Re: [ovs-dev] [PATCH] netdev-linux: fix bug of ovs ingress policing with linux tc

2015-08-20 Thread ychen 
yes, maybe it is not a perfect resolution, but it did resolved 
this problem: when tapB deleted from ovs bridge, tapA's ingress rule disappeared
and of course, there maybe some problem I haven't consider, 
so I want more detailed suggestions, thanks!






At 2015-08-20 13:03:53, "Ben Pfaff"  wrote:
>On Thu, Aug 20, 2015 at 11:29:07AM +0800, ychen wrote:
>> port's ingress qdisc rule will automatically disappeared after
>> the following steps:
>> 1)use ip tuntap to create port tapA and tapB
>> 2)set tapA and tapB to ingress qdisc with linux tc command
>> 3)add tapA to ovs bridge
>> 4)add tapB to the same ovs bridge(ingress rule disappear for tapA)
>> ingress_policing_rate equals to 0 means disable ingress policing,
>> so set flag VALID_POLICING only when this paramter is effective,
>> and before send deleteing ingress qdisc message to kernel, first check
>> whether need to do this action. if settings not changed or policing is not
>> enabled with ingress_policing_rate equal to 0, do not send any message.
>> when interface's MAC,MTU,link state changed, there will be a RTM_NETLINK 
>> message from kernel, and keep the flag VALID_POLICING as it is.
>
>I'm still not going to take this.  As I said before, I don't see how
>this solves the problem described in
>http://openvswitch.org/pipermail/discuss/2015-May/017687.html.  I don't
>see much value in just tweaking the parameters of the problem.
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] Dev@openvswitch.org

2015-08-20 Thread oakley 
The original message was received at Thu, 20 Aug 2015 14:30:06 +0700 from 
[147.45.33.92]

- The following addresses had permanent fatal errors -


- Transcript of the session follows -
... while talking to 219.189.62.132:
>>> RCPT To:
<<< 550 5.1.1 ... Not known here

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Re: [ovs-dev] [ovn-controller-vtep V7 1/3] ovn-controller-vtep: Add vtep module.

2015-08-20 Thread Russell Bryant 
acked this earlier, but just came across something while reviewing the
next patch ... let me know if I'm missing something.

On 08/18/2015 05:58 PM, Alex Wang wrote:
> This commit adds the vtep module to ovn-controller-vtep.  The
> module will scan through the Port_Binding table in OVN-SB database,
> and update the vtep logcial switches tunnel keys.
> 
> Signed-off-by: Alex Wang 
> ---
> V6->V7:
> - change the assertion to VLOG_ERR in vtep_lswitch_run().
> - refine the vtep_lswitch_run() as suggested by Russell.
> - refine vtep_lswitch_cleanup() as suggested by Russell.
> 
> V5->V6:
> - rebase.
> 
> V5: new patch.
> ---
>  ovn/controller-vtep/automake.mk   |4 +-
>  ovn/controller-vtep/binding.c |3 +-
>  ovn/controller-vtep/gateway.c |3 +-
>  ovn/controller-vtep/ovn-controller-vtep.c |3 +
>  ovn/controller-vtep/vtep.c|  149 
> +
>  ovn/controller-vtep/vtep.h|   27 ++
>  tests/ovn-controller-vtep.at  |   32 +++
>  7 files changed, 218 insertions(+), 3 deletions(-)
>  create mode 100644 ovn/controller-vtep/vtep.c
>  create mode 100644 ovn/controller-vtep/vtep.h
> 
> diff --git a/ovn/controller-vtep/automake.mk b/ovn/controller-vtep/automake.mk
> index 33f063f..cacfae6 100644
> --- a/ovn/controller-vtep/automake.mk
> +++ b/ovn/controller-vtep/automake.mk
> @@ -5,7 +5,9 @@ ovn_controller_vtep_ovn_controller_vtep_SOURCES = \
>   ovn/controller-vtep/gateway.c \
>   ovn/controller-vtep/gateway.h \
>   ovn/controller-vtep/ovn-controller-vtep.c \
> - ovn/controller-vtep/ovn-controller-vtep.h
> + ovn/controller-vtep/ovn-controller-vtep.h \
> + ovn/controller-vtep/vtep.c \
> + ovn/controller-vtep/vtep.h
>  ovn_controller_vtep_ovn_controller_vtep_LDADD = ovn/lib/libovn.la 
> lib/libopenvswitch.la vtep/libvtep.la
>  man_MANS += ovn/controller-vtep/ovn-controller-vtep.8
>  EXTRA_DIST += ovn/controller-vtep/ovn-controller-vtep.8.xml
> diff --git a/ovn/controller-vtep/binding.c b/ovn/controller-vtep/binding.c
> index 652852d..d65f43c 100644
> --- a/ovn/controller-vtep/binding.c
> +++ b/ovn/controller-vtep/binding.c
> @@ -226,7 +226,8 @@ binding_run(struct controller_vtep_ctx *ctx)
>  }
>  
>  /* Removes all port binding association with vtep gateway chassis.
> - * Returns true when all done. */
> + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'),
> + * otherwise returns false. */
>  bool
>  binding_cleanup(struct controller_vtep_ctx *ctx)
>  {
> diff --git a/ovn/controller-vtep/gateway.c b/ovn/controller-vtep/gateway.c
> index 025aff8..963d419 100644
> --- a/ovn/controller-vtep/gateway.c
> +++ b/ovn/controller-vtep/gateway.c
> @@ -189,7 +189,8 @@ gateway_run(struct controller_vtep_ctx *ctx)
>  }
>  
>  /* Destroys the chassis table entries for vtep physical switches.
> - * Returns true when all done. */
> + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'),
> + * otherwise returns false. */
>  bool
>  gateway_cleanup(struct controller_vtep_ctx *ctx)
>  {
> diff --git a/ovn/controller-vtep/ovn-controller-vtep.c 
> b/ovn/controller-vtep/ovn-controller-vtep.c
> index 7e98f69..429ac23 100644
> --- a/ovn/controller-vtep/ovn-controller-vtep.c
> +++ b/ovn/controller-vtep/ovn-controller-vtep.c
> @@ -39,6 +39,7 @@
>  
>  #include "binding.h"
>  #include "gateway.h"
> +#include "vtep.h"
>  #include "ovn-controller-vtep.h"
>  
>  static unixctl_cb_func ovn_controller_vtep_exit;
> @@ -99,6 +100,7 @@ main(int argc, char *argv[])
>  
>  gateway_run(&ctx);
>  binding_run(&ctx);
> +vtep_run(&ctx);
>  unixctl_server_run(unixctl);
>  
>  unixctl_server_wait(unixctl);
> @@ -127,6 +129,7 @@ main(int argc, char *argv[])
>   * We're done if all of them return true. */
>  done = binding_cleanup(&ctx);
>  done = gateway_cleanup(&ctx) && done;
> +done = vtep_cleanup(&ctx) && done;
>  if (done) {
>  poll_immediate_wake();
>  }
> diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c
> new file mode 100644
> index 000..9870296
> --- /dev/null
> +++ b/ovn/controller-vtep/vtep.c
> @@ -0,0 +1,149 @@
> +/* Copyright (c) 2015 Nicira, Inc.
> + *
> + * Licensed under the Apache License, Version 2.0 (the "License");
> + * you may not use this file except in compliance with the License.
> + * You may obtain a copy of the License at:
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing, software
> + * distributed under the License is distributed on an "AS IS" BASIS,
> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> + * See the License for the specific language governing permissions and
> + * limitations under the License.
> + */
> +
> +#include 
> +
> +#include "vtep.h"
> +
> +#include "lib/hash.h"
> +#include "lib/hmap.h"
> +#include "lib/sm

Re: [ovs-dev] [ovn-controller-vtep V7 1/3] ovn-controller-vtep: Add vtep module.

2015-08-20 Thread Alex Wang 
On Thu, Aug 20, 2015 at 8:24 AM, Russell Bryant  wrote:

> acked this earlier, but just came across something while reviewing the
> next patch ... let me know if I'm missing something.
>
> On 08/18/2015 05:58 PM, Alex Wang wrote:
> > This commit adds the vtep module to ovn-controller-vtep.  The
> > module will scan through the Port_Binding table in OVN-SB database,
> > and update the vtep logcial switches tunnel keys.
> >
> > Signed-off-by: Alex Wang 
> > ---
> > V6->V7:
> > - change the assertion to VLOG_ERR in vtep_lswitch_run().
> > - refine the vtep_lswitch_run() as suggested by Russell.
> > - refine vtep_lswitch_cleanup() as suggested by Russell.
> >
> > V5->V6:
> > - rebase.
> >
> > V5: new patch.
> > ---
> >  ovn/controller-vtep/automake.mk   |4 +-
> >  ovn/controller-vtep/binding.c |3 +-
> >  ovn/controller-vtep/gateway.c |3 +-
> >  ovn/controller-vtep/ovn-controller-vtep.c |3 +
> >  ovn/controller-vtep/vtep.c|  149
> +
> >  ovn/controller-vtep/vtep.h|   27 ++
> >  tests/ovn-controller-vtep.at  |   32 +++
> >  7 files changed, 218 insertions(+), 3 deletions(-)
> >  create mode 100644 ovn/controller-vtep/vtep.c
> >  create mode 100644 ovn/controller-vtep/vtep.h
> >
> > diff --git a/ovn/controller-vtep/automake.mk b/ovn/controller-vtep/
> automake.mk
> > index 33f063f..cacfae6 100644
> > --- a/ovn/controller-vtep/automake.mk
> > +++ b/ovn/controller-vtep/automake.mk
> > @@ -5,7 +5,9 @@ ovn_controller_vtep_ovn_controller_vtep_SOURCES = \
> >   ovn/controller-vtep/gateway.c \
> >   ovn/controller-vtep/gateway.h \
> >   ovn/controller-vtep/ovn-controller-vtep.c \
> > - ovn/controller-vtep/ovn-controller-vtep.h
> > + ovn/controller-vtep/ovn-controller-vtep.h \
> > + ovn/controller-vtep/vtep.c \
> > + ovn/controller-vtep/vtep.h
> >  ovn_controller_vtep_ovn_controller_vtep_LDADD = ovn/lib/libovn.la lib/
> libopenvswitch.la vtep/libvtep.la
> >  man_MANS += ovn/controller-vtep/ovn-controller-vtep.8
> >  EXTRA_DIST += ovn/controller-vtep/ovn-controller-vtep.8.xml
> > diff --git a/ovn/controller-vtep/binding.c
> b/ovn/controller-vtep/binding.c
> > index 652852d..d65f43c 100644
> > --- a/ovn/controller-vtep/binding.c
> > +++ b/ovn/controller-vtep/binding.c
> > @@ -226,7 +226,8 @@ binding_run(struct controller_vtep_ctx *ctx)
> >  }
> >
> >  /* Removes all port binding association with vtep gateway chassis.
> > - * Returns true when all done. */
> > + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'),
> > + * otherwise returns false. */
> >  bool
> >  binding_cleanup(struct controller_vtep_ctx *ctx)
> >  {
> > diff --git a/ovn/controller-vtep/gateway.c
> b/ovn/controller-vtep/gateway.c
> > index 025aff8..963d419 100644
> > --- a/ovn/controller-vtep/gateway.c
> > +++ b/ovn/controller-vtep/gateway.c
> > @@ -189,7 +189,8 @@ gateway_run(struct controller_vtep_ctx *ctx)
> >  }
> >
> >  /* Destroys the chassis table entries for vtep physical switches.
> > - * Returns true when all done. */
> > + * Returns true when done (i.e. there is no change made to 'ovnsb_idl'),
> > + * otherwise returns false. */
> >  bool
> >  gateway_cleanup(struct controller_vtep_ctx *ctx)
> >  {
> > diff --git a/ovn/controller-vtep/ovn-controller-vtep.c
> b/ovn/controller-vtep/ovn-controller-vtep.c
> > index 7e98f69..429ac23 100644
> > --- a/ovn/controller-vtep/ovn-controller-vtep.c
> > +++ b/ovn/controller-vtep/ovn-controller-vtep.c
> > @@ -39,6 +39,7 @@
> >
> >  #include "binding.h"
> >  #include "gateway.h"
> > +#include "vtep.h"
> >  #include "ovn-controller-vtep.h"
> >
> >  static unixctl_cb_func ovn_controller_vtep_exit;
> > @@ -99,6 +100,7 @@ main(int argc, char *argv[])
> >
> >  gateway_run(&ctx);
> >  binding_run(&ctx);
> > +vtep_run(&ctx);
> >  unixctl_server_run(unixctl);
> >
> >  unixctl_server_wait(unixctl);
> > @@ -127,6 +129,7 @@ main(int argc, char *argv[])
> >   * We're done if all of them return true. */
> >  done = binding_cleanup(&ctx);
> >  done = gateway_cleanup(&ctx) && done;
> > +done = vtep_cleanup(&ctx) && done;
> >  if (done) {
> >  poll_immediate_wake();
> >  }
> > diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c
> > new file mode 100644
> > index 000..9870296
> > --- /dev/null
> > +++ b/ovn/controller-vtep/vtep.c
> > @@ -0,0 +1,149 @@
> > +/* Copyright (c) 2015 Nicira, Inc.
> > + *
> > + * Licensed under the Apache License, Version 2.0 (the "License");
> > + * you may not use this file except in compliance with the License.
> > + * You may obtain a copy of the License at:
> > + *
> > + * http://www.apache.org/licenses/LICENSE-2.0
> > + *
> > + * Unless required by applicable law or agreed to in writing, software
> > + * distributed under the License is distributed on an "AS IS" BASIS,
> > + * WITHOUT WARRANTIES OR C

Re: [ovs-dev] [ovn-controller-vtep V7 1/3] ovn-controller-vtep: Add vtep module.

2015-08-20 Thread Alex Wang 
As well as a test to cover that~ ;D

On Thu, Aug 20, 2015 at 9:06 AM, Alex Wang  wrote:

>
>
> On Thu, Aug 20, 2015 at 8:24 AM, Russell Bryant 
> wrote:
>
>> acked this earlier, but just came across something while reviewing the
>> next patch ... let me know if I'm missing something.
>>
>> On 08/18/2015 05:58 PM, Alex Wang wrote:
>> > This commit adds the vtep module to ovn-controller-vtep.  The
>> > module will scan through the Port_Binding table in OVN-SB database,
>> > and update the vtep logcial switches tunnel keys.
>> >
>> > Signed-off-by: Alex Wang 
>> > ---
>> > V6->V7:
>> > - change the assertion to VLOG_ERR in vtep_lswitch_run().
>> > - refine the vtep_lswitch_run() as suggested by Russell.
>> > - refine vtep_lswitch_cleanup() as suggested by Russell.
>> >
>> > V5->V6:
>> > - rebase.
>> >
>> > V5: new patch.
>> > ---
>> >  ovn/controller-vtep/automake.mk   |4 +-
>> >  ovn/controller-vtep/binding.c |3 +-
>> >  ovn/controller-vtep/gateway.c |3 +-
>> >  ovn/controller-vtep/ovn-controller-vtep.c |3 +
>> >  ovn/controller-vtep/vtep.c|  149
>> +
>> >  ovn/controller-vtep/vtep.h|   27 ++
>> >  tests/ovn-controller-vtep.at  |   32 +++
>> >  7 files changed, 218 insertions(+), 3 deletions(-)
>> >  create mode 100644 ovn/controller-vtep/vtep.c
>> >  create mode 100644 ovn/controller-vtep/vtep.h
>> >
>> > diff --git a/ovn/controller-vtep/automake.mk b/ovn/controller-vtep/
>> automake.mk
>> > index 33f063f..cacfae6 100644
>> > --- a/ovn/controller-vtep/automake.mk
>> > +++ b/ovn/controller-vtep/automake.mk
>> > @@ -5,7 +5,9 @@ ovn_controller_vtep_ovn_controller_vtep_SOURCES = \
>> >   ovn/controller-vtep/gateway.c \
>> >   ovn/controller-vtep/gateway.h \
>> >   ovn/controller-vtep/ovn-controller-vtep.c \
>> > - ovn/controller-vtep/ovn-controller-vtep.h
>> > + ovn/controller-vtep/ovn-controller-vtep.h \
>> > + ovn/controller-vtep/vtep.c \
>> > + ovn/controller-vtep/vtep.h
>> >  ovn_controller_vtep_ovn_controller_vtep_LDADD = ovn/lib/libovn.la lib/
>> libopenvswitch.la vtep/libvtep.la
>> >  man_MANS += ovn/controller-vtep/ovn-controller-vtep.8
>> >  EXTRA_DIST += ovn/controller-vtep/ovn-controller-vtep.8.xml
>> > diff --git a/ovn/controller-vtep/binding.c
>> b/ovn/controller-vtep/binding.c
>> > index 652852d..d65f43c 100644
>> > --- a/ovn/controller-vtep/binding.c
>> > +++ b/ovn/controller-vtep/binding.c
>> > @@ -226,7 +226,8 @@ binding_run(struct controller_vtep_ctx *ctx)
>> >  }
>> >
>> >  /* Removes all port binding association with vtep gateway chassis.
>> > - * Returns true when all done. */
>> > + * Returns true when done (i.e. there is no change made to
>> 'ovnsb_idl'),
>> > + * otherwise returns false. */
>> >  bool
>> >  binding_cleanup(struct controller_vtep_ctx *ctx)
>> >  {
>> > diff --git a/ovn/controller-vtep/gateway.c
>> b/ovn/controller-vtep/gateway.c
>> > index 025aff8..963d419 100644
>> > --- a/ovn/controller-vtep/gateway.c
>> > +++ b/ovn/controller-vtep/gateway.c
>> > @@ -189,7 +189,8 @@ gateway_run(struct controller_vtep_ctx *ctx)
>> >  }
>> >
>> >  /* Destroys the chassis table entries for vtep physical switches.
>> > - * Returns true when all done. */
>> > + * Returns true when done (i.e. there is no change made to
>> 'ovnsb_idl'),
>> > + * otherwise returns false. */
>> >  bool
>> >  gateway_cleanup(struct controller_vtep_ctx *ctx)
>> >  {
>> > diff --git a/ovn/controller-vtep/ovn-controller-vtep.c
>> b/ovn/controller-vtep/ovn-controller-vtep.c
>> > index 7e98f69..429ac23 100644
>> > --- a/ovn/controller-vtep/ovn-controller-vtep.c
>> > +++ b/ovn/controller-vtep/ovn-controller-vtep.c
>> > @@ -39,6 +39,7 @@
>> >
>> >  #include "binding.h"
>> >  #include "gateway.h"
>> > +#include "vtep.h"
>> >  #include "ovn-controller-vtep.h"
>> >
>> >  static unixctl_cb_func ovn_controller_vtep_exit;
>> > @@ -99,6 +100,7 @@ main(int argc, char *argv[])
>> >
>> >  gateway_run(&ctx);
>> >  binding_run(&ctx);
>> > +vtep_run(&ctx);
>> >  unixctl_server_run(unixctl);
>> >
>> >  unixctl_server_wait(unixctl);
>> > @@ -127,6 +129,7 @@ main(int argc, char *argv[])
>> >   * We're done if all of them return true. */
>> >  done = binding_cleanup(&ctx);
>> >  done = gateway_cleanup(&ctx) && done;
>> > +done = vtep_cleanup(&ctx) && done;
>> >  if (done) {
>> >  poll_immediate_wake();
>> >  }
>> > diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c
>> > new file mode 100644
>> > index 000..9870296
>> > --- /dev/null
>> > +++ b/ovn/controller-vtep/vtep.c
>> > @@ -0,0 +1,149 @@
>> > +/* Copyright (c) 2015 Nicira, Inc.
>> > + *
>> > + * Licensed under the Apache License, Version 2.0 (the "License");
>> > + * you may not use this file except in compliance with the License.
>> > + * You may obtain a copy of the License at:
>> > + *
>> > + * http://

Re: [ovs-dev] [ovn-controller-vtep V7 2/3] ovn-controller-vtep: Extend vtep module to install Ucast_Macs_Remote.

2015-08-20 Thread Russell Bryant 
Looks good to me except for the one thing I noticed that was introduced
in the last patch.

On 08/18/2015 05:58 PM, Alex Wang wrote:
> This commit extends the vtep module to support creating the
> 'Ucast_Macs_Remote' table entries in the vtep database for
> MAC addresses on the ovn logical ports.
> 
> Signed-off-by: Alex Wang 
> ---
> V6->V7:
> - rebase.
> - adopt suggestions from Russell.
> 
> V5->V6:
> - rebase.
> 
> V4->V5:
> - rebase on top of master.
> - rewrite the feature since a lot have changed.
> 
> V3->V4:
> - add logic to remove Ucast_Macs_Remote for non-existent MACs.
> 
> V2->V3:
> - rebase to master.
> 
> PATCH->V2:
> - split into separate commit.
> - few optimizations.
> ---
>  ovn/controller-vtep/vtep.c   |  303 
> ++
>  tests/ovn-controller-vtep.at |  136 +++
>  2 files changed, 411 insertions(+), 28 deletions(-)
> 
> diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c
> index 9870296..8f9572c 100644
> --- a/ovn/controller-vtep/vtep.c
> +++ b/ovn/controller-vtep/vtep.c
> @@ -19,7 +19,8 @@
>  
>  #include "lib/hash.h"
>  #include "lib/hmap.h"
> -#include "lib/smap.h"
> +#include "lib/shash.h"
> +#include "lib/sset.h"
>  #include "lib/util.h"
>  #include "ovn-controller-vtep.h"
>  #include "openvswitch/vlog.h"
> @@ -29,39 +30,75 @@
>  VLOG_DEFINE_THIS_MODULE(vtep);
>  
>  /*
> - * Scans through the Binding table in ovnsb and updates the vtep logical
> - * switch tunnel keys.
> + * Scans through the Binding table in ovnsb, and updates the vtep logical
> + * switch tunnel keys and the 'Ucast_Macs_Remote' table in the VTEP
> + * database.
>   *
>   */
>  
> +/* Searches the 'chassis_rec->encaps' for the first vtep tunnel
> + * configuration, returns the 'ip'. */
> +static const char *
> +get_chassis_vtep_ip(const struct sbrec_chassis *chassis_rec)
> +{
> +if (chassis_rec) {
> +size_t i;
> +
> +for (i = 0; i < chassis_rec->n_encaps; i++) {
> +if (!strcmp(chassis_rec->encaps[i]->type, "vxlan")) {
> +return chassis_rec->encaps[i]->ip;
> +}
> +}
> +}
> +
> +return NULL;
> +}
> +
> +/* Creates a new 'Ucast_Macs_Remote'. */
> +static struct vteprec_ucast_macs_remote *
> +create_umr(struct ovsdb_idl_txn *vtep_idl_txn, const char *mac,
> +   const struct vteprec_logical_switch *vtep_ls)
> +{
> +struct vteprec_ucast_macs_remote *new_umr;
> +
> +new_umr = vteprec_ucast_macs_remote_insert(vtep_idl_txn);
> +vteprec_ucast_macs_remote_set_MAC(new_umr, mac);
> +vteprec_ucast_macs_remote_set_logical_switch(new_umr, vtep_ls);
> +
> +return new_umr;
> +}
> +
> +/* Creates a new 'Physical_Locator'. */
> +static struct vteprec_physical_locator *
> +create_pl(struct ovsdb_idl_txn *vtep_idl_txn, const char *chassis_ip)
> +{
> +struct vteprec_physical_locator *new_pl;
> +
> +new_pl = vteprec_physical_locator_insert(vtep_idl_txn);
> +vteprec_physical_locator_set_dst_ip(new_pl, chassis_ip);
> +vteprec_physical_locator_set_encapsulation_type(new_pl, VTEP_ENCAP_TYPE);
> +
> +return new_pl;
> +}
> +
> +
>  /* Updates the vtep Logical_Switch table entries' tunnel keys based
>   * on the port bindings. */
>  static void
> -vtep_lswitch_run(struct controller_vtep_ctx *ctx)
> +vtep_lswitch_run(struct shash *vtep_pbs, struct shash *vtep_lswitches)
>  {
> -struct shash vtep_lswitches = SHASH_INITIALIZER(&vtep_lswitches);
> -const struct sbrec_port_binding *port_binding_rec;
> -const struct vteprec_logical_switch *vtep_ls;
> -
> -/* Stores all logical switches to 'vtep_lswitches' with name as key. */
> -VTEPREC_LOGICAL_SWITCH_FOR_EACH (vtep_ls, ctx->vtep_idl) {
> -shash_add(&vtep_lswitches, vtep_ls->name, vtep_ls);
> -}
> +struct sset used_ls = SSET_INITIALIZER(&used_ls);
> +struct shash_node *node;
>  
> -ovsdb_idl_txn_add_comment(ctx->vtep_idl_txn,
> -  "ovn-controller-vtep: update logical switch "
> -  "tunnel keys");
>  /* Collects the logical switch bindings from port binding entries.
>   * Since the binding module has already guaranteed that each vtep
>   * logical switch is bound only to one ovn-sb logical datapath,
>   * we can just iterate and assign tunnel key to vtep logical switch. */
> -SBREC_PORT_BINDING_FOR_EACH(port_binding_rec, ctx->ovnsb_idl) {
> -if (strcmp(port_binding_rec->type, "vtep")
> -|| !port_binding_rec->chassis) {
> -continue;
> -}
> +SHASH_FOR_EACH (node, vtep_pbs) {
> +const struct sbrec_port_binding *port_binding_rec = node->data;
>  const char *lswitch_name = smap_get(&port_binding_rec->options,
>  "vtep-logical-switch");
> +const struct vteprec_logical_switch *vtep_ls;
>  

I went back and mentioned this on the last patch, but I think we're
missing some validation here to

Re: [ovs-dev] [ovn-controller-vtep V7 3/3] ovn-controller-vtep: Update related documentation.

2015-08-20 Thread Russell Bryant 
On 08/18/2015 05:58 PM, Alex Wang wrote:
> This commit conducts the following documentation changes:
> 
> *   add a description in ovn-architecture manual for
> the life cycle about VTEP gateway.
> 
> *   add TODOs related to ovn-controller-vtep.
> 
> *   refine the ovn-sb, ovn-nb schema manual to require
> logical 'port' type and 'options' configuration.
> 
> Signed-off-by: Alex Wang 

Acked-by: Russell Bryant 

-- 
Russell Bryant
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] (无主题)

2015-08-20 Thread 陈燕明 



发自网易邮箱大师
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Re: [ovs-dev] [ovn-controller-vtep V7 2/3] ovn-controller-vtep: Extend vtep module to install Ucast_Macs_Remote.

2015-08-20 Thread Alex Wang 
On Thu, Aug 20, 2015 at 9:09 AM, Russell Bryant  wrote:

> Looks good to me except for the one thing I noticed that was introduced
> in the last patch.
>
> On 08/18/2015 05:58 PM, Alex Wang wrote:
> > This commit extends the vtep module to support creating the
> > 'Ucast_Macs_Remote' table entries in the vtep database for
> > MAC addresses on the ovn logical ports.
> >
> > Signed-off-by: Alex Wang 
> > ---
> > V6->V7:
> > - rebase.
> > - adopt suggestions from Russell.
> >
> > V5->V6:
> > - rebase.
> >
> > V4->V5:
> > - rebase on top of master.
> > - rewrite the feature since a lot have changed.
> >
> > V3->V4:
> > - add logic to remove Ucast_Macs_Remote for non-existent MACs.
> >
> > V2->V3:
> > - rebase to master.
> >
> > PATCH->V2:
> > - split into separate commit.
> > - few optimizations.
> > ---
> >  ovn/controller-vtep/vtep.c   |  303
> ++
> >  tests/ovn-controller-vtep.at |  136 +++
> >  2 files changed, 411 insertions(+), 28 deletions(-)
> >
> > diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c
> > index 9870296..8f9572c 100644
> > --- a/ovn/controller-vtep/vtep.c
> > +++ b/ovn/controller-vtep/vtep.c
> > @@ -19,7 +19,8 @@
> >
> >  #include "lib/hash.h"
> >  #include "lib/hmap.h"
> > -#include "lib/smap.h"
> > +#include "lib/shash.h"
> > +#include "lib/sset.h"
> >  #include "lib/util.h"
> >  #include "ovn-controller-vtep.h"
> >  #include "openvswitch/vlog.h"
> > @@ -29,39 +30,75 @@
> >  VLOG_DEFINE_THIS_MODULE(vtep);
> >
> >  /*
> > - * Scans through the Binding table in ovnsb and updates the vtep logical
> > - * switch tunnel keys.
> > + * Scans through the Binding table in ovnsb, and updates the vtep
> logical
> > + * switch tunnel keys and the 'Ucast_Macs_Remote' table in the VTEP
> > + * database.
> >   *
> >   */
> >
> > +/* Searches the 'chassis_rec->encaps' for the first vtep tunnel
> > + * configuration, returns the 'ip'. */
> > +static const char *
> > +get_chassis_vtep_ip(const struct sbrec_chassis *chassis_rec)
> > +{
> > +if (chassis_rec) {
> > +size_t i;
> > +
> > +for (i = 0; i < chassis_rec->n_encaps; i++) {
> > +if (!strcmp(chassis_rec->encaps[i]->type, "vxlan")) {
> > +return chassis_rec->encaps[i]->ip;
> > +}
> > +}
> > +}
> > +
> > +return NULL;
> > +}
> > +
> > +/* Creates a new 'Ucast_Macs_Remote'. */
> > +static struct vteprec_ucast_macs_remote *
> > +create_umr(struct ovsdb_idl_txn *vtep_idl_txn, const char *mac,
> > +   const struct vteprec_logical_switch *vtep_ls)
> > +{
> > +struct vteprec_ucast_macs_remote *new_umr;
> > +
> > +new_umr = vteprec_ucast_macs_remote_insert(vtep_idl_txn);
> > +vteprec_ucast_macs_remote_set_MAC(new_umr, mac);
> > +vteprec_ucast_macs_remote_set_logical_switch(new_umr, vtep_ls);
> > +
> > +return new_umr;
> > +}
> > +
> > +/* Creates a new 'Physical_Locator'. */
> > +static struct vteprec_physical_locator *
> > +create_pl(struct ovsdb_idl_txn *vtep_idl_txn, const char *chassis_ip)
> > +{
> > +struct vteprec_physical_locator *new_pl;
> > +
> > +new_pl = vteprec_physical_locator_insert(vtep_idl_txn);
> > +vteprec_physical_locator_set_dst_ip(new_pl, chassis_ip);
> > +vteprec_physical_locator_set_encapsulation_type(new_pl,
> VTEP_ENCAP_TYPE);
> > +
> > +return new_pl;
> > +}
> > +
> > +
> >  /* Updates the vtep Logical_Switch table entries' tunnel keys based
> >   * on the port bindings. */
> >  static void
> > -vtep_lswitch_run(struct controller_vtep_ctx *ctx)
> > +vtep_lswitch_run(struct shash *vtep_pbs, struct shash *vtep_lswitches)
> >  {
> > -struct shash vtep_lswitches = SHASH_INITIALIZER(&vtep_lswitches);
> > -const struct sbrec_port_binding *port_binding_rec;
> > -const struct vteprec_logical_switch *vtep_ls;
> > -
> > -/* Stores all logical switches to 'vtep_lswitches' with name as
> key. */
> > -VTEPREC_LOGICAL_SWITCH_FOR_EACH (vtep_ls, ctx->vtep_idl) {
> > -shash_add(&vtep_lswitches, vtep_ls->name, vtep_ls);
> > -}
> > +struct sset used_ls = SSET_INITIALIZER(&used_ls);
> > +struct shash_node *node;
> >
> > -ovsdb_idl_txn_add_comment(ctx->vtep_idl_txn,
> > -  "ovn-controller-vtep: update logical
> switch "
> > -  "tunnel keys");
> >  /* Collects the logical switch bindings from port binding entries.
> >   * Since the binding module has already guaranteed that each vtep
> >   * logical switch is bound only to one ovn-sb logical datapath,
> >   * we can just iterate and assign tunnel key to vtep logical
> switch. */
> > -SBREC_PORT_BINDING_FOR_EACH(port_binding_rec, ctx->ovnsb_idl) {
> > -if (strcmp(port_binding_rec->type, "vtep")
> > -|| !port_binding_rec->chassis) {
> > -continue;
> > -}
> > +SHASH_FOR_EACH (node, vtep_pbs) {
> > +const struct sbrec_port_binding *port_binding_r

Re: [ovs-dev] [ovn-controller-vtep V7 2/3] ovn-controller-vtep: Extend vtep module to install Ucast_Macs_Remote.

2015-08-20 Thread Russell Bryant 
On 08/20/2015 09:34 AM, Alex Wang wrote:
> 
> 
> On Thu, Aug 20, 2015 at 9:09 AM, Russell Bryant  > wrote:
> 
> Looks good to me except for the one thing I noticed that was introduced
> in the last patch.
> 
> On 08/18/2015 05:58 PM, Alex Wang wrote:
> > This commit extends the vtep module to support creating the
> > 'Ucast_Macs_Remote' table entries in the vtep database for
> > MAC addresses on the ovn logical ports.
> >
> > Signed-off-by: Alex Wang mailto:al...@nicira.com>>
> > ---
> > V6->V7:
> > - rebase.
> > - adopt suggestions from Russell.
> >
> > V5->V6:
> > - rebase.
> >
> > V4->V5:
> > - rebase on top of master.
> > - rewrite the feature since a lot have changed.
> >
> > V3->V4:
> > - add logic to remove Ucast_Macs_Remote for non-existent MACs.
> >
> > V2->V3:
> > - rebase to master.
> >
> > PATCH->V2:
> > - split into separate commit.
> > - few optimizations.
> > ---
> >  ovn/controller-vtep/vtep.c   |  303
> ++
> >  tests/ovn-controller-vtep.at  | 
> 136 +++
> >  2 files changed, 411 insertions(+), 28 deletions(-)
> >
> > diff --git a/ovn/controller-vtep/vtep.c b/ovn/controller-vtep/vtep.c
> > index 9870296..8f9572c 100644
> > --- a/ovn/controller-vtep/vtep.c
> > +++ b/ovn/controller-vtep/vtep.c
> > @@ -19,7 +19,8 @@
> >
> >  #include "lib/hash.h"
> >  #include "lib/hmap.h"
> > -#include "lib/smap.h"
> > +#include "lib/shash.h"
> > +#include "lib/sset.h"
> >  #include "lib/util.h"
> >  #include "ovn-controller-vtep.h"
> >  #include "openvswitch/vlog.h"
> > @@ -29,39 +30,75 @@
> >  VLOG_DEFINE_THIS_MODULE(vtep);
> >
> >  /*
> > - * Scans through the Binding table in ovnsb and updates the vtep
> logical
> > - * switch tunnel keys.
> > + * Scans through the Binding table in ovnsb, and updates the vtep
> logical
> > + * switch tunnel keys and the 'Ucast_Macs_Remote' table in the VTEP
> > + * database.
> >   *
> >   */
> >
> > +/* Searches the 'chassis_rec->encaps' for the first vtep tunnel
> > + * configuration, returns the 'ip'. */
> > +static const char *
> > +get_chassis_vtep_ip(const struct sbrec_chassis *chassis_rec)
> > +{
> > +if (chassis_rec) {
> > +size_t i;
> > +
> > +for (i = 0; i < chassis_rec->n_encaps; i++) {
> > +if (!strcmp(chassis_rec->encaps[i]->type, "vxlan")) {
> > +return chassis_rec->encaps[i]->ip;
> > +}
> > +}
> > +}
> > +
> > +return NULL;
> > +}
> > +
> > +/* Creates a new 'Ucast_Macs_Remote'. */
> > +static struct vteprec_ucast_macs_remote *
> > +create_umr(struct ovsdb_idl_txn *vtep_idl_txn, const char *mac,
> > +   const struct vteprec_logical_switch *vtep_ls)
> > +{
> > +struct vteprec_ucast_macs_remote *new_umr;
> > +
> > +new_umr = vteprec_ucast_macs_remote_insert(vtep_idl_txn);
> > +vteprec_ucast_macs_remote_set_MAC(new_umr, mac);
> > +vteprec_ucast_macs_remote_set_logical_switch(new_umr, vtep_ls);
> > +
> > +return new_umr;
> > +}
> > +
> > +/* Creates a new 'Physical_Locator'. */
> > +static struct vteprec_physical_locator *
> > +create_pl(struct ovsdb_idl_txn *vtep_idl_txn, const char *chassis_ip)
> > +{
> > +struct vteprec_physical_locator *new_pl;
> > +
> > +new_pl = vteprec_physical_locator_insert(vtep_idl_txn);
> > +vteprec_physical_locator_set_dst_ip(new_pl, chassis_ip);
> > +vteprec_physical_locator_set_encapsulation_type(new_pl,
> VTEP_ENCAP_TYPE);
> > +
> > +return new_pl;
> > +}
> > +
> > +
> >  /* Updates the vtep Logical_Switch table entries' tunnel keys based
> >   * on the port bindings. */
> >  static void
> > -vtep_lswitch_run(struct controller_vtep_ctx *ctx)
> > +vtep_lswitch_run(struct shash *vtep_pbs, struct shash
> *vtep_lswitches)
> >  {
> > -struct shash vtep_lswitches = SHASH_INITIALIZER(&vtep_lswitches);
> > -const struct sbrec_port_binding *port_binding_rec;
> > -const struct vteprec_logical_switch *vtep_ls;
> > -
> > -/* Stores all logical switches to 'vtep_lswitches' with name
> as key. */
> > -VTEPREC_LOGICAL_SWITCH_FOR_EACH (vtep_ls, ctx->vtep_idl) {
> > -shash_add(&vtep_lswitches, vtep_ls->name, vtep_ls);
> > -}
> > +struct sset used_ls = SSET_INITIALIZER(&used_ls);
> > +struct shash_node *node;
> >
> > -ovsdb_idl_txn_add_comment(ctx->vtep_idl_txn,
> > -  "ovn-controller-vtep: update
> logical switch "
>

Re: [ovs-dev] [ovn-controller-vtep V7 2/3] ovn-controller-vtep: Extend vtep module to install Ucast_Macs_Remote.

2015-08-20 Thread Alex Wang 
On Thu, Aug 20, 2015 at 9:40 AM, Russell Bryant  wrote:

> On 08/20/2015 09:34 AM, Alex Wang wrote:
> >
> >
> > On Thu, Aug 20, 2015 at 9:09 AM, Russell Bryant  > > wrote:
> >
> > Looks good to me except for the one thing I noticed that was
> introduced
> > in the last patch.
> >
> > On 08/18/2015 05:58 PM, Alex Wang wrote:
> > > This commit extends the vtep module to support creating the
> > > 'Ucast_Macs_Remote' table entries in the vtep database for
> > > MAC addresses on the ovn logical ports.
> > >
> > > Signed-off-by: Alex Wang  al...@nicira.com>>
> > > ---
> > > V6->V7:
> > > - rebase.
> > > - adopt suggestions from Russell.
> > >
> > > V5->V6:
> > > - rebase.
> > >
> > > V4->V5:
> > > - rebase on top of master.
> > > - rewrite the feature since a lot have changed.
> > >
> > > V3->V4:
> > > - add logic to remove Ucast_Macs_Remote for non-existent MACs.
> > >
> > > V2->V3:
> > > - rebase to master.
> > >
> > > PATCH->V2:
> > > - split into separate commit.
> > > - few optimizations.
> > > ---
> > >  ovn/controller-vtep/vtep.c   |  303
> > ++
> > >  tests/ovn-controller-vtep.at  |
> > 136 +++
> > >  2 files changed, 411 insertions(+), 28 deletions(-)
> > >
> > > diff --git a/ovn/controller-vtep/vtep.c
> b/ovn/controller-vtep/vtep.c
> > > index 9870296..8f9572c 100644
> > > --- a/ovn/controller-vtep/vtep.c
> > > +++ b/ovn/controller-vtep/vtep.c
> > > @@ -19,7 +19,8 @@
> > >
> > >  #include "lib/hash.h"
> > >  #include "lib/hmap.h"
> > > -#include "lib/smap.h"
> > > +#include "lib/shash.h"
> > > +#include "lib/sset.h"
> > >  #include "lib/util.h"
> > >  #include "ovn-controller-vtep.h"
> > >  #include "openvswitch/vlog.h"
> > > @@ -29,39 +30,75 @@
> > >  VLOG_DEFINE_THIS_MODULE(vtep);
> > >
> > >  /*
> > > - * Scans through the Binding table in ovnsb and updates the vtep
> > logical
> > > - * switch tunnel keys.
> > > + * Scans through the Binding table in ovnsb, and updates the vtep
> > logical
> > > + * switch tunnel keys and the 'Ucast_Macs_Remote' table in the
> VTEP
> > > + * database.
> > >   *
> > >   */
> > >
> > > +/* Searches the 'chassis_rec->encaps' for the first vtep tunnel
> > > + * configuration, returns the 'ip'. */
> > > +static const char *
> > > +get_chassis_vtep_ip(const struct sbrec_chassis *chassis_rec)
> > > +{
> > > +if (chassis_rec) {
> > > +size_t i;
> > > +
> > > +for (i = 0; i < chassis_rec->n_encaps; i++) {
> > > +if (!strcmp(chassis_rec->encaps[i]->type, "vxlan")) {
> > > +return chassis_rec->encaps[i]->ip;
> > > +}
> > > +}
> > > +}
> > > +
> > > +return NULL;
> > > +}
> > > +
> > > +/* Creates a new 'Ucast_Macs_Remote'. */
> > > +static struct vteprec_ucast_macs_remote *
> > > +create_umr(struct ovsdb_idl_txn *vtep_idl_txn, const char *mac,
> > > +   const struct vteprec_logical_switch *vtep_ls)
> > > +{
> > > +struct vteprec_ucast_macs_remote *new_umr;
> > > +
> > > +new_umr = vteprec_ucast_macs_remote_insert(vtep_idl_txn);
> > > +vteprec_ucast_macs_remote_set_MAC(new_umr, mac);
> > > +vteprec_ucast_macs_remote_set_logical_switch(new_umr,
> vtep_ls);
> > > +
> > > +return new_umr;
> > > +}
> > > +
> > > +/* Creates a new 'Physical_Locator'. */
> > > +static struct vteprec_physical_locator *
> > > +create_pl(struct ovsdb_idl_txn *vtep_idl_txn, const char
> *chassis_ip)
> > > +{
> > > +struct vteprec_physical_locator *new_pl;
> > > +
> > > +new_pl = vteprec_physical_locator_insert(vtep_idl_txn);
> > > +vteprec_physical_locator_set_dst_ip(new_pl, chassis_ip);
> > > +vteprec_physical_locator_set_encapsulation_type(new_pl,
> > VTEP_ENCAP_TYPE);
> > > +
> > > +return new_pl;
> > > +}
> > > +
> > > +
> > >  /* Updates the vtep Logical_Switch table entries' tunnel keys
> based
> > >   * on the port bindings. */
> > >  static void
> > > -vtep_lswitch_run(struct controller_vtep_ctx *ctx)
> > > +vtep_lswitch_run(struct shash *vtep_pbs, struct shash
> > *vtep_lswitches)
> > >  {
> > > -struct shash vtep_lswitches =
> SHASH_INITIALIZER(&vtep_lswitches);
> > > -const struct sbrec_port_binding *port_binding_rec;
> > > -const struct vteprec_logical_switch *vtep_ls;
> > > -
> > > -/* Stores all logical switches to 'vtep_lswitches' with name
> > as key. */
> > > -VTEPREC_LOGICAL_SWITCH_FOR_EACH (vtep_ls, ctx->vtep_idl) {
> > > -shash

[ovs-dev] [PATCH 3/3] ovn: Add bootstrap options for OVN controllers.

2015-08-20 Thread Gurucharan Shetty 
This lets the central controller to push
its certificate to the OVN controllers.

Signed-off-by: Gurucharan Shetty 
---
 ovn/controller-vtep/ovn-controller-vtep.8.xml |5 +++--
 ovn/controller-vtep/ovn-controller-vtep.c |6 ++
 ovn/controller/ovn-controller.8.xml   |5 +++--
 ovn/controller/ovn-controller.c   |6 ++
 4 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/ovn/controller-vtep/ovn-controller-vtep.8.xml 
b/ovn/controller-vtep/ovn-controller-vtep.8.xml
index c924f9f..7540b58 100644
--- a/ovn/controller-vtep/ovn-controller-vtep.8.xml
+++ b/ovn/controller-vtep/ovn-controller-vtep.8.xml
@@ -38,8 +38,9 @@
   name) in IPv4 or IPv6 address format.  If ip is an IPv6
   address, then wrap ip with square brackets, e.g.:
   ssl:[::1]:6640.  The --private-key,
-  --certificate, and --ca-cert options are
-  mandatory when this form is used.
+  --certificate and either of --ca-cert
+  or --bootstrap-ca-cert options are mandatory when this
+  form is used.
 
   
   
diff --git a/ovn/controller-vtep/ovn-controller-vtep.c 
b/ovn/controller-vtep/ovn-controller-vtep.c
index 7e98f69..b54b29d 100644
--- a/ovn/controller-vtep/ovn-controller-vtep.c
+++ b/ovn/controller-vtep/ovn-controller-vtep.c
@@ -163,6 +163,7 @@ parse_options(int argc, char *argv[])
 {
 enum {
 OPT_PEER_CA_CERT = UCHAR_MAX + 1,
+OPT_BOOTSTRAP_CA_CERT,
 VLOG_OPTION_ENUMS,
 DAEMON_OPTION_ENUMS
 };
@@ -176,6 +177,7 @@ parse_options(int argc, char *argv[])
 DAEMON_LONG_OPTIONS,
 STREAM_SSL_LONG_OPTIONS,
 {"peer-ca-cert", required_argument, NULL, OPT_PEER_CA_CERT},
+{"bootstrap-ca-cert", required_argument, NULL, OPT_BOOTSTRAP_CA_CERT},
 {NULL, 0, NULL, 0}
 };
 char *short_options = ovs_cmdl_long_options_to_short_options(long_options);
@@ -212,6 +214,10 @@ parse_options(int argc, char *argv[])
 stream_ssl_set_peer_ca_cert_file(optarg);
 break;
 
+case OPT_BOOTSTRAP_CA_CERT:
+stream_ssl_set_ca_cert_file(optarg, true);
+break;
+
 case '?':
 exit(EXIT_FAILURE);
 
diff --git a/ovn/controller/ovn-controller.8.xml 
b/ovn/controller/ovn-controller.8.xml
index e1cb6a2..19bb5b7 100644
--- a/ovn/controller/ovn-controller.8.xml
+++ b/ovn/controller/ovn-controller.8.xml
@@ -39,8 +39,9 @@
   name) in IPv4 or IPv6 address format.  If ip is an IPv6
   address, then wrap ip with square brackets, e.g.:
   ssl:[::1]:6640.  The --private-key,
-  --certificate, and --ca-cert options are
-  mandatory when this form is used.
+  --certificate and either of --ca-cert
+  or --bootstrap-ca-cert options are mandatory when this
+  form is used.
 
   
   
diff --git a/ovn/controller/ovn-controller.c b/ovn/controller/ovn-controller.c
index 34d7660..bcaadcd 100644
--- a/ovn/controller/ovn-controller.c
+++ b/ovn/controller/ovn-controller.c
@@ -260,6 +260,7 @@ parse_options(int argc, char *argv[])
 {
 enum {
 OPT_PEER_CA_CERT = UCHAR_MAX + 1,
+OPT_BOOTSTRAP_CA_CERT,
 VLOG_OPTION_ENUMS,
 DAEMON_OPTION_ENUMS
 };
@@ -271,6 +272,7 @@ parse_options(int argc, char *argv[])
 DAEMON_LONG_OPTIONS,
 STREAM_SSL_LONG_OPTIONS,
 {"peer-ca-cert", required_argument, NULL, OPT_PEER_CA_CERT},
+{"bootstrap-ca-cert", required_argument, NULL, OPT_BOOTSTRAP_CA_CERT},
 {NULL, 0, NULL, 0}
 };
 char *short_options = ovs_cmdl_long_options_to_short_options(long_options);
@@ -299,6 +301,10 @@ parse_options(int argc, char *argv[])
 stream_ssl_set_peer_ca_cert_file(optarg);
 break;
 
+case OPT_BOOTSTRAP_CA_CERT:
+stream_ssl_set_ca_cert_file(optarg, true);
+break;
+
 case '?':
 exit(EXIT_FAILURE);
 
-- 
1.7.9.5

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] [PATCH 1/3] ovs-vsctl: Add the missing ssl bootstrapping option parsing.

2015-08-20 Thread Gurucharan Shetty 
'man ovs-vsctl' mentions that ovs-vsctl can bootstrap itself
by getting the certificate from the server. But the option
was never parsed in the code.

Signed-off-by: Gurucharan Shetty 
---
 utilities/ovs-vsctl.c |6 ++
 1 file changed, 6 insertions(+)

diff --git a/utilities/ovs-vsctl.c b/utilities/ovs-vsctl.c
index e28634a..e177060 100644
--- a/utilities/ovs-vsctl.c
+++ b/utilities/ovs-vsctl.c
@@ -201,6 +201,7 @@ parse_options(int argc, char *argv[], struct shash 
*local_options)
 OPT_NO_SYSLOG,
 OPT_NO_WAIT,
 OPT_DRY_RUN,
+OPT_BOOTSTRAP_CA_CERT,
 OPT_PEER_CA_CERT,
 OPT_LOCAL,
 OPT_RETRY,
@@ -224,6 +225,7 @@ parse_options(int argc, char *argv[], struct shash 
*local_options)
 VLOG_LONG_OPTIONS,
 TABLE_LONG_OPTIONS,
 STREAM_SSL_LONG_OPTIONS,
+{"bootstrap-ca-cert", required_argument, NULL, OPT_BOOTSTRAP_CA_CERT},
 {"peer-ca-cert", required_argument, NULL, OPT_PEER_CA_CERT},
 {NULL, 0, NULL, 0},
 };
@@ -324,6 +326,10 @@ parse_options(int argc, char *argv[], struct shash 
*local_options)
 stream_ssl_set_peer_ca_cert_file(optarg);
 break;
 
+case OPT_BOOTSTRAP_CA_CERT:
+stream_ssl_set_ca_cert_file(optarg, true);
+break;
+
 case '?':
 exit(EXIT_FAILURE);
 
-- 
1.7.9.5

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] [PATCH 2/3] ovsdb-server: Add the ability to push peer-cert.

2015-08-20 Thread Gurucharan Shetty 
In OVN, ovsdb-server is the daemon that manages the databases
and can be called as the central controller. So it would be
nice for ovsdb-server to be able to push its self-signed
certificate to all the other nodes where ovn-controller runs.

Signed-off-by: Gurucharan Shetty 
---
 lib/automake.mk  |1 +
 lib/ssl-bootstrap-syn.man|2 +-
 lib/ssl-peer-ca-cert-syn.man |2 ++
 manpages.mk  |4 
 ovsdb/ovsdb-server.1.in  |2 ++
 ovsdb/ovsdb-server.c |6 ++
 tests/ovs-vsctl.at   |   24 
 7 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 lib/ssl-peer-ca-cert-syn.man

diff --git a/lib/automake.mk b/lib/automake.mk
index 15a9373..20bf7c8 100644
--- a/lib/automake.mk
+++ b/lib/automake.mk
@@ -436,6 +436,7 @@ MAN_FRAGMENTS += \
lib/ssl-bootstrap.man \
lib/ssl-bootstrap-syn.man \
lib/ssl-peer-ca-cert.man \
+   lib/ssl-peer-ca-cert-syn.man \
lib/ssl.man \
lib/ssl-syn.man \
lib/table.man \
diff --git a/lib/ssl-bootstrap-syn.man b/lib/ssl-bootstrap-syn.man
index 9425321..c503645 100644
--- a/lib/ssl-bootstrap-syn.man
+++ b/lib/ssl-bootstrap-syn.man
@@ -1,2 +1,2 @@
 .br
-[\fB\-\-bootstrap\-ca\-cert=\fIcacert.pem]
+[\fB\-\-bootstrap\-ca\-cert=\fIcacert.pem\fR]
diff --git a/lib/ssl-peer-ca-cert-syn.man b/lib/ssl-peer-ca-cert-syn.man
new file mode 100644
index 000..4a558ee
--- /dev/null
+++ b/lib/ssl-peer-ca-cert-syn.man
@@ -0,0 +1,2 @@
+.br
+[\fB\-\-peer\-ca\-cert=\fIpeer-cacert.pem\fR]
diff --git a/manpages.mk b/manpages.mk
index 6e2853b..6141242 100644
--- a/manpages.mk
+++ b/manpages.mk
@@ -54,6 +54,8 @@ ovsdb/ovsdb-server.1: \
lib/service.man \
lib/ssl-bootstrap-syn.man \
lib/ssl-bootstrap.man \
+   lib/ssl-peer-ca-cert-syn.man \
+   lib/ssl-peer-ca-cert.man \
lib/ssl-syn.man \
lib/ssl.man \
lib/unixctl-syn.man \
@@ -74,6 +76,8 @@ lib/service-syn.man:
 lib/service.man:
 lib/ssl-bootstrap-syn.man:
 lib/ssl-bootstrap.man:
+lib/ssl-peer-ca-cert-syn.man:
+lib/ssl-peer-ca-cert.man:
 lib/ssl-syn.man:
 lib/ssl.man:
 lib/unixctl-syn.man:
diff --git a/ovsdb/ovsdb-server.1.in b/ovsdb/ovsdb-server.1.in
index e33d718..e340993 100644
--- a/ovsdb/ovsdb-server.1.in
+++ b/ovsdb/ovsdb-server.1.in
@@ -21,6 +21,7 @@ ovsdb\-server \- Open vSwitch database server
 .so lib/vlog-syn.man
 .so lib/ssl-syn.man
 .so lib/ssl-bootstrap-syn.man
+.so lib/ssl-peer-ca-cert-syn.man
 .so lib/unixctl-syn.man
 .so lib/common-syn.man
 .
@@ -111,6 +112,7 @@ as the file name.  (This means that ordinarily there should 
be at most
 one row in \fItable\fR.)
 .so lib/ssl.man
 .so lib/ssl-bootstrap.man
+.so lib/ssl-peer-ca-cert.man
 .SS "Other Options"
 .so lib/unixctl.man
 .so lib/common.man
diff --git a/ovsdb/ovsdb-server.c b/ovsdb/ovsdb-server.c
index cd13b0d..4088d85 100644
--- a/ovsdb/ovsdb-server.c
+++ b/ovsdb/ovsdb-server.c
@@ -1252,6 +1252,7 @@ parse_options(int *argcp, char **argvp[],
 OPT_UNIXCTL,
 OPT_RUN,
 OPT_BOOTSTRAP_CA_CERT,
+OPT_PEER_CA_CERT,
 VLOG_OPTION_ENUMS,
 DAEMON_OPTION_ENUMS
 };
@@ -1266,6 +1267,7 @@ parse_options(int *argcp, char **argvp[],
 DAEMON_LONG_OPTIONS,
 VLOG_LONG_OPTIONS,
 {"bootstrap-ca-cert", required_argument, NULL, OPT_BOOTSTRAP_CA_CERT},
+{"peer-ca-cert", required_argument, NULL, OPT_PEER_CA_CERT},
 {"private-key", required_argument, NULL, 'p'},
 {"certificate", required_argument, NULL, 'c'},
 {"ca-cert", required_argument, NULL, 'C'},
@@ -1325,6 +1327,10 @@ parse_options(int *argcp, char **argvp[],
 bootstrap_ca_cert = true;
 break;
 
+case OPT_PEER_CA_CERT:
+stream_ssl_set_peer_ca_cert_file(optarg);
+break;
+
 case '?':
 exit(EXIT_FAILURE);
 
diff --git a/tests/ovs-vsctl.at b/tests/ovs-vsctl.at
index 08744a1..82f8f64 100644
--- a/tests/ovs-vsctl.at
+++ b/tests/ovs-vsctl.at
@@ -1314,3 +1314,27 @@ AT_CHECK([RUN_OVS_VSCTL([get interface 
0fcd11a1-2ba8-4b38-a358-4bccf2bf3057 type
 
 OVS_VSCTL_CLEANUP
 AT_CLEANUP
+
+AT_SETUP([peer ca cert])
+AT_KEYWORDS([ovs-vsctl ssl])
+AT_SKIP_IF([test "$HAVE_OPENSSL" = no])
+PKIDIR=`pwd`
+OVS_PKI="sh $abs_top_srcdir/utilities/ovs-pki.in --dir=$PKIDIR/pki 
--log=$PKIDIR/ovs-pki.log"
+$OVS_PKI init && \
+$OVS_PKI req+sign vsctl switch && \
+$OVS_PKI req ovsdbserver && $OVS_PKI self-sign ovsdbserver
+
+dnl Create database.
+touch .conf.db.~lock~
+AT_CHECK([ovsdb-tool create conf.db 
$abs_top_srcdir/vswitchd/vswitch.ovsschema])
+AT_CHECK([ovsdb-server --log-file --detach --no-chdir --pidfile="`pwd`"/pid 
--private-key=$PKIDIR/ovsdbserver-privkey.pem 
--certificate=$PKIDIR/ovsdbserver-cert.pem 
--ca-cert=$PKIDIR/pki/switchca/cacert.pem 
--peer-ca-cert=$PKIDIR/ovsdbserver-cert.pem --remote=pssl:0:127.0.0.1 
--unixctl="`pwd`"/unixctl --log-file="`pwd`"/ovsdb-server.log conf.db], [0],

Re: [ovs-dev] [PATCH v2] tunneling: Remove gre64 tunnel support.

2015-08-20 Thread Pravin Shelar 
On Wed, Aug 19, 2015 at 4:17 PM, Jesse Gross  wrote:
> On Tue, Aug 18, 2015 at 12:18 PM, Pravin B Shelar  wrote:
>> GRE64 was introduced to extend gre key from 32-bit to 64-bit using
>> gre-key and sequence number field. But GRE64 is not standard
>> protocol. There are not many users of this protocol. Therefore we
>> have decided to remove it.
>>
>> Signed-off-by: Pravin B Shelar 
>
> I would also add a note to NEWS (actually, I would mark it as
> deprecated in the 2.4 NEWS as well).
>
Added node to NEWS on master. On branch 2.4 there is already note
about the deprecated GRE64.

>> diff --git a/ofproto/ofproto-dpif-ipfix.c b/ofproto/ofproto-dpif-ipfix.c
>> index 8a931d6..7f0b7db 100644
>> --- a/ofproto/ofproto-dpif-ipfix.c
>> +++ b/ofproto/ofproto-dpif-ipfix.c
>> @@ -48,7 +48,7 @@ static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER;
>>   * used to indicate the type of tunnel (0x01 = VxLAN, 0x02 = GRE) and the 
>> three
>>   * least significant bytes hold the value of the layer 2 overlay network
>>   * segment identifier: a 24-bit VxLAN tunnel's VNI or a 24-bit GRE tunnel's
>> - * TNI. This is not compatible with GRE-64 or STT, as implemented in OVS, as
>> + * TNI. This is not compatible with STT, as implemented in OVS, as
>>   * their tunnel IDs are 64-bit.
>
> "their" should now be "its" in the last line.
>
> Acked-by: Jesse Gross 

Thanks for review.
I fixed the patch and pushed to master.
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Re: [ovs-dev] [PATCH] datapath: skip checksum of gro packet

2015-08-20 Thread Pravin Shelar 
I sent patch attached to the mail. Only direct recipients got the
patch. I am planning on sending formal patch to netdev mailing list
soon.

On Wed, Aug 19, 2015 at 9:05 PM, Ben Pfaff  wrote:
> I don't think you attached the patch.
>
> On Mon, Aug 10, 2015 at 10:37:04AM -0700, Pravin Shelar wrote:
>> On Mon, Aug 10, 2015 at 2:05 AM, Zang MingJie  wrote:
>> > Any progress? Or direction, maybe I can help.
>> >
>> Sorry for late reply. Attached is patch I was working on. Can you try it?
>>
>> Thanks,
>> Pravin.
>>
>> > On Mon, Jul 27, 2015 at 1:54 PM Jesse Gross  wrote:
>> >>
>> >> On Fri, Jul 24, 2015 at 2:28 AM, Zang MingJie 
>> >> wrote:
>> >> > Newer kernel will do gro on vxlan packet, after gro the tcp checksum
>> >> > encapsulated in the packet is wrong but the origin checksum is already
>> >> > verified.
>> >> >
>> >> > The patch skips verifying checksum of all gro packets.
>> >>
>> >> I think this solution is too narrowly tailored to VXLAN and GRO and
>> >> won't catch all cases.. I believe that Pravin is currently working on
>> >> a more general solution.
>> ___
>> dev mailing list
>> dev@openvswitch.org
>> http://openvswitch.org/mailman/listinfo/dev
>
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Re: [ovs-dev] [PATCH v2] tunneling: Remove gre64 tunnel support.

2015-08-20 Thread Nithin Raju 

> On Aug 18, 2015, at 12:18 PM, Pravin B Shelar  wrote:
> 
> GRE64 was introduced to extend gre key from 32-bit to 64-bit using
> gre-key and sequence number field. But GRE64 is not standard
> protocol. There are not many users of this protocol. Therefore we
> have decided to remove it.
> 
> Signed-off-by: Pravin B Shelar 
> ---
> - Removed bit hole from OVS_DB_ flags.
> - Removed gre64 ref from the sFlow.
> ---
> datapath-windows/ovsext/Debug.h   |  19 +--
> datapath-windows/ovsext/Switch.h  |   3 +-
> datapath-windows/ovsext/Vport.c   |   3 -
> datapath-windows/ovsext/Vport.h   |   5 +-

datpath-windows/* changes look good. Thanks for doing the cleanup.

Acked-by: Nithin Raju 

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Re: [ovs-dev] [PATCH 1/2] odp-util: Fix put_nd_key().

2015-08-20 Thread Jarno Rajahalme 

> On Aug 19, 2015, at 9:50 PM, Ben Pfaff  wrote:
> 
> On Tue, Aug 18, 2015 at 04:17:54PM -0700, Jarno Rajahalme wrote:
>> Actually copy the 'nd_target' from the key.
>> 
>> Found by inspection.
>> 
>> Signed-off-by: Jarno Rajahalme 
> 
> Ouch.
> 
> Acked-by: Ben Pfaff 

Thanks for the review. Pushed to master and branch-2.4 (older branches did not 
have this bug).

  Jarno

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] What's your wife's favorite time-spending?

2015-08-20 Thread Russell 




Spend holidays in bed, and do not forget

style2
{   text-align: center; color: #D90003; font-family: 
Cambria, 'Hoefler Text', 'Liberation Serif', Times, 'Times New Roman', serif; 
font-size: 20px; font-weight: bold;
}
style4
{border: 1px solid #707070;
}
style5
{text-align: center; color: #D90003; font-family: Cambria, 'Hoefler Text', 
'Liberation Serif', Times, 'Times New Roman', serif; font-size: 18px; 
font-weight: bold;
}
h1{color:#606060 !important;
display:block;
font-family:Helvetica;
font-size:20px;
font-style:normal;
font-weight:bold;
line-height:180%;
letter-spacing:0px;
margin:0;
text-align:center;
}





  

   
   Not regular sexual life can lead to stagnant of prostatitis, lower 
vitality, and even erectile dysfunction. 
  
  
   


   
  
  
A woman in love is a woman in fire! Burn all the night!

  

  - Free pills only for You!

  - Free shipping

  
  
  
Only this week! 
Special discount - SAVE 95%
  

  




   


   
  



It will help you, it is sold on our site!   
   


  
   


   
  Just a few days after you order the medicine will be on your doorstep
   


   
  





unsubscribe from this list
   

  



___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] Returned mail: see transcript for details

2015-08-20 Thread Post Office 
P}?#SüÁ1ò•“R~ÍûŒ»Ý´‹tνÚɞ£çb‰¶û"•Ñ…è„éàÍk9h»dƒÀ›m(UíöqÞEX°˜4éì’{²Q)–ŁÔÅ
Éh÷†œÐü&pÖü<ž·kі¢ßÑ÷àN¹HÓDޛeRœd„ý¿è£K’x©În}fN®s5^)Ú¯T×yÏ¡˜f7iÑã›tëBBþÔFtU{Énš¶‰&
аó‚#ùÎ>Ç¥5 9Øû¥0“éI!»’ Î'ŠåûÇ2Ä©åMÒMÕ#ن§¯eמZØåN»\þ8‡Á1®1“ž¤äēP´Ç7ª%ãÛ
Å9֔ª·Ø‘Ÿ¸j:5
Içæv1/§dXóð;8ö¦aJ#}1·š·a¸½ß
éx拎uК‰3èëÍPýû»Wö`'{¸…q
°èbşLûׯ„ë¬ÆŸå0`[OŒ8¨WÛJçuãJ*“O³a䇜}¼f«çK«êœ‘ÔÀªòð°î¾51È"'°Gô#w{s.s÷™÷«gc¬!½#ŠìÊÚ¼1ªžÓˆ”IÊQ¨Ël>-a
?¨KFæ¬^áC#a4[§«G‡È.í†.ÕÞx­x
9֟IM­fÊᯨ˜F¹)T$Ýcë¶ôœ5šŠ¤­Pº:mîa)ýËé^‹xš²ûUãÐA²Lvܛ/çw5f)ëÙ½è{ªã‘MYgÒ7E‰–êûU–9™¦Ü”È>X”äþ':úô†gég–o
…áÖpoãçæA>|.ƒ¥·¶f¹LðZk¶(”á½·RÒÇ÷O­&6ÁÎaáé{ìd“GŽÂ,e›á<º
~õÆDe‘
ÇÛìAöÒF;õ6?)¸·`pOl\¸Ý‰¾Hԇn:-$µÌ–¥ª~bÎÓ{3‡¶åÑNîØI¶ý1Æ
B{’†”æΞJ\ÜïYm†ŠFã„P¾ÖpðƒîW„ç.2u™nˆƒXut¢»„&{«Ìaéäóû}x“`úLºÚ™kñîJ¬#'5|þ—Z*{¾NÈSÕ¨½eÚõ#OñC¶—s5´²Ô[§É¯µ“º5Ÿc1C¸»_
:„àW
8Þ¤—ªjÜ'…
ëÄL±GS:øk±Ëó†Gim:¬r»Îdds.x\3¤ì·´Î6š?â~mˆ"AYæ).ÜñW¿º?ÒQ\pýÏKsÉÓûêÇ31jd©óÑd“Í¥ü}v”Žö
͕èäð¡ÉòÝ´·˜ÝGïŠöž±f㧧ìÏ,‡*:z2¤×û¹#.ÑÞºO³O ,C˜on›DâÜ/¡¡jÉtãøSÍ5jÊF_¬Îž’Cð|
I¤ë˜ÊyÆ\XçDâQ¹¬ÁåÆ%½ôlƄ 
G%âÛ®çô&õoêqRږC±qaתñ{†M•è"¿ÎľáÀñ/Ç[>j-v‡&Uß<•ôáüTŒ&ì
C°’Jbg›Mֈô-µ–D¬N”›ûë;:ü‘-_ó1¶¿ÉèĔRVâ2»Ç‚UjF_2éþïÂå'ì^©]£A}d_“‘}-W:Šœ.CÜ¢½cçY궥~_;àÍó̤}ðTX\¨"~

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Re: [ovs-dev] [PATCH 2/2] meta-flow: Fix ip_frag handling in mf_set_wild().

2015-08-20 Thread Jarno Rajahalme 

> On Aug 19, 2015, at 9:51 PM, Ben Pfaff  wrote:
> 
> On Tue, Aug 18, 2015 at 04:17:55PM -0700, Jarno Rajahalme wrote:
>> The wildcard bits were set when they should have been cleared.
>> 
>> Found by inspection.
>> 
>> Signed-off-by: Jarno Rajahalme 
> 
> Double ouch.
> 
> I assume you'll backport these as necessary?
> 
> Acked-by: Ben Pfaff 

Pushed to master, branch-2.4, branch-2.3, branch-2.2, branch-2.1, and 
branch-2.0.

Did not check further, as I recalled that ovs-vswitchd will always exact match 
nw_frag anyway, so this bug has little chance causing problems in practice.

  Jarno
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] [PATCH 1/3] vswitch.xml: OpenFlow 1.5 has been released.

2015-08-20 Thread Ben Pfaff 
Signed-off-by: Ben Pfaff 
---
 vswitchd/vswitch.xml | 12 ++--
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index 457f34a..c075975 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -692,17 +692,9 @@

 

- OpenFlow 1.4 is not enabled by default because its implementation is
- missing features.
+ OpenFlow 1.4 and 1.5 are not enabled by default because their
+ implementations are missing features.

-
-
-  OpenFlow 1.5 has the same risks as OpenFlow 1.4, but it is even more
-  experimental because the OpenFlow 1.5 specification is still under
-  development and thus subject to change.  Pass
-  --enable-of15 to ovs-vswitchd to allow
-  OpenFlow 1.5 to be enabled.
-
   
 
 
-- 
2.1.3

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] [PATCH 3/3] ofp-errors: Introduce OF1.6 (proposed) error code for OFPBFC_BAD_VERSION.

2015-08-20 Thread Ben Pfaff 
ONF-JIRA: EXT-550
Signed-off-by: Ben Pfaff 
---
 lib/ofp-errors.h | 6 +++---
 lib/ofp-util.c   | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/ofp-errors.h b/lib/ofp-errors.h
index c020f7a..9e0ea5a 100644
--- a/lib/ofp-errors.h
+++ b/lib/ofp-errors.h
@@ -675,9 +675,9 @@ enum ofperr {
 /* OF1.4+(17,15).  Bundle is locking the resource. */
 OFPERR_OFPBFC_BUNDLE_IN_PROGRESS,
 
-/* NX1.4+(22).  In an OFPT_BUNDLE_ADD_MESSAGE, the OpenFlow version in the
- * inner and outer messages differ. */
-OFPERR_NXBFC_BAD_VERSION,
+/* NX1.4-1.5(22), OF1.6+(17,19).  In an OFPT_BUNDLE_ADD_MESSAGE, the
+ * OpenFlow version in the inner and outer messages differ. */
+OFPERR_OFPBFC_BAD_VERSION,
 
 /* ## - ## */
 /* ## OFPET_FLOW_MONITOR_FAILED ## */
diff --git a/lib/ofp-util.c b/lib/ofp-util.c
index 8ac6ea6..b34d0a8 100644
--- a/lib/ofp-util.c
+++ b/lib/ofp-util.c
@@ -9158,7 +9158,7 @@ ofputil_decode_bundle_add(const struct ofp_header *oh,
 
 msg->msg = b.data;
 if (msg->msg->version != oh->version) {
-return OFPERR_NXBFC_BAD_VERSION;
+return OFPERR_OFPBFC_BAD_VERSION;
 }
 inner_len = ntohs(msg->msg->length);
 if (inner_len < sizeof(struct ofp_header) || inner_len > b.size) {
-- 
2.1.3

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] [PATCH 2/3] Add skeleton for OF1.6 support.

2015-08-20 Thread Ben Pfaff 
Signed-off-by: Ben Pfaff 
---
 FAQ.md | 33 +--
 build-aux/extract-ofp-errors   |  3 +-
 build-aux/extract-ofp-msgs |  3 +-
 include/openflow/openflow-common.h |  5 ++-
 lib/ofp-actions.c  |  1 +
 lib/ofp-errors.c   |  4 +-
 lib/ofp-msgs.c |  5 +++
 lib/ofp-print.c|  4 ++
 lib/ofp-util.c | 82 --
 lib/ofp-util.h |  9 +++--
 tests/ofp-errors.at|  2 +
 tests/ofproto-macros.at|  2 +-
 tests/ofproto.at   | 42 +--
 tests/ovs-ofctl.at | 18 -
 utilities/ovs-ofctl.c  |  1 +
 vswitchd/vswitch.ovsschema |  7 ++--
 vswitchd/vswitch.xml   |  7 ++--
 17 files changed, 157 insertions(+), 71 deletions(-)

diff --git a/FAQ.md b/FAQ.md
index 5ce42b9..228f71d 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -1387,25 +1387,32 @@ Using OpenFlow (Manually or Via Controller)
 A: The following table lists the versions of OpenFlow supported by
each version of Open vSwitch:
 
-   Open vSwitch  OF1.0  OF1.1  OF1.2  OF1.3  OF1.4  OF1.5
-   ###   =  =  =  =  =  =
-   1.9 and earlieryes---------------
-   1.10   yes---[*][*]------
-   1.11   yes---[*][*]------
-   2.0yes[*][*][*]------
-   2.1yes[*][*][*]------
-   2.2yes[*][*][*][%][*]
-   2.3yesyesyesyes[*][*]
+   Open vSwitch  OF1.0  OF1.1  OF1.2  OF1.3  OF1.4  OF1.5  OF1.6
+   ###   =  =  =  =  =  =  =
+   1.9 and earlieryes--------------- ---
+   1.10   yes---[*][*]------ ---
+   1.11   yes---[*][*]------ ---
+   2.0yes[*][*][*]------ ---
+   2.1yes[*][*][*]------ ---
+   2.2yes[*][*][*][%][*] ---
+   2.3yesyesyesyes[*][*] ---
+   2.4yesyesyesyes[*][*] ---
+   2.5yesyesyesyes[*][*] [*]
 
[*] Supported, with one or more missing features.
[%] Experimental, unsafe implementation.
 
Open vSwitch 2.3 enables OpenFlow 1.0, 1.1, 1.2, and 1.3 by default
in ovs-vswitchd.  In Open vSwitch 1.10 through 2.2, OpenFlow 1.1,
-   1.2, and 1.3 must be enabled manually in ovs-vswitchd.  OpenFlow
-   1.4 and 1.5 are also supported, with missing features, in Open
-   vSwitch 2.3 and later, but not enabled by default.  In any case,
-   the user may override the default:
+   1.2, and 1.3 must be enabled manually in ovs-vswitchd.
+
+   Some versions of OpenFlow are supported with missing features and
+   therefore not enabled by default: OpenFlow 1.4 and 1.5, in Open
+   vSwitch 2.3 and later, as well as OpenFlow 1.6 in Open vSwitch 2.5
+   and later.  Also, the OpenFlow 1.6 specification is still under
+   development and thus subject to change.
+
+   In any case, the user may override the default:
 
- To enable OpenFlow 1.0, 1.1, 1.2, and 1.3 on bridge br0:
 
diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors
index 16bfbc7..4eb54ca 100755
--- a/build-aux/extract-ofp-errors
+++ b/build-aux/extract-ofp-errors
@@ -12,7 +12,8 @@ version_map = {"1.0": 0x01,
"1.2": 0x03,
"1.3": 0x04,
"1.4": 0x05,
-   "1.5": 0x06}
+   "1.5": 0x06,
+   "1.6": 0x07}
 version_reverse_map = dict((v, k) for (k, v) in version_map.iteritems())
 
 token = None
diff --git a/build-aux/extract-ofp-msgs b/build-aux/extract-ofp-msgs
index b00039d..53f6bb3 100755
--- a/build-aux/extract-ofp-msgs
+++ b/build-aux/extract-ofp-msgs
@@ -12,7 +12,8 @@ VERSION = {"1.0": 0x01,
"1.2": 0x03,
"1.3": 0x04,
"1.4": 0x05,
-   "1.5": 0x06}
+   "1.5": 0x06,
+   "1.6": 0x07}
 
 NX_VENDOR_ID = 0x2320
 ONF_VENDOR_ID = 0x4f4e4600
diff --git a/include/openflow/openflow-common.h 
b/include/openflow/openflow-common.h
index d32213f..7e7773e 100644
--- a/include/openflow/openflow-common.h
+++ b/include/openflow/openflow-common.h
@@ -32,7 +32,7 @@
  */
 
 /*
- * Copyright (c) 2008-2014 Nicira, Inc.
+ * Copyright (c) 2008-2015 Nicira, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -77,7 +77,8 @@ enum ofp_version {
 OFP12_VERSION = 0x03,
 OFP1

[ovs-dev] [PATCH/RFC] ovs-ctl: do not attempt to restore flows when called with --delete-bridges

2015-08-20 Thread Simon Horman 
When called with --delete-bridges saved flows cannot be restored as the
bridges to which they belong no longer exist. This results in the following
error messages on restart.

ovs-ofctl: br0 is not a bridge or a socket
Restoring saved flows ... failed!

Although there is no effect of this error other than the message
it seems worth avoiding. This patch does so by skipping saving of flows
when --delete-bridges is in effect.

As flows are no longer saved when --delete-bridges is in effect
a side-effect of this change is that restart may be faster when
there are many flows.

Signed-off-by: Simon Horman 
---
 utilities/ovs-ctl.in | 12 
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/utilities/ovs-ctl.in b/utilities/ovs-ctl.in
index 99d789c68b0a..918be2c9c188 100755
--- a/utilities/ovs-ctl.in
+++ b/utilities/ovs-ctl.in
@@ -322,6 +322,12 @@ save_ofports_if_required () {
 esac
 }
 
+save_flows_if_required () {
+if test X"$DELETE_BRIDGES" != Xyes; then
+action "Saving flows" ovs_save save-flows "${script_flows}"
+fi
+}
+
 save_interfaces () {
 "$datadir/scripts/ovs-save" save-interfaces ${ifaces} \
 > "${script_interfaces}"
@@ -372,9 +378,7 @@ force_reload_kmod () {
 action "Detected internal interfaces: $ifaces" true
 
 init_restore_scripts
-
-action "Saving flows" ovs_save save-flows "${script_flows}"
-
+save_flows_if_required
 save_ofports_if_required
 
 # Restart the database first, since a large database may take a
@@ -450,7 +454,7 @@ restart () {
 if daemon_is_running ovsdb-server && daemon_is_running ovs-vswitchd; then
 init_restore_scripts
 save_interfaces_if_required
-action "Saving flows" ovs_save save-flows "${script_flows}"
+save_flows_if_required
 save_ofports_if_required
 fi
 
-- 
2.1.4

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Re: [ovs-dev] [PATCH] ofp-util: For OF1.0, don't wildcard PCP field when 802.1Q header absent.

2015-08-20 Thread Ben Pfaff 
On Thu, Aug 06, 2015 at 01:10:04PM -0700, Jarno Rajahalme wrote:
> > On Aug 5, 2015, at 9:59 PM, Ben Pfaff  wrote:
> > 
> > OpenFlow 1.0.1 says:
> > 
> >The dl_vlan_pcp field must be ignored when the OFPFW_DL_VLAN wildcard
> >bit is set or when the dl_vlan value is set to OFP_VLAN_NONE.  Fields
> >that are ignored don’t need to be wildcarded and should be set to 0.
> > 
> > Previously, OVS wildcarded the PCP field when dl_vlan was OFP_VLAN_NONE,
> > but this commit changes the behavior to that suggested above: the PCP
> > field should not be wildcarded (and should be set to 0, but the code
> > already did that).
>
> This feels highly counter-intuitive, but it works due to flow parser
> setting the PCP bits to zeroes when there is no vlan in the
> packet. However, this change will make matching a bit less efficient,
> as generally it is faster to wildcard bits than match them. Good to
> see that this was changed in OF 1.1.

I don't think this changes the behavior in this area.  It should only
affect the treatment on OFP_VLAN_NONE on translation to OpenFlow 1.0.
OFP_VLAN_NONE was already a special-case in translation from OpenFlow
1.0 to struct flow in ofputil_match_from_ofp10_match(), and I believe
that there should be no change there.

Do you see a change?

> It would be helpful if DESIGN.md reminded that OFPFW_* values here are
> flags that indicate if the given field should be wildcarded.
> 
> So, this comment could read:
> 
>   - OF1.0 and OF1.1: /x,yy/z means dl_vlan , OFPFW_DL_VLAN x,
> dl_vlan_pcp yy, and OFPFW_DL_VLAN_PCP z.  If OFPFW_DL_VLAN or
> OFPFW_DL_VLAN_PCP is 1, the corresponding field value is wildcarded,
> otherwise it is matched.  ? means that the given
> bits are ignored (their conventional values are /x,00/0 in
> OF1.0, /x,00/1 in OF1.1; x is never ignored).   means
> that the given match is not supported.

Thanks, I folded that in.

Thanks,

Ben.
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] [PATCH 1/2] Set release dates for 2.4.0.

2015-08-20 Thread Justin Pettit 
Signed-off-by: Justin Pettit 
---
 NEWS |2 +-
 debian/changelog |  115 -
 2 files changed, 113 insertions(+), 4 deletions(-)

diff --git a/NEWS b/NEWS
index fc07fbf..9836bf4 100644
--- a/NEWS
+++ b/NEWS
@@ -1,4 +1,4 @@
-v2.4.0 - xx xxx 
+v2.4.0 - 20 Aug 2015
 -
- Flow table modifications are now atomic, meaning that each packet
  now sees a coherent version of the OpenFlow pipeline.  For
diff --git a/debian/changelog b/debian/changelog
index 5697624..ddf1451 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,14 +1,123 @@
 openvswitch (2.4.0-1) unstable; urgency=low
[ Open vSwitch team ]
+   * New upstream version
+   - Flow table modifications are now atomic, meaning that each packet
+ now sees a coherent version of the OpenFlow pipeline.  For
+ example, if a controller removes all flows with a single OpenFlow
+ "flow_mod", no packet sees an intermediate version of the OpenFlow
+ pipeline where only some of the flows have been deleted.
+   - Added support for SFQ, FQ_CoDel and CoDel qdiscs.
+   - Add bash command-line completion support for ovs-vsctl Please check
+ utilities/ovs-command-compgen.INSTALL.md for how to use.
+   - The MAC learning feature now includes per-port fairness to mitigate
+ MAC flooding attacks.
+   - New support for a "conjunctive match" OpenFlow extension, which
+ allows constructing OpenFlow matches of the form "field1 in
+ {a,b,c...} AND field2 in {d,e,f...}" and generalizations.  For details,
+ see documentation for the "conjunction" action in ovs-ofctl(8).
+   - Add bash command-line completion support for ovs-appctl/ovs-dpctl/
+ ovs-ofctl/ovsdb-tool commands.  Please check
+ utilities/ovs-command-compgen.INSTALL.md for how to use.
+   - The "learn" action supports a new flag "delete_learned" that causes
+ the learned flows to be deleted when the flow with the "learn" action
+ is deleted.
+   - Basic support for the Geneve tunneling protocol. It is not yet
+ possible to generate or match options. This is planned for a future
+ release. The protocol is documented at
+ http://tools.ietf.org/html/draft-gross-geneve-00
+   - The OVS database now reports controller rate limiting statistics.
+   - sflow now exports information about LACP-based bonds, port names, and
+ OpenFlow port numbers, as well as datapath performance counters.
+   - ovs-dpctl functionality is now available for datapaths integrated
+ into ovs-vswitchd, via ovs-appctl.  Some existing ovs-appctl
+ commands are now redundant and will be removed in a future
+ release.  See ovs-vswitchd(8) for details.
+   - OpenFlow:
+ * OpenFlow 1.4 bundles are now supported for flow mods and port
+   mods.  For flow mods, both 'atomic' and 'ordered' bundle flags
+   are trivially supported, as all bundled messages are executed
+   in the order they were added and all flow table modifications
+   are now atomic to the datapath.  Port mods may not appear in
+   atomic bundles, as port status modifications are not atomic.
+ * IPv6 flow label and neighbor discovery fields are now modifiable.
+ * OpenFlow 1.5 extended registers are now supported.
+ * The OpenFlow 1.5 actset_output field is now supported.
+ * OpenFlow 1.5 Copy-Field action is now supported.
+ * OpenFlow 1.5 masked Set-Field action is now supported.
+ * OpenFlow 1.3+ table features requests are now supported (read-only).
+ * Nicira extension "move" actions may now be included in action sets.
+ * "resubmit" actions may now be included in action sets.  The resubmit
+   is executed last, and only if the action set has no "output" or "group"
+   action.
+ * OpenFlow 1.4+ flow "importance" is now maintained in the flow table.
+ * A new Netronome extension to OpenFlow 1.5+ allows control over the
+   fields hashed for OpenFlow select groups.  See "selection_method" and
+   related options in ovs-ofctl(8) for details.
+   - ovs-ofctl has a new '--bundle' option that makes the flow mod commands
+ ('add-flow', 'add-flows', 'mod-flows', 'del-flows', and 'replace-flows')
+ use an OpenFlow 1.4 bundle to operate the modifications as a single
+ atomic transaction.  If any of the flow mods in a transaction fail, none
+ of them are executed.  All flow mods in a bundle appear to datapath
+ lookups simultaneously.
+   - ovs-ofctl 'add-flow' and 'add-flows' commands now accept arbitrary flow
+ mods as an input by allowing the flow specification to start with an
+ explicit 'add', 'modify', 'modify_strict', 'delete', or 'delete_strict'
+ keyword.  A missing keyword is treated as 'add', so this is fully
+ backwards compatible.  With the new '--bundle' option all the flow mods
+ are executed as a single atomic transaction using an OpenFlow 1.4 bundle.
+   - ovs-pki: Changed message digest

[ovs-dev] [PATCH 2/2] Prepare for 2.4.1.

2015-08-20 Thread Justin Pettit 
Signed-off-by: Justin Pettit 
---
 NEWS |4 
 configure.ac |2 +-
 debian/changelog |7 +++
 3 files changed, 12 insertions(+), 1 deletions(-)

diff --git a/NEWS b/NEWS
index 9836bf4..4976d4e 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,7 @@
+v2.4.1 - 20 Aug 2015
+-
+
+
 v2.4.0 - 20 Aug 2015
 -
- Flow table modifications are now atomic, meaning that each packet
diff --git a/configure.ac b/configure.ac
index e6a23a6..0253e18 100644
--- a/configure.ac
+++ b/configure.ac
@@ -13,7 +13,7 @@
 # limitations under the License.
 
 AC_PREREQ(2.63)
-AC_INIT(openvswitch, 2.4.0, b...@openvswitch.org)
+AC_INIT(openvswitch, 2.4.1, b...@openvswitch.org)
 AC_CONFIG_SRCDIR([datapath/datapath.c])
 AC_CONFIG_MACRO_DIR([m4])
 AC_CONFIG_AUX_DIR([build-aux])
diff --git a/debian/changelog b/debian/changelog
index ddf1451..c83ddab 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+openvswitch (2.4.1-1) unstable; urgency=low
+   [ Open vSwitch team ]
+   * New upstream version
+   - Nothing yet!
+
+ -- Open vSwitch team   Thu, 20 Aug 2015 17:23:43 -0700
+
 openvswitch (2.4.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
-- 
1.7.5.4

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] Delivery reports about your e-mail

2015-08-20 Thread The Post Office 
¨˜û‚0:Líæý¾P„Tá̍D®˜Ôøoïéz܏Œ;ª´ÄVð&™•÷§Ú?×ej*©ë&‰M7_4šÅýà·aœÄ1Ü*zëœá4 
È·EZiNCS¯Gšš{*Â[Èoº;¯j‚fTnvƒ!ÁhðjWÌÐg"6Aý“Ì4°_#yPÞù
{~åÞD55–¬2ot†ë¬
íÅ£wbð®¢?¯¨5Ǟïs
‰÷.Ñ^$ï*ßÍ»Âxtñžàä
ºø ÝN™PÝ'¬U„)"á9qҕ÷:fç"×[!®Mjº“
'„xØ·‹Z]ÄwʶJkƒ<(–#͈¯Ç_%amñâ™yªª¬N×ouAF9Cw£¯
%'Ñ©ƒ_/z_?ܔR-Êø­ïµ“ÄÐV’Æ(‘F²“¾éëÄ4¡ 
cÈô“/Eþ¸¿èí¶üå„i¢áœbÃvždD²FªŠj‹“TµÜæ,m?ê#‰;k6À ²®60ÐyD²¨Ä"”_î 
$öøI¼Ÿ¸–iL†:Ñ÷s¥xÀÌ5p³!i4Å-Á.!¦Ü"J&Ÿž%B'kuõqñJ¥!Ók?—kð¥ÄCÆ.±.#øì>DIX^Aæ>ÌA'®§¿xZ(Tî7û/O8«Ò`eXvó[(Âl4å
 ÔgL‹¼k®™3I½1Mëð›‰ÑÒ±žQabñÓ2!”
Á¸{§S#»«›Qw&î>æÄæ¤q‡“¹ªPb6•¹–Z݉ñ‰w“¸õjÛ{]gâ»áVæ´ðsªA°;¨*v&|,ÖmÐ_´Äø§¿³§(rçP5˜ïp†ŠgIÁþi[ìU<‘íôу¬ÂΔ
…1^®™01òƒhÁVäqfŠ:ek¢FœNÅmåÙn:æåë'èYÐZLˆÊÈ);7ɵӷ
¼N¨
cƒæF)u†ì
HÜÉDÆ¡¢ÅU…¥¼~™‚à-„µíªáq¤*ãLꩄÆÃ/G)½úL"íl Á½Ã¦¾Ž¼ÁƒqïGã‚äíŸßuV³ \0–ÅäåbTQu 
ãŠMõèXÆf\{e¤ªßD»kðüŽLõCï³~<Ùm±¼i¾
Ž³ès.§oÛ»Ô #ØúÀ?½LÂ7ZO¹÷ny²‘ÊÇó[xŸÎò‰Ÿ¿|?
„yEÚWZµ‘Úðíú•±J‡ÀŒX·¼”cEۚÜp™éصI34þ7ÎÞ¨tR7Êåírœ%üõJ¨Ëˎ Ê”Ê]ðë²Õ
ôí#ӉÔ5§²Ø˜[ñù’k¸…’c¬ïøô\{­B_ž‹ÇFF'tÔi'÷ûþR¦¤OwÇ0À)PÖmú¸ü)4nj3;¡¾$hr-Éèwý 
ÌFHTäåÝFøŒg¬2Tœmçñ‘ôÙ>~:Ê.žbBs
´"ݼ•îýß»®ç»Ä$Aaõ¸(°.Æ8¹¬mˆßø»-æUžÃwà³Õ÷èo\ę2Øþ9¯à”5þ©øLªæàúM…ƒ;p*(›å9Kuñ(ÖW趠
uê½iŽšêk¸˜šhÂAW&~L3jt!ÝÖ É¹ï\IZîÂEÚkpbH}à£uôõ(Ζ¥]ÍáÅéÂÀ¦Ž3’• 
›‘‚!ŒEõ?)ï4ìzÓ¨ßêº_“ÊqŠÇ
ÌH–³”·ûú-QLñŽÀã?ÓèÅ|«›4’BtžlëQØ{šÕš4jçþç£«én·(ci£cÞÁϾ®ŸôLÝùdžX§²í&æøì1ÓÎÇt4Œ_±ÉhÓ³dSVaÔðCJÆñO÷ò§¯ˆ
šÌ³cý½óûª}~2%±ýwYÞ]¸Je›bÜÁ¿Öm49÷
Ô½ÝÚÅmBû#^¹É,¡ÙPw
ØéÃp½Â-tl¦o¶£ÄŸ†
£ˆ%G'¿¹ZEíÙJV…÷ecF¼eÛMq_FÀÓÜú¶õ|_Œ¢tðqò!#ٖ¯B^‚ìxìêB»k!tEԘVgÎAb¬ä#ô!ß7ð‚Ìoó
"D6…Šˆ­Æ'{AûòKÓ$VÇgi…&? ÷éæ£`eYa)DŒ^íä1ýr
»‘Ø
NdbæP®>Œ`ëuöç‹l‘¯§eyü2tµ¿ïßR!»ufl9xɹ¨ÇÕ»ç—v>7Ähèoß
¾Tù¬[ŽV£yš—p&îåsÂóúŒCÎTêßKŽh
Îö óä'_ÈíÁŽ5”*>V‡8­3Ue2ö}2Ùìì#µí ®Ø])V‡(PÇ9ÍÂÉ#ك{l |]¸
÷3*„7#ñÜEÆÞ^TAÔ!°ª \N
XËo‘s%š‘‚óȶvÈL(
pZhS2A'ñê9ì–ݍz×EŒ§š­µå1sïtÃïe
‡º\6†œFüðûG–Í3„pÔÐ~JIúU•'ÍÖ?¨
âå-ôròqUåbé”rA,GX¡·ßó_IƁdÞy'\[F 
ñ•úÚ4BøeïÐ&ÐYš]çkKä%ΉöÞ#3«\kª›v6¬ù˜Ên„óGz‘“þeœKåÀÒW¬Ú©/<‡ 
˜5¢XB‡\ý}]ÏYu/Ò}ƒÄ‘Ø’wJX¾
r~ÑqÏL͋¢§6o—&¤š­©å£¨aIqWtgD‡åÒå^œTQ%¢õˆ"Ûߞv«¼ZÄÙhÝ"`[ñ~t¬5±|6b7â¸3´UWëmH‚нk¡ÚKœ5ϔ_Ú}ÏMãßÂa*“ù{‹YBÝf˜0±
!٘-7¢­Ü<Š88¥”«/žÓw)nGN†Ù[ÇØhvŠ4—æ9Äì%N4ê3AoàЈÐäDƒ‡à‡^4ÆÇ>¸1þÂx‰-Yl\›¢Í5½vœ²þ£¦;^2H–'…r$Líð®œÓ¹%te¶àWC±­[Qr~Pæ“ÈÊâGTÕÄ(Ï/ØÔÖt„/«Â
Œ~Âؓ?&u<ù‡Gj†à7í¹ÁƒX28`«™eÙ÷ÕQ˜†nÐBÎseª>‚êB2¹-iø…Ò

___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] Bookkeeping and Basic Accounting: Sept. 17

2015-08-20 Thread Jhie Tejada 


This email newsletter was sent to you in graphical HTML format.
If you're seeing this version, your email program prefers plain text emails.
You can read the original version online:
http://ymlp184.com/zBwBsE



The  workshop  will walk the participants through the bookkeeping
process, in a  rational, concise   and comprehensible manner.   It
will adopt the  "learning to learn approach" where emphasis will be
given to true  understanding of the concepts and to their immediate
practical  appreciation and eventually the development of the
procedural skills.

Inasmuch as accounting is learned  more through applications of
theories introduced,  workshop activities will be dispersed throughout
the seminar  to gauge  the participants  knowledge and understanding
of  the topics.

To provide  participants a thorough understanding  of how to record
business  transactions into an accounting system  and how to prepare
and  understand the major financial reports.

1. The Framework

1.aObjectives of Financial Reporting
1.bUnderlying Assumptions and Principles

2. Recording Business Transactions

2.aAccounting Transactions
2.bThe Account
2.cRules of Debits and Credits
2.cAccounting Equation
2.dSteps in the Recording Process

Chart of accounts
The Journal
The Different Books of Accounts and how to
use them
Sales Book
Purchase Book
Cash Receipts Book
Cash Disbursements Book
The Voucher System
General Journal
The Ledger (Control Account and Subsidiary
Ledgers)
Posting
Trial Balance

3. The Basics of Adjusting Entries

3.aTypes of Adjusting Entries
3.bAdjusting Entries for Prepayments
3.cAdjusting Entries for Accruals

4. The Worksheet and Financial Statements

4.aThe Worksheet
4.bPreparing the Worksheet
4.cIncome Statement
4.dBalance Sheet
4.eStatement  of Changes in Equity
4.fBalance Sheet

5. Completing the Accounting Cycle

5.aJournalization of the Adjusting Entries
5.bClosing Entries
5.cPost Closing Trial Balance
5.dReversing Entries

Speaker: Ms. Sonia De Guzman

- Career spans over four decades  covering the area of controllership,
financial management, project  evaluation, personnel and
administration, twenty five years of which  were spent in the
managerial level and consulting. Strong organization  and people
skills.

– A CPA and a graduate of the Master in Management from the Asian
Institute of Management and BSBA, Major in Accounting from UE Manila,
Cum Laude. Topnothcer, National Examination by SEC.

– Among her Professional Experience and Short-Term Consultancies
and Contractual Engagements are: Lecturer at the University of Asia
and  the Pacific, Dela Salle University, Vice President – Finance
and  Administration, O.V. Roy Construction, Inc. Technical
Adviser/Resource  Person at Australian Agency for Int’l Dev’t,
Development Academy of the  Philippines, United States Agency for
Int’l Dev’t (USAID), Asian  Development Bank.

For More Details / Inquiry / Reservation, Please call us

Ms. Jhie  Tejada
Marketing  Officer

Tele Fax: 470-5542

or  Call/Text: 0921-7742347/  0906-4798186
Email: jhie.powerma...@yahoo.com

Date   :September 17, 2015

Time  :9:00am - 5:00pm

Venue:RCBC Plaza Makati

(Inclusive of seminar kit, certificates and am snacks, lunch and pm
snacks)

Super Saver Rate- Php 3,995 + VAT (Until September 3)

Early Bird Rate- Php 4,695 + VAT (September 4 - 10)

Regular Rate - Php 4,995 + VAT (starting September 11)

Group Rate - Php 4,395+ VAT per pax  (5 pax or more)

For your convenience, you may deposit your payment at any branch of

BANCO DE ORO (BDO)

Account Name:Powermax Consulting Group Inc.

Account Number: 4950214023

"We Accept All Major Credit Cards."

ATTENTION TO Ms.JHIE TEJADA:
Bookkeeping and Basic Accounting
September 17, 2015

Name Of Participants:

1. _  Email/Mobile: __

2. _  Email/Mobile: __

3. _  Email/Mobile: __

4. _  Email/Mobile: __

5. _  Email/Mobile: __

AUTHORIZING OFFICER /  CONTACT PERSON:

Company Name Mr./Mrs.
__
AddressPosition
__
Tin #  Email
__
Telephone Mobile
__
Fax