[ovs-discuss] [ADVISORY] CVE-2015-8011: lldpd buffer overflow when decoding malformed packets

Description === Multiple versions of Open vSwitch are vulnerable to remote buffer overflow attacks in which crafted LLDP packets could overflow the buffer reserved for management address information in an internal OVS data structure. Triggering the vulnerability requires LLDP processing t

[ovs-discuss] [ADVISORY] CVE-2020-27827: lldp: Externally triggered memory leak.

: * 2.14.1 * 2.13.2 * 2.12.2 * 2.11.5 * 2.10.6 * 2.9.8 * 2.8.10 * 2.7.12 * 2.6.9 Acknowledgments === The Open vSwitch team wishes to thank the reporter: Jonas Rudloff Fix: The patch to resolve this issue is attached. Reported-by: Jonas Rudloff Signed-off-by: Aaron Conole

Re: [ovs-discuss] Patch for PACKET_OUT getting deleted twice crash

Ilya Maximets writes: >> Here is a patch with both a test and a fix. Thanks so much! It's nice to get fixes, but I think it's really great when test cases come along with them. > Hi. Thanks for working n this! > > CC: ovs-dev > >> Not submitting as a formal >> patch because I would like some

Re: [ovs-discuss] Patch for PACKET_OUT getting deleted twice crash

Ilya Maximets writes: > On 6/7/21 3:59 PM, Ilya Maximets wrote: >> On 6/7/21 3:09 PM, Aaron Conole wrote: >>> Ilya Maximets writes: >>> >>>>> Here is a patch with both a test and a fix. >>> >>> Thanks so much! It's nice to get fi

Re: [ovs-discuss] [ovs-build] An error occurred while recompiling OVS

mythosmonkeyking writes: > hi all, > I used the following command to compile OVS and encountered an error, the > detailed error information is as follows: This looks like a sphinx error with your local copy of sphinx. Did you install the sphinx package via pip3? Maybe via your distribution

Re: [ovs-discuss] [OVN] branch name renamed from 'master' to 'main'

Dumitru Ceara writes: > On 10/5/21 7:39 PM, Numan Siddique wrote: >> Hello everyone, > > Hi Numan, > > +Aaron > >> >> The default branch of OVN has been renamed from 'master' to 'main'. I >> had brought this up >> for discussion in our weekly upstream OVN meeting a couple of weeks >> ago and t

Re: [ovs-discuss] [OVN] branch name renamed from 'master' to 'main'

Aaron Conole writes: > Dumitru Ceara writes: > >> On 10/5/21 7:39 PM, Numan Siddique wrote: >>> Hello everyone, >> >> Hi Numan, >> >> +Aaron I re-started those builds that would be associated with the series that didn't get any tests. I gues

Re: [ovs-discuss] When will the videos and ppts of open vswitch and ovn 2021 fall conference be available

Hi David, and Numan, Numan Siddique writes: > On Mon, Dec 20, 2021 at 7:55 PM David Zhang (张同剑)-浪潮信息 inspur.com> wrote: >> >> Hi ： >>Do you know When will the videos and ppts of open vswitch and ovn 2021 >> fall conference be available? I'm sorry I didn't attend > > Hi, > > Day 1 videos are

Re: [ovs-discuss] 答复: When will the videos and ppts of open vswitch and ovn 2021 fall conference be available

"David Zhang (张同剑)-浪潮信息" writes: > HI ALL: > Thanks tell me timely. > > By the way , How to get the contents of EMC table through the command line? I don't believe such a command exists. > -邮件原件- > 发件人: Aaron Conole > 发送时间: 2021年12月23日, 星期四

Re: [ovs-discuss] How to submit to the ovs and ovn community bugs, code path, specific methods and steps of is what kind of?

"David Zhang (张同剑)-浪潮信息" writes: > Hi Hi David, > How to submit to the ovs and ovn community bugs, code path, specific > methods > and steps of is what kind of? Great news, you are already submitting to the community with just this email. If you want to contribute more, please read up here:

[ovs-discuss] Registration is open for OVS+OVN '22!

Registration for the annual fall OVS+OVN conference, taking place this year in the Boston area from November 8 to 10 and hosted by Red Hat, Inc. is now open. The registration link may be found at: https://www.eventbrite.com/e/ovsovn-2022-fall-conference-tickets-403901198357 Please note that curr

[ovs-discuss] [OVSCON] Submission deadline extended to September 14

Greetings, There were a few requests over the weekend to extended the final deadline. We also had a number of submissions (about 1/2 so far) that have asked us to accommodate virtual presentations. After the conference planning meeting today, we have worked to make sure that we will can accommod

Re: [ovs-discuss] Bridge does not specify output ; ignoring? (OVS-DPDK Ubuntu)

"Stokes, Ian" writes: >> The mirror-related errors in the log. ovs-tcpdump creates a mirror. > > Are there any other errors in the logs? (with a view to figuring out > why traffic isn't reaching the VMs). Feel free to attach them if > you're unsure. > > Can you provide some more detail with rega

Re: [ovs-discuss] mirror ports aggregation

Laszlo Fekete writes: > Hello! > > > > I have 8 separate ports where have some incomming traffic (not related to > that interface so using > promisc) and want to mirror these traffics to 1 port. But not bridge together > the 8 incomming ports, is it > possible to create like this with ovs? I

Re: [ovs-discuss] mirror ports aggregation

Laszlo Fekete writes: > > > On 2017. February 20. 15:43:05 Aaron Conole wrote: > >> Laszlo Fekete writes: > >> > Hello! > >> > > >> > > >> > > >> > I have 8 separate ports where have some incomming traffic (n

Re: [ovs-discuss] mirror ports aggregation

ond_fake_iface : false > > bond_mode : [] > > bond_updelay : 0 > > external_ids : {} > > fake_bridge : false > > interfaces : [377ad193-1340-4d34-965b-cb54bd73e59a] > > lacp : [] > > mac : [] > > name : br-sbc > > other_config : {} > > qos : [] &

Re: [ovs-discuss] OVS+DPDK: socket permissions' problem

Aynur Shakirov writes: > libvirt-qemu user and kvm group exists in my system (autocreated after > libvirt package in Ubuntu): > > root@dpdk-compute0:/opt/build# grep qemu /etc/passwd > libvirt-qemu:x:64055:118:Libvirt Qemu,,,:/var/lib/libvirt:/bin/false > > root@dpdk-compute0:/opt/build# groups

Re: [ovs-discuss] ovs-vsctl adding dpdk ports hangs

Shivaram Mysore writes: > Thanks Guru. > > Upon further investigation, ovs is crashing. Any thoughts on what could be > the issue or how I can get > better debug info? You can start ovs-vswitchd using gdb (sudo gdb `which ovs-vswitchd` and then run with 'r unix:$DB_SOCK --pidfile -v --log-file

Re: [ovs-discuss] Packet reodering Open vSwitch multiple versions

Ionut Chiriac writes: > Open vSwitch version: 2.5.0, 2.5.2, 2.7.0 > > Kernel Version: Linux version 3.10.70 > > OS: Openwrt Barrier Breaker > > > > > |

Re: [ovs-discuss] DUMP-FLOWS: ofctl dump-flows vs dpctl dump-flows

Levente Csikor writes: > Hi, > > a.f.a.i.k.: > > dpctl shows what's in the kernel space (fast path) and ofctl shows what's in > the > userspace (flow table - slow(er) path). > > The flow table can have priorities, therefore it can consist of overlapping > rules as > well resulting in lesser num

Re: [ovs-discuss] DUMP-FLOWS: ofctl dump-flows vs dpctl dump-flows

"Avi Cohen (A)" writes: >> On Sun, May 21, 2017 at 12:11:19PM +, Avi Cohen (A) wrote: >> > Megaflows is a kind of 'flows/rules compression' with don't care >> > bits. (correct me if I'm wrong) But this is in a contradiction to what is >> > written >> in the manpages: " dpctl shows only ex

Re: [ovs-discuss] Openvswitch linux nat issue (ver 2.7.0 and linux 4.9.x)

akshay6 agarwal writes: > Hi All > > My objective is to use fast failover using linux nat in OVS but before > implementing that I am stuck in NAT > (ip tables) issue. > > I have one ovs bridge with 2 lan interface ( 1 virtual interface (ethlan)and > one physical interface(eth1.4)) > Also added

Re: [ovs-discuss] Help needed to mirror a port

LuisMi Cruz writes: > Hello all, > > This message might a very common question I think but I wouldn't be here if I > am not fully desperate. > > I am trying to do a simple port mirror and it is not working. > > The scenario is: > Bridge: xapi3 > > Source port vif208.1 > > Destination port vif21

Re: [ovs-discuss] OVS + DPDK Vhostuser - Failed to set msg fds

Advith Nagappa writes: > Hello All, > > I am trying to set up a DPDK OVS on KVM.. I am using OVS 2.6.1 and DPDK > 16.11.2. > > The build is successful and I am able to create a OVS bridge and create > dpdkvhostuser ports. > > ovs-vsctl add-br br0 -- set bridge br0 datapath_type=netdev > ovs-vsc

Re: [ovs-discuss] RouterOS

Michael Williams writes: > RouterOS supposedly supports OpenFlow and I was wondering if any of you have > gotten OpenvSwitch to > work on it or if OvS is already built into it? The documentation is unclear > concerning how it handles its > switching functions. It is not an Open vSwitch impleme

Re: [ovs-discuss] [ovs-dev] rte_eal_init() error when using ovs-dpdk with secondary application.

Junguk Cho writes: > Hi, > > I use ovs-dpdk (ovs-2.7, dpdk-16.11.1) with one application which talks to > ovs by using ring device and "--proc-type=secondary" (secondary processes). > It generally works well, but sometimes it shows this error. > > It seems it could not find correct memory mapping

Re: [ovs-discuss] [ovs-dev] rte_eal_init() error when using ovs-dpdk with secondary application.

t; > I don't know the base virtual address value you should use, however. > -> Do you mean it will not help? I mean I don't know what value to use. > Thanks, > Junguk > > On Thu, Jun 15, 2017 at 9:28 AM, Aaron Conole wrote: > > Junguk Cho writes: > >

Re: [ovs-discuss] error with openvswitch (dpif(handler2)|WARN|system@ovs-system: failed to put[create] (Invalid argument) ufid:)

Hi Jean, Jean Hsiao writes: > While running PvP RFC2544 testing over geneve tunnel, we're getting this WARN > message: > > 017-10-02T17:25:04.051Z|1|dpif(revalidator25)|WARN|netdev@ovs-netdev: > failed to put > [modify] (No such file or directory) > ufid:78499e82-1c5d-49ac-8cc1-7b26ab733b

Re: [ovs-discuss] Route between bridges in OVS+DPDK

BALL SUN writes: > Hi > > is it possible to route the packet from bridge interface 1 to bridge > interface 2 in OVS+DPDK environment? Are you looking for patch ports? veth ports? What are you trying to accomplish? > RBK ___ discuss mailing list disc

Re: [ovs-discuss] ovs-dpctl problem

"焦利涛" <309569...@qq.com> writes: > Hi ： > I have a problem that when i use the ovs-dpctl to add a flow into > datapath, it occurs "ovs-dpctl: > parsing flow key (Invalid argument)" > > example: >root@jlt:~# ovs-dpctl add-flow system@myDP "in_port(1),eth_type(0x800),ipv4 > (src=172.31

Re: [ovs-discuss] ovs-dpctl problem

Ben Pfaff writes: > On Mon, Nov 13, 2017 at 11:21:38AM -0500, Aaron Conole wrote: >> "焦利涛" <309569...@qq.com> writes: >> >> > Hi ： >> > I have a problem that when i use the ovs-dpctl to add a flow into >> > datapath, it

Re: [ovs-discuss] making OVS DPDK interfaces persistent

Shivaram Mysore writes: > Hi, Hi Shivaram, Thanks for joining the list. > I just wanted to share this quick update. > > From my yesterday's talk [1] [2], I stated a few issues with making DPDK > interface persistent > across reboots. In my f2f conversation with Aaro

Re: [ovs-discuss] [BUG] Fedora/RHEL build results in "No build ID note found"

Herbert Nachtnebel writes: > Building RPMs on a recent RHEL 7.4 system fails with "No build ID note > found ...". > > Steps to reproduce (on a recent RHEL or Fedora): > > git clone https://github.com/openvswitch/ovs.git > cd ovs > ./boot.sh > make rpm-fedora > > The patch below solves the problem

Re: [ovs-discuss] OVS(2.5.4)-DPDK(2.2) - dpdkvhostuser issue

Subrata Nath via discuss writes: > HI, > > I have built OVS version 2.5.4 with DPDK 2.2 and want to create interface > type dpdkvhostuser for the > container. > > I followed the tutorial > https://www.youtube.com/watch?v=gkCMk-1m3HA&list=PLg-UKERBljNx44Q68QfQcYsza-fV0ARbp&index=4 > and then when

Re: [ovs-discuss] DPDK with UIO drivers is broken on Fedora since OVS 2.8.0

Marcos Felipe Schwarz writes: > Thanks for the suggestion Timothy, didn't knew that worked. Just > fixing some little things, it should be: > ExecStartPre=-/usr/bin/chown :${OVS_USER_ID##*:} /dev/hugepages > > Regarding the daemon-unix.c patch, any suggestions on how to improve > it? I tested it

Re: [ovs-discuss] DPDK with UIO drivers is broken on Fedora since OVS 2.8.0

nfig/openvswitch > @begin_dpdk@ > -ExecStartPre=-/usr/bin/chown :hugetlbfs /dev/hugepages > +ExecStartPre=-/bin/sh -c '/usr/bin/chown :${OVS_USER_ID##*:} /dev/hugepages' > ExecStartPre=-/usr/bin/chmod 0775 /dev/hugepages > @end_dpdk@ > ExecStart=/usr/share/openvsw

Re: [ovs-discuss] Handling conf.db ownership on OVS_USER_ID changes

Jaime Caamaño Ruiz writes: >> You also need to chown /var/log/openvswitch.*.log files. > > OVS seems to be already handling this. I dont know the details but I > guess that before dropping capabilities, OVS chowns these by itself. This is the magic of logrotate.d configuration. It will automati

Re: [ovs-discuss] Handling conf.db ownership on OVS_USER_ID changes

Jaime Caamaño Ruiz writes: >> As a "security concern" you mean something among the lines where one >> of ovs-* processes running under openvswitch user would go ahead and >> create a file with its owner that later one of ovn processes would >> blindly reuse without checking that it actually belon

Re: [ovs-discuss] Handling conf.db ownership on OVS_USER_ID changes

eresting. > openvswitch-ipsec still logs as root though and I dont see a way around > that so it probably needs to log to a different directory. > > Jaime. > > -Original Message- > From: Numan Siddique > To: Aaron Conole > Cc: Jaime Caamaño Ruiz , ovs-discus

Re: [ovs-discuss] [openvswitch 2.11.90] system-userspace-testsuite: 138 failed

Vasu Dasari writes: > Hi, > > The following test case is not successful on a Ubuntu 18.04 based VM. > > 138: system-interface.at:30 interface - add route to br and verify clean-up > > OVS Code base used: master > > Command I used to run the test: > $ sudo make -C _build-gcc/ -s check-system-user

Re: [ovs-discuss] Help with testing please

Vasu Dasari writes: > Hi, > > I would like to know what is the procedure you follow to debug "Testing" > failures. > > For example, on my Ubuntu system, I am trying to execute system-userspace > test case like this. > > sudo make -C _build-gcc/ -s check-system-userspace TESTSUITEFLAGS='-k "ptap

Re: [ovs-discuss] 答复: [openvswitch.org代发] Registration is open for OVS+OVN '19!

"Yi Yang (杨燚)-云服务集团" writes: > Hi, Aaron > > https://www.marriott.com/event-reservations/reservation-link.mi?id=156812105 > 6567&key=GRP&app=resvlink for hotel reserving can't get any discount yet, > per statement in registration page, discount rate is very high, can you help > fix it? Did anybod

Re: [ovs-discuss] Null pointer when allocating OVS flow in ovs_packet_cmd_execute

Daryl Wang via discuss writes: > We noticed that an OVS datapath stopped responding to stats request. On > checking dmesg, we found that OVS > ran into a null pointer in ovs_flow_alloc while in ovs_packet_cmd_execute. Is > this a known bug? Not as far as I am aware. > We have not seen the fai

Re: [ovs-discuss] dpdk-lcore-mask

Kevin Traynor writes: > On 10/05/2023 07:10, Eli Britstein wrote: >> >>> -Original Message- >>> From: Ilya Maximets >>> Sent: Tuesday, 9 May 2023 21:04 >>> To: Eli Britstein ; ovs-discuss@openvswitch.org >>> Cc: Kevin Traynor ;

Re: [ovs-discuss] Request adding long poll interval metrics to coverage metrics

Martin Kennelly writes: > Hey ovs community, > > I am a developer working on ovn-kubernetes and I want to programmatically > consume long poll information > i.e: > ovs|00211|timeval(handler25)|WARN|Unreasonably long 52388ms poll interval > (752ms user, 209ms system) > > This is currently expose

Re: [ovs-discuss] [ovs-dev] Request adding long poll interval metrics to coverage metrics

Adrian Moreno writes: > On 6/19/23 10:36, Eelco Chaudron wrote: >> On 16 Jun 2023, at 19:19, Aaron Conole wrote: >> >>> Martin Kennelly writes: >>> >>>> Hey ovs community, >>>> >>>> I am a developer working on ovn-kuberne

Re: [ovs-discuss] [ovs-dev] Request adding long poll interval metrics to coverage metrics

Ilya Maximets writes: > On 6/20/23 16:10, Aaron Conole wrote: >> Adrian Moreno writes: >> >>> On 6/19/23 10:36, Eelco Chaudron wrote: >>>> On 16 Jun 2023, at 19:19, Aaron Conole wrote: >>>> >>>>> Martin Kennelly writes: >>&g

Re: [ovs-discuss] [ovs-dev] Request adding long poll interval metrics to coverage metrics

Eelco Chaudron writes: > On 20 Jun 2023, at 16:57, Ilya Maximets wrote: > >> On 6/20/23 16:10, Aaron Conole wrote: >>> Adrian Moreno writes: >>> >>>> On 6/19/23 10:36, Eelco Chaudron wrote: >>>>> On 16 Jun 2023, at 19:19,

[ovs-discuss] FWD: Registration Link for OVS+OVN Fall 2023 Conference is live

[Apologies for not CC'ing the dev list] Greetings, This year's conference will be free to attend, and we plan to send out links to the virtual attendance site when the conference starts. However, you can register using the google form at https://forms.gle/yEC75N5ejoLtxDZ29 which will let us send

Re: [ovs-discuss] ct action with commit

Adrian Moreno writes: > On 11/16/23 18:59, Ashish Varma via discuss wrote: >> Hello all, >> I saw a setup where the ct action was used like: >> ct(table=100, commit, zone=6000, >> exec(move:NXM_OF_IN_PORT[0..15]->NXM_NX_CT_LABEL[48..63])) >> According to the ovs-actions man page: >> " >> Without*

[ovs-discuss] OVS+OVN Fall Conference 2023 - Day 1 starting

Greetings, The OVS+OVN Fall Conference 2023 will be starting the Day 1 sessions soon. The open bridge to join Day 1 is at: https://meet.google.com/dyv-rwvm-xvt?authuser=0 If you'd like to join, we recommend using the Google Chrome, or Chromium Freeworld browser as they offer the most compatib

[ovs-discuss] OVS+OVN Fall Conference 2023 - Day 2 information

Greetings, We had an open bridge today during the call that got flooded with spam bots for a few minutes, and we had to lock the meeting down. As such, we won't broadly publish the meeting link. If you have already filled in the google form for registration, you will have already been sent the m

Re: [ovs-discuss] Discussion on the improvement plan for the significant performance degradation caused by using ovs-tcpdump for packet capture in OVS-DPDK scenarios.

Jun Wang via discuss writes: >> Hello, > >> Yes, this will result in better ovs-tcpdump performance. The reason >> why it hasn't been added so far is because we can't guarantee or even >> check for the existence of any given DPDK driver at runtime in a >> generic fashion. >> >> One option wou

Re: [ovs-discuss] Discussion on the improvement plan for the significant performance degradation caused by using ovs-tcpdump for packet capture in OVS-DPDK scenarios.

"Jun Wang" writes: >> Hello Jun, >> >> Are the 20G, 17G, and 11G figures a speed? Or the volume of data sent? >> How are you measuring this? >> >> DPDK can be very sensitive to which numa node, or even core a PMD is >> running on. But I don't know what is causing this issue specifically. >> >> Ch

Re: [ovs-discuss] Discussion on the improvement plan for the significant performance degradation caused by using ovs-tcpdump for packet capture in OVS-DPDK scenarios.

"Jun Wang" writes: >>Mike Pattrick writes: >> >>> On Tue, Mar 4, 2025 at 10:51 AM Aaron Conole wrote: >>>> >>>> Jun Wang via discuss writes: >>>> >>>> >> Hello, >>>> > >>>> &

Re: [ovs-discuss] Discussion on the improvement plan for the significant performance degradation caused by using ovs-tcpdump for packet capture in OVS-DPDK scenarios.

Mike Pattrick writes: > On Tue, Mar 4, 2025 at 10:51 AM Aaron Conole wrote: >> >> Jun Wang via discuss writes: >> >> >> Hello, >> > >> >> Yes, this will result in better ovs-tcpdump performance. The reason >> >> why it hasn

Re: [ovs-discuss] Adjusting the bond-rebalance-interval configuration triggers the ‌USERSPACE_INVALID_PORT_DROP‌ error during PMD packet transmission

Adrián Moreno via discuss writes: > On Tue, Apr 29, 2025 at 01:48:42PM +0800, chenyongchang--- via discuss wrote: >> >> Hello， >> In a high-traffic scenario, when modifying the bond-rebalance-interval >> configuration for an OVS-DPDK bond interface, >> we observed that OVS-DPDK generated USERSPA

Re: [ovs-discuss] [ovs-dev] [ANNOUNCE] OVS+OVN '25: Call for Participation

Greetings, Correction below due to SSL Cert issues: Aaron Conole via dev writes: > Hello everyone! > > We are happy to announce this year's Fall Open vSwitch and OVN > conference! The conference will take place on November 19th and 20th, > 2025. This is expected to be a

[ovs-discuss] [ANNOUNCE] OVS+OVN '25: Call for Participation

Hello everyone! We are happy to announce this year's Fall Open vSwitch and OVN conference! The conference will take place on November 19th and 20th, 2025. This is expected to be a hybrid event located in Prague, Czech Republic at the Botanique Hotel. We are seeking long and short ("lightning")