" or "ip addr flush".
Signed-off-by: Ben Pfaff <blp@ovn.org>
If the service manager issued a stop service, the control handler
registered by the running daemon should report that service changed
state.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Currently, signed integer is used for 'port_id' variable and
'-1' as identifier of bad or uninitialized 'port_id'.
This inconsistent with dpdk library and, also, in few cases,
leads to passing '-1' to dpdk functions where uint8_t expected.
Such behaviour doesn't produce any issues, but it's better to
use same type as in dpdk library for consistency.
Introduced 'dpdk_port_t' typedef for better maintainability.
Also, magic number '-1' replaced with DPDK_ETH_PORT_ID_INVALID
macro.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mark Kavanagh <mark.b.kavanagh@intel.com>
Currently, once created device in dpdk will exist forever
even after del-port operation untill we manually call
'ovs-appctl netdev-dpdk/detach <name>', where <name> is not
the port's name but the name of dpdk eth device or pci address.
Few issues with current implementation:
1. Different API for usual (system) and DPDK devices.
(We have to call 'ovs-appctl netdev-dpdk/detach' each
time after 'del-port' to actually free the device)
This is a big issue mostly for virtual DPDK devices.
2. Follows from 1:
For DPDK devices 'del-port' leads just to
'rte_eth_dev_stop' and subsequent 'add-port' will
just start the already existing device. Such behaviour
will not reset the device to initial state as it could
be expected. For example: virtual pcap pmd will continue
reading input file instead of reading it from the beginning.
3. Follows from 2:
After execution of the following commands 'port1' will be
configured with the 'old-options' while 'ovs-vsctl show'
will show us 'new-options' in dpdk-devargs field:
ovs-vsctl add-port port1 -- set interface port1 type=dpdk \
options:dpdk-devargs=<eth_pmd_name1>,<old-options>
ovs-vsctl del-port port1
ovs-vsctl add-port port1 -- set interface port1 type=dpdk \
options:dpdk-devargs=<eth_pmd_name1>,<new-options>
4. Follows from 1:
Not detached device consumes 'port_id'. Since we have very
limited number of 'port_id's (32 in common case) this may
lead to quick exhausting of id pool and inability to add any
other port.
To avoid above issues we need to detach all the attached devices on
port destruction.
appctl 'netdev-dpdk/detach' removed because not needed anymore.
We need to use internal 'attached' variable to track ports on
which rte_eth_dev_attach() was called and returned successfully
to avoid closing and detaching devices that do not support hotplug or
by any other reason attached using the 'dpdk-extra' cmdline options.
CC: Ciara Loftus <ciara.loftus@intel.com>
Fixes: 55e075e65e ("netdev-dpdk: Arbitrary 'dpdk' port naming")
Fixes: 69876ed786 ("netdev-dpdk: Add support for virtual DPDK PMDs (vdevs)")
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Billy O'Mahony <billy.o.mahony@intel.com>
'devargs' for virtual devices contains not only name but
also a list of arguments like this:
'net_pcap0,rx_pcap=file_rx.pcap,tx_pcap=file_tx.pcap'
or
'eth_af_packet0,iface=eth0'
We must cut off the arguments from this string before calling
'rte_eth_dev_get_port_by_name()' to avoid double attaching of
the same device.
CC: Ciara Loftus <ciara.loftus@intel.com>
Fixes: 69876ed786 ("netdev-dpdk: Add support for virtual DPDK PMDs (vdevs)")
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Tested-by: Billy O'Mahony <billy.o.mahony@intel.com>
Acked-by: Billy O'Mahony <billy.o.mahony@intel.com>
Until now, most ovs-ofctl commands have not accepted names for ports, only
numbers, and have not been able to display port names either. It's a lot
easier for users if they can use and see meaningful names instead of
arbitrary numbers. This commit adds that support.
For backward compatibility, only interactive ovs-ofctl commands by default
display port names; to display them in scripts, use the new --names
option.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Tested-by: Aaron Conole <aconole@redhat.com>
When bridge stp enabled, we can enable the stp ports
despite ports are down. When initializing, this patch checks
link-state of ports and enable or disable them according
to their link-state. This patch also allow user to enable
and disable a port when bridge stp is running. If a stp
port is in disable state, it can forward packets. If its
link is down and this patch sets it to disable, there is
no L2 loop.
Signed-off-by: nickcooper-zhangtonghao <nic@opencloud.tech>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This counter is supposed to prevent having too many RSTP ports, but nothing
ever incremented it.
Signed-off-by: nickcooper-zhangtonghao <nic@opencloud.tech>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Currently in pinctrl.c and ofctrl.c there are similar logic to log
ignored messages, which is somehow inaccurate and confusing. For example,
OFPTYPE_PACKET_IN is handled only in pinctrl.c but in ofctrl.c it
is listed as expected input and not logged as "ignored" messages, while
it is in fact unexpected and ignored there. This patch clearup the
unnecessary "if" conditions and logs all messages that are not
expected/handled honestly, so that there will be logs for debugging
if such abnormal case really happens.
Signed-off-by: Han Zhou <zhouhan@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Flows are sent to switch by ofctrl_put() instead of ofctrl_run(), so
fix the comment which was misleading.
Signed-off-by: Han Zhou <zhouhan@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Pass tun_table to ofputil_handle_packet_out() to correctly decode tunnel
metadata in packet-out messages.
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This patch adds support for parsing the pipeline match fields of
OpenFlow 1.5 packet-out messages. With this patch, we can use ovs-ofctl
to specify pipeline fileds for a packet-out message.
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This patch decodes pipeline fields from a packet-out message, and populates
the pipeline fields into datapath. Error OFPERR_OFPBRC_PIPELINE_FIELDS_ONLY
is returned if the match field of a packet-out messages contains any
non pipeline fields. Currently, the supported pipeline fields
are as following.
* metadata fields:
- in_port, in_port_oxm
* tunnel fields:
- tun_id, tun_src, tun_dst, tun_ipv6_src, tun_ipv6_dst
- tun_gbp_id, tun_gpb_flags, tun_flags
- tun_metadata0 - tun_metadata63
* register fields:
- metadata
- reg0 - reg-15, xreg0 - xreg7, xxreg0 - xxreg3
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This patch adds flow metadata to ofputil_packet_out. It does not make any
functional change. The flow metadata will be useful to support new packet-out
message format in OpenFlow 1.5.
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
The memory leak was triggered each time on calling netflow_unref() with
containing netflow_flows. And flows need to be removed and destroyed.
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
A lot of checkpatch warnings are only enabled for particular kinds of
files, e.g. C warnings only apply to C source and header files. The -f
option didn't pass the file name to the code that determines what kinds
of warnings to report, so only generic warnings were actually reported.
This fixes that problem.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Aaron Conole <aconole@redhat.com>
The switch statement and our FOR_EACH macro iteration constructs have the
same rules as if, for, and while.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Aaron Conole <aconole@redhat.com>
We don't need to initialize sock,msg and sll before calling sendmsg each
time. Just initialize them before the loop, it can reduce cpu cycles.
Signed-off-by: Zhenyu Gao <sysugaozhenyu@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
The OVN ingress pipeline for a logical switch is maxed out at 16 stages.
This patch takes the simple approach of starting the ingress pipeline at
table 8 rather than table 16, and starting the egress pipeline at
table 40 rather than table 48.
Signed-off-by: Mickey Spiegel <mickeys.dev@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This code would complain about the use of ovs_strerror because it
matches [^x]strerror, and the same was true in many other similar cases.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
This patch introduces a new type of OVN ports called "localport".
These ports will be present in every hypervisor and may have the
same IP/MAC addresses. They are not bound to any chassis and traffic
to these ports will never go through a tunnel.
Its main use case is the OpenStack metadata API support which relies
on a local agent running on every hypervisor and serving metadata to
VM's locally. This service is described in detail at [0].
An example to illustrate the purpose of this patch:
- One logical switch sw0 with 2 ports (p1, p2) and 1 localport (lp)
- Two hypervisors: HV1 and HV2
- p1 in HV1 (OVS port with external-id:iface-id="p1")
- p2 in HV2 (OVS port with external-id:iface-id="p2")
- lp in both hypevisors (OVS port with external-id:iface-id="lp")
- p1 should be able to reach p2 and viceversa
- lp on HV1 should be able to reach p1 but not p2
- lp on HV2 should be able to reach p2 but not p1
Explicit drop rules are inserted in table 32 with priority 150
in order to prevent traffic originated at a localport to go over
a tunnel.
[0]
https://docs.openstack.org/developer/networking-ovn/design/metadata_api.html
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Current versions of systemd in Debian Stretch use
SYSTEMCTL_SKIP_REDIRECT instead of _SYSTEMCTL_SKIP_REDIRECT.
Provide both variables in the .init files.
Signed-off-by: Raymond Burkholder <ray@oneunified.net>
Suggested-by: Guru Shetty <guru@ovn.org>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
I know of two reasons to mark a structure as "packed". The first is
because the structure must match some defined interface and therefore
compiler-inserted padding between or after members would cause its layout
to diverge from that interface. This is not a problem in a structure that
follows the general alignment rules that are seen in ABIs for all the
architectures that OVS cares about: basically, that a struct member needs
to be aligned on a boundary that is a multiple of the member's size.
The second reason is because instances of the struct tend to be at
misaligned addresses.
struct eth_header and struct vlan_eth_header are normally aligned on
16-bit boundaries (at least), and they contain only 16-bit members, so
there's no need to pack them. This commit removes the packed annotation.
This commit also removes the packed annotation from struct llc_header.
Since that struct only contains 8-bit members, I don't know of any benefit
to packing it, period.
This commit also removes a few more packed annotations that are much less
important.
When these packed annotations were removed, it caused a few warnings
related to casts from 'uint8_t *' to more strictly aligned pointer types,
related to struct ovs_action_push_tnl. That's because that struct had a
trailing member used to store packet headers, that was declared as
a uint8_t[]. Before, when this was cast to 'struct eth_header *', there
was no change in alignment since eth_header was packed; now that
eth_header is not packed, the compiler considers it suspicious. This
commit avoids that problem by changing the member from uint8_t[] to
uint32_t[], which assures the compiler that it is properly aligned.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
put_encapsulation() is meant to load the logical output port into bits
24 to 40 of the tunnel ID metadata field, but 'outport << 24' did not
have that effect because outport has type uint16_t. This fixes the
problem.
This would only affect ports numbered 256 and higher, and only with STT.
(However, multicast groups are always numbered higher than 256, so I guess
that flooding didn't work.)
Found by Coverity.
Reported-at: https://scan3.coverity.com/reports.htm#v16889/p10449/fileInstanceId=14763078&defectInstanceId=4304791&mergedDefectId=180391
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Miguel Angel Ajo <majopela@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Added compatibility headers for actions vlan and tunnel key.
Do not use compat code when compiling kernel datapath
there is no need for it as TC compatibility is not provided there.
In other words, the compat code is only used when compiling user-space
code against old kernel headers.
Signed-off-by: Paul Blakey <paulb@mellanox.com>
Reviewed-by: Roi Dayan <roid@mellanox.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Simon Horman <simon.horman@netronome.com>
Set flow->dl_type to either ETH_TYPE_IP or ETH_TYPE_IPV6 when probing for
ct_orig_tuple feature support. This can be expanded later on to check for
both IPv4 and IPv6 support.
Fixes: daf4d3c18d ("odp: Support conntrack orig tuple key.")
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
This patch adds the following functions
- start_nb_ovsdb, stop_nb_ovsdb, restart_nb_ovsdb to start, stop and
restart the OVN NB DB ovsdb-server independently.
- start_sb_ovsdb, stop_sb_ovsdb, restart_sb_ovsdb to start, stop and
restart the OVN SB DB ovsdb-server independently.
These commands can be used to run ovsdb-server for each DB in a separate
container.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Andy Zhou <azhou@ovn.org>
Gcc compiler argument -Wall contains -Wimplicit-function-declaration which
gives warnings when a function is used before declared.
Map VStudio compiler error C4013 to it.
More info on C4013:
https://msdn.microsoft.com/en-us/library/d3ct4kz9.aspx
At the moment we cannot switch to the equivalent -Werror because we need
to solve other warnings.
As a temporary solution issue an error when this warning is triggered.
This will help development on the Windows side.
Suggested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Add fatal-signal.h include since it uses: fatal_signal_atexit_handler
and fatal_signal_add_hook
Use the defined getpid() function and also include <unistd.h> since
it is defined in include/windows/unistd.h .
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
