As long as bonding has been implemented, the vswitch has refused to learn
from multicast packets that arrive on a bond slave if it has already
learned any other port for that source MAC, because it is likely that we
sent the packet out ourselves and are only now receiving a copy of it on
our active slave.
This is entirely correct, but it does not go far enough. In fact, the
bridge needs to entirely drop such packets. Otherwise, a host whose MAC
is assigned to a slave other than the active slave will receive a second
copy of multicast packets that it sends out the bond, and other ports
will receive two copies of every multicast packet sent by such a host.
This commit implements this new policy, which simplifies the code at the
same time.
Bug #1387.
The glibc 2.7 headers contain a bug that causes strtok_r() to segfault
in some circumstances. Until now, we have been working around this
problem at each invocation, but this depends on the programmer to remember
to do so each time.
This commit instead adds a shim that adds a work-around to the string.h
header itself, so that it is much more difficult to miss the workaround.
The man page for ovs-vswitchd.conf explains how ingress policing works.
However, what "ingress" means is a bit confusing depending on the
perspective. For vSwitch, it's from the switch's perspective. This
means on a PIF, it's the rate traffic comes into the box. On a VIF,
it's the rate traffic can be *transmitted* from a VM. This commit
clarifies the man page a bit.
Thanks to Johan for pointing out the problem.
The controller needs to know various things about virtual interfaces as
they move about the network. This commit sends the VIF, virtual
machine, and network UUIDs associated with the VIF, as well as its MAC
address over the management channel.
Feature #1324
An improper string comparison operator was used to check whether
FORCE_COREFILES was enabled. Further, the check to enable core files
was only down when vswitch was started, and not when restarted.
Thanks to Ben for help debugging the issue.
Now the Debian packaging is regularly tested via the autobuilder, so there
is less need to do it from "make distcheck", and not doing it saves time
there.
We were distributing lib/dirs.c, which doesn't make sense, but in any case
it created a race between "make" and "make dist" in updating lib/dirs.c,
which showed up in the Debian package build (which runs build-indep and
build-arch in parallel).
Also, clean lib/dhparams.c.
This should fix the failure seen in build openvswitch843.
When a bond slave goes down, all of the MACs that were on it are migrated
to another slave, but this is not apparent to the switch that the bond is
connected to until each MAC sends out a packet. This causes incoming
traffic for a given MAC to be dropped until the MAC sends out a packet.
This is not usually a problem, because traffic is not ordinarily one-way,
and we can't avoid losing some packets in some cases, but we can do a
little better by sending out a gratuitous learning packet on the new slave
as soon as we know about it, and that is what this commit implements.
Bug #1290.
The vswitchd bonding code needs to iterate through the table entries to
be able to send out gratuitous learning packets when bond slaves go down.
It might be best to create an abstract interface to the MAC learning table,
but this commit does the simpler thing and exposes the data structures in
the header file.
One of the OpenFlow managment protocol's UUID TLV messages had a problem
building on 64-bit systems. By extending the structure length by 4
bytes, the problem goes away.
Whether a bond slave is enabled should be based on whether the device's
PHY sees carrier, not based on whether the device is configured up or down.
(Note that a device that is configured down will always see "no carrier").
Otherwise a device that is up but has no carrier will initially be enabled,
which does not make sense.
This has no effect on interfaces that are not bond slaves, because the
"enabled" setting is used only by bond slaves.
Bug #1247.
Until now, we've added network devices to the ovs-vswitchd configuration
file before bringing them up. This works suboptimally for bond slaves,
because vswitchd takes the initial carrier state of the bond slaves as
whether to initially enable or disable them, and a device that is down
always reports "no carrier". So this commit changes interface-reconfigure
to bring up bond slaves before adding them to the configuration file,
which gives them a chance to detect carrier before vswitchd checks for it.
This might still be an imperfect situation, because it takes quite a while
(maybe 1 second?) for some network devices to detect carrier after being
brought up. But the kernel implementation of bonding seems to do the very
same thing, so we should be at least no worse than it.
Incidentally, this is only important for bonds that have long updelays.
XenServer uses an updelay of 31 seconds (!), so it is especially important
there.
Bug #1247.
This commit sends information about Xen UUIDs to the controller through
the management connection. Specifically, it sends the XenServer UUID
and a list of network UUIDs associated with each datapath.