Introduce vport_route_lookup to consolidate route lookup
shared by vxlan, gre, and geneve ports.
Signed-off-by: Fan Du
---
net/openvswitch/vport-geneve.c | 11 +--
net/openvswitch/vport-gre.c| 10 +-
net/openvswitch/vport-vxlan.c | 10 +-
net/openvswitch/vport.
On 01/11/15 at 09:53am, Ben Pfaff wrote:
> On Fri, Jan 09, 2015 at 12:29:48PM +0100, Thomas Graf wrote:
> > From: Amit Bose
> >
> > Cflags in pkg-config files sets the include path to $PREFIX/openflow,
> > $PREFIX/openvswitch. This makes the including source files use the files
> > like
> > inc
nlattr_set() is currently hardcoded to two levels of nesting. This change
introduces struct ovs_len_tbl to define minimal length requirements plus
next level nesting tables to traverse the key attributes to arbitary depth.
Signed-off-by: Thomas Graf
---
v2->v3:
- No change
v1->v2:
- New patch t
Implements supports for the Group Policy VXLAN extension [0] to provide
a lightweight and simple security label mechanism across network peers
based on VXLAN. The security context and associated metadata is mapped
to/from skb->mark. This allows further mapping to a SELinux context
using SECMARK, to
Introduces support for the group policy extension to the VXLAN virtual
port. The extension is disabled by default and only enabled if the user
has provided the respective configuration.
ovs-vsctl add-port br0 vxlan0 -- \
set Interface vxlan0 type=vxlan options:exts=gbp
The configuration in
A VXLAN net_device looking for an appropriate socket may only consider
a socket which has a matching set of extensions enabled. If the
extensions don't match, return a conflict to have the caller create a
distinct socket with distinct port.
The OVS VXLAN port is kept unaware of extensions at this
Also factors out Geneve validation code into a new separate function
validate_and_copy_geneve_opts().
A subsequent patch will introduce VXLAN options. Rename the existing
GENEVE_TUN_OPTS() to reflect its extended purpose of carrying generic
tunnel metadata options.
Signed-off-by: Thomas Graf
---
Implements supports for the Group Policy VXLAN extension [0] to provide
a lightweight and simple security label mechanism across network peers
based on VXLAN. The security context and associated metadata is mapped
to/from skb->mark. This allows further mapping to a SELinux context
using SECMARK, to
The VXLAN receive code is currently conservative in what it accepts and
will reject any frame that uses any of the reserved VXLAN protocol fields.
The VXLAN draft specifies that "reserved fields MUST be set to zero on
transmit and ignored on receive.".
Retain the current conservative parsing behav
version.h inclusion is not necessary as detected by versioncheck.
Signed-off-by: Syam Sidhardhan
Acked-by: Pravin B Shelar
---
No code changes. Add net-next prefix flag for net-next tree.
net/openvswitch/vport-geneve.c |2 --
1 file changed, 2 deletions(-)
diff --git a/net/openvswitch/vpo
OK, please do.
On Mon, Jan 12, 2015 at 04:24:24AM +, Andrew Kampjes wrote:
> Well if no-one wants to use it, then I'll remove the GPG parts and call it
> good-enough.
>
> On Mon Jan 12 2015 at 06:26:43 Ben Pfaff wrote:
>
> > I don't know anyone who uses Thunderbird. I never have. I'm not
On Mon, Jan 05, 2015 at 10:33:57AM +0100, Mijo Safradin wrote:
>
>
> >CFLAGS follows OVS_CFLAGS in the compiler command line, and should, so that
> >the user can override any automatically determined compiler options. That
> >means that the -O0 that the code here added to OVS_CFLAGS didn't reall
That page does have a reasonable point. I think that coverage is a
special case, so I applied this patch, but I'm not going to pursue it
for --enable-debug.
On Mon, Jan 05, 2015 at 11:00:00AM +, Finucane, Stephen wrote:
> I think it's worth adding that, while the below is using a different
>
From: Amit Bose
Signed-off-by: Amit Bose
Signed-off-by: Thomas Graf
---
include/openvswitch/vconn.h | 4 ++--
lib/vconn-provider.h| 10 +-
lib/vconn.c | 34 +-
3 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/incl
Hi,
After running some performance tests on the latest master, it appears that this
commit has caused netdev DPDK performance to drop significantly (by > 50 %).
Has anybody else seen this?
Regards,
Ciara
-Original Message-
From: dev [mailto:dev-boun...@openvswitch.org] On Behalf Of Jar
Le 08/01/2015 23:47, Thomas Graf a écrit :
Implements supports for the Group Policy VXLAN extension [0] to provide
a lightweight and simple security label mechanism across network peers
based on VXLAN. The security context and associated metadata is mapped
to/from skb->mark. This allows further m
Can you PLEASE, PLEASE, not quote and entire full patch just to add two
lines of commentary.
Quote _only_ the _RELEVANT_ portions of the email you are replying to.
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
> diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
> index f7d0d2d..9f07bf5 100644
> --- a/include/uapi/linux/if_link.h
> +++ b/include/uapi/linux/if_link.h
> @@ -370,10 +370,18 @@ enum {
> IFLA_VXLAN_UDP_CSUM,
> IFLA_VXLAN_UDP_ZERO_CSUM6_TX,
> IFLA_V
Add bit about reporting vulns with GPG.
Add generalised rules for vulnerabilties.
Signed-off-by: Andrew Kampjes
---
SECURITY.md | 35 +--
1 file changed, 25 insertions(+), 10 deletions(-)
diff --git a/SECURITY.md b/SECURITY.md
index d558d44..b107a59 100644
--- a/
On Jan 11, 2015, at 1:29 PM, Ben Pfaff wrote:
> On Fri, Jan 09, 2015 at 04:54:42PM -0800, Jarno Rajahalme wrote:
>> With the small nits below:
>>
>> Acked-by: Jarno Rajahalme
>
> Thanks. I fixed up everything you mentioned and applied this to master.
>
> I gave details below; the only bit
On Sat, Jan 10, 2015 at 3:00 PM, Thomas F Herbert
wrote:
> This patch fixes a bug when pushing vlans. It causes vlans to be transmitted
> with
> the TPID instead of the tci on the inner vlan.
>
> Signed-off-by: Thomas F Herbert
I pushed the fix to master.
Thanks.
> ---
> datapath/linux/compat
On Thu, Jan 8, 2015 at 9:42 PM, Fan Du wrote:
> 于 2015年01月09日 03:55, Jesse Gross 写道:
>
>> On Thu, Jan 8, 2015 at 1:39 AM, Fan Du
>> wrote:
>>>
>>> 于 2015年01月08日 04:52, Jesse Gross 写道:
>
>
> My understanding is:
>>
>> controller sets the forwarding rules into kernel datapath, a
On Jan 12, 2015, at 9:16 AM, Loftus, Ciara wrote:
> Hi,
>
> After running some performance tests on the latest master, it appears that
> this commit has caused netdev DPDK performance to drop significantly (by > 50
> %). Has anybody else seen this?
>
I saw notified of this last week, and di
On Thu, Jan 8, 2015 at 9:48 PM, Fan Du wrote:
> 于 2015年01月09日 03:55, Jesse Gross 写道:
>>
>> On Thu, Jan 8, 2015 at 1:39 AM, Fan Du
>> wrote:
>>
>>> >于 2015年01月08日 04:52, Jesse Gross 写道:
>
> >>>
> >>>My understanding is:
>>
>> >>> >controller sets the forwarding rules into kernel
On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
> index 4d52aa9..b148739 100644
> --- a/drivers/net/vxlan.c
> +++ b/drivers/net/vxlan.c
> @@ -568,7 +569,8 @@ static struct sk_buff **vxlan_gro_receive(struct sk_buff
> **head, struct sk_b
On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
> index 8980d32..457ccf3 100644
> --- a/net/openvswitch/flow_netlink.c
> +++ b/net/openvswitch/flow_netlink.c
> +static const struct ovs_len_tbl ovs_tunnel_key_lens[OV
When the test suite is run on an OS with 1 core (e.g., a VM with one
core assigned to it), some of the atomic memory model tests take a
long time, with the effect that the test seems stuck.
This patch stops these tests after one second and only fails the test
if there has not been any significant
On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
> index d1eecf7..8980d32 100644
> --- a/net/openvswitch/flow_netlink.c
> +++ b/net/openvswitch/flow_netlink.c
> +static int validate_and_copy_geneve_opts(struct sw_flo
On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
> index 457ccf3..cea492b 100644
> --- a/net/openvswitch/flow_netlink.c
> +++ b/net/openvswitch/flow_netlink.c
> +static int vxlan_tun_opt_from_nlattr(const struct nlat
On Mon, Jan 12, 2015 at 1:14 AM, Fan Du wrote:
> Introduce vport_route_lookup to consolidate route lookup
> shared by vxlan, gre, and geneve ports.
>
> Signed-off-by: Fan Du
> ---
...
> }
> +
> +struct rtable *vport_route_lookup(struct ovs_key_ipv4_tunnel *tun_key,
> +
On 01/12/15 at 11:23am, Jesse Gross wrote:
> On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> > diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
> > index 4d52aa9..b148739 100644
> > --- a/drivers/net/vxlan.c
> > +++ b/drivers/net/vxlan.c
> > @@ -568,7 +569,8 @@ static struct sk_buff **
On Mon, Jan 12, 2015 at 2:47 PM, Thomas Graf wrote:
> On 01/12/15 at 11:23am, Jesse Gross wrote:
>> On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
>> > diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
>> > index 4d52aa9..b148739 100644
>> > --- a/drivers/net/vxlan.c
>> > +++ b/drivers/
On 01/12/15 at 02:50pm, Jesse Gross wrote:
> On Mon, Jan 12, 2015 at 2:47 PM, Thomas Graf wrote:
> > On 01/12/15 at 11:23am, Jesse Gross wrote:
> >> On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> >> > diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
> >> > index 4d52aa9..b148739 1006
On 01/12/15 at 01:38pm, Jesse Gross wrote:
> On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> > diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
> > index d1eecf7..8980d32 100644
> > --- a/net/openvswitch/flow_netlink.c
> > +++ b/net/openvswitch/flow_netlink.c
> >
On 01/12/15 at 11:41am, Jesse Gross wrote:
> On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> > + [OVS_TUNNEL_KEY_ATTR_GENEVE_OPTS] = { .len = OVS_ATTR_NESTED },
> > +};
>
> Geneve isn't really nested - maybe we should break it out into a
> separate name? OVS_ATTR_VARIABLE? We should
On Mon, Jan 12, 2015 at 2:59 PM, Thomas Graf wrote:
> On 01/12/15 at 02:50pm, Jesse Gross wrote:
>> On Mon, Jan 12, 2015 at 2:47 PM, Thomas Graf wrote:
>> > On 01/12/15 at 11:23am, Jesse Gross wrote:
>> >> On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
>> >> > diff --git a/drivers/net/vxlan
Out of tree builds works should work fine on Ubuntu too. Did you run
into any specific issues?
BTW, glad to hear your are working on Vagrantfile for Ubuntu.
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
On 01/12/15 at 01:54pm, Jesse Gross wrote:
> On Mon, Jan 12, 2015 at 4:26 AM, Thomas Graf wrote:
> > + if (tb[OVS_VXLAN_EXT_MAX])
> > + opts.gbp = nla_get_u32(tb[OVS_VXLAN_EXT_MAX]);
>
> Shouldn't this be OVS_VXLAN_EXT_GBP instead of OVS_VXLAN_EXT_MAX?
> (They have the same va
On 01/12/15 at 10:14am, Tom Herbert wrote:
> > diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
> > index f7d0d2d..9f07bf5 100644
> > --- a/include/uapi/linux/if_link.h
> > +++ b/include/uapi/linux/if_link.h
> > @@ -370,10 +370,18 @@ enum {
> > IFLA_VXLAN_UDP_CSUM,
>
On 01/12/15 at 06:37pm, Nicolas Dichtel wrote:
> >+if (data[IFLA_VXLAN_EXTENSION])
> >+configure_vxlan_exts(vxlan, data[IFLA_VXLAN_EXTENSION]);
> >+
> Can you also update vxlan_fill_info() so that these new attributes can be
> dumped via netlink?
Sure, will do.
IPv6 Flow Label is currently read only. This patch adds support
to allow actions like actions=set_field:0x12345->ipv6_label.
Signed-off-by: Pritesh Kothari
---
lib/meta-flow.c | 2 +-
lib/meta-flow.h | 2 +-
tests/ofproto.at | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --gi
On Mon, Jan 12, 2015 at 5:03 PM, Thomas Graf wrote:
> On 01/12/15 at 10:14am, Tom Herbert wrote:
>> > diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
>> > index f7d0d2d..9f07bf5 100644
>> > --- a/include/uapi/linux/if_link.h
>> > +++ b/include/uapi/linux/if_link.h
>> > @@
Introduce ovs_tunnel_route_lookup to consolidate route lookup
shared by vxlan, gre, and geneve ports.
Signed-off-by: Fan Du
---
Chnage log:
v2:
- Use inline instead of function call
- Rename vport_route_lookup to ovs_tunnel_route_lookup
---
net/openvswitch/vport-geneve.c | 11 +--
This comes up from time to time.
Signed-off-by: Ben Pfaff
---
FAQ.md | 20
1 file changed, 20 insertions(+)
diff --git a/FAQ.md b/FAQ.md
index 9e95d07..f7a0076 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -750,6 +750,26 @@ A: It's an expected behaviour.
ovs-vsctl add-port br
On Mon, Jan 12, 2015 at 05:51:23PM +0100, Thomas Graf wrote:
> From: Amit Bose
>
> Signed-off-by: Amit Bose
> Signed-off-by: Thomas Graf
Acked-by: Ben Pfaff
___
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
Open vSwitch has a new vulnerability management process:
https://github.com/openvswitch/ovs/blob/master/SECURITY.md
Step 4 in this process is "Embargoed Disclosure", in which the security
advisory and patches are sent to downstream stakeholders, who are major
Open vSwitch users or distrib
On Mon, Jan 12, 2015 at 6:41 PM, Fan Du wrote:
> Introduce ovs_tunnel_route_lookup to consolidate route lookup
> shared by vxlan, gre, and geneve ports.
>
> Signed-off-by: Fan Du
> ---
> Chnage log:
> v2:
> - Use inline instead of function call
> - Rename vport_route_lookup to ovs_tunnel_rout
Jarno,
Thanks for the patch. With this patch, I confirmed that I no longer
encounter the problem I reported before. Just curious but where is
VLOG_INFO() written to in this case?
---
Motonori Shindo
2015-01-13 6:27 GMT+09:00 Jarno Rajahalme :
> When the test suite is run on an OS with 1 core (
48 matches
Mail list logo
