Allocate struct rule_actions and the space for the actions at once.
This reduces one memory indirection and helps reduce cache misses
visible in perf annotations.
Fix some old comments referring to ref count, since we now use RCU for
this.
Enforce constness of the actions that are assigned from rule_actions
throughout the code.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
The Open vSwitch repository has moved to Github.
CC: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>
Rename 'l2' to 'frame' and add new ofpbuf_set_frame() and ofpbuf_l2().
ofpbuf_set_frame() alse resets all the layer offsets. ofpbuf_l2()
returns NULL if the packet has no Ethernet header, as indicated either
by unset l3 offset or NULL frame pointer. Callers of ofpbuf_l2() are
supposed to check the return value, unless they can otherwise be sure
that the packet has a valid Ethernet header.
The recent commit 437d0d22 made some assumptions that were not valid
regarding the use of the 'l2' pointer in rconn module and by
compose_rarp(). This is now fixed as follows: rconn now relies on the
fact that once OpenFlow messages are given to rconn for transport, the
frame pointer is no longer needed to refer to the OpenFlow header; and
compose_rarp() now sets the frame pointer and offsets as expected.
In addition to storing network frames, ofpbufs are also used for
handling OpenFlow messages and action lists. lib/ofpbuf.h now has a
comment documenting the current usage conventions and invariants.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Code reads better without the "get", for example "ofpbuf_l3()"
v.s. "ofpbuf_get_l3()". L4 payoad access functions still use the
"get" (e.g., "ofpbuf_get_tcp_payload()").
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
This patch shrinks the struct ofpbuf from 104 to 48 bytes on 64-bit
systems, or from 52 to 36 bytes on 32-bit systems (counting in the
'l7' removal from an earlier patch). This may help contribute to
cache efficiency, and will speed up initializing, copying and
manipulating ofpbufs. This is potentially important for the DPDK
datapath, but the rest of the code base may also see a little benefit.
Changes are:
- Remove 'l7' pointer (previous patch).
- Use offsets instead of layer pointers for l2_5, l3, and l4 using
'l2' as basis. Usually 'data' is the same as 'l2', but this is not
always the case (e.g., when parsing or constructing a packet), so it
can not be easily used as the offset basis. Also, packet parsing is
faster if we do not need to maintain the offsets each time we pull
data from the ofpbuf.
- Use uint32_t for 'allocated' and 'size', as 2^32 is enough even for
largest possible messages/packets.
- Use packed enum for 'source'.
- Rearrange to avoid unnecessary padding.
- Remove 'private_p', which was used only in two cases, both of which
had the invariant ('l2' == 'data'), so we can temporarily use 'l2'
as a private pointer.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
When we send a wrong command to a Open vSwitch daemon, it returns
an error. In that case, close the connection to the daemon.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
ovs-vsctl is a command-line interface to the Open vSwitch database,
and as such it just modifies the desired Open vSwitch configuration in
the database. ovs-vswitchd, on the other hand, monitors the database
and implements the actual configuration specified in the database.
This can lead to surprises when the user makes a change to the
database, with ovs-vsctl, that ovs-vswitchd cannot actually
implement. In such a case, the ovs-vsctl command silently succeeds
(because the database was successfully updated) but its desired
effects don't actually take place. One good example of such a change
is attempting to add a port with a misspelled name (e.g. ``ovs-vsctl
add-port br0 fth0'', where fth0 should be eth0); another is creating
a bridge or a port whose name is longer than supported
(e.g. ``ovs-vsctl add-br'' with a 16-character bridge name on
Linux). It can take users a long time to realize the error, because it
requires looking through the ovs-vswitchd log.
The patch improves the situation by checking whether operations that
ovs executes succeed and report an error when
they do not. This patch only report add-br and add-port
operation errors by examining the `ofport' value that
ovs-vswitchd stores into the database record for the newly created
interface. Until ovs-vswitchd finishes implementing the new
configuration, this column is empty, and after it finishes it is
either -1 (on failure) or a positive number (on success).
Signed-off-by: Andy Zhou <azhou@nicira.com>
Co-authored-by: Thomas Graf <tgraf@redhat.com>
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Co-authored-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
When the OF1.4 is made safe, so that receiving an unimplemented message
cannot crash the switch, this commit should be reverted.
Signed-off-by: Ben Pfaff <blp@nicira.com>
This defines the version number for OpenFlow 1.4 so that the switch
can actually use it. The ovsdb schema is also modified.
Signed-off-by: Alexandru Copot <alex.mihai.c@gmail.com>
Cc: Daniel Baluta <dbaluta@ixiacom.com>
[blp@nicira.com adjusted code in cases where 1.3 and 1.4 are the same]
Signed-off-by: Ben Pfaff <blp@nicira.com>
It seems there is a typo in definition of arp_spa & arp_tpa
Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
We want to conditionally compile several files based on whether we're
building for a Linux host, so we need some Automake conditional for that.
Previously this was based on whether Netlink is available and we're not
on ESX (since ESX has Netlink but isn't Linux), but it's more
straightforward to just test for Linux directly.
CC: Luigi Rizzo <rizzo@iet.unipi.it>
Signed-off-by: Ben Pfaff <blp@nicira.com>
SSL_LIBS are needed for libopenvswitch and we include that
in lib/automake.mk. It is not necessary to include it
for every executable.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Change the flow_extract() API to accept struct pkt_metadata,
instead of individual metadata fields. It will make the API more
logical and easier to maintain when we need to expand metadata
down the road.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>¬
Recent changes to the flow_dump_next() interface have made it the
responsibility of the dpif implementation to track error status over a
flow dump operation.
This patch removes status tracking from 'struct dpif_flow_dump', allowing
multiple threads to call dpif_flow_dump_next() and track their status
independently. Even if one thread finishes processing flows for a given
iterator and state, it will not prevent other callers from processing
the remaining flows in their buffers.
After this patch, the error code that dpif_flow_dump_next() returns is
only significant for the current state and buffer. As before, the status
of the entire flow dump operation can be obtained by calling
dpif_flow_dump_done().
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This patch makes it the caller's responsibility to initialize a
per-thread 'state' object and pass it down to the dpif_flow_dump_next()
implementation. The implementation can expect to be called from multiple
threads with the same 'iter' and different 'state' objects.
When flow_dump_next() returns non-zero, the implementation must ensure
that subsequent calls with the same arguments also return non-zero.
Subsequent calls with the same 'iter' and different 'state' may return
zero, but should make progress towards returning non-zero.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
It tries to log the status operation, so although non-root
users can see the current status, the lack of permission
to write to the log results in an error message.
This changes to log only if the user has the permission to
write to the log file.
Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Windows does not have a SIGPIPE. We ignore SIGPIPE for
Linux. To compile on Windows, carve out a new function
to ignore SIGPIPE on Linux.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
If ovs-vsctl has to wait for ovs-vswitchd to reconfigure itself
according to the new database, then sometimes ovs-vsctl could
end up stuck in the event loop if OVSDB connection was dropped
while ovs-vsctl was still running.
This patch fixes this problem by letting ovs-vsctl to reconnect
to the OVSDB, if it has to wait cur_cfg field to be updated.
Issue: 1191997
Reported-by: Spiro Kourtessis <spiro@nicira.com>
Signed-Off-By: Ansis Atteka <aatteka@nicira.com>
This commit makes the userspace support for MPLS more complete. Now
up to 3 labels are supported.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Co-authored-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Simon Horman <horms@verge.net.au>
When two ovs-vsctl update map type column at same time, one ovs-vsctl's
update will be discarded although all ovs-vsctl succeeded. This patch
fixes this issue.
Signed-off-by: Ken Ajiro <ajiro@mxw.nes.nec.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
In practice, Linux kernel modules are only built with GCC, so it
doesn't make much sense to spend time compiling them with clang.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Joe Stringer <joestringer@nicira.com>
One option to implement openlog and syslog functionality in Windows
is to use windows event logger. But it looks like it involves changing
registry settings and in general looks complicated.
For the time being, do nothing for syslog. All the information needed for
debugging will be present through the 'file' option anyways.
We can start OVS daemons on Windows with "-vfile:info -vsyslog:off".
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
This is done to avoid collisions and confusions with libpcap symbols,
like pcap_read()
Signed-off-by: Luigi Rizzo <rizzo@iet.unipi.it>
Signed-off-by: Daniele Di Proietto <daniele.di.proietto@gmail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Configure has an option which supports quieter compilation.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Acked-by: Joe Stringer <joestringer@nicira.com>
This makes it easier for development tools including "perf", give
clean backtraces on x86-64 systems.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Jarno Rajahalme reported up to 40% performance gain on netperf TCP_CRR with
an earlier version of this patch in combination with a kernel NUMA patch,
together with a reduction in variance:
http://openvswitch.org/pipermail/dev/2014-January/035867.html
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
The command shown in the man page to disable the STP protocol on a bridge
is:
ovs-vsctl clear Bridge br0 stp_enable
Calling that, the following warning message is returned:
ovs-vsctl: "clear" operation cannot be applied to column stp_enable
of table Bridge, which is not allowed to be empty
It seems correct to use the command:
ovs-vsctl set Bridge br0 stp_enable=false
Signed-off-by: Daniele Venturino <daniele.venturino@m3s.it>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This valgrind leak checker isn't really useful without this.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Joe Stringer <joestringer@nicira.com>
Based on the number of people who ask about Wireshark support for OpenFlow,
this is likely to be widely useful.
Signed-off-by: Ben Pfaff <blp@nicira.com>
According to Python documentation here for execvp:
http://docs.python.org/2/library/os.html
"The current process is replaced immediately. Open file objects
and descriptors are not flushed, so if there may be data buffered
on these open files, you should flush them using sys.stdout.flush()
or os.fsync() before calling an exec* function.
Without the flush, we will miss the print statements before that
if we redirect the o/p to a file.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Currently openvswitch builds all libraries static only. However,
libopenvswitch is linked into nearly all openvswitch executables
making it hardly possible to run openvswitch on embedded devices
(for example running OpenWrt).
Convert openvswitch to use libtool for building its internal libs.
This allows "--enable-shared" and "--enable-static" as configure
arguments. Default is "--disable-shared" thus keeping the current
behavior with the only change that static libs are installed by
"make install".
Since the openvswitch library interfaces are internal and thus not
stable (yet) encode the openvswitch version into the library name:
libopenvswitch-2.0.90.so
Binary size is reduced to around 1/3 when using shared libs.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
The command ovs-dpctl can wrongly output the masks even if the
datapath does not implement mega flows. In this case the output
will be similar to the following:
system@ovs-system:
lookups: hit:14 missed:41 lost:0
flows: 0
masks: hit:18446744073709551615 total:4294967295
hit/pkt:335395346794719104.00
port 0: ovs-system (internal)
port 1: gre_system (gre: df_default=false, ttl=0)
port 2: ots-br0 (internal)
port 3: int0 (internal)
port 4: vnet0
port 5: vnet1
The problem depends on the fact that n_masks stats is stored as a
uint32 in the struct ovs_dp_megaflow_stats and as a uint64 in the
struct dpif_dp_stats. UINT32_MAX instead of UINT64_MAX should be
used to detect if the datapath supports megaflows or not.
Signed-off-by: Francesco Fusco <ffusco@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This allows other libraries to use util.h that has already
defined NOT_REACHED.
Signed-off-by: Harold Lim <haroldl@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
* The ethertype of the packet is always set to
the ethertype of the push_mpls action
* Drop references to unicast and multicast MPLS ethertypes,
in RFC5332 0x8847 and 0x8848 do not always have
those meanings.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Many deployments prefer to use gcc in production and it supports
sparse, while clang supports thread safety analysis and has
more/better warnings and error messages. This patch changes
ovs-dev.py to build with both so that developers are unlikely to miss
something that one or the other could catch.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Joe Stringer <joestringer@nicira.com>
Allow TCP flags match specification with symbolic flag names. TCP
flags are optionally specified as a string of flag names, each
preceded by '+' when the flag must be one, or '-' when the flag must
be zero. Any flags not explicitly included are wildcarded. The
existing hex syntax is still allowed, and is used in flow dumps when
all the flags are matched.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
The MSVC C library printf() implementation does not support the 'z', 't',
'j', or 'hh' format specifiers. This commit changes the Open vSwitch code
to avoid those format specifiers, switching to standard macros from
<inttypes.h> where available and inventing new macros resembling them
where necessary. It also updates CodingStyle to specify the macros' use
and adds a Makefile rule to report violations.
Signed-off-by: Alin Serdean <aserdean@cloudbasesolutions.com>
Co-authored-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Until now ofpacts_check() has been told either to enforce consistency or
not, but that means that the caller has to know exactly what protocol is
going to be in use (because some protocols require consistency to be
enforced and others don't). This commit changes ofpacts_check() to just
rule out protocols that require enforcement when it detects
inconsistencies.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
