| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
This will make it possible, in later commits, to make ovsdb-server connect
to OVS managers only after ovs-vswitchd has completed its initial
configuration.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ansis Atteka <aatteka@nicira.com>
|
| |
|
|
| |
Signed-off-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes a bug where per ofproto moving average stats did not update
when there is no active dp flows.
Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Andy Zhou <azhou@nicira.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>
|
| |
|
|
|
|
|
| |
Fix residue from an earlier patch.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
| |
These will be used for the first time in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
| |
This will be used for the first time in an upcoming commit.
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
| |
This patch adds an sFlow test to the test suite.
I have only tested this on a Fedora 17 OS.
Signed-off-by: Neil Mckee <neil.mckee@inmon.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Commit f3103dfa00d (lacp.at: Change timing of lacp - negotiation test)
fixed test failures for the lacp negotiation test on some systems, but
made it crop up on others where it hadn't appeared before.
My guess is that this commit is the real fix. If it isn't, then we
will probably just have to remove the test or disable it, much as I
hate doing that.
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
| |
The "lacp - negotiation" test (# 3) used to always fail when running
multiple tests in parallel (-j2). The reduced simulated wait time
(from 4 seconds to 2.5 seconds) seems to still give the expected result,
and works also when running multiple tests in parallel.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
| |
Fix a test failure due to timing differences in different test runs.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds more flow related stats to the output of
"ovs-appctl dpif/show". Specifically, the follow information
are added per ofproto:
- Max flow table size
- Average flow table size
- Average flow table add rate
- Average flow table delete rate
- Average flow entry life in milliseconds
Feature #15366
Signed-off-by: Andy Zhou <azhou@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before this patch, when ofproto-dpif decided that a particular flow
miss needed a facet, it would do action translation multiple times.
Once in subfacet_make_actions(), and once per packet in
subfacet_update_stats(). In the common case (once per miss), this
would double the amount of work required in xlate_actions().
The call to facet_push_stats() in subfacet_update_stats() is
unnecessary. If the packets are simply accounted to the facet,
they will eventually be pushed to the relevant rules in
update_stats() or when the facet is removed. Removing the
unnecessary step gives us a 20% improvement of the netperf TCP_CRR
benchmark with the complex flow tables installed by our controller.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now, ovs-vsctl has kept trying to the database server until it
succeeded or the timeout expired (if one was specified with --timeout).
This meant that if ovsdb-server wasn't running, then ovs-vsctl would hang.
The result was that almost every ovs-vsctl invocation in scripts specified
a timeout on the off-chance that the database server might not be running.
But it's difficult to choose a good timeout. A timeout that is too short
can cause spurious failures. A timeout that is too long causes long delays
if the server really isn't running.
This commit should alleviate this problem. It changes ovs-vsctl's behavior
so that, if it fails to connect to the server, it exits unsuccessfully.
This makes --timeout obsolete for the purpose of avoiding a hang if the
database server isn't running. (--timeout is still useful to avoid a hang
if ovsdb-server is running but ovs-vswitchd is not, for ovs-vsctl commands
that modify the database. --no-wait also avoids that issue.)
Bug #2393.
Bug #15594.
Reported-by: Jeff Merrick <jmerrick@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were plans to use this in conjunction with inner/outer flows,
however that plan has been changed in favour of using recirculation.
This leaves us with the current usage.
encal_dl_type is currently only used to allow decoding of packets used in
the test suite. However, this is a bit of a fudge and the packets may be
provided as hexadecimal instead.
Also remove comments from parse_l2_5_onward() relating to MPLS which are
not in keeping with the commenting throughout the rest of the function.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Jesse Gross <jesse@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
lib/pcap.h has a name that conflicts with /usr/include/pcap.h. When one
wants to include pcap.h from libpcap (i.e.: the one from /usr/include), one
may end up with pcap.h from openvswitch.
This change renames this header to pcap-file.h and updates all
references to this file.
This change was tested with `make distcheck`.
Signed-off-by: Stephane A. Sezer <sas@cd80.net>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is to fix the fallout of single datapath change.
ovs-appctl dpif/show displays per bridge miss, hit
and flow counts on the screen, but the backend is
obtaining those information from the datapath.
With a single datapath, all bridges of the same
datapath would all display the same (global)
counters maintained by the datapath, obviously
not correct.
This patch fixes the bug by maintaining per ofproto_dpif
miss and hit counts, which are used for display output.
The number of flows count is obtained by counting the
number facets per ofproto.
ovs-dpctl show still displays the counters maintain by
the datapath, as before.
Bug #15369
Signed-off-by: Andy Zhou <azhou@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
| |
Feature #15466.
Requested-by: Ronghua Zhang <rzhang@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
| |
Remove recursion from GOTO_TABLE processing in do_xlate_actions().
This allows packet processing pipelines built with goto table be
longer and not interact with each other via the resubmit recursion limit.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The command "ovs-appctl dpif/dump-flows" would print slow-path actions
as "drop", which could be confusing to users. This is different from
"ovs-dpctl dump-flows", which prints a descriptive reason. This commit
replaces "drop" with the reason.
Bug #14840
Signed-off-by: Justin Pettit <jpettit@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In the kernel tunnel implementation, if a packet was marked as ECN CE on
the outer packet then we would carry this over to the inner packet on
decapsulation. With the switch to flow based tunneling, this stopped
happening. This commit reintroduces that behavior by using the set IP
header action.
Bug #15072
Signed-off-by: Justin Pettit <jpettit@nicira.com>
|
| |
|
|
|
|
|
|
|
| |
Move the check for whether tunneled packets should be dropped due to
congestion encountered (CE) when the encapsulated packet is not ECN
capable (non-ECT). This also adds some additional tests for ECN
handling on tunnel decapsulation.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Push action takes a single parameter. Any source allowed by NXAST_REG_MOVE
is allowed to be pushed onto the stack. When the source is a bit field,
its value will be right shifted to bit zero before being pushed onto the
stack. The remaining bits will be set to zero.
The Pop action also takes a single parameter. Any destination allowed by
NXAST_REG_MOVE can be used as the destination of the action. The value, in
case of a bit field, will be taken from top of the stack, starting from
bit zero.
The stack size is not limited. The initial 8KB is statically allocated to
efficiently handle most common use cases. When more stack space is
required, the stack can grow using malloc().
Signed-off-by: Andy Zhou <azhou@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds support for the OpenFlow 1.1+ set_mpls_ttl action.
And also adds an NX set_mpls_ttl action.
The handling of the TTL modification is entirely handled in userspace.
Reviewed-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds support for the OpenFlow 1.1+ dec_mpls_ttl action.
And also adds an NX dec_mpls_ttl action.
The handling of the TTL modification is entirely handled in userspace.
Reviewed-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since userspace flow based tunneling code is checked in, the kernel
port based tunneling code can be removed.
Patch removes following components:
- tunnel ports hash table and moved tunnel ports list to individual
vports.
- Cleaned per tnl-port config.
- OVS_KEY_ATTR_TUN_ID action is removed.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #15078
|
| |
|
|
|
|
|
|
|
|
|
| |
In get_tunnel_config(), distinguish between VXLAN and LISP when deciding
whether or not to print UDP destination port. Only add the UDP
destination port for either protocol if it is not the default UDP port.
Update the LISP unit test to match the new behavior as well.
Signed-off-by: Kyle Mestery <kmestery@cisco.com>
[jesse: merge common test for VXLAN and LISP]
Signed-off-by: Jesse Gross <jesse@nicira.com>
|
| |
|
|
|
| |
Signed-off-by: Kyle Mestery <kmestery@cisco.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now, the optional OVS_USERSPACE_ATTR_USERDATA attribute had to be
exactly 64 bits long, if it was present. However, 64 bits is not enough
space to associate as much information with a flow as would be convenient
for some userspace features now under development. This commit generalizes
the attribute, allowing it to be any length.
This generalization is backward-compatible: if userspace only uses 64-bit
attributes, then it will not see any change in behavior.
CC: Romain Lenglet <rlenglet@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
|
| |
|
|
|
| |
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
| |
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Presumably we can test for this Linux feature just by seeing whether the
directory is there.
Another goal is to shorten the code because I intend to make another copy
of it in an upcoming commit, to add a similar test for Python.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenFlow extensibility working group issue EXT-272 clarifies the use of
the generation_id in role reply messages as used for the current generation
ID or all-1-bits if there is no current generation ID. This commit
implements EXT-272 in Open vSwitch.
Unfortunately the full text of EXT-272 is not available freely online.
(The "open" part of the Open Networking Foundation is the network, not
the foundation)
EXT-272.
CC: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
| |
CC: Paul Ingram <paul@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
| |
It is necessary to whitelist a couple of tests that appear to legitimately
have WARN messages.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids a log warning:
bridge|WARN|port bond: Using the default bond_mode active-backup.
Note that in previous versions, the default bond_mode was balance-slb
This warning is harmless, but I'm trying to add checks for "warn" and
higher severity log messages to the tests, so it makes sense to get rid of
this one.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
| |
Otherwise, if the test bails out before finishing, the test-netflow daemon
doesn't get killed and the test hangs.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now, "unix:" and "punix:" paths that are not absolute have
been considered relative to the current working directory. It
is more useful to consider them relative to the rundir, so this
commit makes that change to the C and Python implementations of
the stream code.
This commit also relaxes the whitelist check in the bridge code
so that any name that does not contain a "/" is considered OK.
Signed-off-by: Pavithra Ramesh <paramesh@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
| |
in each table.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
| |
The autopath action was attempting to achieve functionality similar
to the bundle action, but was significantly clunkier, more
difficult to understand, more difficult to use, and less reliable.
This patch removes it.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch implements use-space datapath and non-datapath code
to match and use the datapath API set out in Leo Alterman's patch
"user-space datapath: Add basic MPLS support to kernel".
The resulting MPLS implementation supports:
* Pushing a single MPLS label
* Poping a single MPLS label
* Modifying an MPLS lable using set-field or load actions
that act on the label value, tc and bos bit.
* There is no support for manipulating the TTL
this is considered future work.
The single-level push pop limitation is implemented by processing
push, pop and set-field/load actions in order and discarding information
that would require multiple levels of push/pop to be supported.
e.g.
push,push -> the first push is discarded
pop,pop -> the first pop is discarded
This patch is based heavily on work by Ravi K.
Cc: Ravi K <rkerur@gmail.com>
Reviewed-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Two of the users of vlog_set_levels_from_string() in the tests could have
silently failed, if their arguments were invalid. This avoids that problem
(and a memory leak).
Found by Coverity.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
| |
This commit adds unit tests which exercise the flow based
tunneling code added in previous patches.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this patch, ovs-vswitchd uses flow based tunneling
exclusively. I.E. each kind of tunnel shares a single tunnel
backer in the datapath. Tunnel headers are set by userspace using
the ipv4_tunnel datapath action. And, the configuration of
individual tunnels is now a userspace responsibility, so
netdev-vport no longer marshals and unmarshals Netlink attributes
for tunnel configuration, instead only storing the configuration
internally. There are still some significant pieces of work to do,
but the basic building blocks are there to begin testing.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Co-authored-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
|
| |
|
|
|
|
|
|
|
| |
All datapath flows should have an in_port, so it doesn't make a lot
of sense to allow omitting it when tracing. If a user wants to
trace a flow which has no in_port, they can use the OpenFlow syntax
which doesn't go through ofproto_receive().
Signed-off-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Open vSwitch, a "modify" or "modify_strict" flow_mod is supposed to
refresh the flow's last-modified time even if nothing else changes, because
this interpretation makes the "learn" action more useful. As commit
308881afb (ofproto: Reinterpret meaning of OpenFlow hard timeouts with
OFPFC_MODIFY.) notes:
I finally found a good use for hard timeouts in OpenFlow, but they
require a slight reinterpretation of the meaning of hard timeouts.
Until now, a hard timeout meant that a flow would be removed the
specified number of seconds after a flow was created. Intervening
modifications with OFPFC_MODIFY(_STRICT) had no effect on the hard
timeout; the flow would still be deleted the specified number of
seconds after its original creation.
This commit changes the effect of OFPFC_MODIFY(_STRICT). Now,
modifying a flow resets its hard timeout counter. A flow will time out
the specified number of seconds after creation or after the last time
it is modified, whichever comes later.
However, commit 080437614b (ofproto: Represent flow cookie changes as
operations too.) broke this behavior because it incorrectly optimized out
"modify" operations that didn't change the flow's actions or flow cookie.
This commit fixes the problem, and adds a test to prevent future
regression.
Thanks to Amar Padmanabhan <amar@nicira.com> for helping to track this
down.
Bug #14841.
Reported-by: Hiroshi Tanaka <htanaka@vmware.com>
CC: Amar Padmanabhan <amar@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
|
|
| |
Signed-off-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit moves responsibility for implementing patch ports from
the datapath to ofproto-dpif. There are two main reasons to do
this.
The first is a matter of design: ofproto-dpif both has more
information than the datapath, and is better suited to handle the
complexity required to implement patch ports.
The second is performance. My setup is a virtual machine with two
basic learning bridges connected by patch ports. I used
ovs-benchmark to ping the virtual router IP residing outside the
VM. Over a 60 second run, "ovs-benchmark rate" improves from
14618.1 to 19311.9 transactions per second, or a 32% improvement.
Similarly, "ovs-benchmark latency" improves from 6ms to 4ms.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
murmurhash is faster than Jenkins and slightly higher quality, so switch to
it for hashing words.
The best timings I got for hashing for data lengths of the following
numbers of 32-bit words, in seconds per 1,000,000,000 hashes, were:
words murmurhash Jenkins hash
----- ---------- ------------
1 8.4 10.4
2 10.3 10.3
3 11.2 10.7
4 12.6 18.0
5 13.9 18.3
6 15.2 18.7
In other words, murmurhash outperforms Jenkins for all input lengths other
than exactly 3 32-bit words (12 bytes). (It's understandable that Jenkins
would have a best case at 12 bytes, because Jenkins works in 12-byte
chunks.) Even in the case where Jenkins is faster, it's only by 5%. On
average within this data set, murmurhash is 15% faster, and for 4-word
input it is 30% faster.
We retain Jenkins for flow_hash_symmetric_l4() and flow_hash_fields(),
which are cases where the hash value is exposed externally.
This commit appears to improve "ovs-benchmark rate" results slightly by
a few hundred connections per second (under 1%), when used with an NVP
controller.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These tests relied on luck to ensure that OpenFlow ports received the
expected OpenFlow port numbers. With a different hash function, or (I
expect) on a big-endian architecture, the port numbers were assigned
differently and the tests failed.
This commit fixes the problem by requesting the specific expected port
numbers explicitly.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
|
| |
|
|
|
|
|
|
|
|
| |
Following patch breaks down single ipv4_tunnel netlink attribute into
individual member attributes. It will help when we extend tunneling
parameters in future.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #14611
|
