| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following a rework of dpdk network structures names [1], update the
concerned parts.
Ran Olivier script [2]:
sh prefix-net-rte.sh $(find -name "*dpdk*.c")
sh prefix-net-rte.sh $(find -name "*dpdk*.h")
sh prefix-net-rte.sh $(find -name "*rte*.c")
sh prefix-net-rte.sh $(find -name "*rte*.h")
1: http://mails.dpdk.org/archives/dev/2019-May/132612.html
2: http://mails.dpdk.org/archives/dev/2019-May/133081.html
Signed-off-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Following dpdk new color definitions (see [1]) 'e_RTE_METER_GREEN'
was replaced with 'RTE_COLOR_GREEN'.
[1]
Commit c1656328dbc2: ("meter: replace color definitions")
Signed-off-by: Ophir Munk <ophirmu@mellanox.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rework the build script so that we can pass branches and tags.
With this, DPDK_VER can be passed as:
- a string starting with refs/ which is understood as a git reference.
This triggers a git clone on DPDK_GIT (default value points to
https://dpdk.org/git/dpdk) for a single branch pointing to this
reference (to save some disk),
- else, any other string which is understood as an official release.
This triggers a tarball download on dpdk.org.
Signed-off-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
|
|
|
|
|
|
|
|
|
|
| |
Rather than patch the dpdk makefile and a template config file, we can
pass the -fPIC flag via EXTRA_CFLAGS.
This is more reliable than expecting the dpdk file names to be kept
unchanged.
Signed-off-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
|
|
|
|
| |
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Userspace datapath needs to traverse through miniflow values many times. In
this process, 'count_1bits' operation for 'Flowmap' significantly impact
performance. On arm, this function was defined by portable implementation
because gcc for arm does not support popcnt feature.
But in the aarch64, VCNT neon instruction can accelerate "count_1bits".
From Gcc-7, the built-in function is implemented with neon intruction.
In this patch, count_1bits function will be impelmented with gcc built-in
from gcc-7 on, and with neon intrinsics in gcc-6.
Performance test was run in two aarch64 machines. In the NIC2NIC test, one
tuple dpcls lookup case achieves around 4% throughput improvement and
10(average) tuples case achieves around 5% improvement.
Tested-by: Malvika Gupta <malvika.gupta@arm.com>
Signed-off-by: Yanqin Wei <Yanqin.Wei@arm.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updated acinclude.m4 so that OVS can be compiled on
5.0.x kernels.
This patch also updated travis files so that 5.0.x kernel versions
are used during travis test builds.
Besides, NEWS and releases.rst are also updated to reflect this
new support.
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream commit:
commit 567c5e13be5cc74d24f5eb54cf353c2e2277189b
Author: Petr Machata <petrm@mellanox.com>
Date: Thu Dec 6 17:05:42 2018 +0000
net: core: dev: Add extack argument to dev_change_flags()
In order to pass extack together with NETDEV_PRE_UP notifications, it's
necessary to route the extack to __dev_open() from diverse (possibly
indirect) callers. One prominent API through which the notification is
invoked is dev_change_flags().
Therefore extend dev_change_flags() with and extra extack argument and
update all users. Most of the calls end up just encoding NULL, but
several sites (VLAN, ipvlan, VRF, rtnetlink) do have extack available.
Since the function declaration line is changed anyway, name the other
function arguments to placate checkpatch.
Signed-off-by: Petr Machata <petrm@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch backports the above upstream patch and also adds fixes
in compat code.
Cc: Petr Machata <petrm@mellanox.com>
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream commit 6ab6dfa6bb500f5cbb9b7a0f23a1613417ca2d12 ("net: get
rid of __tcp_checksum_complete())" deleted __tcp_checksum_complete()
and caused compilation failure for OVS on newer kernels.
This patch fixes it by using __skb_checksum_complete(), which is
100% the same with __tcp_checksum_complete().
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream commits:
(1) commit 9df46aefafa6dee81a27c2a9d8ba360abd8c5fe3
Author: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Thu Nov 8 18:44:50 2018 +0100
OVS: remove use of VLAN_TAG_PRESENT
This is a minimal change to allow removing of VLAN_TAG_PRESENT.
It leaves OVS unable to use CFI bit, as fixing this would need
a deeper surgery involving userspace interface.
Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Signed-off-by: David S. Miller <davem@davemloft.net>
(2) commit 6083e28aa02d7c9e6b87f8b944e92793094ae047
Author: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Sat Nov 10 19:55:34 2018 +0100
OVS: remove VLAN_TAG_PRESENT - fixup
It turns out I missed one VLAN_TAG_PRESENT in OVS code while rebasing.
This fixes it.
Fixes: 9df46aefafa6 ("OVS: remove use of VLAN_TAG_PRESENT")
Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch backports the above upstream patch to OVS and adds
extra checking in kernel module's compat code.
Cc: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream commit d0522f1cd25edb796548f91e04766fa3cbc3b6df ("net:
Add extack argument to rtnl_create_link") added new argument
to rtnl_create_link(). This introduced compiling errors in
the code of kernel datapath.
This patch fixes this issue.
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A preliminary netdev qdisc cleanup is done during init tc flow.
The cited commit allows for creating of egress hook qdiscs on internal
ports. This breaks the netdev qdisc cleanup as currently only ingress
hook qdiscs type is deleted. As a consequence the check for tc ingress
shared block support fails when the check is done on internal port.
Issue can be reproduced by the following steps:
- start openvswitch service
- create ovs bridge
- restart openvswitch service
Fix by using the correct hook qdisc type at netdev hook qdisc cleanup.
Fixes 608ff46aaf0d ("ovs-tc: offload datapath rules matching on internal ports")
Signed-off-by: Raed Salem <raeds@mellanox.com>
Reviewed-by: Roi Dayan <roid@mellanox.com>
Acked-by: John Hurley <john.hurley@netronome.com>
Signed-off-by: Simon Horman <simon.horman@netronome.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Encap tunnel-ids are of the form:
<chassis-id><OVN_MVTEP_CHASSISID_DELIM><encap-ip>.
In physical_run we were checking if a tunnel-id corresponds
to the local chassis-id by searching if the chassis-id string
is included in the tunnel-id (strstr). This can break quite
easily, for example, if the local chassis-id is a substring
of a remote chassis-id. In that case we were wrongfully
skipping the tunnel creation.
To fix that new tunnel-id creation and parsing functions are added in
encaps.[ch]. These functions are now used everywhere where applicable.
Acked-by: Venu Iyer <iyervl@ymail.com>
Reported-at: https://bugzilla.redhat.com/1708131
Reported-by: Haidong Li <haili@redhat.com>
Fixes: b520ca7 ("Support for multiple VTEP in OVN")
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't need to build DPDK kernel modules to test build with OVS.
And we don't need to build OVS datapath modules for checking
userspace with DPDK.
Removed 'max-inline-insns-single' changes that only was needed for
DPDK kernel modules. Config modifications changed to update
generated build/.config instead of changing sources.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Tested-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'lport_to_iface' and 'egress_ifaces' hashtables were not cleaned up
when checking if port bindings require a recompute.
Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2019-June/048822.html
Reported-by: Daniel Alvarez Sanchez <dalvarez@redhat.com>
Fixes: 9d0b504abdee ("ovn-controller: runtime_data change handler for SB port-binding")
Acked-by: Han Zhou <hzhou8@ebay.com>
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Flow API providers renamed to be consistent with parent module
'netdev-offload' and look more like each other.
'_rte_' replaced with more convenient '_dpdk_'.
We'll have following structure:
Common code:
lib/netdev-offload-provider.h
lib/netdev-offload.c
lib/netdev-offload.h
Providers:
lib/netdev-offload-tc.c
lib/netdev-offload-dpdk.c
'netdev-offload-dummy' still resides inside netdev-dummy, but it
makes no much sence to move it out of there.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Acked-by: Roi Dayan <roid@mellanox.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New module 'netdev-offload' created to manage different flow API
implementations. All the generic and provider independent code moved
there from the 'netdev' module.
Flow API providers further encapsulated.
The only function that was changed is 'netdev_any_oor'.
Now it uses offloading related hmap instead of common 'netdev_shash'.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Acked-by: Roi Dayan <roid@mellanox.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Since introduction of dynamic flow API for netdevs, tricky
accesses to uninitialized flow API are no longer possible.
So, ovs-dpctl doesn't support dumping HW offloaded flows now.
Claim this in docs and man pages. Additionally forbidden
'type' argument for 'ovs-dpctl dump-flows'.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Roi Dayan <roid@mellanox.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Current issues with Flow API:
* OVS calls offloading functions regardless of successful
flow API initialization. (ex. on init_flow_api failure)
* Static initilaization of Flow API for a netdev_class forbids
having different offloading types for different instances
of netdev with the same netdev_class. (ex. different vports in
'system' and 'netdev' datapaths at the same time)
Solution:
* Move Flow API from the netdev_class to netdev instance.
* Make Flow API dynamic, i.e. probe the APIs and choose the
suitable one.
Side effects:
* Flow API providers localized as possible in their modules.
* Now we have an ability to make runtime checks. For example,
we could check if particular device supports features we
need, like if dpdk device supports RSS+MARK action.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Roi Dayan <roid@mellanox.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recent versions of systemd restores RuntimeDirectory ownership to the
unit's User in between execution of *Exec directives (see [1]). Using
ExecStartPre to reset RuntimeDirectory ownership to OVS_USER no longer
works as expected.
The ctl scripts already handle creation of the runtime directory with
correct ownership and permissions so we can basically remove
RuntimeDirectory from systemd unit file. There is still need to handle
ownsership to cover some upgrade scenarios, but success of that will be
optional as the directory itself wont exist at first time run.
[1] https://github.com/systemd/systemd/issues/12713
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
| |
OVN database directory is createid on first run so make ownership
handling optional.
Fixes: 94e1e8be3187 ("rhel: run ovn with the same user as ovs")
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
systemd assesses the presssence of all EnvironmentFile before execution
of Exec* directives, thus useropts needs to be optional even though it
will always be created at ExecStartPre.
Fixes: 94e1e8be3187 ("rhel: run ovn with the same user as ovs")
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
| |
So that is properly cleaned up after package is uninstalled.
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fortville NICs (or their drivers) can get into an inconsistent state,
in which the NIC can actually transmit and receive packets even
though they report "PHY down". In such a state, OVS can exchange and
process LACP messages and enable a LACP slave. However, further packet
exchange over the slave fails because OVS sees that the PHY is down.
This commit fixes the problem by making OVS ignore received LACP PDUs
and suppress transmitting LACP PDUs when carrier is down. In addition,
when a LACP PDU is received with carrier down, this commit triggers
rechecking the carrier status (by incrementing the connectivity sequence
number) to ensure that it is updated as quickly as possible.
Signed-off-by: Manohar Krishnappa Chidambaraswamy <manukc@gmail.com>
Co-authored-by: Manohar Krishnappa Chidambaraswamy <manukc@gmail.com>
Signed-off-by: Nitin Katiyar <nitin.katiyar@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem:
========
The OVS state machine that enables and disables bond slaves runs in
the OVS main thread. The OVS code that processes received LACP packets
runs in a different thread. Until now, when the latter processes a LACP
PDU that should enable a slave, the slave was only enabled when the
main thread was able to run the state machine. In some cases this led
to delays of up to 350ms when the main thread was busy or not scheduled,
which led to corresponding delays in which packets were dropped due to
the bond-admissibility check.
Fix:
====
When a LACP PDU is received, evaluate whether LACP slave can be enabled
(slave_may_enable()) and set LACP slave's may_enable from the datapath
thread itself. When may_enable = TRUE, it means L1 state is UP and
LACP-SYNC is done and it is waiting for the main thread to enable the
slave. Relax the check in bond_check_admissibility() to check for both
"enable" and "may_enable" of the LACP slave. This would avoid dropping
of packets until the main thread enables the slave from bundle_run().
Signed-off-by: Manohar Krishnappa Chidambaraswamy <manukc@gmail.com>
Co-authored-by: Manohar Krishnappa Chidambaraswamy <manukc@gmail.com>
Signed-off-by: Nitin Katiyar <nitin.katiyar@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of managing kernel minor versions manually we could always test
with the most recent stable release of the desired branch.
With this patch applied Travis will always check with the most recent
kernels, so we'll be notified about changes in upstream kernels that
breaks the build of our kernel module. However, this will also break
Travis checks on patches that doesn't touch the kernel parts until
we fix the module.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Tested-by: Yifeng Sun <pkusunyifeng@gmail.com>
Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
| |
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
| |
Both ovn and ovs share the same log and run directories which are owned
by the user running ovs so it makes sense that ovn runs under that user
too to diminish security concerns and possible problems with log rotation.
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The openvswitch useropts file is being stored in a directory where the
openvswitch user has write permissions. The openvswitch user can then
manipulate the file to change the user under which switchd daemon runs.
This patch changes the file to /var/openvswitch.useropts preventing any
manipulation.
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
Use ovn-ctl to start ovn-controller-vtep from the corresponding systemd
unit file.
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix help output of ovn-controller-vtep that was suggesting the
openvswitch database instead of the ovn southbound database for the
ovnsb-db argument.
Also fix the corresponding systemd unit that was passing the openvswitch
database instead of the ovn southbound database for the ovnsb-db
argument.
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Because of the macro implementation of htonX() and ntohX(), using one in
the argument of the other yields warnings. This commit avoids the issue by
using a temporary variable.
This does not fix a bug, only suppresses a warning.
Submitted-at: https://github.com/openvswitch/ovs/pull/283
Signed-off-by: Damijan Skvarc <damjan.skvarc@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
This adds a negative test for almost all of the error messages that
parsing an action or instruction can produce.
This commit removes now-redundant tests from multipath.at.
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
| |
This will be used in an upcoming test.
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
| |
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
| |
These duplicate messages emitted by ofpacts_verify(), so drop them.
These were previously useful because ofpacts_verify()'s error messages were
not as good as those emitted by ofpacts_parse__(), but that's been fixed
now.
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
Verification can fail for a variety of reasons but the code here always
reported "Incorrect instruction ordering".
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
Otherwise, specifying something like output(port=1,max_len=5) would parse
OK and then cause a failure when it was received by the switch.
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
The action expects 'type' as a parameter name so it should use 'type' when
it formats actions too.
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This action is only supported in OpenFlow 1.3 and later, but the parser
from text allowed it in earlier versions, which could cause confusion,
e.g.:
$ ovs-ofctl parse-flow 'actions=encap(ethernet())'
usable protocols: any
chosen protocol: OpenFlow10-table_id
2019-04-30T20:19:59Z|00001|ofp_actions|WARN|unknown OpenFlow10 action for vendor 0x2320 and type 46
2019-04-30T20:19:59Z|00002|ofp_actions|WARN|bad action at offset 0 (OFPBAC_BAD_VENDOR_TYPE):
00000000 ff ff 00 10 00 00 23 20-00 2e 00 00 00 00 00 00
OFPT_FLOW_MOD (xid=0x1): ***decode error: OFPBAC_BAD_VENDOR_TYPE***
00000000 01 0e 00 58 00 00 00 01-00 38 20 ff 00 00 00 00 |...X.....8 .....|
00000010 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 |................|
00000030 00 00 00 00 00 00 00 00-00 00 00 00 00 00 80 00 |................|
00000040 ff ff ff ff ff ff 00 00-ff ff 00 10 00 00 23 20 |..............# |
00000050 00 2e 00 00 00 00 00 00- |........ |
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
| |
Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
pinctrl_handle_buffered_packets can insert new elements in
buffered_packets_map hasmap and it runs concurrently with pinctrl_run
starting from commit 3594ffab6b4b. Fix possible races grabbing
pinctrl_mutex before running pinctrl_handle_buffered_packets
Fixes: 3594ffab6b4b ("ovn-controller: Add a new thread in pinctrl module to handle packet-ins.")
Acked-by: Han Zhou <hzhou8@ebay.com>
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
4.9.172+ kernel backported upstream patch 70b095c843266
("ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module")
and this caused compilation errors of OVS kernel module.
This patch fixes it by checking and using new functions
introduced by the upstream patch.
Travis tests passed at
https://travis-ci.org/yifsun/ovs-travis/builds/536527230
with latest Linux kernel version.
In addition, this patch doesn't introduce failed tests for latest kernels
of Ubuntu (bionic, trusty, xenial), fedora, centos 73, rhel (74, 75, 76).
Reported-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of in-band control, OVS is expected to send DHCP server replies
to the LOCAL port as well. In this case, OVS implicitly adds an
additional action to output to the bridge’s LOCAL port after the ofproto
translation for the packet is completed in the ofproto layer but before
sending the actions to datapath for installation.
However, the match criteria is unchanged and as a result all packets
(not just DHCP server replies) are also sent to the LOCAL port.
The fix is to add the IP protocol type (UDP), the UDP source and
destination ports to the match criteria so that a specific datapath flow
that matches only DHCP server replies is installed. As a result, only
DHCP server reply packets will be sent to the LOCAL port.
Signed-off-by: Anju Thomas <anju.thomas@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ICMP/ICMPv6 fails, if the src/dst port is set in a common NAT rule.
For example:
actions=ct(nat(dst=172.16.1.100:5000),commit,table=40)
Fixes: 4cd0481c9e8b ("conntrack: Fix wasted work for ICMP NAT.")
CC: Darrell Ball <dlu998@gmail.com>
Signed-off-by: solomon <liwei.solomon@gmail.com>
Signed-off-by: Darrell Ball <dlu998@gmail.com>
Co-authored-by: Darrell Ball <dlu998@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For a series of IP fragments, only the first packet includes the transport
header (TCP/UDP/SCTP) and the src/dst ports. By including these port
numbers in the hash, it may happen that a first fragment hashes to a
different value than subsequent packets, causing different packets from
the same flow to follow different paths. This in turn may result in
out-of-order delivery or failed reassembly. This patch excludes port
numbers from the hash calculation in case of IP fragmentation.
Signed-off-by: Jeroen van Bemmel <jeroen.van_bemmel@nokia.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
| |
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For Openstack Internal DNS functionality we need
to provide support for domain_name option.
DHCP option 15 was previously used only in parser
tests and according to RFC it should be renamed to
domain_name [1].
This patch modifies its name in the tests from
'domain' to 'domain_name' and adds its support
to the code.
[1] https://tools.ietf.org/html/rfc2132#section-3.17
Signed-off-by: Maciej Józefczyk <mjozefcz@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
| |
Unlike manual injecting of "-Werror" to CFLAGS, '--enable-Werror'
enables failure on "sparse" and flake8 warnings. At least we wasn't
notified about flake8 warnings previously.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Few structures from rte_flow.h updated to the version from DPDK 18.11
to fix incorrect structure definitions.
rte_lcore.h and rte_vect.h "sparse" headers removed because not needed
and only produce type-mismatch issues.
Enabled -Werror for sparse builds with DPDK to prevent regressions.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Ben Pfaff <blp@ovn.org>
|