于 2015年01月09日 03:55, Jesse Gross 写道:
On Thu, Jan 8, 2015 at 1:39 AM, Fan Du wrote:
>于 2015年01月08日 04:52, Jesse Gross 写道:
>>>
>>>My understanding is:
>>> >controller sets the forwarding rules into kernel datapath, any flow not
>>> >matching
>>> >with the rules are threw to controller by upcall
于 2015年01月09日 03:55, Jesse Gross 写道:
On Thu, Jan 8, 2015 at 1:39 AM, Fan Du wrote:
于 2015年01月08日 04:52, Jesse Gross 写道:
My understanding is:
controller sets the forwarding rules into kernel datapath, any flow not
matching
with the rules are threw to controller by upcall. Once the rule decisi
This patch adds support for a new port type to userspace datapath
called dpdkvhost. This allows KVM (QEMU) to offload the servicing
of virtio-net devices to its associated dpdkvhost port. Instructions
for use are in INSTALL.DPDK.
This has been tested on Intel multi-core platforms and with clients
Submitting this as an RFC as it is dependent on DPDK v1.8.0 support
being added to OVS - that is being reworked at present.
If anyone wants to try this out, they would need to use DPDK v1.8.0 and
apply the below patches to OVS (note they cause a unit test failure, hence
rework)
http://openvswitc
pushed to master. Thanks for the review.
On Thu, Jan 8, 2015 at 2:31 PM, Thomas Graf wrote:
> On 01/08/15 at 03:00pm, Andy Zhou wrote:
>> Vagrant shared folder, at least on the default virtual box, does not
>> support the creation of the socket files. If one were to build OVS
>> under /vagrant, '
Introduces support for the group policy extension to the VXLAN virtual
port. The extension is disabled by default and only enabled if the user
has provided the respective configuration.
ovs-vsctl add-port br0 vxlan0 -- \
set Interface vxlan0 type=vxlan options:exts=gbp
The configuration in
Also factors out Geneve validation code into a new separate function
validate_and_copy_geneve_opts().
A subsequent patch will introduce VXLAN options. Rename the existing
GENEVE_TUN_OPTS() to reflect its extended purpose of carrying generic
tunnel metadata options.
Signed-off-by: Thomas Graf
---
Implements supports for the Group Policy VXLAN extension [0] to provide
a lightweight and simple security label mechanism across network peers
based on VXLAN. The security context and associated metadata is mapped
to/from skb->mark. This allows further mapping to a SELinux context
using SECMARK, to
nlattr_set() is currently hardcoded to two levels of nesting. This change
introduces struct ovs_len_tbl to define minimal length requirements plus
next level nesting tables to traverse the key attributes to arbitary depth.
Signed-off-by: Thomas Graf
---
v2:
- New patch to allow nested Netlink at
The VXLAN receive code is currently conservative in what it accepts and
will reject any frame that uses any of the reserved VXLAN protocol fields.
The VXLAN draft specifies that "reserved fields MUST be set to zero on
transmit and ignored on receive.".
Retain the current conservative parsing behav
Implements supports for the Group Policy VXLAN extension [0] to provide
a lightweight and simple security label mechanism across network peers
based on VXLAN. The security context and associated metadata is mapped
to/from skb->mark. This allows further mapping to a SELinux context
using SECMARK, to
A VXLAN net_device looking for an appropriate socket may only consider
a socket which has a matching set of extensions enabled. If the
extensions don't match, return a conflict to have the caller create a
distinct socket with distinct port.
The OVS VXLAN port is kept unaware of extensions at this
On 01/08/15 at 03:00pm, Andy Zhou wrote:
> Vagrant shared folder, at least on the default virtual box, does not
> support the creation of the socket files. If one were to build OVS
> under /vagrant, 'make check' would not work.
>
> Out of tree builds can be used to work around this issue.
> See In
Vagrant shared folder, at least on the default virtual box, does not
support the creation of the socket files. If one were to build OVS
under /vagrant, 'make check' would not work.
Out of tree builds can be used to work around this issue.
See Install.md for instructions.
Since out of tree builds
Include more specific GPG recomendation usage.
Add generalised rules for vulnerabilties.
Signed-off-by: Andrew Kampjes
---
SECURITY.md | 37 +++--
1 file changed, 27 insertions(+), 10 deletions(-)
diff --git a/SECURITY.md b/SECURITY.md
index d558d44..c74bc04 1006
This patch changes the actions processing to support popping and pushing of
double stacked vlans (qinq.)
Signed-off-by: Thomas F Herbert
---
lib/ofp-actions.c| 32 +++-
lib/ofp-actions.h| 9 -
lib/packets.c| 2 +-
lib/
This adds a test of OF support of pushing and popping VLANS with 0x88a8
Ethertype. This is based on Dave Benson's contribution of the 802.1AD
Ethertype
test.
Signed-off-by: Thomas F Herbert
---
tests/ofproto-dpif.at | 40
1 file changed, 40 insertions(+)
This patch adds support for 802.1ad by adding customer tci and tpid to the
flow structure.
Signed-off-by: Thomas F Herbert
---
lib/flow.c | 22 +-
lib/flow.h | 15 ++-
lib/match.c| 2 +-
lib/nx-match.c | 2 +-
lib/odp-util.h | 2 +-
lib/ofp-util.c |
This patch adds support for 802.1AD by adding parsing of 802.1AD double
stacked vlans.
Signed-off-by: Thomas F Herbert
---
lib/odp-execute.c | 2 +-
lib/odp-util.c| 217 +++---
2 files changed, 192 insertions(+), 27 deletions(-)
diff --git a
Signed-off-by: Thomas F Herbert
---
NEWS | 2 ++
utilities/ovs-ofctl.8.in | 3 +--
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/NEWS b/NEWS
index 8fcc14b..58ef3d8 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,7 @@
Post-v2.3.0
-
+ - Add suppo
This patch adds support for 802.1ad.
The second part of the series includes user space changes and a test.
Version 6 splits the changes into separate patches to make it easier on the
eyes of reviewers but otherwise is functionally the same as version 5.
Version 6 includes only the user space patch
Of course, we all like to have a life :)
On Fri Jan 09 2015 at 10:18:52 Ben Pfaff wrote:
> Thanks.
>
> Some background:
>
> I don't want to say "there will be a response within 24 hours" because
> I do like to take off weekends, and because I might easily judge
> something as not important even
Thanks.
Some background:
I don't want to say "there will be a response within 24 hours" because
I do like to take off weekends, and because I might easily judge
something as not important even though it was sent to the security
list. But I also don't want to say "there will be a response within
I change back to a more general statement, given that we can't really
guarantee a response time.
On Fri Jan 09 2015 at 09:54:03 Ben Pfaff wrote:
> I don't know what to say for response time. In general I expect it to
> be pretty fast for anything that is clearly urgent.
>
> On Fri, Jan 09, 2015
I don't know what to say for response time. In general I expect it to
be pretty fast for anything that is clearly urgent.
On Fri, Jan 09, 2015 at 09:48:11AM +1300, Andrew Kampjes wrote:
> Both good points, thanks Flavio.
> Ben, can you confirm what the expectation for response should be?
>
> Wil
Both good points, thanks Flavio.
Ben, can you confirm what the expectation for response should be?
Will swap those paragraphs too.
On 9 January 2015 at 05:11, Flavio Leitner wrote:
> On Thursday, January 08, 2015 11:14:40 AM Andrew Kampjes wrote:
> > Include more specific GPG recomendation usag
You are right. I will drop the patch.
On Wed, Jan 7, 2015 at 7:27 PM, Ben Pfaff wrote:
> On Wed, Jan 07, 2015 at 07:55:11PM -0800, Andy Zhou wrote:
>> Out of tree builds failed when trying to find the er-diagram *.pic
>> files. Fixing by adding proper source path.
>>
>> Signed-off-by: Andy Zhou
On Thu, Jan 8, 2015 at 1:39 AM, Fan Du wrote:
> 于 2015年01月08日 04:52, Jesse Gross 写道:
>>>
>>> My understanding is:
>>> >controller sets the forwarding rules into kernel datapath, any flow not
>>> >matching
>>> >with the rules are threw to controller by upcall. Once the rule decision
>>> > is
>>> >m
On Thursday, January 08, 2015 11:14:40 AM Andrew Kampjes wrote:
> Include more specific GPG recomendation usage.
> Add generalised rules for vulnerabilties.
>
> Signed-off-by: Andrew Kampjes
> ---
> SECURITY.md | 41 +
> 1 file changed, 29 insertions(+), 1
Hi,
I searched your company from *Vmworld conference* which was hosted by
*VMware* and thought you would be interested in knowing best returns for
your investment.
We do provide *B2B* contacts from below mentioned products:
*VMware NetApp Oracle’s VirtuaBox REVH Amazon Citrix Cloud Comput
Hi,
I searched your company from *Vmworld conference* which was hosted by
*VMware* and thought you would be interested in knowing best returns for
your investment.
We do provide *B2B* contacts from below mentioned products:
*VMware NetApp Oracle’s VirtuaBox REVH Amazon Citrix Cloud Comput
Hi,
I searched your company from *Vmworld conference* which was hosted by
*VMware* and thought you would be interested in knowing best returns for
your investment.
We do provide *B2B* contacts from below mentioned products:
*VMware NetApp Oracle’s VirtuaBox REVH Amazon Citrix Cloud Comput
On 01/07/15 at 05:18pm, Jesse Gross wrote:
> On Wed, Jan 7, 2015 at 3:01 PM, Thomas Graf wrote:
> > The encoding will be based on struct ovs_vxlan_opts which is extended
> > as needed by appending new members to the end of the struct. Parsers
> > will look at the provided length to see which field
于 2015年01月08日 04:52, Jesse Gross 写道:
My understanding is:
>controller sets the forwarding rules into kernel datapath, any flow not
>matching
>with the rules are threw to controller by upcall. Once the rule decision is
>made
>by controller, then, this flow packet is pushed down to datapath to be
>
34 matches
Mail list logo
