Re: [ovs-dev] Does ovs-vsctl add-br br01 really create a bridge just like brctl add-br br01?
On Fri, Feb 08, 2013 at 11:18:07AM +0800, ?? wrote: >Thanks your reply. Yes, I read that manual several times before i sent > the previous post here. This manual tell me that ovs-vsctl is a db client > to configure Open vSwitch configuration database maintained by > ovsdb-server. So when you execute ovs-vsctl add-br br01 command, it > actually only store this information in Bridge table of Open vSwitch > configuration database. Is my understanding right? Yes. After ovs-vsctl updates the database, ovs-vswitchd then reconfigures itself, and the kernel configuration, based on the new database contents. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 1/2] tunnel: Log tunneling changes at INFO level.
On Thu, Feb 07, 2013 at 07:04:21PM -0800, Ethan Jackson wrote: > These log messages occur infrequently, and are quite useful when > debugging problems after the fact. So they should be logged at > info level which makes them more readily available. > > Signed-off-by: Ethan Jackson Looks good, thanks. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 2/2] tunnel: Treat in_key=0 the same as a missing in_key.
On Thu, Feb 07, 2013 at 07:04:22PM -0800, Ethan Jackson wrote: > The documented behavior of ovs is that a missing key is the > same as a zero key. However, the tunneling code actually treated > them differently. This could cause problems with tunneling modes > such as vxlan which always have a key. Specifically, a tunnel with > no key configured, would send have to send traffic with a key of > zero. However, the same tunnel would drop incoming traffic with a > zero key because it was expecting there to be none at all. > > Signed-off-by: Ethan Jackson Looks good, thanks. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] ovs-ctl: Add support for built-in (non-modular) kernel support.
On Wed, Feb 06, 2013 at 08:44:36AM -0800, Ben Pfaff wrote: > On Wed, Feb 06, 2013 at 03:54:14PM +0800, Cong Wang wrote: > > On 02/06/2013 03:14 AM, Ben Pfaff wrote: > > >Reported-by: Cong Wang > > >Signed-off-by: Ben Pfaff > > >--- > > >Cong, will you verify that this makes the init script work OK for > > >your kernel with OVS built-in? > > > > I got: > > > > # ovs-dpctl show -voff > > ovs-dpctl: processing "off": unknown module "off" > > You said in another email that you're using Open vSwitch 1.4.2. The > patch I sent is for Open vSwitch "master" (1.10.90). Nevertheless, if > you remove "-voff", I think it will work with 1.4.2. Will you try it > that way? Cong, any chance you could try it out? ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH] datapath: Fix ovs_vport_cmd_del return value on success
If the pointer does not represent an error then the PTR_ERR macro may still return a nonzero value. The fix is the same as in ovs_vport_cmd_set. Signed-off-by: Rich Lane --- datapath/datapath.c |1 + 1 file changed, 1 insertion(+) diff --git a/datapath/datapath.c b/datapath/datapath.c index 86ceb9f..f78c232 100644 --- a/datapath/datapath.c +++ b/datapath/datapath.c @@ -2064,6 +2064,7 @@ static int ovs_vport_cmd_del(struct sk_buff *skb, struct genl_info *info) if (IS_ERR(reply)) goto exit_unlock; + err = 0; ovs_dp_detach_port(vport); genl_notify(reply, genl_info_net(info), info->snd_portid, -- 1.7.9.5 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
On Thu, Feb 07, 2013 at 03:48:14PM -0800, Pavithra Ramesh wrote:
> If socket path specified is relative to ovs_rundir(),
> append the directory name to in unix_open and punix_open.
> Freed the new newly allocated strings.
> Also included the change in bridge.c to relax the whitelist
> check, only if there is no /.
>
> Signed-off-by: Pavithra Ramesh
Here's a revised version that passes all tests.
--8<--cut here-->8--
From: Pavithra Ramesh
Date: Thu, 7 Feb 2013 15:48:14 -0800
Subject: [PATCH] stream-unix: append ovs_rundir to socket
If socket path specified is relative to ovs_rundir(),
append the directory name to in unix_open and punix_open.
Freed the new newly allocated strings.
Also included the change in bridge.c to relax the whitelist
check, only if there is no /.
Signed-off-by: Pavithra Ramesh
Signed-off-by: Ben Pfaff
---
lib/stream-unix.c| 20 ++--
tests/jsonrpc.at |3 +++
tests/ovsdb-execution.at |1 +
tests/ovsdb-idl.at |3 +++
tests/ovsdb-macros.at|3 ++-
tests/ovsdb-monitor.at |1 +
tests/ovsdb-server.at|9 +
tests/ovsdb-tool.at |4
tests/vconn.at |1 +
vswitchd/bridge.c|6 --
10 files changed, 42 insertions(+), 9 deletions(-)
diff --git a/lib/stream-unix.c b/lib/stream-unix.c
index 6ed7648..dbee135 100644
--- a/lib/stream-unix.c
+++ b/lib/stream-unix.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc.
+ * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -29,6 +29,7 @@
#include "packets.h"
#include "poll-loop.h"
#include "socket-util.h"
+#include "dirs.h"
#include "util.h"
#include "stream-provider.h"
#include "stream-fd.h"
@@ -42,15 +43,19 @@ static int
unix_open(const char *name, char *suffix, struct stream **streamp,
uint8_t dscp OVS_UNUSED)
{
-const char *connect_path = suffix;
+char *connect_path;
int fd;
+connect_path = abs_file_name(ovs_rundir(), suffix);
fd = make_unix_socket(SOCK_STREAM, true, NULL, connect_path);
+
if (fd < 0) {
VLOG_DBG("%s: connection failed (%s)", connect_path, strerror(-fd));
+free(connect_path);
return -fd;
}
+free(connect_path);
return new_fd_stream(name, fd, check_connection_completion(fd), streamp);
}
@@ -76,11 +81,14 @@ static int
punix_open(const char *name OVS_UNUSED, char *suffix,
struct pstream **pstreamp, uint8_t dscp OVS_UNUSED)
{
+char *bind_path;
int fd, error;
-fd = make_unix_socket(SOCK_STREAM, true, suffix, NULL);
+bind_path = abs_file_name(ovs_rundir(), suffix);
+fd = make_unix_socket(SOCK_STREAM, true, bind_path, NULL);
if (fd < 0) {
-VLOG_ERR("%s: binding failed: %s", suffix, strerror(errno));
+VLOG_ERR("%s: binding failed: %s", bind_path, strerror(errno));
+free(bind_path);
return errno;
}
@@ -88,11 +96,11 @@ punix_open(const char *name OVS_UNUSED, char *suffix,
error = errno;
VLOG_ERR("%s: listen: %s", name, strerror(error));
close(fd);
+free(bind_path);
return error;
}
-return new_fd_pstream(name, fd, punix_accept, NULL,
- xstrdup(suffix), pstreamp);
+return new_fd_pstream(name, fd, punix_accept, NULL, bind_path, pstreamp);
}
static int
diff --git a/tests/jsonrpc.at b/tests/jsonrpc.at
index 2a7f91b..664debe 100644
--- a/tests/jsonrpc.at
+++ b/tests/jsonrpc.at
@@ -1,6 +1,7 @@
AT_BANNER([JSON-RPC - C])
AT_SETUP([JSON-RPC request and successful reply])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
AT_CHECK([kill -0 `cat pid`])
@@ -12,6 +13,7 @@ AT_CHECK([kill `cat pid`])
AT_CLEANUP
AT_SETUP([JSON-RPC request and error reply])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
AT_CHECK([kill -0 `cat pid`])
@@ -23,6 +25,7 @@ AT_CHECK([kill `cat pid`])
AT_CLEANUP
AT_SETUP([JSON-RPC notification])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
# When a daemon dies it deletes its pidfile, so make a copy.
diff --git a/tests/ovsdb-execution.at b/tests/ovsdb-execution.at
index 6a3b5d1..eec2a04 100644
--- a/tests/ovsdb-execution.at
+++ b/tests/ovsdb-execution.at
@@ -138,6 +138,7 @@ m4_divert_pop([PREPARE_TESTS])
m4_define([OVSDB_CHECK_EXECUTION],
[AT_SETUP([$1])
AT_KEYWORDS([ovsdb execute execution positive $5])
+ OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-ovsdb execute "`$2`" m4_foreach([txn],
Re: [ovs-dev] [PATCH] datapath: Fix ovs_vport_cmd_del return value on success
On Fri, Feb 8, 2013 at 9:11 AM, Rich Lane wrote: > If the pointer does not represent an error then the PTR_ERR macro may still > return a nonzero value. The fix is the same as in ovs_vport_cmd_set. > > Signed-off-by: Rich Lane Applied, thank you. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
Thanks Ben. The patch looks good.
Do we also want to change the python stream implementation
to behave the same way?
-Pavithra
- Original Message -
From: "Ben Pfaff"
To: "Pavithra Ramesh"
Cc: dev@openvswitch.org
Sent: Friday, February 8, 2013 9:14:13 AM
Subject: Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
On Thu, Feb 07, 2013 at 03:48:14PM -0800, Pavithra Ramesh wrote:
> If socket path specified is relative to ovs_rundir(),
> append the directory name to in unix_open and punix_open.
> Freed the new newly allocated strings.
> Also included the change in bridge.c to relax the whitelist
> check, only if there is no /.
>
> Signed-off-by: Pavithra Ramesh
Here's a revised version that passes all tests.
--8<--cut here-->8--
From: Pavithra Ramesh
Date: Thu, 7 Feb 2013 15:48:14 -0800
Subject: [PATCH] stream-unix: append ovs_rundir to socket
If socket path specified is relative to ovs_rundir(),
append the directory name to in unix_open and punix_open.
Freed the new newly allocated strings.
Also included the change in bridge.c to relax the whitelist
check, only if there is no /.
Signed-off-by: Pavithra Ramesh
Signed-off-by: Ben Pfaff
---
lib/stream-unix.c| 20 ++--
tests/jsonrpc.at |3 +++
tests/ovsdb-execution.at |1 +
tests/ovsdb-idl.at |3 +++
tests/ovsdb-macros.at|3 ++-
tests/ovsdb-monitor.at |1 +
tests/ovsdb-server.at|9 +
tests/ovsdb-tool.at |4
tests/vconn.at |1 +
vswitchd/bridge.c|6 --
10 files changed, 42 insertions(+), 9 deletions(-)
diff --git a/lib/stream-unix.c b/lib/stream-unix.c
index 6ed7648..dbee135 100644
--- a/lib/stream-unix.c
+++ b/lib/stream-unix.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc.
+ * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -29,6 +29,7 @@
#include "packets.h"
#include "poll-loop.h"
#include "socket-util.h"
+#include "dirs.h"
#include "util.h"
#include "stream-provider.h"
#include "stream-fd.h"
@@ -42,15 +43,19 @@ static int
unix_open(const char *name, char *suffix, struct stream **streamp,
uint8_t dscp OVS_UNUSED)
{
-const char *connect_path = suffix;
+char *connect_path;
int fd;
+connect_path = abs_file_name(ovs_rundir(), suffix);
fd = make_unix_socket(SOCK_STREAM, true, NULL, connect_path);
+
if (fd < 0) {
VLOG_DBG("%s: connection failed (%s)", connect_path, strerror(-fd));
+free(connect_path);
return -fd;
}
+free(connect_path);
return new_fd_stream(name, fd, check_connection_completion(fd), streamp);
}
@@ -76,11 +81,14 @@ static int
punix_open(const char *name OVS_UNUSED, char *suffix,
struct pstream **pstreamp, uint8_t dscp OVS_UNUSED)
{
+char *bind_path;
int fd, error;
-fd = make_unix_socket(SOCK_STREAM, true, suffix, NULL);
+bind_path = abs_file_name(ovs_rundir(), suffix);
+fd = make_unix_socket(SOCK_STREAM, true, bind_path, NULL);
if (fd < 0) {
-VLOG_ERR("%s: binding failed: %s", suffix, strerror(errno));
+VLOG_ERR("%s: binding failed: %s", bind_path, strerror(errno));
+free(bind_path);
return errno;
}
@@ -88,11 +96,11 @@ punix_open(const char *name OVS_UNUSED, char *suffix,
error = errno;
VLOG_ERR("%s: listen: %s", name, strerror(error));
close(fd);
+free(bind_path);
return error;
}
-return new_fd_pstream(name, fd, punix_accept, NULL,
- xstrdup(suffix), pstreamp);
+return new_fd_pstream(name, fd, punix_accept, NULL, bind_path, pstreamp);
}
static int
diff --git a/tests/jsonrpc.at b/tests/jsonrpc.at
index 2a7f91b..664debe 100644
--- a/tests/jsonrpc.at
+++ b/tests/jsonrpc.at
@@ -1,6 +1,7 @@
AT_BANNER([JSON-RPC - C])
AT_SETUP([JSON-RPC request and successful reply])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
AT_CHECK([kill -0 `cat pid`])
@@ -12,6 +13,7 @@ AT_CHECK([kill `cat pid`])
AT_CLEANUP
AT_SETUP([JSON-RPC request and error reply])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
AT_CHECK([kill -0 `cat pid`])
@@ -23,6 +25,7 @@ AT_CHECK([kill `cat pid`])
AT_CLEANUP
AT_SETUP([JSON-RPC notification])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
# When a daemon dies it deletes its pidfile, so make a copy.
diff --git a/tests/ovsdb-execution.at b/tests/ovsdb-execution.at
index 6a3b
Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
Yes, would you mind taking a first shot?
On Fri, Feb 08, 2013 at 09:51:33AM -0800, Pavithra Ramesh wrote:
> Thanks Ben. The patch looks good.
> Do we also want to change the python stream implementation
> to behave the same way?
>
> -Pavithra
>
> - Original Message -
> From: "Ben Pfaff"
> To: "Pavithra Ramesh"
> Cc: dev@openvswitch.org
> Sent: Friday, February 8, 2013 9:14:13 AM
> Subject: Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
>
> On Thu, Feb 07, 2013 at 03:48:14PM -0800, Pavithra Ramesh wrote:
> > If socket path specified is relative to ovs_rundir(),
> > append the directory name to in unix_open and punix_open.
> > Freed the new newly allocated strings.
> > Also included the change in bridge.c to relax the whitelist
> > check, only if there is no /.
> >
> > Signed-off-by: Pavithra Ramesh
>
> Here's a revised version that passes all tests.
>
> --8<--cut here-->8--
>
> From: Pavithra Ramesh
> Date: Thu, 7 Feb 2013 15:48:14 -0800
> Subject: [PATCH] stream-unix: append ovs_rundir to socket
>
> If socket path specified is relative to ovs_rundir(),
> append the directory name to in unix_open and punix_open.
> Freed the new newly allocated strings.
> Also included the change in bridge.c to relax the whitelist
> check, only if there is no /.
>
> Signed-off-by: Pavithra Ramesh
> Signed-off-by: Ben Pfaff
> ---
> lib/stream-unix.c| 20 ++--
> tests/jsonrpc.at |3 +++
> tests/ovsdb-execution.at |1 +
> tests/ovsdb-idl.at |3 +++
> tests/ovsdb-macros.at|3 ++-
> tests/ovsdb-monitor.at |1 +
> tests/ovsdb-server.at|9 +
> tests/ovsdb-tool.at |4
> tests/vconn.at |1 +
> vswitchd/bridge.c|6 --
> 10 files changed, 42 insertions(+), 9 deletions(-)
>
> diff --git a/lib/stream-unix.c b/lib/stream-unix.c
> index 6ed7648..dbee135 100644
> --- a/lib/stream-unix.c
> +++ b/lib/stream-unix.c
> @@ -1,5 +1,5 @@
> /*
> - * Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc.
> + * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
> *
> * Licensed under the Apache License, Version 2.0 (the "License");
> * you may not use this file except in compliance with the License.
> @@ -29,6 +29,7 @@
> #include "packets.h"
> #include "poll-loop.h"
> #include "socket-util.h"
> +#include "dirs.h"
> #include "util.h"
> #include "stream-provider.h"
> #include "stream-fd.h"
> @@ -42,15 +43,19 @@ static int
> unix_open(const char *name, char *suffix, struct stream **streamp,
>uint8_t dscp OVS_UNUSED)
> {
> -const char *connect_path = suffix;
> +char *connect_path;
> int fd;
>
> +connect_path = abs_file_name(ovs_rundir(), suffix);
> fd = make_unix_socket(SOCK_STREAM, true, NULL, connect_path);
> +
> if (fd < 0) {
> VLOG_DBG("%s: connection failed (%s)", connect_path, strerror(-fd));
> +free(connect_path);
> return -fd;
> }
>
> +free(connect_path);
> return new_fd_stream(name, fd, check_connection_completion(fd), streamp);
> }
>
> @@ -76,11 +81,14 @@ static int
> punix_open(const char *name OVS_UNUSED, char *suffix,
> struct pstream **pstreamp, uint8_t dscp OVS_UNUSED)
> {
> +char *bind_path;
> int fd, error;
>
> -fd = make_unix_socket(SOCK_STREAM, true, suffix, NULL);
> +bind_path = abs_file_name(ovs_rundir(), suffix);
> +fd = make_unix_socket(SOCK_STREAM, true, bind_path, NULL);
> if (fd < 0) {
> -VLOG_ERR("%s: binding failed: %s", suffix, strerror(errno));
> +VLOG_ERR("%s: binding failed: %s", bind_path, strerror(errno));
> +free(bind_path);
> return errno;
> }
>
> @@ -88,11 +96,11 @@ punix_open(const char *name OVS_UNUSED, char *suffix,
> error = errno;
> VLOG_ERR("%s: listen: %s", name, strerror(error));
> close(fd);
> +free(bind_path);
> return error;
> }
>
> -return new_fd_pstream(name, fd, punix_accept, NULL,
> - xstrdup(suffix), pstreamp);
> +return new_fd_pstream(name, fd, punix_accept, NULL, bind_path, pstreamp);
> }
>
> static int
> diff --git a/tests/jsonrpc.at b/tests/jsonrpc.at
> index 2a7f91b..664debe 100644
> --- a/tests/jsonrpc.at
> +++ b/tests/jsonrpc.at
> @@ -1,6 +1,7 @@
> AT_BANNER([JSON-RPC - C])
>
> AT_SETUP([JSON-RPC request and successful reply])
> +OVS_RUNDIR=`pwd`; export OVS_RUNDIR
> AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
> punix:socket])
> AT_CHECK([test -s pid])
> AT_CHECK([kill -0 `cat pid`])
> @@ -12,6 +13,7 @@ AT_CHECK([kill `cat pid`])
> AT_CLEANUP
>
> AT_SETUP([JSON-RPC request and error reply])
> +OVS_RUNDIR=`pwd`; export OVS_RUNDIR
> AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
> punix:socket])
> AT_CHECK([test -s pid])
> AT_CHECK([kill -0
Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
Sure, I've made the change and will send out a new patch.
Can you push this one?
Thanks,
Pavithra
- Original Message -
From: "Ben Pfaff"
To: "Pavithra Ramesh"
Cc: dev@openvswitch.org
Sent: Friday, February 8, 2013 11:18:38 AM
Subject: Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
Yes, would you mind taking a first shot?
On Fri, Feb 08, 2013 at 09:51:33AM -0800, Pavithra Ramesh wrote:
> Thanks Ben. The patch looks good.
> Do we also want to change the python stream implementation
> to behave the same way?
>
> -Pavithra
>
> - Original Message -
> From: "Ben Pfaff"
> To: "Pavithra Ramesh"
> Cc: dev@openvswitch.org
> Sent: Friday, February 8, 2013 9:14:13 AM
> Subject: Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
>
> On Thu, Feb 07, 2013 at 03:48:14PM -0800, Pavithra Ramesh wrote:
> > If socket path specified is relative to ovs_rundir(),
> > append the directory name to in unix_open and punix_open.
> > Freed the new newly allocated strings.
> > Also included the change in bridge.c to relax the whitelist
> > check, only if there is no /.
> >
> > Signed-off-by: Pavithra Ramesh
>
> Here's a revised version that passes all tests.
>
> --8<--cut here-->8--
>
> From: Pavithra Ramesh
> Date: Thu, 7 Feb 2013 15:48:14 -0800
> Subject: [PATCH] stream-unix: append ovs_rundir to socket
>
> If socket path specified is relative to ovs_rundir(),
> append the directory name to in unix_open and punix_open.
> Freed the new newly allocated strings.
> Also included the change in bridge.c to relax the whitelist
> check, only if there is no /.
>
> Signed-off-by: Pavithra Ramesh
> Signed-off-by: Ben Pfaff
> ---
> lib/stream-unix.c| 20 ++--
> tests/jsonrpc.at |3 +++
> tests/ovsdb-execution.at |1 +
> tests/ovsdb-idl.at |3 +++
> tests/ovsdb-macros.at|3 ++-
> tests/ovsdb-monitor.at |1 +
> tests/ovsdb-server.at|9 +
> tests/ovsdb-tool.at |4
> tests/vconn.at |1 +
> vswitchd/bridge.c|6 --
> 10 files changed, 42 insertions(+), 9 deletions(-)
>
> diff --git a/lib/stream-unix.c b/lib/stream-unix.c
> index 6ed7648..dbee135 100644
> --- a/lib/stream-unix.c
> +++ b/lib/stream-unix.c
> @@ -1,5 +1,5 @@
> /*
> - * Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc.
> + * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
> *
> * Licensed under the Apache License, Version 2.0 (the "License");
> * you may not use this file except in compliance with the License.
> @@ -29,6 +29,7 @@
> #include "packets.h"
> #include "poll-loop.h"
> #include "socket-util.h"
> +#include "dirs.h"
> #include "util.h"
> #include "stream-provider.h"
> #include "stream-fd.h"
> @@ -42,15 +43,19 @@ static int
> unix_open(const char *name, char *suffix, struct stream **streamp,
>uint8_t dscp OVS_UNUSED)
> {
> -const char *connect_path = suffix;
> +char *connect_path;
> int fd;
>
> +connect_path = abs_file_name(ovs_rundir(), suffix);
> fd = make_unix_socket(SOCK_STREAM, true, NULL, connect_path);
> +
> if (fd < 0) {
> VLOG_DBG("%s: connection failed (%s)", connect_path, strerror(-fd));
> +free(connect_path);
> return -fd;
> }
>
> +free(connect_path);
> return new_fd_stream(name, fd, check_connection_completion(fd), streamp);
> }
>
> @@ -76,11 +81,14 @@ static int
> punix_open(const char *name OVS_UNUSED, char *suffix,
> struct pstream **pstreamp, uint8_t dscp OVS_UNUSED)
> {
> +char *bind_path;
> int fd, error;
>
> -fd = make_unix_socket(SOCK_STREAM, true, suffix, NULL);
> +bind_path = abs_file_name(ovs_rundir(), suffix);
> +fd = make_unix_socket(SOCK_STREAM, true, bind_path, NULL);
> if (fd < 0) {
> -VLOG_ERR("%s: binding failed: %s", suffix, strerror(errno));
> +VLOG_ERR("%s: binding failed: %s", bind_path, strerror(errno));
> +free(bind_path);
> return errno;
> }
>
> @@ -88,11 +96,11 @@ punix_open(const char *name OVS_UNUSED, char *suffix,
> error = errno;
> VLOG_ERR("%s: listen: %s", name, strerror(error));
> close(fd);
> +free(bind_path);
> return error;
> }
>
> -return new_fd_pstream(name, fd, punix_accept, NULL,
> - xstrdup(suffix), pstreamp);
> +return new_fd_pstream(name, fd, punix_accept, NULL, bind_path, pstreamp);
> }
>
> static int
> diff --git a/tests/jsonrpc.at b/tests/jsonrpc.at
> index 2a7f91b..664debe 100644
> --- a/tests/jsonrpc.at
> +++ b/tests/jsonrpc.at
> @@ -1,6 +1,7 @@
> AT_BANNER([JSON-RPC - C])
>
> AT_SETUP([JSON-RPC request and successful reply])
> +OVS_RUNDIR=`pwd`; export OVS_RUNDIR
> AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
> punix:socket])
> AT_CHECK([test -s pid])
> AT_CHECK([k
[ovs-dev] [PATCH] datapath: Fix ovs_vport_cmd_new return value on success
This bug was introduced in 1fc7083d (datapath: Remove vport MAC address configuration.) Signed-off-by: Rich Lane --- datapath/datapath.c |1 + 1 file changed, 1 insertion(+) diff --git a/datapath/datapath.c b/datapath/datapath.c index f78c232..87c96ae 100644 --- a/datapath/datapath.c +++ b/datapath/datapath.c @@ -1967,6 +1967,7 @@ static int ovs_vport_cmd_new(struct sk_buff *skb, struct genl_info *info) if (IS_ERR(vport)) goto exit_unlock; + err = 0; if (a[OVS_VPORT_ATTR_STATS]) ovs_vport_set_stats(vport, nla_data(a[OVS_VPORT_ATTR_STATS])); -- 1.7.9.5 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [BUG] SLB bonding & bond-rebalance-interval not working as expected
Hi, On 30/01/13 14:44, Markus Schuster wrote: Hi, looks like I'm currently in SLB bonding bug hunting mood :) - I think I found an additional bug / strange behaviour with balance-slb bonding: Two VMs suffered from short term (a few minutes) connectivity issues every now and then, so I started digging further into the issue. First thing I noticed is the MAC of the VM jumping between ports on the uplink switches like mad - I had to think of my other bug report [1] - but this time I saw no broad- or multicast frames but normal unicast frames sent out on both member ports of the bond for a few minutes every now and then. Long story short: XCP 1.6 configures SLB bonds to rebalance their traffic every 30 minutes. And it looks like Open vSwitch sometimes fails in migrating certain flows from one interface to the other. That causes some traffic to be sent via the "old" interface and some via the "new" interface. This is a known problem in OVS 1.4.2 (the version released with XenServer 6.1): the flows are not properly tagged during rebalancing in userspace, and therefore the change doesn't propagate to the kernel flow tables. This was fixed by this backported patch in 1.4.3: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=865f22b3b3cb953c48ed30dd21f16ea3dd53f04c And the algorithm was also quite ineffective, it was fixed in 1.4.4: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=ba60b421cc159b7e53f7e9a890aa130a35801083 There isn't any XS 6.1 public hotfix released for this. Regards, Zoltan Kiss ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
Usually we put both the C and Python versions into one patch, if we
remember to change both versions at the same time.
On Fri, Feb 08, 2013 at 11:24:45AM -0800, Pavithra Ramesh wrote:
> Sure, I've made the change and will send out a new patch.
> Can you push this one?
>
> Thanks,
> Pavithra
>
> - Original Message -
> From: "Ben Pfaff"
> To: "Pavithra Ramesh"
> Cc: dev@openvswitch.org
> Sent: Friday, February 8, 2013 11:18:38 AM
> Subject: Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
>
> Yes, would you mind taking a first shot?
>
> On Fri, Feb 08, 2013 at 09:51:33AM -0800, Pavithra Ramesh wrote:
> > Thanks Ben. The patch looks good.
> > Do we also want to change the python stream implementation
> > to behave the same way?
> >
> > -Pavithra
> >
> > - Original Message -
> > From: "Ben Pfaff"
> > To: "Pavithra Ramesh"
> > Cc: dev@openvswitch.org
> > Sent: Friday, February 8, 2013 9:14:13 AM
> > Subject: Re: [ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
> >
> > On Thu, Feb 07, 2013 at 03:48:14PM -0800, Pavithra Ramesh wrote:
> > > If socket path specified is relative to ovs_rundir(),
> > > append the directory name to in unix_open and punix_open.
> > > Freed the new newly allocated strings.
> > > Also included the change in bridge.c to relax the whitelist
> > > check, only if there is no /.
> > >
> > > Signed-off-by: Pavithra Ramesh
> >
> > Here's a revised version that passes all tests.
> >
> > --8<--cut here-->8--
> >
> > From: Pavithra Ramesh
> > Date: Thu, 7 Feb 2013 15:48:14 -0800
> > Subject: [PATCH] stream-unix: append ovs_rundir to socket
> >
> > If socket path specified is relative to ovs_rundir(),
> > append the directory name to in unix_open and punix_open.
> > Freed the new newly allocated strings.
> > Also included the change in bridge.c to relax the whitelist
> > check, only if there is no /.
> >
> > Signed-off-by: Pavithra Ramesh
> > Signed-off-by: Ben Pfaff
> > ---
> > lib/stream-unix.c| 20 ++--
> > tests/jsonrpc.at |3 +++
> > tests/ovsdb-execution.at |1 +
> > tests/ovsdb-idl.at |3 +++
> > tests/ovsdb-macros.at|3 ++-
> > tests/ovsdb-monitor.at |1 +
> > tests/ovsdb-server.at|9 +
> > tests/ovsdb-tool.at |4
> > tests/vconn.at |1 +
> > vswitchd/bridge.c|6 --
> > 10 files changed, 42 insertions(+), 9 deletions(-)
> >
> > diff --git a/lib/stream-unix.c b/lib/stream-unix.c
> > index 6ed7648..dbee135 100644
> > --- a/lib/stream-unix.c
> > +++ b/lib/stream-unix.c
> > @@ -1,5 +1,5 @@
> > /*
> > - * Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc.
> > + * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
> > *
> > * Licensed under the Apache License, Version 2.0 (the "License");
> > * you may not use this file except in compliance with the License.
> > @@ -29,6 +29,7 @@
> > #include "packets.h"
> > #include "poll-loop.h"
> > #include "socket-util.h"
> > +#include "dirs.h"
> > #include "util.h"
> > #include "stream-provider.h"
> > #include "stream-fd.h"
> > @@ -42,15 +43,19 @@ static int
> > unix_open(const char *name, char *suffix, struct stream **streamp,
> >uint8_t dscp OVS_UNUSED)
> > {
> > -const char *connect_path = suffix;
> > +char *connect_path;
> > int fd;
> >
> > +connect_path = abs_file_name(ovs_rundir(), suffix);
> > fd = make_unix_socket(SOCK_STREAM, true, NULL, connect_path);
> > +
> > if (fd < 0) {
> > VLOG_DBG("%s: connection failed (%s)", connect_path,
> > strerror(-fd));
> > +free(connect_path);
> > return -fd;
> > }
> >
> > +free(connect_path);
> > return new_fd_stream(name, fd, check_connection_completion(fd),
> > streamp);
> > }
> >
> > @@ -76,11 +81,14 @@ static int
> > punix_open(const char *name OVS_UNUSED, char *suffix,
> > struct pstream **pstreamp, uint8_t dscp OVS_UNUSED)
> > {
> > +char *bind_path;
> > int fd, error;
> >
> > -fd = make_unix_socket(SOCK_STREAM, true, suffix, NULL);
> > +bind_path = abs_file_name(ovs_rundir(), suffix);
> > +fd = make_unix_socket(SOCK_STREAM, true, bind_path, NULL);
> > if (fd < 0) {
> > -VLOG_ERR("%s: binding failed: %s", suffix, strerror(errno));
> > +VLOG_ERR("%s: binding failed: %s", bind_path, strerror(errno));
> > +free(bind_path);
> > return errno;
> > }
> >
> > @@ -88,11 +96,11 @@ punix_open(const char *name OVS_UNUSED, char *suffix,
> > error = errno;
> > VLOG_ERR("%s: listen: %s", name, strerror(error));
> > close(fd);
> > +free(bind_path);
> > return error;
> > }
> >
> > -return new_fd_pstream(name, fd, punix_accept, NULL,
> > - xstrdup(suffix), pstreamp);
> > +return new_fd_pstream(name, fd, punix_acce
[ovs-dev] [PATCH] stream-unix: append ovs_rundir to socket
If socket path specified is relative to ovs_rundir(),
append the directory name to in unix_open and punix_open.
Made the change in the stream-unix implementation of C and
Python.
Also modified bridge.c to relax the whitelist check,
only if there is no '/' in socket name.
---
lib/stream-unix.c| 20 ++--
python/ovs/stream.py |4
tests/jsonrpc.at |3 +++
tests/ovsdb-execution.at |1 +
tests/ovsdb-idl.at |4
tests/ovsdb-macros.at|3 ++-
tests/ovsdb-monitor.at |1 +
tests/ovsdb-server.at|8
tests/ovsdb-tool.at |4
tests/vconn.at |1 +
vswitchd/bridge.c|6 --
11 files changed, 46 insertions(+), 9 deletions(-)
diff --git a/lib/stream-unix.c b/lib/stream-unix.c
index 6ed7648..dbee135 100644
--- a/lib/stream-unix.c
+++ b/lib/stream-unix.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc.
+ * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -29,6 +29,7 @@
#include "packets.h"
#include "poll-loop.h"
#include "socket-util.h"
+#include "dirs.h"
#include "util.h"
#include "stream-provider.h"
#include "stream-fd.h"
@@ -42,15 +43,19 @@ static int
unix_open(const char *name, char *suffix, struct stream **streamp,
uint8_t dscp OVS_UNUSED)
{
-const char *connect_path = suffix;
+char *connect_path;
int fd;
+connect_path = abs_file_name(ovs_rundir(), suffix);
fd = make_unix_socket(SOCK_STREAM, true, NULL, connect_path);
+
if (fd < 0) {
VLOG_DBG("%s: connection failed (%s)", connect_path, strerror(-fd));
+free(connect_path);
return -fd;
}
+free(connect_path);
return new_fd_stream(name, fd, check_connection_completion(fd), streamp);
}
@@ -76,11 +81,14 @@ static int
punix_open(const char *name OVS_UNUSED, char *suffix,
struct pstream **pstreamp, uint8_t dscp OVS_UNUSED)
{
+char *bind_path;
int fd, error;
-fd = make_unix_socket(SOCK_STREAM, true, suffix, NULL);
+bind_path = abs_file_name(ovs_rundir(), suffix);
+fd = make_unix_socket(SOCK_STREAM, true, bind_path, NULL);
if (fd < 0) {
-VLOG_ERR("%s: binding failed: %s", suffix, strerror(errno));
+VLOG_ERR("%s: binding failed: %s", bind_path, strerror(errno));
+free(bind_path);
return errno;
}
@@ -88,11 +96,11 @@ punix_open(const char *name OVS_UNUSED, char *suffix,
error = errno;
VLOG_ERR("%s: listen: %s", name, strerror(error));
close(fd);
+free(bind_path);
return error;
}
-return new_fd_pstream(name, fd, punix_accept, NULL,
- xstrdup(suffix), pstreamp);
+return new_fd_pstream(name, fd, punix_accept, NULL, bind_path, pstreamp);
}
static int
diff --git a/python/ovs/stream.py b/python/ovs/stream.py
index c640ebf..fb083ee 100644
--- a/python/ovs/stream.py
+++ b/python/ovs/stream.py
@@ -107,6 +107,8 @@ class Stream(object):
return errno.EAFNOSUPPORT, None
suffix = name.split(":", 1)[1]
+if name.startswith("unix:"):
+suffix = ovs.util.abs_file_name(ovs.dirs.RUNDIR, suffix)
error, sock = cls._open(suffix, dscp)
if error:
return error, None
@@ -282,6 +284,8 @@ class PassiveStream(object):
return errno.EAFNOSUPPORT, None
bind_path = name[6:]
+if name.startswith("punix:"):
+bind_path = ovs.util.abs_file_name(ovs.dirs.RUNDIR, bind_path)
error, sock = ovs.socket_util.make_unix_socket(socket.SOCK_STREAM,
True, bind_path, None)
if error:
diff --git a/tests/jsonrpc.at b/tests/jsonrpc.at
index 2a7f91b..664debe 100644
--- a/tests/jsonrpc.at
+++ b/tests/jsonrpc.at
@@ -1,6 +1,7 @@
AT_BANNER([JSON-RPC - C])
AT_SETUP([JSON-RPC request and successful reply])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
AT_CHECK([kill -0 `cat pid`])
@@ -12,6 +13,7 @@ AT_CHECK([kill `cat pid`])
AT_CLEANUP
AT_SETUP([JSON-RPC request and error reply])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
AT_CHECK([kill -0 `cat pid`])
@@ -23,6 +25,7 @@ AT_CHECK([kill `cat pid`])
AT_CLEANUP
AT_SETUP([JSON-RPC notification])
+OVS_RUNDIR=`pwd`; export OVS_RUNDIR
AT_CHECK([test-jsonrpc --detach --no-chdir --pidfile="`pwd`"/pid listen
punix:socket])
AT_CHECK([test -s pid])
# When a daemon dies it deletes its pidfile, so make a copy.
diff --git a/tests/ovsdb-execution.at b/tests/ovsdb-execution.at
index 6a3b5d1..eec2a04 100644
--- a/tests
Re: [ovs-dev] [PATCH 1/2] Optimize classifier by maintaining the priority of the highest priority rule in each table.
On Fri, Feb 08, 2013 at 12:06:22AM +0200, Jarno Rajahalme wrote:
>
> Signed-off-by: Jarno Rajahalme
Well done. I applied this to master. I only added {} around a
statement where it was missing and ending punctuation to a few
comments.
Thanks a lot.
Ben
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] datapath: Fix ovs_vport_cmd_new return value on success
On Fri, Feb 8, 2013 at 12:09 PM, Rich Lane wrote: > This bug was introduced in 1fc7083d (datapath: Remove vport MAC address > configuration.) > > Signed-off-by: Rich Lane Also applied, thanks. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] ofproto-dpif: Reduce number of get_ofp_port() calls during flow xlate.
The patch pretty much looks good to me. I still don't think we have
the patch port code exactly correct though. Suppose we're neither in
the forwarding state, nor the learning state. It looks to me like
we'll still run through the learning code when sending through the
patch port, though we don't do that for a normal port. I think what
we really want is something more akin to what we do in xlate_actions
where we call may_receive() directly.
Ethan
On Thu, Feb 7, 2013 at 11:04 AM, Ben Pfaff wrote:
> Until now the flow translation code has done one get_ofp_port() call
> initially to check for special processing, then one for each level of
> action processing. Only one call is actually necessary, though, because
> the in_port of a flow doesn't change in ordinary circumstances, and so this
> commit eliminates the unnecessary calls.
>
> The one case where the in_port can change is when a packet passes through
> a patch port. The implementation here was buggy anyway: when the patch
> port's peer had forwarding disabled by STP, then the code would drop all
> ODP actions, even those that were executed before the packet crossed the
> patch port. This commit fixes that case.
>
> With a complicated flow table involving multiple levels of resubmit, this
> increases flow setup performance by 2-3%.
>
> Signed-off-by: Ben Pfaff
> ---
> ofproto/ofproto-dpif.c | 56 ---
> 1 files changed, 33 insertions(+), 23 deletions(-)
>
> diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c
> index f91d3c3..2c73640 100644
> --- a/ofproto/ofproto-dpif.c
> +++ b/ofproto/ofproto-dpif.c
> @@ -3318,15 +3318,11 @@ send_packet_in_miss(struct ofproto_dpif *ofproto,
> const struct ofpbuf *packet,
>
> static enum slow_path_reason
> process_special(struct ofproto_dpif *ofproto, const struct flow *flow,
> -const struct ofpbuf *packet)
> +const struct ofport_dpif *ofport, const struct ofpbuf
> *packet)
> {
> -struct ofport_dpif *ofport = get_ofp_port(ofproto, flow->in_port);
> -
> if (!ofport) {
> return 0;
> -}
> -
> -if (ofport->cfm && cfm_should_process_flow(ofport->cfm, flow)) {
> +} else if (ofport->cfm && cfm_should_process_flow(ofport->cfm, flow)) {
> if (packet) {
> cfm_process_heartbeat(ofport->cfm, packet);
> }
> @@ -3342,8 +3338,9 @@ process_special(struct ofproto_dpif *ofproto, const
> struct flow *flow,
> stp_process_packet(ofport, packet);
> }
> return SLOW_STP;
> +} else {
> +return 0;
> }
> -return 0;
> }
>
> static struct flow_miss *
> @@ -5733,6 +5730,7 @@ compose_output_action__(struct action_xlate_ctx *ctx,
> uint16_t ofp_port,
> struct ofport_dpif *peer = ofport_get_peer(ofport);
> struct flow old_flow = ctx->flow;
> const struct ofproto_dpif *peer_ofproto;
> +struct ofport_dpif *in_port;
>
> if (!peer) {
> xlate_report(ctx, "Nonexistent patch port peer");
> @@ -5750,7 +5748,20 @@ compose_output_action__(struct action_xlate_ctx *ctx,
> uint16_t ofp_port,
> ctx->flow.metadata = htonll(0);
> memset(&ctx->flow.tunnel, 0, sizeof ctx->flow.tunnel);
> memset(ctx->flow.regs, 0, sizeof ctx->flow.regs);
> -xlate_table_action(ctx, ctx->flow.in_port, 0, true);
> +
> +in_port = get_ofp_port(ctx->ofproto, ctx->flow.in_port);
> +if (!in_port || stp_forward_in_state(in_port->stp_state)) {
> +xlate_table_action(ctx, ctx->flow.in_port, 0, true);
> +} else {
> +/* Forwarding is disabled by STP. Let OFPP_NORMAL and the
> learning
> + * action look at the packet, then drop it. */
> +struct flow old_base_flow = ctx->base_flow;
> +size_t old_size = ctx->odp_actions->size;
> +xlate_table_action(ctx, ctx->flow.in_port, 0, true);
> +ctx->base_flow = old_base_flow;
> +ctx->odp_actions->size = old_size;
> +}
> +
> ctx->flow = old_flow;
> ctx->ofproto = ofproto_dpif_cast(ofport->up.ofproto);
>
> @@ -6300,16 +6311,9 @@ static void
> do_xlate_actions(const struct ofpact *ofpacts, size_t ofpacts_len,
> struct action_xlate_ctx *ctx)
> {
> -const struct ofport_dpif *port;
> bool was_evictable = true;
> const struct ofpact *a;
>
> -port = get_ofp_port(ctx->ofproto, ctx->flow.in_port);
> -if (port && !may_receive(port, ctx)) {
> -/* Drop this flow. */
> -return;
> -}
> -
> if (ctx->rule) {
> /* Don't let the rule we're working on get evicted underneath us. */
> was_evictable = ctx->rule->up.evictable;
> @@ -6497,12 +6501,6 @@ do_xlate_actions(const struct ofpact *ofpacts, size_t
> ofpacts_len,
> }
>
> out:
> -/* We've let OFPP_NORMAL and the learning action look at the packet,
> - * so drop it now if forwarding
Re: [ovs-dev] [PATCH 2/2] tunnel: Treat in_key=0 the same as a missing in_key.
Thanks for the reviews. I've pushed this to master and 1.10 Ethan On Fri, Feb 8, 2013 at 8:45 AM, Ben Pfaff wrote: > On Thu, Feb 07, 2013 at 07:04:22PM -0800, Ethan Jackson wrote: >> The documented behavior of ovs is that a missing key is the >> same as a zero key. However, the tunneling code actually treated >> them differently. This could cause problems with tunneling modes >> such as vxlan which always have a key. Specifically, a tunnel with >> no key configured, would send have to send traffic with a key of >> zero. However, the same tunnel would drop incoming traffic with a >> zero key because it was expecting there to be none at all. >> >> Signed-off-by: Ethan Jackson > > Looks good, thanks. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH] ovs-pki: Increase the validity period for all certificates.
This patch increases the certificate validity to 100 years for certificate authorities, the certificates that they certify and for self signed certificates. Signed-off-by: Gurucharan Shetty --- utilities/ovs-pki.in |6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in index 1f15410..a506375 100755 --- a/utilities/ovs-pki.in +++ b/utilities/ovs-pki.in @@ -272,7 +272,7 @@ certificate= $dir/cacert.pem # The CA cert serial = $dir/serial # serial no file private_key= $dir/private/cakey.pem# CA private key RANDFILE = $dir/private/.rand# random number file -default_days = 365 # how long to certify for +default_days = 36525 # how long to certify for default_crl_days= 30 # how long before next CRL default_md = md5 # md to use policy = policy# default policy @@ -303,7 +303,7 @@ EOF -newkey $newkey -keyout private/cakey.pem -out careq.pem \ 1>&3 2>&3 openssl ca -config ca.cnf -create_serial -out cacert.pem \ --days 2191 -batch -keyfile private/cakey.pem -selfsign \ +-days 36525 -batch -keyfile private/cakey.pem -selfsign \ -infiles careq.pem 1>&3 2>&3 chmod 0700 private/cakey.pem @@ -514,7 +514,7 @@ elif test "$command" = self-sign; then # Create both the private key and certificate with restricted permissions. (umask 077 && \ openssl x509 -in "$arg1-req.pem" -out "$arg1-cert.pem.tmp" \ --signkey "$arg1-privkey.pem" -req -days 2191 -text) 2>&3 || exit $? +-signkey "$arg1-privkey.pem" -req -days 36525 -text) 2>&3 || exit $? # Reset the permissions on the certificate to the user's default. cat "$arg1-cert.pem.tmp" > "$arg1-cert.pem" -- 1.7.9.5 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH 1/2] datapath: Call genlmsg_end in queue_userspace_packet
Without genlmsg_end the upcall message ends (according to nlmsg_len) after the struct ovs_header. Signed-off-by: Rich Lane --- datapath/datapath.c |1 + 1 file changed, 1 insertion(+) diff --git a/datapath/datapath.c b/datapath/datapath.c index 87c96ae..5d18def 100644 --- a/datapath/datapath.c +++ b/datapath/datapath.c @@ -399,6 +399,7 @@ static int queue_userspace_packet(struct net *net, int dp_ifindex, skb_copy_and_csum_dev(skb, nla_data(nla)); + genlmsg_end(user_skb, upcall); err = genlmsg_unicast(net, user_skb, upcall_info->portid); out: -- 1.7.9.5 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
[ovs-dev] [PATCH 2/2] datapath: Fix parsing invalid LLC/SNAP ethertypes
Before this patch, if an LLC/SNAP packet with OUI 00:00:00 had an ethertype less than 1536 the flow key given to userspace in the upcall would contain the invalid ethertype (for example, 3). If userspace attempted to insert a kernel flow for this key it would be rejected by ovs_flow_from_nlattrs. This patch allows OVS to pass the OFTest pktact.DirectBadLlcPackets. Signed-off-by: Rich Lane --- datapath/flow.c |6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/datapath/flow.c b/datapath/flow.c index fad9e19..b14229f 100644 --- a/datapath/flow.c +++ b/datapath/flow.c @@ -500,7 +500,11 @@ static __be16 parse_ethertype(struct sk_buff *skb) return htons(ETH_P_802_2); __skb_pull(skb, sizeof(struct llc_snap_hdr)); - return llc->ethertype; + + if (ntohs(llc->ethertype) >= 1536) + return llc->ethertype; + + return htons(ETH_P_802_2); } static int parse_icmpv6(struct sk_buff *skb, struct sw_flow_key *key, -- 1.7.9.5 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] ovs-pki: Increase the validity period for all certificates.
On Fri, Feb 08, 2013 at 02:49:12PM -0800, Gurucharan Shetty wrote: > This patch increases the certificate validity to 100 years > for certificate authorities, the certificates that they certify > and for self signed certificates. > > Signed-off-by: Gurucharan Shetty Thanks, this seems reasonable. (But 2100 isn't a leap year so 36525 is 100 years + 1 day for any cert you create today.) ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] Does ovs-vsctl add-br br01 really create a bridge just like brctl add-br br01?
HI Thanks, so, to do kernel configuration, how does ovs-vswitchd do? by direct function call or some other mechanism? 2013/2/9 Ben Pfaff > On Fri, Feb 08, 2013 at 11:18:07AM +0800, ?? wrote: > >Thanks your reply. Yes, I read that manual several times before i sent > > the previous post here. This manual tell me that ovs-vsctl is a db > client > > to configure Open vSwitch configuration database maintained by > > ovsdb-server. So when you execute ovs-vsctl add-br br01 command, it > > actually only store this information in Bridge table of Open vSwitch > > configuration database. Is my understanding right? > > Yes. After ovs-vsctl updates the database, ovs-vswitchd then > reconfigures itself, and the kernel configuration, based on the new > database contents. > ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH] ovs-ctl: Add support for built-in (non-modular) kernel support.
On Sat, Feb 9, 2013 at 12:46 AM, Ben Pfaff wrote: > On Wed, Feb 06, 2013 at 08:44:36AM -0800, Ben Pfaff wrote: >> On Wed, Feb 06, 2013 at 03:54:14PM +0800, Cong Wang wrote: >> > On 02/06/2013 03:14 AM, Ben Pfaff wrote: >> > >Reported-by: Cong Wang >> > >Signed-off-by: Ben Pfaff >> > >--- >> > >Cong, will you verify that this makes the init script work OK for >> > >your kernel with OVS built-in? >> > >> > I got: >> > >> > # ovs-dpctl show -voff >> > ovs-dpctl: processing "off": unknown module "off" >> >> You said in another email that you're using Open vSwitch 1.4.2. The >> patch I sent is for Open vSwitch "master" (1.10.90). Nevertheless, if >> you remove "-voff", I think it will work with 1.4.2. Will you try it >> that way? > > Cong, any chance you could try it out? Hi, Ben, Sorry for the delay. It is Chinese new year now. :) I doubt it works even after removing "-voff", as I compile bridge module too (therefore /sys/modules/bridge exists). I will try to kick out bridge and retest your patch. Thanks! ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
