Re: [ovs-discuss] Hash quality in select group with weighted buckets‏

[Ben Pfaff]

On Tue, Aug 30, 2016 at 12:05:20PM +0200, ibrahim menem wrote:
> I'm testing "weighted select groups" behaviour on ovs2.5 stable, I'm using 
> this command:
> 
> ovs-ofctl -O OpenFlow15 add-group ovs0 "group_id=1,type=select,
> selection_method=hash,fields(nw_src,nw_dst,tcp_src,tcp_dst),
> bucket=bucket_id=1,actions=output:11,weight=$1,
> bucket=bucket_id=2,actions=output:12,weight=$2" 
> 
> $1 and $2 correspond to the weights column below:
> 
> Weights   Measured  Deviation 
> 
> 50/50  50/50 0
> 40/60  34/66 6  
> 30/70  22/78 8 
> 20/80  13/87 7 
> 10/90  5.6/94.4  4.4 
> 50/950 97/3  2 
> 
> 
> Traffic pattern (using pktgen_dpdk and only tcp packets):
> 
> dst.ip  2.0.0.1  ->  2.255.255.255  
> src.ip  1.0.0.1  ->  1.255.255.255
> dst.port1->  65000
> src.port1->  65000
> pkt.size1500
> 
> 
> I
>  believed that given enough traffic diversity, weights would be closer 
> to the configured ones! I tested against narrower and more realistic 
> traffic patterns but still having similar results, any suggestions? 

It's interesting.

If you find that some changes improve the accuracy of the split, please
report your results.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Select Group bucket selection

[Ben Pfaff]

On Tue, Aug 30, 2016 at 12:17:06PM +1200, Warsang wrote:
> On 08/29/16 17:29, Ben Pfaff wrote:
> >On Mon, Aug 29, 2016 at 07:22:10PM +1200, Warsang wrote:
> >>Hello,
> >>
> >>I was wondering how the bucket selection is made in OVS 2.4 I found this in
> >>the ml archive
> >>http://openvswitch.org/pipermail/discuss/2016-January/019984.html
> >>saying that :"
> >>
> >>Open vSwitch 2.4 and later by default hashes the source and
> >>destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
> >>source and destination address and protocol, and for TCP and SCTP
> >>only, the source and destination ports.  The hash is "symmetric",
> >>meaning that exchanging source and destination addresses does not
> >>change the bucket selection.
> >That information is correct.  It comes from the OVS FAQ.  The entire FAQ
> >entry says:
> >
> >### Q: How does OVS divide flows among buckets in an OpenFlow "select" group?
> >
> >A: In Open vSwitch 2.3 and earlier, Open vSwitch used the destination
> >Ethernet address to choose a bucket in a select group.
> >
> >Open vSwitch 2.4 and later by default hashes the source and
> >destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
> >source and destination address and protocol, and for TCP and SCTP
> >only, the source and destination ports.  The hash is "symmetric",
> >meaning that exchanging source and destination addresses does not
> >change the bucket selection.
> >
> >Select groups in Open vSwitch 2.4 and later can be configured to
> >use a different hash function, using a Netronome extension to the
> >OpenFlow 1.5+ group_mod message.  For more information, see
> >Documentation/group-selection-method-property.txt in the Open
> >vSwitch source tree.  (OpenFlow 1.5 support in Open vSwitch is still
> >experimental.)
> Thank you for your answer
> >>I am trying to implement ECMP in ryu controller so if I do understand
> >>correctly, using buckets from SELECT group is not the correct solution for
> >>it uses a very different selection method is that right?
> >What kind of selection method do you want?
> I was thinking of using the ECMP five-tuple (Ip src, Ip dst, protocol, L4
> src port, L4 dst port)  through a hash  (CRC16 or MD5) modulo 100,and then
> depending on the value of the hash, sending it to a corresponding bucket. Or
> am I missunderstanding something in how ECMP works?

The default OVS hash includes all of those fields.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Group actions incorrectly set vni

[Ben Pfaff]

On Mon, Aug 29, 2016 at 04:57:51PM +0800, Wilence Yao wrote:
> Hi all,
> 
> In the environment, I have add the flow as this :
> 
> ```
>  cookie=0x0, duration=12.336s, table=0, n_packets=9, n_bytes=378,
> reset_counts priority=100,in_port=5
> actions=set_field:0x64->tun_id,resubmit(,1)
>  cookie=0x0, duration=78.315s, table=1, n_packets=40, n_bytes=1680,
> priority=100,tun_id=0x64 actions=group:1
> ```
> 
> and a group:
> 
> ```
> group_id=1,type=select,bucket=actions=output:3,bucket=actions=output:4
> ```
> 
> Then I sent packet use ofport 5 (tap1),  it will match above flows.
> What expected is encapsulate as vxlan and vni=0x64, output to ofport 3 or
> ofport 4 (select).
> 
> But, Indeed it output to ofport 3 but vni=0.
> I sniffed in the physical interface use tcpdump, which confirmed that vni=0
> ```
> 13:55:00.981475 00:0c:29:cb:b2:2f > 00:0c:29:48:17:b8, ethertype IPv4
> (0x0800), length 92: 192.168.178.129.60563 > 192.168.178.131.4789: VXLAN,
> flags [I] (0x08), vni 0
> fa:16:3e:25:fd:77 > Broadcast, ethertype ARP (0x0806), length 42: Request
> who-has 1.1.1.1 tell 1.1.1.100, length 28
> 
> ```
> 
> The kernel flow is:
> 
> ```
> #ovs-dpctl dump-flows ovs-system
> recirc_id(0),in_port(3),eth(src=fa:16:3e:25:fd:77,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),
> packets:4653, bytes:195426, used:0.235s,
> actions:set(tunnel(dst=192.168.178.131,ttl=64,flags(df))),2
> ```
> 
> Does anyone konw why does it happed?
> 
> 
> More Information:
> 
> Environment:
> ```
> # ovs-vsctl show
> cce09669-adf1-445c-ba70-2cc53dae1c6c
> Bridge "br1"
> Port "vxlan1"
> Interface "vxlan1"
> type: vxlan
> options: {remote_ip="192.168.178.130"}
> Port "br1"
> Interface "br1"
> type: internal
> Port "vxlan2"
> Interface "vxlan2"
> type: vxlan
> options: {remote_ip="192.168.178.131"}
> Port "tap1"
> tag: 1
> Interface "tap1"
> type: internal
> ovs_version: "2.5.0"

If you want the tunnel key to come from the flow, you need to specify
key=flow in the interface configuration.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] most recent repo does not make (github)

[Ben Pfaff]

Does anyone else see this problem?  I still can't reproduce it, even
from a new, completely clean checkout.

On Mon, Aug 29, 2016 at 09:07:36AM -0500, Christopher Hannon wrote:
> commit 03dabc3
> on ubuntu vm
> 
> 
> 
> On Sat, Aug 27, 2016 at 8:21 PM, Ben Pfaff  wrote:
> 
> > On Sat, Aug 27, 2016 at 04:35:59PM -0500, Christopher Hannon wrote:
> > > Make does not run:
> > >
> > > PYTHONPATH=./python":"$PYTHONPATH PYTHONDONTWRITEBYTECODE=yes
> > > /usr/bin/python ./ovsdb/ovsdb-idlc.in c-idl-source
> > lib/vswitch-idl.ovsidl >
> > > lib/vswitch-idl.c.tmp && mv lib/vswitch-idl.c.tmp lib/vswitch-idl.c
> > > Traceback (most recent call last):
> > >   File "./ovsdb/ovsdb-idlc.in", line 1409, in 
> > > func(*args[1:])
> > >   File "./ovsdb/ovsdb-idlc.in", line 672, in printCIDLSource
> > > column, True)
> > >   File "./ovsdb/ovsdb-idlc.in", line 66, in cMembers
> > > 'type': constify(type.key.toCType(prefix, refTable) + pointer,
> > const),
> > > TypeError: toCType() takes exactly 2 arguments (3 given)
> > > make: *** [lib/vswitch-idl.c] Error 1
> >
> > I can't reproduce the problem, and travis-ci shows a clean build too.
> >
> > What commit is this?
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Select Group bucket selection

[Ben Pfaff]

On Mon, Aug 29, 2016 at 07:22:10PM +1200, Warsang wrote:
> Hello,
> 
> I was wondering how the bucket selection is made in OVS 2.4 I found this in
> the ml archive
> http://openvswitch.org/pipermail/discuss/2016-January/019984.html
> saying that :"
> 
> Open vSwitch 2.4 and later by default hashes the source and
>destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
>source and destination address and protocol, and for TCP and SCTP
>only, the source and destination ports.  The hash is "symmetric",
>meaning that exchanging source and destination addresses does not
>change the bucket selection.

That information is correct.  It comes from the OVS FAQ.  The entire FAQ
entry says:

### Q: How does OVS divide flows among buckets in an OpenFlow "select" group?

A: In Open vSwitch 2.3 and earlier, Open vSwitch used the destination
   Ethernet address to choose a bucket in a select group.

   Open vSwitch 2.4 and later by default hashes the source and
   destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
   source and destination address and protocol, and for TCP and SCTP
   only, the source and destination ports.  The hash is "symmetric",
   meaning that exchanging source and destination addresses does not
   change the bucket selection.

   Select groups in Open vSwitch 2.4 and later can be configured to
   use a different hash function, using a Netronome extension to the
   OpenFlow 1.5+ group_mod message.  For more information, see
   Documentation/group-selection-method-property.txt in the Open
   vSwitch source tree.  (OpenFlow 1.5 support in Open vSwitch is still
   experimental.)

> I am trying to implement ECMP in ryu controller so if I do understand
> correctly, using buckets from SELECT group is not the correct solution for
> it uses a very different selection method is that right?

What kind of selection method do you want?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Can not modify the nw_proto / ip_proto field

[Ben Pfaff]

On Sat, Aug 27, 2016 at 08:00:15PM +0200, Richard Mayers wrote:
> I am trying to modify the ip_proto field using an SET_FIELD action.
> However, it seems that OVS does not allow that, and ip_porto is
> only-read field.  error message:
> 
> destination field nw_proto is not writable
> 
> Why is this like that? In the documentation of ovs-ofctl and my
> openflow controller says that all the match fields can be used as an
> action field. Is there a way I could fix that? I am using OVS 2.5.90.

It's because there's no sensible way to translate, for example, UDP to
TCP, and reinterpreting the bytes as a new protocol wouldn't fit well
into the OVS caching model.  Given that it's unlikely to be useful for
those reasons, we don't support it.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] How to file or report multiple issues on Openswitch

[Ben Pfaff]

On Fri, Aug 26, 2016 at 09:40:04PM +0530, Lohit Prasad wrote:
> I am having good interest in open switch so tested it and found multiole
> issues. How to report ?

If you really have OpenSwitch issues, then you should find an OpenSwitch
forum or bug tracker.

If you have Open vSwitch issues, though, then this is the right place.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] most recent repo does not make (github)

[Ben Pfaff]

On Sat, Aug 27, 2016 at 04:35:59PM -0500, Christopher Hannon wrote:
> Make does not run:
> 
> PYTHONPATH=./python":"$PYTHONPATH PYTHONDONTWRITEBYTECODE=yes
> /usr/bin/python ./ovsdb/ovsdb-idlc.in c-idl-source lib/vswitch-idl.ovsidl >
> lib/vswitch-idl.c.tmp && mv lib/vswitch-idl.c.tmp lib/vswitch-idl.c
> Traceback (most recent call last):
>   File "./ovsdb/ovsdb-idlc.in", line 1409, in 
> func(*args[1:])
>   File "./ovsdb/ovsdb-idlc.in", line 672, in printCIDLSource
> column, True)
>   File "./ovsdb/ovsdb-idlc.in", line 66, in cMembers
> 'type': constify(type.key.toCType(prefix, refTable) + pointer, const),
> TypeError: toCType() takes exactly 2 arguments (3 given)
> make: *** [lib/vswitch-idl.c] Error 1

I can't reproduce the problem, and travis-ci shows a clean build too.

What commit is this?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS bond ports problem, maybe is a bug

[Ben Pfaff]

This is from the newest version of the FAQ.

On Fri, Aug 26, 2016 at 09:59:15AM +0800, lifuqiong wrote:
>   This faq is keep a long time, have ovs resolve this problem in a
> newer version? I am using version 2.5.0.
> 
> Thank you
> 
> -邮件原件-
> 发件人: Ben Pfaff [mailto:b...@ovn.org] 
> 发送时间: 2016年8月26日 0:07
> 收件人: lifuqiong
> 抄送: discuss@openvswitch.org
> 主题: Re: [ovs-discuss] OVS bond ports problem, maybe is a bug
> 
> On Thu, Aug 25, 2016 at 05:33:33PM +0800, lifuqiong wrote:
> > Hi,
> > 
> >  I create an ovs bridge br0 and bond bond0 with physical NIC 
> > p4p1 and p4p2. The reason I created a bond port is doing link 
> > Aggregate, when sending flow to physical NIC or receiving flow from 
> > physical NIC through Openflow ,
> > 
> >  
> > 
> > I just need set outport number to bond0's ofport num;  But,  but 
> > there's no ofport num in port bond0,  and having two physical NICs 
> > ofport number instead, why ?  How should I write flow entry with two
> ofport numbers?
> 
> OVS doesn't support directly outputting to a bond.  The FAQ says:
> 
> ### Q: It looks like each of the interfaces in my bonded port shows up
>as an individual OpenFlow port.  Is that right?
> 
> A: Yes, Open vSwitch makes individual bond interfaces visible as
>OpenFlow ports, rather than the bond as a whole.  The interfaces
>are treated together as a bond for only a few purposes:
> 
>- Sending a packet to the OFPP_NORMAL port.  (When an OpenFlow
>  controller is not configured, this happens implicitly to
>  every packet.)
> 
>- Mirrors configured for output to a bonded port.
> 
>It would make a lot of sense for Open vSwitch to present a bond as
>a single OpenFlow port.  If you want to contribute an
>implementation of such a feature, please bring it up on the Open
>vSwitch development mailing list at d...@openvswitch.org.
> 
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Queue of openvswitch running on openwrt

[Ben Pfaff]

On Thu, Aug 25, 2016 at 10:30:28AM +0800, lin wrote:
> problem description: data are still transmitted to queue 0 even when use 
> set_queue:2
> I created queues and then create flow by using  "ovs-ofctl add-flow br0 
> actions=set_queue:2 --protocols=openflow13" , but no data are enqueued to 
> queue 2, they are still enqueued
> to queue 0. But if I use tc filter to set the rules, data could be 
> transmitted to queue 2. 
> My question is : how to solve this problem, I want to use this "set_queue" 
> command to finish my experiments.

What's in your flow table?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] [openvswitch 2.6.90] testsuite: 754 2260 failed

[Ben Pfaff]

On Thu, Aug 25, 2016 at 12:15:48PM +0200, Ashish Kurian wrote:
> I implemented the OVS gtp patch and tried to run the command fakeroot
> debian/rules binary and I got the result that GTP test failed. I tried to
> look into the error but could not identify the cause of it. If anyone could
> help me, please let me know.

It looks like the patch you used has a bug.  I guess that you should
report it to the person who supplied the patch.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS bond ports problem, maybe is a bug

[Ben Pfaff]

On Thu, Aug 25, 2016 at 05:33:33PM +0800, lifuqiong wrote:
> Hi,
> 
>  I create an ovs bridge br0 and bond bond0 with physical NIC p4p1
> and p4p2. The reason I created a bond port is doing link Aggregate, when
> sending flow to physical NIC or receiving flow from physical NIC through
> Openflow , 
> 
>  
> 
> I just need set outport number to bond0's ofport num;  But,  but there's no
> ofport num in port bond0,  and having two physical NICs ofport number
> instead, why ?  How should I write flow entry with two ofport numbers?

OVS doesn't support directly outputting to a bond.  The FAQ says:

### Q: It looks like each of the interfaces in my bonded port shows up
   as an individual OpenFlow port.  Is that right?

A: Yes, Open vSwitch makes individual bond interfaces visible as
   OpenFlow ports, rather than the bond as a whole.  The interfaces
   are treated together as a bond for only a few purposes:

   - Sending a packet to the OFPP_NORMAL port.  (When an OpenFlow
 controller is not configured, this happens implicitly to
 every packet.)

   - Mirrors configured for output to a bonded port.

   It would make a lot of sense for Open vSwitch to present a bond as
   a single OpenFlow port.  If you want to contribute an
   implementation of such a feature, please bring it up on the Open
   vSwitch development mailing list at d...@openvswitch.org.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS 2.5.0 patch ports bug?

[Ben Pfaff]

On Sun, Aug 21, 2016 at 04:31:17PM +0200, Levente Csikor wrote:
> Hi all,
> we've been experiencing with OVS and its patch ports, and we set up a
> the following case:
> 
> One OVS bridge instance (created via add-br) is connected to two
> physical interfaces (our two-port Intel X710 NIC), and with an arbitrary
> number of patch ports (we used 12,24,36,48, etc.) this OVS bridge
> instance is connected to another bridge instance (created via add-br as
> well).
> For a simple setup, we installed the following rules into the flow tables:
> The first OVS (having the physical ports) is receiving traffic from one
> of the NIC ports (0), and forwards them to one of the patch ports
> (differentiated via VLAN tags). The second OVS bridge instance
> immediately loops the packets back on the same patch port where it
> received them. Finally, the first OVS bridge instance put these
> loop-backed traffic to the other NIC port (1) (see below - hopefully,
> ASCII art did not fall into pieces).
>  
> +--+  +-+
>   0 |  OVS 1   |<>|0  OVS 2 |
> --->|  |<>|1|
>   1 |  |  | |
> <---|  |<>|12   |
> +--+  +-+
> 
> In this case, where the patch ports are basically "full-duplex" ones,
> i.e., OVS 1 sends traffic on each of them, while OVS 2 also passes back
> the packets on each of them, we deterministically experienced approx.
> 10% packet drop (number of patch ports has no impact on this).
> 
> However, if we doubled the number of patch ports, and set up OVS 2 to
> loop-back the packets on the next patch ports instead, i.e., patch ports
> were considered as "simplex" (see below), then the packet loss was not
> observed.
> 
> 
> +--+  +-+
>   0 |  OVS 1   |->|0  OVS 2 |
> --->|  |<-|1|
>   1 |  |  | |
> <---|  |->|23   |
> |  |<-|24   |
> +--+  +-+
> 
> We used the openvswitch kernel module, and DPDK, and the observation
> applies to both cases, while we also 'played' with the sending rate as
> well to avoid 'overloading'.
> 
> 
> Could someone help us to understand this phenomenon?

It doesn't make sense to me.  Patch ports are implemented as just
function calls.  I think you'll have to look it into closer yourselves.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] vswitchd errors

[Ben Pfaff]

On Sat, Aug 20, 2016 at 08:51:24PM +, Serguei Bezverkhi (sbezverk) wrote:
> I am seeing the following errors in vswitchd log.  Appreciate any
> clues about what could have caused it. When I run "ovs-vsctl show", it
> shows all defined bridges. It seems only datapath is broken.

Probably you don't have the openvswitch module loaded.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] vSwitch simple config - no ping between same br ports

[Ben Pfaff]

On Sat, Aug 20, 2016 at 12:28:22AM +0100, "José Tomás"@Home wrote:
> For the record, bridge and physical interface requires promisc on...
> Dam it!
> 
> I did found since same issue occurred with single bridge config (without
> openvswitch), and tcpdumping interfaces shown a sympthom of some one unable
> to see what was happening on the bus... promisc...

OVS should be turning on promiscuous mode automatically.  If it's not
doing that, then there's a bug somewhere.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Vlan Tagged packets switching issue

[Ben Pfaff]

You might be experiencing some kind of kernel bug.

The FAQ has a section on VLANs.  Here's part of it.

### Q: VLANs don't work.

A: Many drivers in Linux kernels before version 3.3 had VLAN-related
   bugs.  If you are having problems with VLANs that you suspect to be
   driver related, then you have several options:

   - Upgrade to Linux 3.3 or later.

   - Build and install a fixed version of the particular driver
 that is causing trouble, if one is available.

   - Use a NIC whose driver does not have VLAN problems.

   - Use "VLAN splinters", a feature in Open vSwitch 1.4 upto 2.5
 that works around bugs in kernel drivers.  To enable VLAN
 splinters on interface eth0, use the command:

   ovs-vsctl set interface eth0 other-config:enable-vlan-splinters=true

 For VLAN splinters to be effective, Open vSwitch must know
 which VLANs are in use.  See the "VLAN splinters" section in
 the Interface table in ovs-vswitchd.conf.db(5) for details on
 how Open vSwitch infers in-use VLANs.

 VLAN splinters increase memory use and reduce performance, so
 use them only if needed.

   - Apply the "vlan workaround" patch from the XenServer kernel
 patch queue, build Open vSwitch against this patched kernel,
 and then use ovs-vlan-bug-workaround(8) to enable the VLAN
 workaround for each interface whose driver is buggy.

 (This is a nontrivial exercise, so this option is included
 only for completeness.)

   It is not always easy to tell whether a Linux kernel driver has
   buggy VLAN support.  The ovs-vlan-test(8) and ovs-test(8) utilities
   can help you test.  See their manpages for details.  Of the two
   utilities, ovs-test(8) is newer and more thorough, but
   ovs-vlan-test(8) may be easier to use.

### Q: VLANs still don't work.  I've tested the driver so I know that it's OK.

A: Do you have VLANs enabled on the physical switch that OVS is
   attached to?  Make sure that the port is configured to trunk the
   VLAN or VLANs that you are using with OVS.

### Q: Outgoing VLAN-tagged traffic goes through OVS to my physical switch
   and to its destination host, but OVS seems to drop incoming return
   traffic.

A: It's possible that you have the VLAN configured on your physical
   switch as the "native" VLAN.  In this mode, the switch treats
   incoming packets either tagged with the native VLAN or untagged as
   part of the native VLAN.  It may also send outgoing packets in the
   native VLAN without a VLAN tag.

   If this is the case, you have two choices:

   - Change the physical switch port configuration to tag packets
 it forwards to OVS with the native VLAN instead of forwarding
 them untagged.

   - Change the OVS configuration for the physical port to a
 native VLAN mode.  For example, the following sets up a
 bridge with port eth0 in "native-tagged" mode in VLAN 9:

 ovs-vsctl add-br br0
 ovs-vsctl add-port br0 eth0 tag=9 vlan_mode=native-tagged

 In this situation, "native-untagged" mode will probably work
 equally well.  Refer to the documentation for the Port table
 in ovs-vswitchd.conf.db(5) for more information.


On Fri, Aug 19, 2016 at 10:18:57PM +0200, james hopper wrote:
> It is only exchanging untagged packets. 
>  
> Sent: Friday, August 19, 2016 at 1:13 PM
> From: "Ben Pfaff" 
> To: "james hopper" 
> Cc: "OVS Discussion" 
> Subject: Re: [ovs-discuss] Vlan Tagged packets switching issue
> The flows you specified should forward every packet from port 1 to port
> 2 and vice versa. What behavior do you actually see?
> 
> On Fri, Aug 19, 2016 at 10:08:01PM +0200, james hopper wrote:
> > Would priority matter if any one of the combination is the only combination?
> I
> > tried after setting priority but it is still not working.
> >
> > ovs-ofctl add-flow br0 "table=0, priority=65535, in_port=1, 
> > actions=output:2"
> > ovs-ofctl add-flow br0 "table=0, priority=65535, in_port=2, 
> > actions=output:1"
> > Sent: Friday, August 19, 2016 at 12:52 PM
> > From: "Ben Pfaff" 
> > To: "james hopper" 
> > Cc: "OVS Discussion" 
> > Subject: Re: [ovs-discuss] Vlan Tagged packets switching issue
> > On Fri, Aug 19, 2016 at 09:33:28PM +0200, james hopper wrote:
> > > Thanks Ben for your response. As mentioned, I have tried matching on
> dl_vlan
> > > previously. Furthermore, vlan_tci=0 is perfectly matching the untagged
> > incoming
> > > packets. I am able to switch Native vlan traffic from vlan 10 (untagged
> > > traffic). But the tagged traffic does not match vlan_tci=0x1000/0x1000
> rule.
> > > Here is what I have tried so far.
> > >
> > > Packets

Re: [ovs-discuss] Vlan Tagged packets switching issue

[Ben Pfaff]

The flows you specified should forward every packet from port 1 to port
2 and vice versa.  What behavior do you actually see?

On Fri, Aug 19, 2016 at 10:08:01PM +0200, james hopper wrote:
> Would priority matter if any one of the combination is the only combination? I
> tried after setting priority but it is still not working.
>  
> ovs-ofctl add-flow br0 "table=0, priority=65535, in_port=1, actions=output:2"
> ovs-ofctl add-flow br0 "table=0, priority=65535, in_port=2, actions=output:1"
> Sent: Friday, August 19, 2016 at 12:52 PM
> From: "Ben Pfaff" 
> To: "james hopper" 
> Cc: "OVS Discussion" 
> Subject: Re: [ovs-discuss] Vlan Tagged packets switching issue
> On Fri, Aug 19, 2016 at 09:33:28PM +0200, james hopper wrote:
> > Thanks Ben for your response. As mentioned, I have tried matching on dl_vlan
> > previously. Furthermore, vlan_tci=0 is perfectly matching the untagged
> incoming
> > packets. I am able to switch Native vlan traffic from vlan 10 (untagged
> > traffic). But the tagged traffic does not match vlan_tci=0x1000/0x1000 rule.
> > Here is what I have tried so far.
> >
> > Packets are tagged with vlan_id = 20
> >
> > ovs-ofctl add-flow br0 "table=0, in_port=1, actions=output:2"
> > ovs-ofctl add-flow br0 "table=0, in_port=2, actions=output:1"
> >
> > ovs-ofctl add-flow br0 "table=0, in_port=1, dl_vlan=20, actions=output:2"
> > ovs-ofctl add-flow br0 "table=0, in_port=2, dl_vlan=20, actions=output:1"
> >
> > ovs-ofctl add-flow br0 "table=0, in_port=1, vlan_tci=0x1000/0x1000, actions=
> > output:2"
> > ovs-ofctl add-flow br0 "table=0, in_port=2, vlan_tci=0x1000/0x1000, actions=
> > output:1"
> >
> > ovs-ofctl add-flow br0 "table=0, in_port=1, dl_type=0x8100, 
> > actions=output:2"
> > ovs-ofctl add-flow br0 "table=0, in_port=2, dl_type=0x8100, 
> > actions=output:1"
> >
> > just to check if the rules are being triggered, I also tried dropping the
> > packets on OVS.
> > ovs-ofctl add-flow br0 "table=0, dl_type=0x8100, actions=drop"
> > ovs-ofctl add-flow br0 "table=0, vlan_tci=0x1000/0x1000, actions=drop"
> > ovs-ofctl add-flow br0 "table=0, dl_vlan=20, actions=drop"
> 
> None of your flows specify a priority. That's probably the problem.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Vlan Tagged packets switching issue

[Ben Pfaff]

On Fri, Aug 19, 2016 at 09:33:28PM +0200, james hopper wrote:
> Thanks Ben for your response. As mentioned, I have tried matching on dl_vlan
> previously. Furthermore, vlan_tci=0 is perfectly matching the untagged 
> incoming
> packets. I am able to switch Native vlan traffic from vlan 10 (untagged
> traffic).  But the tagged traffic does not match vlan_tci=0x1000/0x1000 rule.
> Here is what I have tried so far.
>  
> Packets are tagged with vlan_id = 20
>  
> ovs-ofctl add-flow br0 "table=0, in_port=1, actions=output:2"
> ovs-ofctl add-flow br0 "table=0, in_port=2, actions=output:1"
>  
> ovs-ofctl add-flow br0 "table=0, in_port=1, dl_vlan=20, actions=output:2"
> ovs-ofctl add-flow br0 "table=0, in_port=2, dl_vlan=20, actions=output:1"
>  
> ovs-ofctl add-flow br0 "table=0, in_port=1, vlan_tci=0x1000/0x1000, actions=
> output:2"
> ovs-ofctl add-flow br0 "table=0, in_port=2, vlan_tci=0x1000/0x1000, actions=
> output:1"
>  
> ovs-ofctl add-flow br0 "table=0, in_port=1, dl_type=0x8100, actions=output:2"
> ovs-ofctl add-flow br0 "table=0, in_port=2, dl_type=0x8100, actions=output:1"
>  
> just to check if the rules are being triggered, I also tried dropping the
> packets on OVS.
> ovs-ofctl add-flow br0 "table=0,  dl_type=0x8100, actions=drop"
> ovs-ofctl add-flow br0 "table=0,  vlan_tci=0x1000/0x1000, actions=drop"
> ovs-ofctl add-flow br0 "table=0,  dl_vlan=20, actions=drop"

None of your flows specify a priority.  That's probably the problem.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Vlan Tagged packets switching issue

[Ben Pfaff]

OVS ports are trunks by default.  As I said, the setting for "trunks"
does not matter in your case because you are not using "normal".

To match on traffic that is tagged or untagged, match on vlan_tci or
dl_vlan.  See ovs-ofctl(8).

On Fri, Aug 19, 2016 at 08:02:55PM +0200, james hopper wrote:
> Aren't OVS ports trunks by default? I tried matching dl_type=0x8100 as well as
> dl_vlan without explicitly setting ports as trunks. But it also did not work.
> 
> So what options do I have, if I have to pass tagged traffic through OVS? or if
> i have to take certain actions against tagged traffic?
>  
> Sent: Friday, August 19, 2016 at 6:59 AM
> From: "Ben Pfaff" 
> To: "james hopper" 
> Cc: "OVS Discussion" 
> Subject: Re: [ovs-discuss] Vlan Tagged packets switching issue
> On Fri, Aug 19, 2016 at 03:10:01PM +0200, james hopper wrote:
> > Hey everyone,
> > I have a small test setup in which Router-1 <---> OVS-2.5 <-> Router-2 I
> > want OVS to switch packets between two interfaces seamlessly. However, I am
> > facing issue in switching Vlan tagged packets whereas untagged traffic is
> > passing without any issue. I have used very simple two rules as mentioned
> > below. Can anyone point me what I am missing here ?
> >
> > ovs-ofctl add-flow br0 table=0, in_port=1,action=output:2
> > ovs-ofctl add-flow br0 table=0, in_port=2,action=output:1
> >
> > I have made both ports (1 and 2 trunk ports)
> >
> > ovs-vsctl set port eth1 trunks=0,10,20
> > ovs-vsctl set port eth2 trunks=0,10,20
> 
> There are two issues here. First, VLAN 0 includes untagged traffic.
> Second, "trunks" affects only the behavior of the "normal" action. It
> does not influence other OpenFlow matches or actions in any way.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Wildcard and exact match

[Ben Pfaff]

Usually we'd write this as dl_dst=01:02:03:00:00:00/ff:ff:ff:00:00:00.
That is, it's conventional to write the wildcarded bits as 0s.

On Fri, Aug 19, 2016 at 10:09:31AM -0700, Justin Pettit wrote:
> The ovs-ofctl man page has examples.  However, here's another: 
> "dl_dst=01:02:03:ff:ff:ff/ff:ff:ff:00:00:00" matches any destination mac 
> address that begins with "01:02:03".  
> 
> --Justin
> 
> 
> > On Aug 19, 2016, at 10:06 AM, Amrane Ait Zeouay  
> > wrote:
> > 
> > So how can you give me an example of wildcarded match.
> > 
> > On 19 Aug 2016 19:04, "Justin Pettit"  wrote:
> > 
> > > On Aug 19, 2016, at 9:59 AM, Amrane Ait Zeouay  
> > > wrote:
> > >
> > > Thank you for your reply, just the last question. How can i add a 
> > > wildcarded match is it like ovs-oftcl add-flow br0 
> > > dl_dst=ff:ff:ff:ff:ff:00/ff:ff:ff:ff:ff:ff,actions=output:2
> > 
> > The format looks basically correct, but the match is sort of odd. If you 
> > specify the all-ones wildcard, it's an exact match, so you don't need to 
> > specify it; this would have the same effect: "dl_dst=ff:ff:ff:ff:ff:00".  
> > And that seems like an odd MAC address, but I don't know your application.
> > 
> > --Justin
> > 
> > 
> 
> ___
> discuss mailing list
> discuss@openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Queue priority

[Ben Pfaff]

If you want to use a particular kind of QoS, the first step is to find
the right Linux kernel qdisc to support that QoS.  Then, if necessary,
we can talk about adding support to OVS for configuring that qdisc.

On Fri, Aug 19, 2016 at 07:45:49PM +0530, Kapil Adhikesavalu wrote:
> Thanks Ben
> 
> using flow rules i can send it to the desired queues.
> currently i see only 2 types of Qos was supported : linux-htb and
> linux-hfsc.
> if i use linux-htb, what it actually gives me was bandwidth shared priority
> queue.
> 
> lets take an example
> 
> i will create 2 queues.
> q1 i will use for arp and icmp packets
> q2 i will use for data packets
> if max rate of port was 1gig.
> 
> lets say both can have max rate of 1 gig each
> 
> how to make sure that Control packets in q1 are processed first before
> processing data packets in q2. so that packets may not get dropped in Q1.
> 
> I did not see much info about this in OVS,not in linux-htb docs. linux-htb
> docs says more on rate-limiting
> but my requirement is during congestion, Control packet software queues
> should empty first before data packet queues
> 
> Appreciate you valuable answers
> 
> Regards
> kapil.
> 
> On Fri, Aug 19, 2016 at 7:31 PM, Ben Pfaff  wrote:
> 
> > On Fri, Aug 19, 2016 at 07:00:23AM -0700, Ben Pfaff wrote:
> > > On Fri, Aug 19, 2016 at 06:53:31PM +0530, Kapil Adhikesavalu wrote:
> > > > Can OVS supports priority queues.Meaning, any packet comes with .1p
> > high
> > > > priority send to High priority Queues. I couldn't find this info from
> > the
> > > > available docs.
> > > > The requirement was to send all network control packets to high
> > priority
> > > > queue.Even if Data traffic comes with high rate, the network control
> > packets
> > > > should never be dropped.
> > >
> > > You can use flows to set any DSCP you like.
> >
> > Or 802.1p priority as I guess that's what you're concerned with in this
> > case.
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Queue priority

[Ben Pfaff]

On Fri, Aug 19, 2016 at 07:00:23AM -0700, Ben Pfaff wrote:
> On Fri, Aug 19, 2016 at 06:53:31PM +0530, Kapil Adhikesavalu wrote:
> > Can OVS supports priority queues.Meaning, any packet comes with .1p high
> > priority send to High priority Queues. I couldn't find this info from the
> > available docs.
> > The requirement was to send all network control packets to high priority
> > queue.Even if Data traffic comes with high rate, the network control packets
> > should never be dropped.
> 
> You can use flows to set any DSCP you like.

Or 802.1p priority as I guess that's what you're concerned with in this
case.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Queue priority

[Ben Pfaff]

On Fri, Aug 19, 2016 at 06:53:31PM +0530, Kapil Adhikesavalu wrote:
> Can OVS supports priority queues.Meaning, any packet comes with .1p high
> priority send to High priority Queues. I couldn't find this info from the
> available docs.
> The requirement was to send all network control packets to high priority
> queue.Even if Data traffic comes with high rate, the network control packets
> should never be dropped.

You can use flows to set any DSCP you like.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Vlan Tagged packets switching issue

[Ben Pfaff]

On Fri, Aug 19, 2016 at 03:10:01PM +0200, james hopper wrote:
> Hey everyone,
> I have a small test setup in which Router-1 <---> OVS-2.5 <-> Router-2 I
> want OVS to switch packets between two interfaces seamlessly. However, I am
> facing issue in switching Vlan tagged packets whereas untagged traffic is
> passing without any issue. I have used very simple two rules as mentioned
> below. Can anyone point me what I am missing here ?
>  
> ovs-ofctl add-flow br0 table=0, in_port=1,action=output:2 
> ovs-ofctl add-flow br0 table=0, in_port=2,action=output:1
>  
> I have made both ports (1 and 2 trunk ports)
>  
> ovs-vsctl set port eth1 trunks=0,10,20
> ovs-vsctl set port eth2 trunks=0,10,20

There are two issues here.  First, VLAN 0 includes untagged traffic.
Second, "trunks" affects only the behavior of the "normal" action.  It
does not influence other OpenFlow matches or actions in any way.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Un-wildcarding dl_src in action NORMAL

[Ben Pfaff]

Un-wildcarding is important for MAC aging.  After inserting a megaflow
into the datapath, our only interaction with packets in that megaflow
later comes from statistics on the number of packets and bytes that have
passed through it.  If we wildcard the dl_src, then we don't have any
way to find out whether a source MAC is still in use on the port, so we
don't have whether it can be expired.

I suppose in theory we also want to discard packets where dl_src ==
dl_dst.  That's a corner case.

On Thu, Aug 18, 2016 at 07:39:10PM +, Mattia Citterio wrote:
> Hello Ben,
> thank you very much for the quick answer.
> 
> Don't want to bother you... I agree with you that source MAC is needed in MAC 
> learning but I think it is not needed in L2-forwarding. 
> Think you have 1000 devices talking to another: you'll will install in the 
> system 1000 flows. If you un-wildcard dl_src you'll install only one flow.
> As I understood wildcard is used only in the "forwarding" process so I guess 
> you can look at dl_src and learn it and also un-wildcard dl_src and reduce 
> datapath flows. The two things are not mutually exclusive.
> 
> 
> Da: Ben Pfaff 
> Inviato: giovedì 18 agosto 2016 18:03
> A: Mattia Citterio
> Cc: discuss@openvswitch.org
> Oggetto: Re: [ovs-discuss] Un-wildcarding dl_src in action NORMAL
> 
> On Thu, Aug 18, 2016 at 03:56:13PM +, Mattia Citterio wrote:
> > Hi all,
> >
> >
> > We're an Italian telco and we use Openvswitch in our core routers. We use 
> > Openvswitch 2.4 but my question is also valid for the master branch.
> >
> > Digging into the code we found a piece we're not able to understand:  
> > https://github.com/openvswitch/ovs/blob/branch-2.4/ofproto/ofproto-dpif-xlate.c#L2221.
> >  Our question is: why do you un-wildcard (I mean set to 0xff) dl_src?
> >
> > We think L2-switching is based only on dl_dst and the right instruction 
> > would be:
> >
> > ​​memset(&wc->masks.dl_src, 0, sizeof wc->masks.dl_src);
> >
> > Are we wrong?
> 
> The "normal" action does MAC learning, which looks at the source MAC.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Un-wildcarding dl_src in action NORMAL

[Ben Pfaff]

On Thu, Aug 18, 2016 at 03:56:13PM +, Mattia Citterio wrote:
> Hi all,
> 
> 
> We're an Italian telco and we use Openvswitch in our core routers. We use 
> Openvswitch 2.4 but my question is also valid for the master branch.
> 
> Digging into the code we found a piece we're not able to understand:  
> https://github.com/openvswitch/ovs/blob/branch-2.4/ofproto/ofproto-dpif-xlate.c#L2221.
>  Our question is: why do you un-wildcard (I mean set to 0xff) dl_src?
> 
> We think L2-switching is based only on dl_dst and the right instruction would 
> be:
> 
> ​​memset(&wc->masks.dl_src, 0, sizeof wc->masks.dl_src);
> 
> Are we wrong?

The "normal" action does MAC learning, which looks at the source MAC.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] MAC-learning action

[Ben Pfaff]

On Wed, Aug 17, 2016 at 10:31:34PM +0200, Bolesław Tokarski wrote:
> Hello,
> 
> I have a couple of physical machines on the Internet, connected together
> with IPsec-GRE tunnels. The tunnels are executed from my OpenVSwitch bridge
> 'tunnels', on which I have a dedicated port '1' that connects local
> machines (VMs sitting on another ovs bridge actually, but it's out of scope
> of the problem).
> 
> The bridge configuration looks like this:
> Bridge tunnels
> Port "patch0"
> Interface "patch0"
> type: patch
> options: {peer="patch1"}
> Port "gre6"
> Interface "gre6"
> type: ipsec_gre
> options: {psk="secret", remote_ip="1.1.1.1"}
> Port "gre4"
> Interface "gre4"
> type: ipsec_gre
> options: {psk="secret", remote_ip="2.2.2.2"}
> Port tunnels
> Interface tunnels
> type: internal
> 
> As each of the tunnels link to the other physical machine "directly"
> through the Internet, forming a full-mesh logical topology, I have no use
> of Spanning-Tree - this would make all traffic pass through a single
> physical machine elected as the root bridge. So, what I did was:
> 
> ovs-ofctl del-flows tunnels
> ovs-ofctl add-flow tunnels "in_port=1 actions=normal"
> ovs-ofctl add-flow tunnels "actions=output:1"
> 
> In my view this was supposed to handle my specific use case - when traffic
> comes from my local network, it is passed along normal MAC-learning port,
> so flooding the tunnels with ARP request, response would get through one of
> the tunnel-ports, and would be directed to the local network (port 1).
> Traffic following it would be directed to the appropriate port, since the
> bridge would learn on which port the MAC address sits.
> 
> However, it seems that when actions=output:1 is specified, the bridge does
> not learn the MAC address of the incoming frame, and all the traffic from
> port 1 is always flooding all the tunnels.
> 
> I found the very good set of examples in the provided "Tutorial.md" file,
> which seems to cover this case, but it seems to require very complex rule
> definition for something that seems pretty easy - just tell the switch to
> learn the MAC before putting it through.
> 
> Is it possible to make NORMAL action learn source MAC addresses and tell it
> which port to direct the traffic at the same time? Something like:
> 
> ovs-ofctl add-flow tunnels "actions=learn(src_mac),1"
> 
> If this setup does require re-writing the NORMAL action, is it possible to
> display the flow rules that govern the NORMAL action internally?

OVS doesn't have that kind of a feature yet.  It's been suggested once
or twice but no one has come forward with an implementation.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OpenFlow Data Plane Abstraction and OpenVSwitch

[Ben Pfaff]

That's one straightforward way to do it.  I've worked on systems that
use this approach set DSCP to particular values for particular kinds of
traffic, for example.

If you want something where there's feedback more on a packet-by-packet
basis, then the best way to get that is probably to use a Linux qdisc
that supports DSCP marking.

On Tue, Aug 16, 2016 at 03:09:05PM -0400, John Chludzinski wrote:
> I took note of nw_tos=, ip_dscp=, nw_ecn=, and ip_ecn= for DSCP and ECN
> matching and mod_nw_tos:, mod_nw_ecn:, mod_nw_ecn: for setting DSCP and ECN
> values.
> 
> So the DiffServ functionality would have to be implemented on OVS ...
> Correct?
> 
> And could be implemented as a layer on OVS ... Correct?
> 
> Does anything currently do this?
> 
> ---John
> 
> 
> 
> On 2016-08-16 14:39, Ben Pfaff wrote:
> >On Tue, Aug 16, 2016 at 09:33:09AM -0400, John Chludzinski wrote:
> >>For example:
> >>
> >>RFC 2474: Definition of the Differentiated Services Field (DS Field) in
> >>the
> >>IPv4 and IPv6 Headers
> >>
> >>RFC 2475: An Architecture for Differentiated Services
> >>
> >>RFC 2697: A Single Rate Three Color Marker
> >>
> >>RFC 2698: A Two Rate Three Color Marker
> >>
> >>*** RFC 2474 and RFC 2475 are more architectural issues than specific
> >>services / functionality.
> >>
> >>But does OVS provide RFC 2697 and RFC 2698 ... for example?
> >
> >OK, I don't know how OVS would "provide" these RFCs.
> >
> >OVS permits matching on and modifying the DSCP field.  If you have a
> >question about how that can be used to implement some specific
> >functionality, then we can talk about that.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OpenFlow Data Plane Abstraction and OpenVSwitch

[Ben Pfaff]

On Tue, Aug 16, 2016 at 09:33:09AM -0400, John Chludzinski wrote:
> For example:
> 
> RFC 2474: Definition of the Differentiated Services Field (DS Field) in the
> IPv4 and IPv6 Headers
> 
> RFC 2475: An Architecture for Differentiated Services
> 
> RFC 2697: A Single Rate Three Color Marker
> 
> RFC 2698: A Two Rate Three Color Marker
> 
> *** RFC 2474 and RFC 2475 are more architectural issues than specific
> services / functionality.
> 
> But does OVS provide RFC 2697 and RFC 2698 ... for example?

OK, I don't know how OVS would "provide" these RFCs.

OVS permits matching on and modifying the DSCP field.  If you have a
question about how that can be used to implement some specific
functionality, then we can talk about that.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OpenFlow Data Plane Abstraction and OpenVSwitch

[Ben Pfaff]

On Mon, Aug 15, 2016 at 05:40:25PM -0400, John Chludzinski wrote:
> What is the current relationship between OpenFlow Data Plane Abstraction and
> OpenVSwitch. I understand that OF-DPA is intended to support Broadcom's
> ASIC's but does OVS provide similar services?

OVS doesn't provide any support for Broadcom's ASICs.

> The current OF-DPA 2.0 spec supports the complete set of RFC for DiffServ.
> What about OVS?

What RFCs are those?  What functionality do they provide?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Finding a rule

[Ben Pfaff]

find_match_wc() is the same as find_match() except that it also updates
a 'wc' parameter to reflect the fields that had to be examined to find
the match (or find no match).

On Thu, Aug 11, 2016 at 10:53:25PM +0200, Amrane Ait Zeouay wrote:
> Sorry for not explaining, I added the field and it's works really fine, but
> just I did some modification on classifier_lookup__() especially the
> function "find_match_wc()" and i just want to know how the OvS find the
> rules ? so if you could explain to me about the function "find_match_wc()"
> because I need to explaining to them everything about the process of
> finding a rule.
> Thank you and have a nice day.
> 
> 2016-08-11 22:44 GMT+02:00 Ben Pfaff :
> 
> > Now I'm confused.  First, you said that you're adding a new field and
> > found a problem.  Now, you said that you're trying to explain how
> > classifier_lookup__() works for a presentation.  Which of these is
> > really true?
> >
> > On Thu, Aug 11, 2016 at 08:27:43PM +0200, Amrane Ait Zeouay wrote:
> > > I want just to understand how the function classifier_lookup__() works.
> > > Because i have the presentation and i need to explain to them about it,
> > and
> > > i read your documents but there is nothing how this function works. I
> > found
> > > that if there is no wildcard then it will go from the first condition in
> > > the function find_match_wc() and the other i didn't understand them.
> > > So can you please explain to me briefly about it.
> > > Thank you and have a nice day.
> > > On 11 Aug 2016 18:20, "Ben Pfaff"  wrote:
> > >
> > > > You're doing something wrong.  The classifier finds a matching rule.
> > > > There's no need to "check" anything afterward.
> > > >
> > > > The classifier doesn't have any provision for finding a "different"
> > > > rule.
> > > >
> > > > On Thu, Aug 11, 2016 at 05:51:40PM +0200, Amrane Ait Zeouay wrote:
> > > > > No, I'm working with classifier to find the rule. So when the
> > classifier
> > > > > found the rule I need to check that rule. But the problem is when i
> > want
> > > > > the classifier to give me another rule different from the highest
> > rule
> > > > that
> > > > > matches the flow.
> > > > > Thank you.
> > > > > On 11 Aug 2016 5:45 pm, "Ben Pfaff"  wrote:
> > > > >
> > > > > > On Thu, Aug 11, 2016 at 01:14:38PM +0200, Amrane Ait Zeouay wrote:
> > > > > > > I'm working on Openvswitch version 2.5.0 for adding new fields,
> > And I
> > > > > > found
> > > > > > > a problem with my implemntation in the function "find_match_wc()"
> > > > file
> > > > > > > lib/classifier.c, I want to know when the condition
> > > > "OVS_UNLIKELY(!wc)"
> > > > > > is
> > > > > > > used, and this condition too "!cmap_node_next(inode)" and the
> > last
> > > > one
> > > > > > for
> > > > > > > looking for a rule using find_match(), because one time it was
> > going
> > > > from
> > > > > > > "OVS_UNLIKELY(!wc)" and another time it went from
> > > > > > "!cmap_node_next(inode)"
> > > > > > > and this time is skipping everything and going for that
> > > > "finding_match()"
> > > > > >
> > > > > > You don't need to modify the classifier code to add a new field.
> > > > > >
> > > >
> >
> 
> 
> 
> -- 
> 
> Amrane Ait Zeouay
> 
> Engineer Student in The Development of Software and Systems
> 
> University of Western Brittany
> 
> Tel:  +33 7 62 25 56 03 <+33+7+62+25+56+03>
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] ovn api for not python language

[Ben Pfaff]

On Fri, Aug 12, 2016 at 04:52:20PM +0300, Vasiliy Tolstov wrote:
> 2016-08-12 16:39 GMT+03:00 Ryan Moats :
> > ssuming that you are looking to drive ovn configuration from
> > something written in golang, I think the main thing you'll need is
> > an ovsdb client binding written in golang. A quick look on github
> > pulls up https://github.com/socketplane/libovsdb - you might want
> > to start there...
> 
> 
> Thanks, this is helpful. But i need to know, for example - if i want
> to interconnect two nodes via stt tunnel what info i need to insert to
> ovsdb ?

Did you read the documentation for the database schema?  ovn-nb(5).
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Finding a rule

[Ben Pfaff]

Now I'm confused.  First, you said that you're adding a new field and
found a problem.  Now, you said that you're trying to explain how
classifier_lookup__() works for a presentation.  Which of these is
really true?

On Thu, Aug 11, 2016 at 08:27:43PM +0200, Amrane Ait Zeouay wrote:
> I want just to understand how the function classifier_lookup__() works.
> Because i have the presentation and i need to explain to them about it, and
> i read your documents but there is nothing how this function works. I found
> that if there is no wildcard then it will go from the first condition in
> the function find_match_wc() and the other i didn't understand them.
> So can you please explain to me briefly about it.
> Thank you and have a nice day.
> On 11 Aug 2016 18:20, "Ben Pfaff"  wrote:
> 
> > You're doing something wrong.  The classifier finds a matching rule.
> > There's no need to "check" anything afterward.
> >
> > The classifier doesn't have any provision for finding a "different"
> > rule.
> >
> > On Thu, Aug 11, 2016 at 05:51:40PM +0200, Amrane Ait Zeouay wrote:
> > > No, I'm working with classifier to find the rule. So when the classifier
> > > found the rule I need to check that rule. But the problem is when i want
> > > the classifier to give me another rule different from the highest rule
> > that
> > > matches the flow.
> > > Thank you.
> > > On 11 Aug 2016 5:45 pm, "Ben Pfaff"  wrote:
> > >
> > > > On Thu, Aug 11, 2016 at 01:14:38PM +0200, Amrane Ait Zeouay wrote:
> > > > > I'm working on Openvswitch version 2.5.0 for adding new fields, And I
> > > > found
> > > > > a problem with my implemntation in the function "find_match_wc()"
> > file
> > > > > lib/classifier.c, I want to know when the condition
> > "OVS_UNLIKELY(!wc)"
> > > > is
> > > > > used, and this condition too "!cmap_node_next(inode)" and the last
> > one
> > > > for
> > > > > looking for a rule using find_match(), because one time it was going
> > from
> > > > > "OVS_UNLIKELY(!wc)" and another time it went from
> > > > "!cmap_node_next(inode)"
> > > > > and this time is skipping everything and going for that
> > "finding_match()"
> > > >
> > > > You don't need to modify the classifier code to add a new field.
> > > >
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Is it possible deleting all bridges on ovs using a command?

[Ben Pfaff]

On Thu, Aug 11, 2016 at 09:18:16AM -0700, Justin Pettit wrote:
> 
> > On Aug 11, 2016, at 6:08 AM, Taekho Nam  wrote:
> > 
> > Dear All,
> > 
> > Hi, I'm a student from Korea.
> > I'm implementing a simple application using Open vSwich.
> > So, I need a command to delete all bridges at one time.
> > 
> > If you know how to do it, Please let me know it.
> 
> You could pretty easily do it with a shell script running "ovs-vsctl list-br" 
> and "ovs-vsctl del-br".  I suppose you could run a lower-level command like 
> "ovs-vsctl clear" to do it in one shot.

utilities/ovs-ctl.in uses:

for bridge in `ovs_vsctl list-br`; do
ovs_vsctl del-br $bridge
done
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Finding a rule

[Ben Pfaff]

You're doing something wrong.  The classifier finds a matching rule.
There's no need to "check" anything afterward.

The classifier doesn't have any provision for finding a "different"
rule.

On Thu, Aug 11, 2016 at 05:51:40PM +0200, Amrane Ait Zeouay wrote:
> No, I'm working with classifier to find the rule. So when the classifier
> found the rule I need to check that rule. But the problem is when i want
> the classifier to give me another rule different from the highest rule that
> matches the flow.
> Thank you.
> On 11 Aug 2016 5:45 pm, "Ben Pfaff"  wrote:
> 
> > On Thu, Aug 11, 2016 at 01:14:38PM +0200, Amrane Ait Zeouay wrote:
> > > I'm working on Openvswitch version 2.5.0 for adding new fields, And I
> > found
> > > a problem with my implemntation in the function "find_match_wc()" file
> > > lib/classifier.c, I want to know when the condition "OVS_UNLIKELY(!wc)"
> > is
> > > used, and this condition too "!cmap_node_next(inode)" and the last one
> > for
> > > looking for a rule using find_match(), because one time it was going from
> > > "OVS_UNLIKELY(!wc)" and another time it went from
> > "!cmap_node_next(inode)"
> > > and this time is skipping everything and going for that "finding_match()"
> >
> > You don't need to modify the classifier code to add a new field.
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Finding a rule

[Ben Pfaff]

On Thu, Aug 11, 2016 at 01:14:38PM +0200, Amrane Ait Zeouay wrote:
> I'm working on Openvswitch version 2.5.0 for adding new fields, And I found
> a problem with my implemntation in the function "find_match_wc()" file
> lib/classifier.c, I want to know when the condition "OVS_UNLIKELY(!wc)" is
> used, and this condition too "!cmap_node_next(inode)" and the last one for
> looking for a rule using find_match(), because one time it was going from
> "OVS_UNLIKELY(!wc)" and another time it went from "!cmap_node_next(inode)"
> and this time is skipping everything and going for that "finding_match()"

You don't need to modify the classifier code to add a new field.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Revalidator

[Ben Pfaff]

Revalidation doesn't have a packet, so the translation function should
work even without a packet.  If it doesn't that's a bug; please report
the details.

On Wed, Aug 10, 2016 at 10:00:42PM +0200, Amrane Ait Zeouay wrote:
> Thank you for your answers, I read the PDF about the talk, and I will see
> the video Tomorrow, but I'm still a little confused, because I'm sending
> the packet to the function "classifier_lookup()" for looking into it, but
> when the OvS use the function revalidate I got an exception because there
> is no packet for revalidate.
> 
> Thank you and have a nice day,
> Best regards,
> 
> 2016-08-10 21:55 GMT+02:00 Ben Pfaff :
> 
> > On Wed, Aug 10, 2016 at 12:28:00PM -0700, Joe Stringer wrote:
> > > On 10 August 2016 at 09:49, Ben Pfaff  wrote:
> > > > On Wed, Aug 10, 2016 at 11:59:27AM +0200, Amrane Ait Zeouay wrote:
> > > >> I'm working on OvS 2.5.0, and I want to know the interest of using
> > > >> revalidator, what I know it revalidates the flow in dathapath or
> > something
> > > >> like that,
> > > >
> > > > Yes.
> > > >
> > > >> and i want to know if in the process of revalidation is there the
> > > >> packet (dp_packet) or not ?
> > > >
> > > > No.
> > > >
> > > > You may want to read our NSDI 2015 paper, which discusses revalidation.
> > > > http://openvswitch.org/support/papers/nsdi2015.pdf
> > >
> > > There is also a talk called "Revaliwhat? Keeping kernel flows fresh"
> > > from OVScon 2014:
> > > http://openvswitch.org/support/ovscon2014/
> >
> > Definitely the best title from that conference!
> >
> 
> 
> 
> -- 
> 
> Amrane Ait Zeouay
> 
> Engineer Student in The Development of Software and Systems
> 
> University of Western Brittany
> 
> Tel:  +33 7 62 25 56 03 <+33+7+62+25+56+03>
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Revalidator

[Ben Pfaff]

On Wed, Aug 10, 2016 at 12:28:00PM -0700, Joe Stringer wrote:
> On 10 August 2016 at 09:49, Ben Pfaff  wrote:
> > On Wed, Aug 10, 2016 at 11:59:27AM +0200, Amrane Ait Zeouay wrote:
> >> I'm working on OvS 2.5.0, and I want to know the interest of using
> >> revalidator, what I know it revalidates the flow in dathapath or something
> >> like that,
> >
> > Yes.
> >
> >> and i want to know if in the process of revalidation is there the
> >> packet (dp_packet) or not ?
> >
> > No.
> >
> > You may want to read our NSDI 2015 paper, which discusses revalidation.
> > http://openvswitch.org/support/papers/nsdi2015.pdf
> 
> There is also a talk called "Revaliwhat? Keeping kernel flows fresh"
> from OVScon 2014:
> http://openvswitch.org/support/ovscon2014/

Definitely the best title from that conference!
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Revalidator

[Ben Pfaff]

On Wed, Aug 10, 2016 at 11:59:27AM +0200, Amrane Ait Zeouay wrote:
> I'm working on OvS 2.5.0, and I want to know the interest of using
> revalidator, what I know it revalidates the flow in dathapath or something
> like that, 

Yes.

> and i want to know if in the process of revalidation is there the
> packet (dp_packet) or not ?

No.

You may want to read our NSDI 2015 paper, which discusses revalidation.
http://openvswitch.org/support/papers/nsdi2015.pdf
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] [OVN]How to enable vxlan as default tenant_network_types use devstack and ovn

[Ben Pfaff]

On Wed, Aug 10, 2016 at 10:46:05AM +0800, Wilence Yao wrote:
> 
> ```
> ovs-vsctl set open . external-ids:ovn-encap-type=geneve,vxlan
> ```

OVN doesn't support VXLAN for connecting hypervisors.  It only has
limited support for VXLAN, only for connecting VTEPs.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] QoS Bandwidth Rate Limiting in Multi-compute nodes OpenStack

[Ben Pfaff]

On Wed, Aug 10, 2016 at 12:35:51PM +0200, Ahmed Medhat wrote:
> Hi Folks,
> 
> 
> I have a problem with QoS enforcement in multi-compute nodes Openstack
> architecture.
> I test using Iperf udp traffic and tcp traffic. It limits the bandwidth
> rate successfully if the client and server VMs are in the same compute
> node, otherwise it failed.
> 
> I did tcpdump and found the traffic is received by the Server but no Ack
> reply is sent back. However there is an ARP reply is sent from the server.
> 
> To summarize the case:
> 
> 1- Iperf works fine between 2 vms in different compute nodes WITHOUT QoS
> enforcement.
> 2- Iperf and Bandwidth limitation work fine between 2 vms in the same
> compute node With QoS enforcement.
> 3-The problem is Iperf not works at all between 2 vms in different compute
> nodes With QoS enforcement.
> 
> The flows which are used  for 2 vms in different compute nodes are here:
> 
> *First Compute/Control Node:*
> ovs-ofctl add-flow br-int priority=2,udp,nw_src=192.168.
> 254.109,nw_dst=192.168.254.110,actions=enqueue:31:4
> 
> *2nd Compute Node:*
> 
> ovs-ofctl add-flow br-int priority=2,udp,nw_src=192.168.
> 254.110,nw_dst=192.168.254.109,actions=enqueue:33:4

The FAQ says:

### Q: I configured QoS, correctly, but my measurements show that it isn't
   working as well as I expect.

A: With the Linux kernel, the Open vSwitch implementation of QoS has
   two aspects:

   - Open vSwitch configures a subset of Linux kernel QoS
 features, according to what is in OVSDB.  It is possible that
 this code has bugs.  If you believe that this is so, then you
 can configure the Linux traffic control (QoS) stack directly
 with the "tc" program.  If you get better results that way,
 you can send a detailed bug report to b...@openvswitch.org.

 It is certain that Open vSwitch cannot configure every Linux
 kernel QoS feature.  If you need some feature that OVS cannot
 configure, then you can also use "tc" directly (or add that
 feature to OVS).

   - The Open vSwitch implementation of OpenFlow allows flows to
 be directed to particular queues.  This is pretty simple and
 unlikely to have serious bugs at this point.

   However, most problems with QoS on Linux are not bugs in Open
   vSwitch at all.  They tend to be either configuration errors
   (please see the earlier questions in this section) or issues with
   the traffic control (QoS) stack in Linux.  The Open vSwitch
   developers are not experts on Linux traffic control.  We suggest
   that, if you believe you are encountering a problem with Linux
   traffic control, that you consult the tc manpages (e.g. tc(8),
   tc-htb(8), tc-hfsc(8)), web resources (e.g. http://lartc.org/), or
   mailing lists (e.g. http://vger.kernel.org/vger-lists.html#netdev).
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS design docs?

[Ben Pfaff]

On Wed, Aug 10, 2016 at 11:38:26AM -0400, John Chludzinski wrote:
> I've been asked to map some system reqs against OVS. The central element in
> our design is OVS. I have a number of RFC's and some IEEE specs I need to
> satisfy.
> 
> So it'd help mightily if I had some docs to point to, especially if I knew
> where and how OVS fit into the Linux network stack. What does the
> 
> Any OVS design docs that might help would be appreciated.'

http://openvswitch.org/support/dist-docs/
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

[ovs-discuss] Open vSwitch joins Linux Foundation: public conference call

[Ben Pfaff]

Today, the Linux Foundation announced that Open vSwitch is now a Linux
Foundation Project:


https://www.linuxfoundation.org/announcements/open-vswitch-joins-linux-foundation-open-networking-ecosystem

We invite interested users and developers to attend a public conference
call to discuss the move to the Linux Foundation.  We expect to cover
the motivation and benefits of joining Linux Foundation, what will
change under Linux Foundation governance (and what will stay the same),
and leave plenty of time for discussion and Q&A.

Please join us on Wednesday, Aug. 10, at 12:30 pm US Pacific time (3:30
Eastern) at the number below:

Call-in toll-free number (Premiere): 1-8667156501  (US)
Call-in number (Premiere): 1-7193252777  (US)
Global numbers: 
https://www.myrcplus.com/cnums.asp?bwebid=8369444&ppc=7482453743&num=18667156501&num2=17193252777
Attendee access code: 748 245 3743

or via Webex using:

Meeting number: 927 072 180
Meeting password: ovs

We will record the call for the convenience of interested listeners who
cannot attend.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Append output port to an existing flow

[Ben Pfaff]

No, there's nothing special about VXLAN.

There should no measurable overhead.

On Mon, Aug 08, 2016 at 11:08:53PM +0530, Kapil Adhikesavalu wrote:
> Hi Ben,
> 
> I did a brief trial with 'groups' before mailing the list. Wanted to check
> if there are other alternatives specific to vxlan.
> 
> Thanks for confirming. Will there be any overhead in using 1 group for each
> tunnel in a scaled environment.
> 
> Regards
> Kapil
> 
> Thanks
> Kapil
> 
> On 08-Aug-2016 9:54 PM, "Ben Pfaff"  wrote:
> 
> On Mon, Aug 08, 2016 at 04:49:49PM +0530, Kapil Adhikesavalu wrote:
> > Want to check if there is an alternate way to append a output port to the
> > existing flow.
> >
> >
> >
> > For example,
> >
> >
> >
> > Existing flow:
> >
> > cookie=0x0, duration=14279.412s, table=0, n_packets=0, n_bytes=0,
> > idle_age=14316, dl_vlan=5 actions=output:2
> >
> >
> >
> > If I want to add output:4 to the above flow, the only way I know is using
> > mod-flow
> >
> >
> >
> > ovs-ofctl mod-flow bridge "dl_vlan=5, actions=output:2,4"
> >
> >
> >
> > But is there any other way that I can use to just append 4? i might have
> > about 20 ports which have to be dynamically appended.
> 
> You could use the OF1.1+ "groups" feature.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Append output port to an existing flow

[Ben Pfaff]

On Mon, Aug 08, 2016 at 04:49:49PM +0530, Kapil Adhikesavalu wrote:
> Want to check if there is an alternate way to append a output port to the
> existing flow.
> 
> 
> 
> For example,
> 
> 
> 
> Existing flow:
> 
> cookie=0x0, duration=14279.412s, table=0, n_packets=0, n_bytes=0,
> idle_age=14316, dl_vlan=5 actions=output:2
> 
> 
> 
> If I want to add output:4 to the above flow, the only way I know is using
> mod-flow
> 
> 
> 
> ovs-ofctl mod-flow bridge "dl_vlan=5, actions=output:2,4"
> 
> 
> 
> But is there any other way that I can use to just append 4? i might have
> about 20 ports which have to be dynamically appended.

You could use the OF1.1+ "groups" feature.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] PVLAN Inquiry

[Ben Pfaff]

On Sat, Aug 06, 2016 at 11:25:23AM -0500, Quinn Wood wrote:
> Benoît Canet had made a comment a very long time ago that indicated he
> would implement the PVLAN feature soon. I am not familiar with all of the
> context, only what I found searching for PVLAN mentions on openvswitch.org
> using Google.
> 
> The aforementioned comment was made in the following thread:
> http://openvswitch.org/pipermail/discuss/2012-March/thread.html#6816
> 
> Is this feature provided in OVS?

No, the feature was never implemented.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OpenvSwitch/KVM/Cisco-ASAv issue

[Ben Pfaff]

On Wed, Aug 03, 2016 at 11:09:41AM -0400, Carl Wilkerson wrote:
> Two identical Cisco UCS 240 servers.  OpenvSwitch (version 2.4.0) and KVM
> running on CentOS 6.8.

We've recently received a number of reports related to LACP and
interoperation with Cisco equipment.  These may be a regression since
some previous version of OVS, or related to some newly released version
of software on Cisco gear, because I've only started noticing these
reports in the last couple of months.  It's difficult to track them down
remotely.  It seems likely to me that it will take some help from an OVS
developer who also encounters such a problematic situation.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] I want to know how group table select works

[Ben Pfaff]

No, hashes are stateless.  They don't get erased.

On Tue, Aug 02, 2016 at 02:25:44PM +0900, 허지민 wrote:
> Well, I am sure about it.
> Destination or source did not change.
> 
> There is nothing like timeout???
> 
> I thought that after a long term without any networking, all the hashed
> data would be erased.
> 
> 
> 2016-08-02 14:11 GMT+09:00 Ben Pfaff :
> 
> > Probably your new flows have different source or destination TCP ports.
> >
> > On Tue, Aug 02, 2016 at 01:57:08PM +0900, 허지민 wrote:
> > > I'am using 2.5.0
> > >
> > > 2016-08-02 13:08 GMT+09:00 Ben Pfaff :
> > >
> > > > What version of Open vSwitch are you using?
> > > >
> > > > On Tue, Aug 02, 2016 at 11:29:22AM +0900, 허지민 wrote:
> > > > > Thank you for answering.
> > > > >
> > > > > I'm not sure if I understood right.
> > > > >
> > > > > The answer is saying that, if I don't change source or destination,
> > > > bucket
> > > > > selection won't be redone?
> > > > >
> > > > > Well, I am using group table for my project, and each bucket in the
> > group
> > > > > has
> > > > > different weight. When I tested group table, I found out that after
> > long
> > > > > term without networking, the selection has changed and send packets
> > to
> > > > > different bucket.
> > > > >
> > > > > How does weight of the bucket influence the selection???
> > > > >
> > > > > 2016-08-02 2:10 GMT+09:00 Ben Pfaff :
> > > > >
> > > > > > On Mon, Aug 01, 2016 at 05:39:10PM +0900, 허지민 wrote:
> > > > > > > I am working on a project using group table select.
> > > > > > >
> > > > > > > I am figuring out how group table select one of the buckets that
> > is
> > > > added
> > > > > > > in the group.
> > > > > >
> > > > > > This is in the FAQ.
> > > > > >
> > > > > > ### Q: How does OVS divide flows among buckets in an OpenFlow
> > "select"
> > > > > > group?
> > > > > >
> > > > > > A: In Open vSwitch 2.3 and earlier, Open vSwitch used the
> > destination
> > > > > >Ethernet address to choose a bucket in a select group.
> > > > > >
> > > > > >Open vSwitch 2.4 and later by default hashes the source and
> > > > > >destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
> > > > > >source and destination address and protocol, and for TCP and
> > SCTP
> > > > > >only, the source and destination ports.  The hash is
> > "symmetric",
> > > > > >meaning that exchanging source and destination addresses does
> > not
> > > > > >change the bucket selection.
> > > > > >
> > > > > >Select groups in Open vSwitch 2.4 and later can be configured to
> > > > > >use a different hash function, using a Netronome extension to
> > the
> > > > > >OpenFlow 1.5+ group_mod message.  For more information, see
> > > > > >Documentation/group-selection-method-property.txt in the Open
> > > > > >vSwitch source tree.  (OpenFlow 1.5 support in Open vSwitch is
> > still
> > > > > >experimental.)
> > > > > >
> > > >
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] I want to know how group table select works

[Ben Pfaff]

Probably your new flows have different source or destination TCP ports.

On Tue, Aug 02, 2016 at 01:57:08PM +0900, 허지민 wrote:
> I'am using 2.5.0
> 
> 2016-08-02 13:08 GMT+09:00 Ben Pfaff :
> 
> > What version of Open vSwitch are you using?
> >
> > On Tue, Aug 02, 2016 at 11:29:22AM +0900, 허지민 wrote:
> > > Thank you for answering.
> > >
> > > I'm not sure if I understood right.
> > >
> > > The answer is saying that, if I don't change source or destination,
> > bucket
> > > selection won't be redone?
> > >
> > > Well, I am using group table for my project, and each bucket in the group
> > > has
> > > different weight. When I tested group table, I found out that after long
> > > term without networking, the selection has changed and send packets to
> > > different bucket.
> > >
> > > How does weight of the bucket influence the selection???
> > >
> > > 2016-08-02 2:10 GMT+09:00 Ben Pfaff :
> > >
> > > > On Mon, Aug 01, 2016 at 05:39:10PM +0900, 허지민 wrote:
> > > > > I am working on a project using group table select.
> > > > >
> > > > > I am figuring out how group table select one of the buckets that is
> > added
> > > > > in the group.
> > > >
> > > > This is in the FAQ.
> > > >
> > > > ### Q: How does OVS divide flows among buckets in an OpenFlow "select"
> > > > group?
> > > >
> > > > A: In Open vSwitch 2.3 and earlier, Open vSwitch used the destination
> > > >Ethernet address to choose a bucket in a select group.
> > > >
> > > >Open vSwitch 2.4 and later by default hashes the source and
> > > >destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
> > > >source and destination address and protocol, and for TCP and SCTP
> > > >only, the source and destination ports.  The hash is "symmetric",
> > > >meaning that exchanging source and destination addresses does not
> > > >change the bucket selection.
> > > >
> > > >Select groups in Open vSwitch 2.4 and later can be configured to
> > > >use a different hash function, using a Netronome extension to the
> > > >OpenFlow 1.5+ group_mod message.  For more information, see
> > > >Documentation/group-selection-method-property.txt in the Open
> > > >vSwitch source tree.  (OpenFlow 1.5 support in Open vSwitch is still
> > > >experimental.)
> > > >
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] "ovs-vsctl ... create queue ..." option

[Ben Pfaff]

On Tue, Aug 02, 2016 at 01:19:14AM +, Maurice Qureshi wrote:
> While using the "ovs-vsctl ... create queue" command to create multiple 
> queues on a port, how do priorities get assigned to these queues.
> 
> As given in the example if QOS section of 
> FAQ(https://github.com/openvswitch/ovs/blob/master/FAQ.md#qos), two queues 
> are created, 123 and 234.
> 
>ovs-vsctl -- \
>add-br br0 -- \
>add-port br0 eth0 -- \
>add-port br0 vif1.0 -- set interface vif1.0 ofport_request=5 -- \
>add-port br0 vif2.0 -- set interface vif2.0 ofport_request=6 -- \
>set port eth0 qos=@newqos -- \
>--id=@newqos create qos type=linux-htb \
>other-config:max-rate=10 \
>queues:123=@vif10queue \
>queues:234=@vif20queue -- \
>--id=@vif10queue create queue other-config:max-rate=1000 -- \
>--id=@vif20queue create queue other-config:max-rate=2000
> 
> 
> While sending packets from this port to network, if packets happen to be 
> present in both queues, which queue will get served first?

You'll have to read the tc-htb manpage if you want to know how HTB
works.  HTB isn't part of OVS, OVS just knows how to configur it.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] I want to know how group table select works

[Ben Pfaff]

What version of Open vSwitch are you using?

On Tue, Aug 02, 2016 at 11:29:22AM +0900, 허지민 wrote:
> Thank you for answering.
> 
> I'm not sure if I understood right.
> 
> The answer is saying that, if I don't change source or destination, bucket
> selection won't be redone?
> 
> Well, I am using group table for my project, and each bucket in the group
> has
> different weight. When I tested group table, I found out that after long
> term without networking, the selection has changed and send packets to
> different bucket.
> 
> How does weight of the bucket influence the selection???
> 
> 2016-08-02 2:10 GMT+09:00 Ben Pfaff :
> 
> > On Mon, Aug 01, 2016 at 05:39:10PM +0900, 허지민 wrote:
> > > I am working on a project using group table select.
> > >
> > > I am figuring out how group table select one of the buckets that is added
> > > in the group.
> >
> > This is in the FAQ.
> >
> > ### Q: How does OVS divide flows among buckets in an OpenFlow "select"
> > group?
> >
> > A: In Open vSwitch 2.3 and earlier, Open vSwitch used the destination
> >Ethernet address to choose a bucket in a select group.
> >
> >Open vSwitch 2.4 and later by default hashes the source and
> >destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
> >source and destination address and protocol, and for TCP and SCTP
> >only, the source and destination ports.  The hash is "symmetric",
> >meaning that exchanging source and destination addresses does not
> >change the bucket selection.
> >
> >Select groups in Open vSwitch 2.4 and later can be configured to
> >use a different hash function, using a Netronome extension to the
> >OpenFlow 1.5+ group_mod message.  For more information, see
> >Documentation/group-selection-method-property.txt in the Open
> >vSwitch source tree.  (OpenFlow 1.5 support in Open vSwitch is still
> >experimental.)
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] I want to know how group table select works

[Ben Pfaff]

On Mon, Aug 01, 2016 at 05:39:10PM +0900, 허지민 wrote:
> I am working on a project using group table select.
> 
> I am figuring out how group table select one of the buckets that is added
> in the group.

This is in the FAQ.

### Q: How does OVS divide flows among buckets in an OpenFlow "select" group?

A: In Open vSwitch 2.3 and earlier, Open vSwitch used the destination
   Ethernet address to choose a bucket in a select group.

   Open vSwitch 2.4 and later by default hashes the source and
   destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
   source and destination address and protocol, and for TCP and SCTP
   only, the source and destination ports.  The hash is "symmetric",
   meaning that exchanging source and destination addresses does not
   change the bucket selection.

   Select groups in Open vSwitch 2.4 and later can be configured to
   use a different hash function, using a Netronome extension to the
   OpenFlow 1.5+ group_mod message.  For more information, see
   Documentation/group-selection-method-property.txt in the Open
   vSwitch source tree.  (OpenFlow 1.5 support in Open vSwitch is still
   experimental.)
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Add arp flow error

[Ben Pfaff]

Jarno, do you have time to take a look at this sometime?  I don't
understand how it would happen, but if it does then it probably has
something to do with synchronization and you know how OVS userspace does
that really well.

Thanks,

Ben.

On Mon, Aug 01, 2016 at 12:13:03PM +, Yinpeijun wrote:
> 
> Hi ALL,
> 
>   Here is the test scene which we used to generate the error.
> 
>   1. add a bridge like "ovs-vsctl add-br br-int"
> 2. add a port to br-int "ovs-vsctl add-port br-int eth1"
>   3. delete the default normal flow of it, "ovs-vsctl del-flows br-int"
>   4. add arp reply flow, " ovs-ofctl add-flow br-int 
> "hard_timeout=0,idle_timeout=0,priority=5,nw_dst=193.168.101.11,arp,table=22,actions=move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],mod_dl_src:00:16:3e:1d:33:b1,load:0x2->NXM_OF_ARP_OP[],
>  
> move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],load:0x00163e1d33b1->NXM_NX_ARP_SHA[],load:0xc1a8650b->NXM_OF_ARP_SPA[],in_port""
> 
>   If we use netperf/iperf send packets from other server physical nic to 
> this eth1 and repeat to do step 4, we will get the follow error with a high 
> probability.
> 
>   OFPT_ERROR (xid=0x4): OFPFMFC_BAD_COMMAND OFPT_FLOW_MOD (xid=0x4):
>   (***truncated to 64 bytes from 240***)
>    01 0e 00 f0 00 00 00 04-00 30 20 ef 00 00 00 00 |.0 
> .|
>   0010 00 00 00 00 00 00 00 00-00 00 00 00 00 00 08 06 
> ||
>   0020 00 00 00 00 00 00 00 00-c1 a8 69 0a 00 00 00 00 
> |..i.|
>   0030 00 00 00 00 00 00 00 00-16 00 00 00 00 00 2b 6b 
> |..+k|
> 
>   We find that a revalidate thread may affects the step4. It may modify 
> the connmgr's ofputil_protocol.
>   
>   This should be a bug , Could someone confirm this? Or any good way to 
> solve the problem? 
>   Hope to hear feedback.
> 
>   Thanks,
>   Ray
> 
> -Original Message-
> From: Yinpeijun 
> Sent: Wednesday, July 27, 2016 5:30 PM
> To: discuss@openvswitch.org
> Cc: Zhoulei (Ray); gaoxiaoqiu; Zhbzg
> Subject: [ovs-discuss] Add arp flow error 
> 
> 
> Hi All,
> 
> I am trying to add some flows include a arp reply flow on OVS2.5.0, but 
> getting a small probability error.
> 
> OFPT_ERROR (xid=0x4): OFPFMFC_BAD_COMMAND OFPT_FLOW_MOD (xid=0x4):
> (***truncated to 64 bytes from 240***)
>  01 0e 00 f0 00 00 00 04-00 30 20 ef 00 00 00 00 |.0 .|
> 0010 00 00 00 00 00 00 00 00-00 00 00 00 00 00 08 06 ||
> 0020 00 00 00 00 00 00 00 00-c1 a8 69 0a 00 00 00 00 |..i.|
> 0030 00 00 00 00 00 00 00 00-16 00 00 00 00 00 2b 6b |..+k|
> 
> The command I used is this:
> ovs-ofctl add-flow br-tun 
> "hard_timeout=0,idle_timeout=0,priority=5,nw_dst=193.168.101.11,arp,table=22,actions=move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],mod_dl_src:00:16:3e:1d:33:b1,load:0x2->NXM_OF_ARP_OP[],
>  
> move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],load:0x00163e1d33b1->NXM_NX_ARP_SHA[],load:0xc1a8650b->NXM_OF_ARP_SPA[],in_port"
> 
> In ovs-vswitchd log file, I see a warning " |ofp_util|WARN|flow_mod has 
> explicit table_id but flow_mod_table_id extension is not enabled ".
> But I re-add this flow again, it is OK and I can find this flow by using 
> "ovs-ofctl dump-flows br-tun".
> 
> This error is hard to re-appear.
> I analyze the source file and see that the ofputil_protocol is not the 
> correct value as I expect during ofputil_decode_flow_mod.
> 
> Is there any possibility that the ofputil_protocol will be modified?
> 
> 
> Thanks,
> Ray.
> 
> 
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] wakeup due to 0-ms timeout at ofproto/bond.c:670 (100% CPU usage)

[Ben Pfaff]

On Fri, Jul 29, 2016 at 04:18:02PM +0100, Mário Reis wrote:
> Hi all,
> 
> i'm looking for some help/hints to solve a issue in our current Openvswitch
> implementation.
> 
> We are using OVS 2.4.0 with a 3.12.49 kernel on a Gentoo instalation. We
> upgraded from OVS 2.3.1 when started to see the following log entries:
> 
> Jul 29 16:01:40  ovs-vswitchd[4027]:
> ovs|839572|poll_loop|INFO|Dropped 254414 log messages in last 6 seconds
> (most recently, 0 seconds ago) due to excessive rate
> Jul 29 16:01:40  ovs-vswitchd[4027]:
> ovs|839573|poll_loop|INFO|wakeup due to 0-ms timeout at ofproto/bond.c:670
> (100% CPU usage)
> 
> This server hosts some KVM guests, and can't see any significant impact on
> VMs traffic.
> If we restart ovs-vswitchd daemon, it restores normal behaviour (<1% CPU
> USAGE), with almost no downtime for the VMs.

This is fixed in 2.4.1.  Please upgrade.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] How can i check wheather GRE tunnel is working or not

[Ben Pfaff]

On Fri, Jul 29, 2016 at 06:06:59AM +, Sreenivas wrote:
> We have a two OVS. We added GRE tunnels between the OVS. So after add
> GRE tunnel , how can i check wheather GRE tunnel is working or not.

You can use BFD or CFM.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] discuss Digest, Vol 85, Issue 132

[Ben Pfaff]

We don't really have that kind of process.  We don't generally have
developers asking for people to run specific tests.

Maybe you'd be interested in joining the ovn-scale-test project.  It's
at:
https://github.com/openvswitch/ovn-scale-test

On Thu, Jul 28, 2016 at 10:12:09PM +0530, HARSHAVARDHAN SRI wrote:
> Hi Ben,
> 
> Thanks so much for kind reply. 
> 
> I am somehow not getting pointers how to take up test task ? How to get setup 
> to test ?
> 
> E.g. Let’s say Some part of testing is needed from one of Developer and if I 
> am aware of that protocol/technology and interested to test it then how to 
> take it forward ?   
> 
> Might be dumb question but I am very new to understand process here.
> 
> Regards
> Harsha
> 
> 
> 
> > On 28-Jul-2016, at 10:04 pm, Ben Pfaff  wrote:
> > 
> > On Thu, Jul 28, 2016 at 08:29:35PM +0530, HARSHAVARDHAN wrote:
> >> Kindly can I have testing team alias so that I can help in contributing for
> >> any testing ? I am bit new to these types of system, kind advise and help.
> > 
> > There is no list specific to testing.  You can use this list or the dev
> > list.
> 
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Issue with port statistics: not reporting transmitted/received packets from an interface

[Ben Pfaff]

On Thu, Jul 28, 2016 at 12:09:17PM +0200, Jorge Baranda wrote:
> I made a double check making an "ifconfig" request of these interfaces and
> the values between "ifconfig" and "sudo ovs-ofctl -O OpenFlow13 dump-ports
> br0 [port]" coincides. Then, my
> question is: Is reading ovs-ofctl dump-ports instructions the same values as
> ifconfig? At a first glimpse, it looks so. Could you confirm this?

Yes, dump-ports shows the same values as ifconfig.  Both commands get
their data ultimately from the same source.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] discuss Digest, Vol 85, Issue 132

[Ben Pfaff]

On Thu, Jul 28, 2016 at 08:29:35PM +0530, HARSHAVARDHAN wrote:
> Kindly can I have testing team alias so that I can help in contributing for
> any testing ? I am bit new to these types of system, kind advise and help.

There is no list specific to testing.  You can use this list or the dev
list.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Queue stats don't appear

[Ben Pfaff]

modprobe sch_htb

On Tue, Jul 26, 2016 at 05:34:41PM +, álvaro wrote:
> Maybe that's the problem, I haven't changed anything about the kernel module, 
> how can I load the kernel module for htb?
> 
> 
> 
> ________
> From: Ben Pfaff 
> Sent: Tuesday, July 26, 2016 4:29 PM
> To: álvaro
> Cc: discuss@openvswitch.org
> Subject: Re: [ovs-discuss] Queue stats don't appear
> 
> It looks like you're doing everything right so I'm confused.
> Is the kernel module for htb loaded?
> 
> On Mon, Jul 25, 2016 at 09:05:55PM +, álvaro wrote:
> > I've just checked the logs and i didn't see nothing weird.
> >
> > I thing that maybe I've not added queues in the qos.
> >
> > When I check with ovs-vsctl list queue appears this:
> >
> > mininet@mininet-vm:~$ sudo ovs-vsctl list queue
> >
> > _uuid   : 5dcd4bc4-4706-4e30-86b1-dc2c2a13f499
> >
> > dscp: []
> >
> > external_ids: {}
> >
> > other_config: {max-rate="10", min-rate="10"}
> >
> >
> > _uuid   : 4f688828-a5e7-4d15-8aed-9193b0742610
> >
> > dscp: []
> >
> > external_ids: {}
> >
> > other_config: {max-rate="400", min-rate="400"}
> >
> >
> > _uuid   : a8546246-3b5f-40b1-8433-0733203740bf
> >
> > dscp: []
> >
> > external_ids: {}
> >
> > other_config: {max-rate="400", min-rate="400"}
> >
> >
> > _uuid   : f7a521ce-0031-47e3-8412-25b5babde47e
> >
> > dscp    : []
> >
> > external_ids: {}
> >
> > other_config: {max-rate="2", min-rate="5000"}
> >
> > but when I put ovs-ofctl queue-stats s1 it says that there are 0 queues 
> > maybe because I didn't add.
> > I don't know very well how to configure a queue, how would you do from 
> > scratch?
> > Thanks again
> >
> > 
> > From: Ben Pfaff 
> > Sent: Monday, July 25, 2016 8:18 PM
> > To: álvaro
> > Cc: discuss@openvswitch.org
> > Subject: Re: [ovs-discuss] Queue stats don't appear
> >
> > That looks OK to me.  You might check your OVS logs for related
> > warnings.
> >
> > On Mon, Jul 25, 2016 at 07:06:42PM +, álvaro wrote:
> > >
> > > Yes I did, with this command:
> > >
> > > ovs-vsctl -- set Port s1-eth1 qos=@newqos --
> > >
> > > --id=@newqos create QoS type=linux-htb other-config:max-rate=10 
> > > queues=0=@q0 --
> > >
> > > --id=@q0 create Queue other-config:min-rate=400 
> > > other-config:max-rate=400
> > >
> > >
> > > and when I check with:
> > >
> > > sudo ovs-vsctl list queue
> > >
> > > appears the uuid of the queues and the configuration that I've chosen, 
> > > but when I try to get the stats either with the:
> > >
> > > ova-ofctl queue-stats or with the QueueStatsReceived method from POX 
> > > nothing appears.
> > >
> > > I don't know if I've configured the queue in the correct way, if you can 
> > > tell me how should I configure the queue of a port switch to get the 
> > > stats like tx_byte, tx_packet, tx_error I would appreciate.
> > >
> > >
> > > 
> > > From: Ben Pfaff 
> > > Sent: Monday, July 25, 2016 4:24 PM
> > > To: álvaro
> > > Cc: discuss@openvswitch.org
> > > Subject: Re: [ovs-discuss] Queue stats don't appear
> > >
> > > On Mon, Jul 25, 2016 at 10:17:19AM +, álvaro wrote:
> > > > Hi, I'm trying to get the queue stats of the network, I make a request 
> > > > to the controller and use the QueueStatsReceived with a handler, but 
> > > > when I print the stats nothing appears(even saturating switch ports), 
> > > > with the FlowStats and PortStats works normally.
> > > >
> > > > Anyone knows why always appear "[]" without stats in?
> > >
> > > Did you configure queues?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Link Failure detection time

[Ben Pfaff]

On Tue, Jul 26, 2016 at 07:57:28AM +0200, james hopper wrote:
> I have a simple question about the time OVS takes to detect link failure if i
> don't explicitly enable BFD on interfaces?  It seems that port down message is
> immediately generated, while link failure detection is taking some additional
> time. What is the exact time after which the link is considered down?

OVS doesn't have any special link failure detection logic.  Without BFD
or CFM, it's a matter of whatever your NIC driver does.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] TCP and UDP mask support in OVS

[Ben Pfaff]

This is the match structure embedded in the pcap.  It is 48 bytes long.
I've added spaces and line numbers to allow for commentary:

1. 0001 002b
2. 8806 fa163ed9fbfd
3. 8a02 0800
4. 80001401 06
5. 80001908 ff00
6. 1504 014d
7. 00

Line 1 is an ofp_match_header.  0001 means OXM, 002b means that the
match is 0x2b (43) bytes long.  Because a match structure is always a
multiple of 8 bytes in length, this means that there should be 5 bytes
of 0-padding at the end, bringing us to the desired total of 48 bytes.

Lines 2 through 6 are the individual fields being matched.  The last
byte of the first cluster on each line is the number of bytes of field
value that follows.

Line 6 is the match on TCP dst.  It indicates a length of 4 bytes.
However this means that line 7, which should have 5 bytes of padding, is
only 3 bytes long.  The 002b on line 1 should evidently be 002d to
indicate that the match is 2 bytes longer than necessary.  However, even
then, this is an invalid match because it says to match on tcp_dst as
0x014d/0x and that simply doesn't make sense and OVS rightly rejects
it:

2016-07-26T17:00:38Z|00011|nx_match|WARN|Rejecting NXM/OXM entry 0:0:10:1:4 
with 1-bits in value for bits wildcarded by the mask.

Whatever is generated this match should be fixed.

On Tue, Jul 26, 2016 at 05:30:15PM +0530, Aswin S wrote:
> HI Ben,
> 
> I have attached the pcap. ( Sl No 3052 and 3053 is one such message).
> 
> Thanks
> Aswin
> 
> ​​
> 
> On Mon, Jul 25, 2016 at 8:20 PM, Ben Pfaff  wrote:
> 
> > Hmm, there's no change in this area since 2.4.  Can you give an example
> > of an OpenFlow message that provokes the error?  A hexdump or pcap of
> > the message would be ideal.
> >
> > On Mon, Jul 25, 2016 at 12:19:43PM +0530, Aswin S wrote:
> > > Hi Ben
> > >
> > > The below extension were used.
> > >
> > > #define NXM_OF_TCP_SRCNXM_HEADER  (0x,  9, 2)
> > > #define NXM_OF_TCP_DSTNXM_HEADER  (0x, 10, 2)
> > > #define NXM_OF_UDP_SRCNXM_HEADER  (0x, 11, 2)
> > > #define NXM_OF_UDP_DSTNXM_HEADER  (0x, 12, 2)
> > >
> > > It was working in OVS 2.4(not the latest). But now it seems to be
> > throwing
> > > an error BAD_LENGTH with latest 2.4 and 2.5
> > >
> > > Thanks
> > > Aswin
> > >
> > > On Sun, Jul 24, 2016 at 11:30 PM, Ben Pfaff  wrote:
> > >
> > > > On Sun, Jul 24, 2016 at 11:28:27AM +0530, Aswin S wrote:
> > > > > In opendaylight we used Nicira Extention to support TCP and UDP
> > mask. But
> > > > > now I observe that in ovs it is a part of standard openflow
> > > > implementation
> > > > > and the nicira extension code we used is reporting error. Was there a
> > > > > change in ovs? But openflow plugin spec is yet to support TCP/UDP
> > mask.
> > > >
> > > > I don't know of a backward-incompatible change to OVS in this area.
> > > > What Nicira extension were you using?  What version of OVS worked, and
> > > > what version of OVS does not?
> > > >
> >


___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Queue stats don't appear

[Ben Pfaff]

It looks like you're doing everything right so I'm confused.
Is the kernel module for htb loaded?

On Mon, Jul 25, 2016 at 09:05:55PM +, álvaro wrote:
> I've just checked the logs and i didn't see nothing weird.
> 
> I thing that maybe I've not added queues in the qos.
> 
> When I check with ovs-vsctl list queue appears this:
> 
> mininet@mininet-vm:~$ sudo ovs-vsctl list queue
> 
> _uuid   : 5dcd4bc4-4706-4e30-86b1-dc2c2a13f499
> 
> dscp: []
> 
> external_ids: {}
> 
> other_config: {max-rate="10", min-rate="10"}
> 
> 
> _uuid   : 4f688828-a5e7-4d15-8aed-9193b0742610
> 
> dscp: []
> 
> external_ids: {}
> 
> other_config: {max-rate="400", min-rate="400"}
> 
> 
> _uuid   : a8546246-3b5f-40b1-8433-0733203740bf
> 
> dscp: []
> 
> external_ids: {}
> 
> other_config: {max-rate="400", min-rate="400"}
> 
> 
> _uuid   : f7a521ce-0031-47e3-8412-25b5babde47e
> 
> dscp: []
> 
> external_ids: {}
> 
> other_config: {max-rate="2", min-rate="5000"}
> 
> but when I put ovs-ofctl queue-stats s1 it says that there are 0 queues maybe 
> because I didn't add.
> I don't know very well how to configure a queue, how would you do from 
> scratch?
> Thanks again
> 
> 
> From: Ben Pfaff 
> Sent: Monday, July 25, 2016 8:18 PM
> To: álvaro
> Cc: discuss@openvswitch.org
> Subject: Re: [ovs-discuss] Queue stats don't appear
> 
> That looks OK to me.  You might check your OVS logs for related
> warnings.
> 
> On Mon, Jul 25, 2016 at 07:06:42PM +, álvaro wrote:
> >
> > Yes I did, with this command:
> >
> > ovs-vsctl -- set Port s1-eth1 qos=@newqos --
> >
> > --id=@newqos create QoS type=linux-htb other-config:max-rate=10 
> > queues=0=@q0 --
> >
> > --id=@q0 create Queue other-config:min-rate=400 
> > other-config:max-rate=400
> >
> >
> > and when I check with:
> >
> > sudo ovs-vsctl list queue
> >
> > appears the uuid of the queues and the configuration that I've chosen, but 
> > when I try to get the stats either with the:
> >
> > ova-ofctl queue-stats or with the QueueStatsReceived method from POX 
> > nothing appears.
> >
> > I don't know if I've configured the queue in the correct way, if you can 
> > tell me how should I configure the queue of a port switch to get the stats 
> > like tx_byte, tx_packet, tx_error I would appreciate.
> >
> >
> > 
> > From: Ben Pfaff 
> > Sent: Monday, July 25, 2016 4:24 PM
> > To: álvaro
> > Cc: discuss@openvswitch.org
> > Subject: Re: [ovs-discuss] Queue stats don't appear
> >
> > On Mon, Jul 25, 2016 at 10:17:19AM +, álvaro wrote:
> > > Hi, I'm trying to get the queue stats of the network, I make a request to 
> > > the controller and use the QueueStatsReceived with a handler, but when I 
> > > print the stats nothing appears(even saturating switch ports), with the 
> > > FlowStats and PortStats works normally.
> > >
> > > Anyone knows why always appear "[]" without stats in?
> >
> > Did you configure queues?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Queue stats don't appear

[Ben Pfaff]

That looks OK to me.  You might check your OVS logs for related
warnings.

On Mon, Jul 25, 2016 at 07:06:42PM +, álvaro wrote:
> 
> Yes I did, with this command:
> 
> ovs-vsctl -- set Port s1-eth1 qos=@newqos --
> 
> --id=@newqos create QoS type=linux-htb other-config:max-rate=10 
> queues=0=@q0 --
> 
> --id=@q0 create Queue other-config:min-rate=400 
> other-config:max-rate=400
> 
> 
> and when I check with:
> 
> sudo ovs-vsctl list queue
> 
> appears the uuid of the queues and the configuration that I've chosen, but 
> when I try to get the stats either with the:
> 
> ova-ofctl queue-stats or with the QueueStatsReceived method from POX nothing 
> appears.
> 
> I don't know if I've configured the queue in the correct way, if you can tell 
> me how should I configure the queue of a port switch to get the stats like 
> tx_byte, tx_packet, tx_error I would appreciate.
> 
> 
> 
> From: Ben Pfaff 
> Sent: Monday, July 25, 2016 4:24 PM
> To: álvaro
> Cc: discuss@openvswitch.org
> Subject: Re: [ovs-discuss] Queue stats don't appear
> 
> On Mon, Jul 25, 2016 at 10:17:19AM +, álvaro wrote:
> > Hi, I'm trying to get the queue stats of the network, I make a request to 
> > the controller and use the QueueStatsReceived with a handler, but when I 
> > print the stats nothing appears(even saturating switch ports), with the 
> > FlowStats and PortStats works normally.
> >
> > Anyone knows why always appear "[]" without stats in?
> 
> Did you configure queues?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Queue stats don't appear

[Ben Pfaff]

On Mon, Jul 25, 2016 at 10:17:19AM +, álvaro wrote:
> Hi, I'm trying to get the queue stats of the network, I make a request to the 
> controller and use the QueueStatsReceived with a handler, but when I print 
> the stats nothing appears(even saturating switch ports), with the FlowStats 
> and PortStats works normally.
> 
> Anyone knows why always appear "[]" without stats in?

Did you configure queues?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] TCP and UDP mask support in OVS

[Ben Pfaff]

Hmm, there's no change in this area since 2.4.  Can you give an example
of an OpenFlow message that provokes the error?  A hexdump or pcap of
the message would be ideal.

On Mon, Jul 25, 2016 at 12:19:43PM +0530, Aswin S wrote:
> Hi Ben
> 
> The below extension were used.
> 
> #define NXM_OF_TCP_SRCNXM_HEADER  (0x,  9, 2)
> #define NXM_OF_TCP_DSTNXM_HEADER  (0x, 10, 2)
> #define NXM_OF_UDP_SRCNXM_HEADER  (0x, 11, 2)
> #define NXM_OF_UDP_DSTNXM_HEADER  (0x, 12, 2)
> 
> It was working in OVS 2.4(not the latest). But now it seems to be throwing
> an error BAD_LENGTH with latest 2.4 and 2.5
> 
> Thanks
> Aswin
> 
> On Sun, Jul 24, 2016 at 11:30 PM, Ben Pfaff  wrote:
> 
> > On Sun, Jul 24, 2016 at 11:28:27AM +0530, Aswin S wrote:
> > > In opendaylight we used Nicira Extention to support TCP and UDP mask. But
> > > now I observe that in ovs it is a part of standard openflow
> > implementation
> > > and the nicira extension code we used is reporting error. Was there a
> > > change in ovs? But openflow plugin spec is yet to support TCP/UDP mask.
> >
> > I don't know of a backward-incompatible change to OVS in this area.
> > What Nicira extension were you using?  What version of OVS worked, and
> > what version of OVS does not?
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] ifconfig counters issue!

[Ben Pfaff]

I'd start by looking at some commits that add qdiscs, such as:

commit 677d9158fc0aa16f875198d83c7bd8f87238aed5
Author: Jonathan Vestin 
Date:   Wed Mar 18 17:13:01 2015 +0100

netdev-linux: Support for SFQ, FQ_CoDel and CoDel qdiscs.

This patch adds support for SFQ, CoDel and FQ_CoDel classless qdiscs to 
Open vSwitch. It also removes the requirement for a QoS to have at least one 
Queue (as this makes no sense when using classless qdiscs). I have also not 
implemented class_{get,set,delete,get_stats,dump_stats} because they are meant 
for qdiscs with classes.

Signed-off-by: Jonathan Vestin 
[b...@nicira.com mostly applied stylistic changes]
Signed-off-by: Ben Pfaff 


On Sun, Jul 24, 2016 at 07:47:28PM +, fatt 3issam wrote:
> Could you please guide me on how to start doing that?
> Best regards.
> 
> > Date: Sun, 24 Jul 2016 11:47:03 -0700
> > From: b...@ovn.org
> > To: fat...@hotmail.com
> > CC: discuss@openvswitch.org
> > Subject: Re: [ovs-discuss] ifconfig counters issue!
> > 
> > You could add support for your qdisc to OVS, including support for queue
> > statistics.
> > 
> > On Sun, Jul 24, 2016 at 06:19:37PM +, fatt 3issam wrote:
> > > I get what you said but as I mentioned my goal is to get those stats with 
> > > OpenFlow so it's not a matter of seeing the packets being dropped it's 
> > > about the counter itself that registers them.when using tc -s I can 
> > > indeed see them but only the tx I need both tx and rx + when I request 
> > > port stats using OpenFlow the counters are always 0 like with ifconfig!
> > > is there any other tool that can make packets drop on veth interfaces or 
> > > is there any possible way that I can register the correct port stats?
> > > Best regards.-
> > > 
> > > > Date: Sun, 24 Jul 2016 11:05:27 -0700
> > > > From: b...@ovn.org
> > > > To: fat...@hotmail.com
> > > > CC: discuss@openvswitch.org
> > > > Subject: Re: [ovs-discuss] ifconfig counters issue!
> > > > 
> > > > On Sun, Jul 24, 2016 at 10:29:43AM +, fatt 3issam wrote:
> > > > > I'm trying to test poor connexion networks. So in a simple linear 
> > > > > topology (host1  switch1 -- (s2-eth2)switch2(s2-eth1) - 
> > > > > host2) I created packet loss (50%) in the interface s2-eth2 using the 
> > > > > tc command, I pinged from host1 to host2 and indeed the ping results 
> > > > > are around the 50% loss. Now the problem is when I try to prove these 
> > > > > results with ifconfig I'm seeing that the rx/tx drop counts are 
> > > > > always 0 (the same goes for the errors/overruns/collisions counters 
> > > > > with their specific tests of course)!!!
> > > > > P.S: I also tried to jam the network by creating some background 
> > > > > trafic with iperf tool but still seeing 0s!
> > > > > How can I affect ifconfig counters or how to actually make veth 
> > > > > interfaces feel what's going on! because I need to have those numbers 
> > > > > registred on the port's stats to get them from OpenFlow after!!
> > > > > I hope that this issue is clear and thanks in advance.Best regards.   
> > > > >   
> > > > 
> > > > This doesn't seem to have anything to do with OVS.
> > > > 
> > > > I believe that when TC drops a packet, the drops will be accounted by
> > > > the packet scheduler rather than by the interface, so you should be able
> > > > to use some "tc -s" command to view drops.
> > > 
> 
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] ifconfig counters issue!

[Ben Pfaff]

You could add support for your qdisc to OVS, including support for queue
statistics.

On Sun, Jul 24, 2016 at 06:19:37PM +, fatt 3issam wrote:
> I get what you said but as I mentioned my goal is to get those stats with 
> OpenFlow so it's not a matter of seeing the packets being dropped it's about 
> the counter itself that registers them.when using tc -s I can indeed see them 
> but only the tx I need both tx and rx + when I request port stats using 
> OpenFlow the counters are always 0 like with ifconfig!
> is there any other tool that can make packets drop on veth interfaces or is 
> there any possible way that I can register the correct port stats?
> Best regards.-
> 
> > Date: Sun, 24 Jul 2016 11:05:27 -0700
> > From: b...@ovn.org
> > To: fat...@hotmail.com
> > CC: discuss@openvswitch.org
> > Subject: Re: [ovs-discuss] ifconfig counters issue!
> > 
> > On Sun, Jul 24, 2016 at 10:29:43AM +, fatt 3issam wrote:
> > > I'm trying to test poor connexion networks. So in a simple linear 
> > > topology (host1  switch1 -- (s2-eth2)switch2(s2-eth1) - 
> > > host2) I created packet loss (50%) in the interface s2-eth2 using the tc 
> > > command, I pinged from host1 to host2 and indeed the ping results are 
> > > around the 50% loss. Now the problem is when I try to prove these results 
> > > with ifconfig I'm seeing that the rx/tx drop counts are always 0 (the 
> > > same goes for the errors/overruns/collisions counters with their specific 
> > > tests of course)!!!
> > > P.S: I also tried to jam the network by creating some background trafic 
> > > with iperf tool but still seeing 0s!
> > > How can I affect ifconfig counters or how to actually make veth 
> > > interfaces feel what's going on! because I need to have those numbers 
> > > registred on the port's stats to get them from OpenFlow after!!
> > > I hope that this issue is clear and thanks in advance.Best regards.   
> > >   
> > 
> > This doesn't seem to have anything to do with OVS.
> > 
> > I believe that when TC drops a packet, the drops will be accounted by
> > the packet scheduler rather than by the interface, so you should be able
> > to use some "tc -s" command to view drops.
> 
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] ifconfig counters issue!

[Ben Pfaff]

On Sun, Jul 24, 2016 at 10:29:43AM +, fatt 3issam wrote:
> I'm trying to test poor connexion networks. So in a simple linear topology 
> (host1  switch1 -- (s2-eth2)switch2(s2-eth1) - host2) I created 
> packet loss (50%) in the interface s2-eth2 using the tc command, I pinged 
> from host1 to host2 and indeed the ping results are around the 50% loss. Now 
> the problem is when I try to prove these results with ifconfig I'm seeing 
> that the rx/tx drop counts are always 0 (the same goes for the 
> errors/overruns/collisions counters with their specific tests of course)!!!
> P.S: I also tried to jam the network by creating some background trafic with 
> iperf tool but still seeing 0s!
> How can I affect ifconfig counters or how to actually make veth interfaces 
> feel what's going on! because I need to have those numbers registred on the 
> port's stats to get them from OpenFlow after!!
> I hope that this issue is clear and thanks in advance.Best regards.   
>   

This doesn't seem to have anything to do with OVS.

I believe that when TC drops a packet, the drops will be accounted by
the packet scheduler rather than by the interface, so you should be able
to use some "tc -s" command to view drops.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] TCP and UDP mask support in OVS

[Ben Pfaff]

On Sun, Jul 24, 2016 at 11:28:27AM +0530, Aswin S wrote:
> In opendaylight we used Nicira Extention to support TCP and UDP mask. But
> now I observe that in ovs it is a part of standard openflow implementation
> and the nicira extension code we used is reporting error. Was there a
> change in ovs? But openflow plugin spec is yet to support TCP/UDP mask.

I don't know of a backward-incompatible change to OVS in this area.
What Nicira extension were you using?  What version of OVS worked, and
what version of OVS does not?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Packet drops in OVS Bridge

[Ben Pfaff]

No.

On Wed, Jul 20, 2016 at 06:04:39PM -0500, chetandeep singh wrote:
> Hi Ben
> 
> I have a primary eth port eth2 and secondary Ethernet port eth3 that does
> not have any ip assigned to the same. So machine does not get locked up.
> The issue is that adding secondary port makes packets to get dropped in
> bridge . Any ideas why ?
> 
> On Wednesday, July 20, 2016, Ben Pfaff  wrote:
> 
> > On Wed, Jul 20, 2016 at 05:45:27PM -0500, chetandeep singh wrote:
> > > I am trying to run some basic setup with OVS like creating a bridge and
> > > adding taps for VM's in the bridge and a secondary ethernet port and then
> > > eventually put the machine on the network. What I see is that if I do
> > below
> > > commands and add secondary eth3 port on the machine in the ovs bridge, I
> > > see that packets start getting dropped. If I do ifconfig eth3, I dont see
> > > any drops.
> > >
> > > Any idea why this might be happening in this case  ?
> > >
> > > ovs-vsctl add-br br0
> > > ovs-vsctl add-port br0 eth3
> > >
> > > ifconfig br0
> > > br0   Link encap:Ethernet  HWaddr 3C:A8:2A:0D:F9:31
> > >   BROADCAST PROMISC MULTICAST  MTU:1500  Metric:1
> > >   RX packets:0 errors:0 dropped:29 overruns:0 frame:0
> > >   TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> > >   collisions:0 txqueuelen:0
> > >   RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
> >
> > ### Q: I created a bridge and added my Ethernet port to it, using commands
> >like these:
> >
> >ovs-vsctl add-br br0
> >ovs-vsctl add-port br0 eth0
> >
> >and as soon as I ran the "add-port" command I lost all connectivity
> >through eth0.  Help!
> >
> > A: A physical Ethernet device that is part of an Open vSwitch bridge
> >should not have an IP address.  If one does, then that IP address
> >will not be fully functional.
> >
> >You can restore functionality by moving the IP address to an Open
> >vSwitch "internal" device, such as the network device named after
> >the bridge itself.  For example, assuming that eth0's IP address is
> >192.168.128.5, you could run the commands below to fix up the
> >situation:
> >
> >ifconfig eth0 0.0.0.0
> >ifconfig br0 192.168.128.5
> >
> >(If your only connection to the machine running OVS is through the
> >IP address in question, then you would want to run all of these
> >commands on a single command line, or put them into a script.)  If
> >there were any additional routes assigned to eth0, then you would
> >also want to use commands to adjust these routes to go through br0.
> >
> >If you use DHCP to obtain an IP address, then you should kill the
> >DHCP client that was listening on the physical Ethernet interface
> >(e.g. eth0) and start one listening on the internal interface
> >(e.g. br0).  You might still need to manually clear the IP address
> >from the physical interface (e.g. with "ifconfig eth0 0.0.0.0").
> >
> >There is no compelling reason why Open vSwitch must work this way.
> >However, this is the way that the Linux kernel bridge module has
> >always worked, so it's a model that those accustomed to Linux
> >bridging are already used to.  Also, the model that most people
> >expect is not implementable without kernel changes on all the
> >versions of Linux that Open vSwitch supports.
> >
> >By the way, this issue is not specific to physical Ethernet
> >devices.  It applies to all network devices except Open vSwitch
> >"internal" devices.
> >
> 
> 
> -- 
> " In financial markets, the majority is always wrong "
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Packet drops in OVS Bridge

[Ben Pfaff]

On Wed, Jul 20, 2016 at 05:45:27PM -0500, chetandeep singh wrote:
> I am trying to run some basic setup with OVS like creating a bridge and
> adding taps for VM's in the bridge and a secondary ethernet port and then
> eventually put the machine on the network. What I see is that if I do below
> commands and add secondary eth3 port on the machine in the ovs bridge, I
> see that packets start getting dropped. If I do ifconfig eth3, I dont see
> any drops.
> 
> Any idea why this might be happening in this case  ?
> 
> ovs-vsctl add-br br0
> ovs-vsctl add-port br0 eth3
> 
> ifconfig br0
> br0   Link encap:Ethernet  HWaddr 3C:A8:2A:0D:F9:31
>   BROADCAST PROMISC MULTICAST  MTU:1500  Metric:1
>   RX packets:0 errors:0 dropped:29 overruns:0 frame:0
>   TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:0
>   RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

### Q: I created a bridge and added my Ethernet port to it, using commands
   like these:

   ovs-vsctl add-br br0
   ovs-vsctl add-port br0 eth0

   and as soon as I ran the "add-port" command I lost all connectivity
   through eth0.  Help!

A: A physical Ethernet device that is part of an Open vSwitch bridge
   should not have an IP address.  If one does, then that IP address
   will not be fully functional.

   You can restore functionality by moving the IP address to an Open
   vSwitch "internal" device, such as the network device named after
   the bridge itself.  For example, assuming that eth0's IP address is
   192.168.128.5, you could run the commands below to fix up the
   situation:

   ifconfig eth0 0.0.0.0
   ifconfig br0 192.168.128.5

   (If your only connection to the machine running OVS is through the
   IP address in question, then you would want to run all of these
   commands on a single command line, or put them into a script.)  If
   there were any additional routes assigned to eth0, then you would
   also want to use commands to adjust these routes to go through br0.

   If you use DHCP to obtain an IP address, then you should kill the
   DHCP client that was listening on the physical Ethernet interface
   (e.g. eth0) and start one listening on the internal interface
   (e.g. br0).  You might still need to manually clear the IP address
   from the physical interface (e.g. with "ifconfig eth0 0.0.0.0").

   There is no compelling reason why Open vSwitch must work this way.
   However, this is the way that the Linux kernel bridge module has
   always worked, so it's a model that those accustomed to Linux
   bridging are already used to.  Also, the model that most people
   expect is not implementable without kernel changes on all the
   versions of Linux that Open vSwitch supports.

   By the way, this issue is not specific to physical Ethernet
   devices.  It applies to all network devices except Open vSwitch
   "internal" devices.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Normal System Calls Performed by Openvswitch

[Ben Pfaff]

On Wed, Jul 20, 2016 at 06:26:12PM +, Christopher Mansour wrote:
> I was wondering whether there exist a documentation or whether anyone
> knows about the default system calls performed by openvswitch during
> operation. I appreciate your feedback.

No.

I suggest "strace".
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] [openvswitch 2.5.0] testsuite: 15 18 756 failed

[Ben Pfaff]

On Tue, Jul 19, 2016 at 01:54:52PM -0400, John Chludzinski wrote:
> ##  ##
> ## Summary of the failures. ##
> ##  ##
> Failed tests:
> openvswitch 2.5.0 test suite test groups:
> 
>  NUM: FILE-NAME:LINE TEST-GROUP-NAME
>   KEYWORDS
> 
>   15: bfd.at:261 bfd - bfd decay
>   18: bfd.at:519 bfd - bfd forwarding_if_rx - with bfd decay

These tests are among those that occasionally fail due to races that are
difficult to eliminate in the testsuite.  I think that you can safely
ignore the problem.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] [CudaMailTagged] Datapath

[Ben Pfaff]

On Wed, Jul 20, 2016 at 12:57:53PM +0200, Amrane Ait Zeouay wrote:
> I'm working on Ovs 2.5.0, I did some modification for userspace I didn't
> touch the datapath yet, so I want to know if i can make datapath to send
> all the packets to userspace instead of treating them, because when i send
> 1M packets the userspace treat almost 30 % and then all of them are treated
> by datapath because it receive the rule from userspace, so is there a way
> to do it ? because in OVS 2.3.1 i didn't had this problem.

If you want a flow to be processed entirely in userspace, add some
SLOW_* bit to ctx->xout->slow in ofproto-dpif-xlate.c.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] [ovn-l3] warnings

[Ben Pfaff]

You need to upgrade the northbound database to match the updated schema.

On Tue, Jul 19, 2016 at 04:29:13PM -0700, Murali R wrote:
> Trying the ovn l3 after a while. I see these warnings. The openstack shows
> routers but I am unable to query at the ovn-nbctl. Is this a known issue? I
> am using the ovs HEAD, just synced today.
> 
> $ ovn-nbctl lr-list
> 2016-07-19T23:26:00Z|1|ovsdb_idl|WARN|Logical_Router_Port table in
> OVN_Northbound database lacks networks column (database needs upgrade?)
> 2016-07-19T23:26:00Z|2|ovsdb_idl|WARN|Logical_Router_Port table in
> OVN_Northbound database lacks networks column (database needs upgrade?)

> ___
> discuss mailing list
> discuss@openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss

___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Threshold driven triggers

[Ben Pfaff]

OVS only supports polling at the moment.

We'd happily accept a patch to implement thresholds.

On Mon, Jul 18, 2016 at 09:36:25PM +0200, james hopper wrote:
> Many thanks Ben. Is there any way that i can track the counters in OVS
> without periodically polling them via controller?
>  
> Sent: Saturday, July 16, 2016 at 2:10 PM
> From: "Ben Pfaff" 
> To: "james hopper" 
> Cc: "OVS Discussion" 
> Subject: Re: [ovs-discuss] Threshold driven triggers
> On Sat, Jul 16, 2016 at 10:38:04PM +0200, james hopper wrote:
> > OpenFlow1.5 support threshold driven triggers. I wanted to know has the
> support
> > been added in OVS for OFPIT_STAT_TRIGGER? Thanks in advance.
> 
> No.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Flow table Eviction group

[Ben Pfaff]

On Fri, Jul 15, 2016 at 03:55:23PM +0530, Kapil Adhikesavalu wrote:
> Hello,
> 
> Need some help in configuring flow table eviction group.
> I tried to configure the eviction group, but i am seeing some warn/errors
> and didn't come across any sample commands in web.
> 
> 1. Can you please share some sample commands for passing NXM_OF_IN_PORT[]
> as an argument to flow_table, overflow_policy, "groups"

Something like this:

ovs-vsctl \
-- --id=@ft create Flow_Table flow_limit=100 \
   overflow_policy=evict groups='"NXM_OF_IN_PORT[]"' \
-- set Bridge br0 flow_tables:0=@ft

> 2. As overflow_policy=evict, by default removes the flow which is going to
> expire at the earliest.
> i want to configure the group in such a way, the group with the highest
> number of common VLAN entries should evict first, i suppose i need to use
> NXM_OF_VLAN_TCI

Yes.

> 3. Is it possible to do flow table eviction based on the output port
> instead of NXM_OF_IN_PORT ? there is no NXM_OF_OUT_PORT, so is that NO ?

That's "no".

> The reason i am asking this is, I use "Learn" action to dynamically
> create MAC learn flows; so there will be more entries with common output
> port, than source VLAN or MAC, so doing eviction based on output port is
> preferred ?
> 
> This is what i tried in ovs-2.5.0, i am getting following warning.
> ovs-vsctl add-br kapil
> ovs-vsctl -- --id=@ft  create  Flow_Table  flow_limit=5
>  overflow_policy=evict group=NXM_OF_IN_PORT  -- set Bridge kapil
> flow_tables=0=@ft
> 
> Warning in OVS log:  2016-07-15T09:42:35.704Z|00381|bridge|WARN|bridge
> kapil table 0: error parsing 'groups' (NXM_OF_IN_PORT: missing [ looking
> for field name)
> 
> root@ubuntu:~# ovs-vsctl list flow_table
> _uuid   : f2d9a3b4-ee77-4bf9-b364-6f78ab9560d7
> external_ids: {}
> flow_limit  : 5
> groups  : [NXM_OF_IN_PORT]
> name: []
> overflow_policy : evict
> prefixes: []
> 
> Thanks
> Kapil.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Difference between set_field:x.x.x.x->nw_dst and mod_nw_dst

[Ben Pfaff]

On Sun, Jul 17, 2016 at 11:07:17PM +0100, D3c3 Balus wrote:
> I’d like to understand the difference between these 2 actions:  
> actions=set_field:1.1.1.1->nw_dstvs.   actions=mod_nw_dst:1.1.1.1 ?
> In my understanding, the end result is the same, but what would be different ?
> 
> Yes, I have read about the differences between set_field:value and load:value 
>  (not interested in this)

The differences are all in technicalities.

mod_nw_dst is an OpenFlow 1.0 and 1.1 action.  set_field is a more
general-purpose OpenFlow 1.2 and later action (and also an Open vSwitch
extension to OF1.0 and OF1.1).

In OpenFlow 1.0, mod_nw_dst doesn't imply any prerequisite on the flow
match; that is, it can be used in a flow that does not match on an
Ethernet type of 0x800.  In OpenFlow 1.1 and later, it does require such
a flow match, and the same is true of set_field regardless of OpenFlow
version.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Threshold driven triggers

[Ben Pfaff]

On Sat, Jul 16, 2016 at 10:38:04PM +0200, james hopper wrote:
> OpenFlow1.5 support threshold driven triggers. I wanted to know has the 
> support
> been added in OVS for OFPIT_STAT_TRIGGER? Thanks in advance.

No.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS learned duplicated FDB entries on two different Virtual Machine interfaces

[Ben Pfaff]

You might be running into a Linux kernel networking detail discussed in
the FAQ.

### Q: I configured one IP address on VLAN 0 and another on VLAN 9, like
   this:

   ovs-vsctl add-br br0
   ovs-vsctl add-port br0 eth0
   ifconfig br0 192.168.0.5
   ovs-vsctl add-port br0 vlan9 tag=9 -- set interface vlan9 type=internal
   ifconfig vlan9 192.168.0.9

   but other hosts that are only on VLAN 0 can reach the IP address
   configured on VLAN 9.  What's going on?

A: RFC 1122 section 3.3.4.2 "Multihoming Requirements" describes two
   approaches to IP address handling in Internet hosts:

   - In the "Strong ES Model", where an ES is a host ("End
 System"), an IP address is primarily associated with a
 particular interface.  The host discards packets that arrive
 on interface A if they are destined for an IP address that is
 configured on interface B.  The host never sends packets from
 interface A using a source address configured on interface B.

   - In the "Weak ES Model", an IP address is primarily associated
 with a host.  The host accepts packets that arrive on any
 interface if they are destined for any of the host's IP
 addresses, even if the address is configured on some
 interface other than the one on which it arrived.  The host
 does not restrict itself to sending packets from an IP
 address associated with the originating interface.

   Linux uses the weak ES model.  That means that when packets
   destined to the VLAN 9 IP address arrive on eth0 and are bridged to
   br0, the kernel IP stack accepts them there for the VLAN 9 IP
   address, even though they were not received on vlan9, the network
   device for vlan9.

   To simulate the strong ES model on Linux, one may add iptables rule
   to filter packets based on source and destination address and
   adjust ARP configuration with sysctls.

   BSD uses the strong ES model.

On Fri, Jul 15, 2016 at 04:30:37PM +, Chen, Weiwen wrote:
> Hi Ben,
> 
> I think I am closer to the issue. The problem is the somehow VM gets plugged 
> to the vswitch internal interface, not really vnet0 port, so it can hear all 
> mac addresses. Not sure a bug in virsh or OVS. On another setup I have 2 
> vswitches: cs-eno1 and cs-eno2 with internal interfaces on port 4 and port 1 
> respectively. I am surprised to see vswitch cs-eno1 has the FDB entries on 
> cs-eno2/port 1. Seems a bug for OVS?
> 
> # ovs-appctl fdb/show cs-eno1
>  port  VLAN  MACAge
> 1  1304  00:50:56:88:e3:e7  134
> 1 0  00:50:56:88:5f:c9  128
> 1 0  be:c8:a0:e0:03:77  116
> 1 0  00:50:56:88:22:42  116
> 1 0  be:c8:a0:e0:03:85  115 
> 
> # ovs-dpctl show
> system@ovs-system:
> lookups: hit:694659076 missed:99684211 lost:1003
> flows: 196
> masks: hit:4482180901 total:18 hit/pkt:5.64
> port 0: ovs-system (internal)
> port 1: cs-eno2 (internal)
> port 2: eno2
>     port 3: vnet0
> port 4: cs-eno1 (internal)
> port 5: eno1
> 
> 
> 
> -Original Message-
> From: Ben Pfaff [mailto:b...@ovn.org] 
> Sent: Wednesday, July 13, 2016 4:32 PM
> To: Chen, Weiwen 
> Cc: discuss@openvswitch.org
> Subject: Re: [ovs-discuss] OVS learned duplicated FDB entries on two 
> different Virtual Machine interfaces
> 
> Before, you said "I thought VM interface should be access port."  If they are 
> actually trunk ports, then I do not understand your environment.
> 
> OVS only learns MACs that it actually receives from a port, within the VLANs 
> associated with the packets.  If you see the same MAC learned on multiple 
> VLANs, then it is because that MAC was observed within multiple VLANs.
> 
> On Wed, Jul 13, 2016 at 09:47:29PM +, Chen, Weiwen wrote:
> > Hi Ben,
> > 
> > Unfortunately I need to configure the port as trunk mode as I need to bring 
> > up VLAN subinterfaces inside the VM. However, I do not expect OVS will 
> > learn the MAC of VM2 on port of VM1, right?
> > 
> > In addition, I double checked there is no real duplicated MAC existing in 
> > my env.
> > 
> > Thanks & Regards
> > -weiwen
> > 
> > -Original Message-
> > From: Ben Pfaff [mailto:b...@ovn.org]
> > Sent: Wednesday, July 13, 2016 3:21 PM
> > To: Chen, Weiwen 
> > Cc: discuss@openvswitch.org
> > Subject: Re: [ovs-discuss] OVS learned duplicated FDB entries on two 
> > different Virtual Machine interfaces
> > 
> > On Tue, Jul 12, 2016 at 04:03:33AM +, Chen, Weiwen wrote:
> > > I have RHEL KVM host with both OVS 2.50/2.31 (on different systems) 
> > > but experienced the VM interf

Re: [ovs-discuss] ovs can't handle normal ofp_flow_monitor_request

[Ben Pfaff]

On Thu, Jul 14, 2016 at 03:32:32AM +0800, Sky Liu wrote:
> It seems that ovs can't handle ofp_flow_monitor requests correctly.
> I lauched several dps with OpenFlow14, and I tried to send them
> ofp_flow_monitor_requests, which is a multi-part message.
> But it seems that it can't handle this.
> After reading the code, I suspect that the switch has mistaken my
> requests as those in nicira extensions(i.e. nx_flow_monitor_request),
> which is absolutely not what we want to see.
> I'm wondering whether it's a bug or ovs just doesn't support the
> standard flow monitor request.

It appears that support for this feature is incomplete.  The FAQ
mentions that OF1.4 support is incomplete:

   Some versions of OpenFlow are supported with missing features and
   therefore not enabled by default: OpenFlow 1.4 and 1.5, in Open
   vSwitch 2.3 and later, as well as OpenFlow 1.6 in Open vSwitch 2.5
   and later.  Also, the OpenFlow 1.6 specification is still under
   development and thus subject to change.

We'd appreciate contributions to improve protocol feature support.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Meter config memory allocation problem

[Ben Pfaff]

Please don't drop the list.

The difference between x.y.0 and x.y.z is always just bug fixes.  The
commit log describes what changed, e.g.
https://github.com/openvswitch/ovs/commits/branch-2.4

On Fri, Jul 15, 2016 at 08:36:57AM -0600, gavin_rema...@selinc.com wrote:
> Thanks.
> 
> Is there an easy way to find a list of bug fixes between releases?
> 
> We are near releasing a product and can't just upgrade.  How do I find out 
> that you discovered and fixed a bug?  How can I see if there are others we 
> need to address?
> 
> Thank you.
> 
> 
> 
> From:   Ben Pfaff 
> To: gavin_rema...@selinc.com
> Cc: discuss@openvswitch.org
> Date:   07/14/2016 06:01 PM
> Subject:Re: [ovs-discuss] Meter config memory allocation problem
> 
> 
> 
> On Wed, Jul 13, 2016 at 01:31:02PM -0600, gavin_rema...@selinc.com wrote:
> > We are using OVS v2.4.0 and seem to have discovered a memory allocation 
> > issue.
> > 
> > When we have more than 41 meters (each with a single Band) defined, we 
> > regularly get corruption in meters 42 and beyond within a Meter 
> > Configuration Response to a request with meter_id=ALL.
> > 
> > ofpmp_init() is used as part of the message handling in ofproto.c 
> > (handle_meter_request).  It calls ofpraw_alloc_stats_reply, allocating 
> > 1000 "tail" bytes.  Since each Meter requires 24 bytes in the message 
> and 
> > 24 * 41 = 984, this seems to be the issue we are encountering.  It looks 
> 
> > like Meters 42 and beyond occupy memory that we do not own.
> > 
> > Is this function being used properly with a Meter Configuration request? 
> 
> > Why the hard-coded 1000 bytes of space?
> > 
> > We need to fix this ASAP.  We can do so, but an official patch would be 
> > better.
> 
> This was fixed in OVS 2.4.1.  Please upgrade.
> 
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Meter config memory allocation problem

[Ben Pfaff]

On Wed, Jul 13, 2016 at 01:31:02PM -0600, gavin_rema...@selinc.com wrote:
> We are using OVS v2.4.0 and seem to have discovered a memory allocation 
> issue.
> 
> When we have more than 41 meters (each with a single Band) defined, we 
> regularly get corruption in meters 42 and beyond within a Meter 
> Configuration Response to a request with meter_id=ALL.
> 
> ofpmp_init() is used as part of the message handling in ofproto.c 
> (handle_meter_request).  It calls ofpraw_alloc_stats_reply, allocating 
> 1000 "tail" bytes.  Since each Meter requires 24 bytes in the message and 
> 24 * 41 = 984, this seems to be the issue we are encountering.  It looks 
> like Meters 42 and beyond occupy memory that we do not own.
> 
> Is this function being used properly with a Meter Configuration request? 
> Why the hard-coded 1000 bytes of space?
> 
> We need to fix this ASAP.  We can do so, but an official patch would be 
> better.

This was fixed in OVS 2.4.1.  Please upgrade.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS select group bug(?)

[Ben Pfaff]

You didn't specify any watch ports, so the behavior won't depend on the
output ports.

On Thu, Jul 14, 2016 at 09:15:49AM +0200, james hopper wrote:
> How would OVS -2.5 group behave when one of the member output port fails. 
> Would
> it continue sending packets on the failed link for the flows which have been
> mapped? Would it map the new flows on the failed link? 
>  
> Sent: Wednesday, July 13, 2016 at 9:00 PM
> From: "Ben Pfaff" 
> To: "Balázs Brunáczky" 
> Cc: discuss@openvswitch.org
> Subject: Re: [ovs-discuss] OVS select group bug(?)
> On Thu, Feb 11, 2016 at 11:56:46AM +0100, Balázs Brunáczky wrote:
> > Dear All,
> >
> > I've spent my last days with playing group tables, and I have a feeling that
> > the select group isn't working properly or I do something wrong.
> >
> > I defined the group table with
> >
> > "ovs-ofctl -O OpenFlow13 add-group br0
> > group_id=1,type=select,bucket=output:3,bucket=output:4"
> >
> > command and added the flow with this one:
> >
> > ovs-ofctl -O OpenFlow13 add-flow br0 ip,nw_dst=1.2.3.2,actions=group:1
> >
> > Then I ping'ed the 1.2.3.2, but all packets go out on the 4th port instead
> > of round robining between 3 and 4.
> >
> > ARP requests are handled correctly, both sides know the MAC addresses.
> >
> > Could you please help what I do wrong?
> 
> Select groups don't do round robin.
> 
> The FAQ says:
> 
> ### Q: How does OVS divide flows among buckets in an OpenFlow "select" group?
> 
> A: In Open vSwitch 2.3 and earlier, Open vSwitch used the destination
> Ethernet address to choose a bucket in a select group.
> 
> Open vSwitch 2.4 and later by default hashes the source and
> destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
> source and destination address and protocol, and for TCP and SCTP
> only, the source and destination ports. The hash is "symmetric",
> meaning that exchanging source and destination addresses does not
> change the bucket selection.
> 
> Select groups in Open vSwitch 2.4 and later can be configured to
> use a different hash function, using a Netronome extension to the
> OpenFlow 1.5+ group_mod message. For more information, see
> Documentation/group-selection-method-property.txt in the Open
> vSwitch source tree. (OpenFlow 1.5 support in Open vSwitch is still
> experimental.)
> ___
> discuss mailing list
> discuss@openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS select group bug(?)

[Ben Pfaff]

On Thu, Feb 11, 2016 at 11:56:46AM +0100, Balázs Brunáczky wrote:
> Dear All,
> 
> I've spent my last days with playing group tables, and I have a feeling that
> the select group isn't working properly or I do something wrong.
> 
> I defined the group table with
> 
> "ovs-ofctl -O OpenFlow13 add-group br0
> group_id=1,type=select,bucket=output:3,bucket=output:4"
> 
> command and added the flow with this one:
> 
> ovs-ofctl -O OpenFlow13 add-flow br0 ip,nw_dst=1.2.3.2,actions=group:1
> 
> Then I ping'ed the 1.2.3.2, but all packets go out on the 4th port instead
> of round robining between 3 and 4.
> 
> ARP requests are handled correctly, both sides know the MAC addresses.
> 
> Could you please help what I do wrong?

Select groups don't do round robin.

The FAQ says:

### Q: How does OVS divide flows among buckets in an OpenFlow "select" group?

A: In Open vSwitch 2.3 and earlier, Open vSwitch used the destination
   Ethernet address to choose a bucket in a select group.

   Open vSwitch 2.4 and later by default hashes the source and
   destination Ethernet address, VLAN ID, Ethernet type, IPv4/v6
   source and destination address and protocol, and for TCP and SCTP
   only, the source and destination ports.  The hash is "symmetric",
   meaning that exchanging source and destination addresses does not
   change the bucket selection.

   Select groups in Open vSwitch 2.4 and later can be configured to
   use a different hash function, using a Netronome extension to the
   OpenFlow 1.5+ group_mod message.  For more information, see
   Documentation/group-selection-method-property.txt in the Open
   vSwitch source tree.  (OpenFlow 1.5 support in Open vSwitch is still
   experimental.)
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Openflow groups in OVS

[Ben Pfaff]

On Thu, Jul 14, 2016 at 10:05:36AM +0800, AY wrote:
> I want to test OVS Select group in Mininet 2.2.1 and OVS , but  it seems
> OVS use only one port instead of all the paths configured in Add group
> command. 

Select groups by default select an output port based on the Ethernet
destination address.  Do your packets have different Ethernet
destination addresses?

> I tried also to use Fast failover group and I get the same problem,
> only one port used ,no redirection on link failure ( I simulate link
> failure using Linux command , sudo ip link set dev s1-eth1 dwon).  I
> tried OVS 2.3 and 2.5 the same problem.

I'm surprised, I'd expect that fast failure groups would do what you
want.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS learned duplicated FDB entries on two different Virtual Machine interfaces

[Ben Pfaff]

Before, you said "I thought VM interface should be access port."  If
they are actually trunk ports, then I do not understand your
environment.

OVS only learns MACs that it actually receives from a port, within the
VLANs associated with the packets.  If you see the same MAC learned on
multiple VLANs, then it is because that MAC was observed within multiple
VLANs.

On Wed, Jul 13, 2016 at 09:47:29PM +, Chen, Weiwen wrote:
> Hi Ben,
> 
> Unfortunately I need to configure the port as trunk mode as I need to bring 
> up VLAN subinterfaces inside the VM. However, I do not expect OVS will learn 
> the MAC of VM2 on port of VM1, right?
> 
> In addition, I double checked there is no real duplicated MAC existing in my 
> env.
> 
> Thanks & Regards
> -weiwen
> 
> -Original Message-
> From: Ben Pfaff [mailto:b...@ovn.org] 
> Sent: Wednesday, July 13, 2016 3:21 PM
> To: Chen, Weiwen 
> Cc: discuss@openvswitch.org
> Subject: Re: [ovs-discuss] OVS learned duplicated FDB entries on two 
> different Virtual Machine interfaces
> 
> On Tue, Jul 12, 2016 at 04:03:33AM +, Chen, Weiwen wrote:
> > I have RHEL KVM host with both OVS 2.50/2.31 (on different systems) 
> > but experienced the VM interface has a large forward entries. I 
> > thought VM interface should be access port and with single VM MAC in 
> > FDB. Is this a bug in OVS? If not, please let me what is configured 
> > wrong.
> > 
> > Thanks a lot!
> > 
> > Here are my configuration:
> > 
> > # ovs-vsctl show
> > Bridge "cs-eno1"
> > Port "vnet5"
> > Interface "vnet5"
> > Port "cs-eno1"
> > Interface "cs-eno1"
> > type: internal
> > Port "vnet3"
> > Interface "vnet3"
> > Port "vnet8"
> > Interface "vnet8"
> > Port "vnet4"
> > Interface "vnet4"
> > Port conf
> > Interface conf
> > type: internal
> > Port "eno1"
> > Interface "eno1"
> > Port "vnet1"
> > Interface "vnet1"
> > Port "vnet2"
> > Interface "vnet2"
> > Port "vnet0"
> > Interface "vnet0"
> > ovs_version: "2.5.0"
> 
> OVS certainly supports access ports, but all of the above are configured as 
> trunks.  To configure an OVS port as an access port, one must set the "tag" 
> column to a VLAN ID (and this would show up in "ovs-vsctl show"
> output), either at the time of adding the port or later.
> 
> The ovs-vsctl manpage explains how to set an access VLAN at the time of 
> adding a port:
> 
>[--may-exist] add-port bridge port [column[:key]=value]...
>   Creates on bridge a new port named port from the network  device
>   of the same name.
> 
>   Optional  arguments set values of column in the Port record cre‐
>   ated by the command.  For example, tag=9 would make the port  an
>   access  port for VLAN 9.  The syntax is the same as that for the
>   set command (see Database Commands below).
> 
>   Without --may-exist, attempting to create a port that exists  is
>   an  error.   With --may-exist, this command does nothing if port
>   already exists on bridge and is not a bonded port.
> 
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] [openvswitch 2.5.90] testsuite: 1122 1128 2101 failed

[Ben Pfaff]

On Tue, Jul 05, 2016 at 12:11:05PM +0100, D3c3 Balus wrote:
> Hello,
> 
> 
> My environment:
> - Ubuntu Xenial 16.04 LTS
> - kernel: 4.7.0-040700rc6-generic
> 
> Tried to install OVS from Git Master tree on two different machines and got 
> these failures -  please see attached logs for details.
> 
> ## - ##
> ## Test results. ##
> ## - ##
> 
> ERROR: 2130 tests were run,
> 3 failed unexpectedly.
> 1 test was skipped.
> ## -- ##
> ## testsuite.log was created. ##
> ## -- ##
> 
> Please send `tests/testsuite.log' and all information you think might help:
> 
>To: 
>Subject: [openvswitch 2.5.90] testsuite: 1122 1128 2101 failed
> 
> You may investigate any problem if you feel able to do so, in which
> case the test suite provides a good starting point.  Its output may
> be found below `tests/testsuite.dir'.
> 
> ## -- ##
> ## openvswitch 2.5.90 test suite. ##
> ## -- ##
> 
> 1128: ofproto-dpif - in place modification (vlan) ok
> 1122: ofproto-dpif packet-out table-miss (continue)   ok
> 2101: ovn -- vtep: 3 HVs, 1 VIFs/HV, 1 GW, 1 LS   ok

Thanks for the report.

This report is confusing, because it says that three test failed, but
the detailed listing for each of these tests actually shows that it
succeeded (as you can see above, each is shown as "ok").

I don't know how to act on this report.

Thanks,

Ben.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] [ovn-dev] Hypervisors must use either geneve or stt to transmit packets ?

[Ben Pfaff]

On Sat, Jul 09, 2016 at 10:27:00AM +0800, nickcooper-zhangtonghao wrote:
>   When testing the OVN basic feature, I find that hypervisors can use 
> vxlan 
> to transmit packets. It is described in the “Encap TABLE”  section of the 
> "ovn-sb.5” doc
> as 'Hypervisors must use either geneve or stt.  Gateways may use vxlan, 
> geneve, or stt.’
> Why ? Update the doc ?

VXLAN doesn't have enough bits in the VNI to properly implement all of
the features of OVN, so it will not work properly.  When you say that it
worked in testing, what do you mean?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVS learned duplicated FDB entries on two different Virtual Machine interfaces

[Ben Pfaff]

On Tue, Jul 12, 2016 at 04:03:33AM +, Chen, Weiwen wrote:
> I have RHEL KVM host with both OVS 2.50/2.31 (on different systems)
> but experienced the VM interface has a large forward entries. I
> thought VM interface should be access port and with single VM MAC in
> FDB. Is this a bug in OVS? If not, please let me what is configured
> wrong.
> 
> Thanks a lot!
> 
> Here are my configuration:
> 
> # ovs-vsctl show
> Bridge "cs-eno1"
> Port "vnet5"
> Interface "vnet5"
> Port "cs-eno1"
> Interface "cs-eno1"
> type: internal
> Port "vnet3"
> Interface "vnet3"
> Port "vnet8"
> Interface "vnet8"
> Port "vnet4"
> Interface "vnet4"
> Port conf
> Interface conf
> type: internal
> Port "eno1"
> Interface "eno1"
> Port "vnet1"
> Interface "vnet1"
> Port "vnet2"
> Interface "vnet2"
> Port "vnet0"
> Interface "vnet0"
> ovs_version: "2.5.0"

OVS certainly supports access ports, but all of the above are configured
as trunks.  To configure an OVS port as an access port, one must set the
"tag" column to a VLAN ID (and this would show up in "ovs-vsctl show"
output), either at the time of adding the port or later.

The ovs-vsctl manpage explains how to set an access VLAN at the time of
adding a port:

   [--may-exist] add-port bridge port [column[:key]=value]...
  Creates on bridge a new port named port from the network  device
  of the same name.

  Optional  arguments set values of column in the Port record cre‐
  ated by the command.  For example, tag=9 would make the port  an
  access  port for VLAN 9.  The syntax is the same as that for the
  set command (see Database Commands below).

  Without --may-exist, attempting to create a port that exists  is
  an  error.   With --may-exist, this command does nothing if port
  already exists on bridge and is not a bonded port.

___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] ofp sample action

[Ben Pfaff]

On Wed, Jul 13, 2016 at 09:14:54AM +0200, Rüdiger Birkner wrote:
> 2016-07-13 6:08 GMT+02:00 Ben Pfaff :
> 
> > On Sun, Jul 10, 2016 at 09:47:32PM +0200, Rüdiger Birkner wrote:
> > > I just came across line 4748 of ofproto-dpif-xlate.c on branch-2.5
> > > <
> > https://github.com/openvswitch/ovs/blob/branch-2.5/ofproto/ofproto-dpif-xlate.c#L4748
> > >.
> > > It mentions a sampling action which I would like to experiment with.
> > > However, I couldn't find the corresponding Openflow Action to activate
> > the
> > > sampling. Is it supported by any Openflow version? How could I make use
> > of
> > > it?
> >
> > It's documented in the ovs-ofctl manpage.
> >
> 
> Thanks for the answer!
> 
> I looked at the documentation and it is not clear to me whether this is
> actually a OpenFlow action or just an action that ovs supports. Which
> OpenFlow version introduced the sample action?

This is an Open vSwitch extension to OpenFlow.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Does OpenvSwitch support modify the packet's IP address and then output this packet?

[Ben Pfaff]

I'm glad to hear that you figured out the problem.

On Wed, Jul 13, 2016 at 09:05:31PM +0800, Shawn Lin wrote:
> Hi Ben,
> 
> Thank you for your reply. And I am sorry that I post this question twice. I
> just clicked Send but there was nothing happened so I just re-click it
> again. Really sorry for that.
> 
> *ovs-appctl ofproto/trace *gives me the answer.
> 
> mininet> *sh ovs-ofctl add-flow s1 in_port=1,actions=output:1 -O OpenFlow13*
> mininet>
> mininet> sh ovs-appctl ofproto/trace s1 in_port=1
> Flow:
> metadata=0,in_port=1,vlan_tci=0x,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x
> Rule: table=0 cookie=0 in_port=1
> OpenFlow actions=output:1
> *skipping output to input port*
> 
> Final flow: unchanged
> Relevant fields: skb_priority=0,in_port=1,dl_type=0x,nw_frag=no
> *Datapath actions: drop*
> 
> And actually, there is one specific port reserved for output to input port ,*
> no need* to use* output:1*, below is information about this port in
> *openflow-spec-v1.3.0*
> 
> *OFPP_IN_PORT = 0xfff8, /* Send the packet out the input port. This
> reserved port must be explicitly used in order to send back out of the
> input port. */ *
> 
> So I just changed the *actions=output:1* into *actions=in_port*, and it
> works!
> 
> mininet> *sh ovs-ofctl add-flow s1 in_port=2,actions=in_port -O OpenFlow13*
> mininet>
> mininet>
> mininet> sh ovs-appctl ofproto/trace s1 in_port=2
> Flow:
> metadata=0,in_port=2,vlan_tci=0x,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x
> Rule: table=0 cookie=0 in_port=2
> *OpenFlow actions=IN_PORT*
> 
> Final flow: unchanged
> Relevant fields: skb_priority=0,in_port=2,dl_type=0x,nw_frag=no
> *Datapath actions: 6*
> 
> 
> Thanks again!
> 
> Shawn Lin
> 
> 
> On Wed, Jul 13, 2016 at 12:12 PM, Ben Pfaff  wrote:
> 
> > On Mon, Jul 11, 2016 at 09:41:36PM +0800, Shawn Lin wrote:
> > > I am trying to use OpenvSwitch to exchange the source IP address and the
> > > destination IP address of a packet, and then forward this packet out to a
> > > host.
> > >
> > > I do this test in *Mininet(2.2.1) *and *OpenvSwitch(2.0.2)*, And below is
> > > the command:
> > >
> > > Topology in Mininet is quite simple,
> > > *h1-s1-h2*
> > >
> > > I use this command to add the flow.
> > > *mininet> sh ovs-ofctl add-flow s1
> > >
> > dl_type=0x0800,dl_type=0x0800,nw_dst=10.0.0.2,actions=mod_dl_src:00:00:00:00:00:02,mod_dl_dst:00:00:00:00:00:01,mod_nw_src:10.0.0.2,mod_nw_dst=10.0.0.1,output:1
> > > -O OpenFlow13*
> > >
> > > And then I could see the result when I show flows in the switch s1,
> > >
> > > *mininet>* *sh ovs-ofctl dump-flows s1 -O OpenFlow13*
> > > OFPST_FLOW reply (OF1.3) (xid=0x2):
> > >
> > >
> > >
> > > * cookie=0x0, duration=418.133s, table=0, n_packets=1813,
> > n_bytes=2731190,
> > > ip,nw_dst=10.0.0.2
> > >
> > actions=mod_dl_src:00:00:00:00:00:02,mod_dl_dst:00:00:00:00:00:01,mod_nw_src:10.0.0.2,mod_nw_dst:10.0.0.1,output:1
> > >  *
> > > * In my understanding, this flow would change the packets' src IP, dst
> > IP,
> > > src Mac, dst Mac, and then forward it out port 1 which is s1-eth1.  *
> > >
> > >  cookie=0x2b0f, duration=2982.739s, table=0, n_packets=1,
> > > n_bytes=42, priority=2,in_port=1 actions=output:2,CONTROLLER:65535
> > >
> > >
> > >  cookie=0x2b0e, duration=2982.739s, table=0, n_packets=1,
> > > n_bytes=42, priority=2,in_port=2 actions=output:1,CONTROLLER:65535
> > >
> > >
> > >  cookie=0x2b0f, duration=2986.774s, table=0, n_packets=0,
> > > n_bytes=0, priority=100,dl_type=0x88cc actions=CONTROLLER:65535
> > >
> > >
> > >  cookie=0x2b0f, duration=2986.774s, table=0, n_packets=0,
> > > n_bytes=0, priority=0 actions=drop
> > >
> > > And then in terminal, I use tcpdump to catch the packets through s1-eth1,
> > > *tcpdump -i s1-eth1 -w result.pcap*
> > >
> > > I scan all packets and find that these packets are all with *src IP
> > > 10.0.0.1, and dst IP 10.0.0.2.*
> > > At the same time, the *n_bytes* in flow shows that this flow has been
> > hit.
> > >
> > > So Am I doing some wrong configuration? Or which version of OVS support
> > > this feature? Any suggestions or comments are welcomed!
> >
> > Every version of OVS ever released supports this feature.  Your flow
> > looks OK to me.  It's hard to guess what's going wrong.  You might want
> > to use "ovs-appctl ofproto/trace" or "ovs-dpctl dump-flows" to try to
> > peer deeper into what's going on.
> >
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Maximum number of Patch port between bridges

[Ben Pfaff]

I think that ovs-vsctl has an internal O(n**2) problem for that kind of
usage.  Probably, it could be fixed if anyone wanted to take the time.

On Wed, Jul 06, 2016 at 01:24:56PM +0530, Kapil Adhikesavalu wrote:
> When I tried, I used a single ovs-vsctl with all the patch ports as
> arguments.
> 
> It was taking around 25 to 30 seconds for creating 5000 patch ports.
> 
> Thanks
> Kapil
> On 06-Jul-2016 5:29 AM, "Justin Pettit"  wrote:
> 
> >
> > > On Jul 4, 2016, at 4:50 AM, Levente Csikor  wrote:
> > >
> > > Hi,
> > >
> > > I did not find any documented limit about the number of patchports, so I
> > wrote a simple script, which adds a predefined number of patchports and
> > some dummy rules into the flow tables to actually have some reason for the
> > whole stuff.
> > >
> > > First, I tried to add 100 and 1000 patchports between two OVS bridges.
> > It was feasible, but took some time.
> > > Then I tried with 1 patchports, but I couldn't wait until it
> > finished. After 1000 patchports, the adding procedure became slower and
> > slower, so I killed the whole process (after a couple of thousands
> > patchports the time OVS required for setting up one patchport was around a
> > couple of seconds).
> >
> > This would be surprising to me.  How did you add the ports?  If you just
> > ran a bunch of ovs-vsctl commands, it can take that long, but it shouldn't
> > if you add them in a single transaction.  From the FAQ:
> >
> > -=-=-=-=-=-=-=-=-=-
> >
> > Q: I want to add thousands of ports to an Open vSwitch bridge, but
> >it takes too long (minutes or hours) to do it with ovs-vsctl.  How
> >can I do it faster?
> >
> > A: If you add them one at a time with ovs-vsctl, it can take a long
> >time to add thousands of ports to an Open vSwitch bridge.  This is
> >because every invocation of ovs-vsctl first reads the current
> >configuration from OVSDB.  As the number of ports grows, this
> >starts to take an appreciable amount of time, and when it is
> >repeated thousands of times the total time becomes significant.
> >
> >The solution is to add the ports in one invocation of ovs-vsctl (or
> >a small number of them).  For example, using bash:
> >
> >ovs-vsctl add-br br0
> >cmds=; for i in {1..5000}; do cmds+=" -- add-port br0 p$i"; done
> >ovs-vsctl $cmds
> >
> >takes seconds, not minutes or hours, in the OVS sandbox environment.
> > -=-=-=-=-=-=-=-=-=-
> >
> > --Justin
> >
> >
> > ___
> > discuss mailing list
> > discuss@openvswitch.org
> > http://openvswitch.org/mailman/listinfo/discuss
> >

> ___
> discuss mailing list
> discuss@openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss

___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Does OpenvSwitch support modify the packet's IP address and then output this packet?

[Ben Pfaff]

On Mon, Jul 11, 2016 at 09:41:36PM +0800, Shawn Lin wrote:
> I am trying to use OpenvSwitch to exchange the source IP address and the
> destination IP address of a packet, and then forward this packet out to a
> host.
> 
> I do this test in *Mininet(2.2.1) *and *OpenvSwitch(2.0.2)*, And below is
> the command:
> 
> Topology in Mininet is quite simple,
> *h1-s1-h2*
> 
> I use this command to add the flow.
> *mininet> sh ovs-ofctl add-flow s1
> dl_type=0x0800,dl_type=0x0800,nw_dst=10.0.0.2,actions=mod_dl_src:00:00:00:00:00:02,mod_dl_dst:00:00:00:00:00:01,mod_nw_src:10.0.0.2,mod_nw_dst=10.0.0.1,output:1
> -O OpenFlow13*
> 
> And then I could see the result when I show flows in the switch s1,
> 
> *mininet>* *sh ovs-ofctl dump-flows s1 -O OpenFlow13*
> OFPST_FLOW reply (OF1.3) (xid=0x2):
> 
> 
> 
> * cookie=0x0, duration=418.133s, table=0, n_packets=1813, n_bytes=2731190,
> ip,nw_dst=10.0.0.2
> actions=mod_dl_src:00:00:00:00:00:02,mod_dl_dst:00:00:00:00:00:01,mod_nw_src:10.0.0.2,mod_nw_dst:10.0.0.1,output:1
>  *
> * In my understanding, this flow would change the packets' src IP, dst IP,
> src Mac, dst Mac, and then forward it out port 1 which is s1-eth1.  *
> 
>  cookie=0x2b0f, duration=2982.739s, table=0, n_packets=1,
> n_bytes=42, priority=2,in_port=1 actions=output:2,CONTROLLER:65535
> 
> 
>  cookie=0x2b0e, duration=2982.739s, table=0, n_packets=1,
> n_bytes=42, priority=2,in_port=2 actions=output:1,CONTROLLER:65535
> 
> 
>  cookie=0x2b0f, duration=2986.774s, table=0, n_packets=0,
> n_bytes=0, priority=100,dl_type=0x88cc actions=CONTROLLER:65535
> 
> 
>  cookie=0x2b0f, duration=2986.774s, table=0, n_packets=0,
> n_bytes=0, priority=0 actions=drop
> 
> And then in terminal, I use tcpdump to catch the packets through s1-eth1,
> *tcpdump -i s1-eth1 -w result.pcap*
> 
> I scan all packets and find that these packets are all with *src IP
> 10.0.0.1, and dst IP 10.0.0.2.*
> At the same time, the *n_bytes* in flow shows that this flow has been hit.
> 
> So Am I doing some wrong configuration? Or which version of OVS support
> this feature? Any suggestions or comments are welcomed!

Every version of OVS ever released supports this feature.  Your flow
looks OK to me.  It's hard to guess what's going wrong.  You might want
to use "ovs-appctl ofproto/trace" or "ovs-dpctl dump-flows" to try to
peer deeper into what's going on.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] ofp sample action

[Ben Pfaff]

On Sun, Jul 10, 2016 at 09:47:32PM +0200, Rüdiger Birkner wrote:
> I just came across line 4748 of ofproto-dpif-xlate.c on branch-2.5
> .
> It mentions a sampling action which I would like to experiment with.
> However, I couldn't find the corresponding Openflow Action to activate the
> sampling. Is it supported by any Openflow version? How could I make use of
> it?

It's documented in the ovs-ofctl manpage.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Stale pid on ovsdb-server

[Ben Pfaff]

On Tue, Jul 12, 2016 at 12:32:03PM -0400, Robb Cavalluzzi wrote:
> We have been troubleshooting an issue where all traffic to the bridge
> on the ovs suddenly stops. Upon further examination it appears that the
> ovsdb-server service died in an inconsistent state. It has happened twice
> in the past 24 hours and occurs around 12 hour intervals. Don't have more
> data yet, as it had been running fine previously for some time.

Is ovsdb-server crashing?  Can you get a backtrace?
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Creatinhg bridge by adding to the OVSDB

[Ben Pfaff]

On Mon, Jul 11, 2016 at 05:39:42PM -0400, John Chludzinski wrote:
> Sorry about that BUT I introduced that typo to deliberately test an
> hypothese.
> 
> BUT even when the typo is fixed/removed, the problem remains: no new entry
> in the Bridge table.
> 
> root@localhost ~# ovsdb-client -v transact '["Open_vSwitch", {"op":"insert",
> "table": "Bridge", "row": { "name": "b3" } } ]'

Garbage collection.  You created a row in the bridge table but didn't
add any reference to it (from the Open_vSwitch table), so it gets
deleted immediately without ever appearing in the database.  It's a
feature.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] Creatinhg bridge by adding to the OVSDB

[Ben Pfaff]

On Mon, Jul 11, 2016 at 04:26:35PM -0400, John Chludzinski wrote:
> I submitted the following command to add/insert a record/row to the Bridge
> table in the Open_vSwitc database.
> 
> ~# ovsdb-client -v transact '["Open_vSwitc", {"op":"insert", "table":
> "Bridge", "row": { "name": "b3" } } ]'

To start with, you have to spell Open_vSwitch correctly.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] OVSDB server multi-threading

[Ben Pfaff]

On Fri, Jul 08, 2016 at 05:53:29AM +, Ansari, Shad wrote:
> I am trying to follow the OVSDB multi-threading patch discussed back
> in March
> (http://openvswitch.org/pipermail/dev/2016-March/067130.html). Appears
> this did not make it in. Anyone know the reasons why?

I don't think that the multithreading patches were ever final.  I think
that Andy did a little work beyond what was posted, but the bigger
reason is that we're still trying to figure out whether we're switching
to etcd for OVN.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Re: [ovs-discuss] flow_stats_request code

[Ben Pfaff]

On Sun, Jul 03, 2016 at 11:33:22AM +0430, Mehrshad Shahmohammadi wrote:
> i want send flow_stats_request packet to switch,
> can anyone help me?
> can i use this code in pox controller?

It's probably best to ask questions about POX on a mailing list
dedicated to POX, because you are more likely to get good answers there.
___
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss