forked from justinpettit/ovs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathchangelog
848 lines (767 loc) · 40.1 KB
/
changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
openvswitch (2.3.90-1) unstable; urgency=low
[ Open vSwitch team ]
* The openvswitch-testcontroller package is new. It reintroduces the
simple OpenFlow controller that was packaged with Open vSwitch prior to
version 2.1, at request of users who find it useful for testing basic
OpenFlow setups. It is still not a necessary or desirable part of most
Open vSwitch deployments.
* New upstream version
- Nothing yet! Try NEWS...
-- Open vSwitch team <[email protected]> Thu, 15 May 2014 17:08:39 -0700
openvswitch (2.3.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- OpenFlow 1.1, 1.2, and 1.3 are now enabled by default in
ovs-vswitchd.
- Linux kernel datapath now has an exact match cache optimizing the
flow matching process.
- Datapath flows now have partially wildcarded tranport port field
matches. This reduces userspace upcalls, but increases the
number of different masks in the datapath. The kernel datapath
exact match cache removes the overhead of matching the incoming
packets with the larger number of masks, but when paired with an
older kernel module, some workloads may perform worse with the
new userspace.
-- Open vSwitch team <[email protected]> Thu, 14 Aug 2014 11:03:32 -0700
openvswitch (2.2.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- Internal ports are no longer brought up by default, because it
should be an administrator task to bring up devices as they are
configured properly.
- ovs-vsctl now reports when ovs-vswitchd fails to create a new port or
bridge.
- The "ovsdbmonitor" graphical tool has been removed, because it was
poorly maintained and not widely used.
- New "check-ryu" Makefile target for running Ryu tests for OpenFlow
controllers against Open vSwitch. See INSTALL for details.
- Added IPFIX support for SCTP flows and templates for ICMPv4/v6 flows.
- Upon the receipt of a SIGHUP signal, ovs-vswitchd no longer reopens its
log file (it will terminate instead). Please use 'ovs-appctl vlog/reopen'
instead.
- Support for Linux kernels up to 3.14. From Kernel 3.12 onwards OVS uses
tunnel API for GRE and VXLAN.
- Added DPDK support.
- Added support for custom vlog patterns in Python
-- Open vSwitch team <[email protected]> Wed, 19 Mar 2014 16:08:38 -0700
openvswitch (2.1.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- Address prefix tracking support for flow tables. New columns
"prefixes" in OVS-DB table "Flow_Table" controls which packet
header fields are used for address prefix tracking. Prefix
tracking allows the classifier to skip rules with longer than
necessary prefixes, resulting in better wildcarding for datapath
flows. Default configuration is to not use any fields for prefix
tracking. However, if any flow tables contain both exact matches
and masked matches for IP address fields, OVS performance may be
increased by using this feature.
* As of now, the fields for which prefix lookup can be enabled
are: 'tun_id', 'tun_src', 'tun_dst', 'nw_src', 'nw_dst' (or
aliases 'ip_src' and 'ip_dst'), 'ipv6_src', and 'ipv6_dst'.
(Using this feature for 'tun_id' would only make sense if the
tunnel IDs have prefix structure similar to IP addresses.)
* There is a maximum number of fields that can be enabled for any
one flow table. Currently this limit is 3.
* Examples:
$ ovs-vsctl set Bridge br0 flow_tables:0=@N1 -- \
--id=@N1 create Flow_Table name=table0
$ ovs-vsctl set Bridge br0 flow_tables:1=@N1 -- \
--id=@N1 create Flow_Table name=table1
$ ovs-vsctl set Flow_Table table0 prefixes=ip_dst,ip_src
$ ovs-vsctl set Flow_Table table1 prefixes=[]
- TCP flags matching: OVS now supports matching of TCP flags. This
has an adverse performance impact when using OVS userspace 1.10
or older (no megaflows support) together with the new OVS kernel
module. It is recommended that the kernel and userspace modules
both are upgraded at the same time.
- The default OpenFlow and OVSDB ports will change to
IANA-assigned numbers in a future release. Consider updating
your installations to specify port numbers instead of using the
defaults.
- OpenFlow:
* The OpenFlow 1.1+ "Write-Actions" instruction is now supported.
* OVS limits the OpenFlow port numbers it assigns to port 32767 and
below, leaving port numbers above that range free for assignment
by the controller.
* ovs-vswitchd now honors changes to the "ofport_request" column
in the Interface table by changing the port's OpenFlow port
number.
- ovs-vswitchd.conf.db.5 man page will contain graphviz/dot
diagram only if graphviz package was installed at the build time.
- Support for Linux kernels up to 3.11
- ovs-dpctl:
The "show" command also displays mega flow mask stats.
- ovs-ofctl:
* New command "ofp-parse-pcap" to dump OpenFlow from PCAP files.
- ovs-controller has been renamed test-controller. It is no longer
packaged or installed by default, because too many users assumed
incorrectly that ovs-controller was a necessary or desirable part
of an Open vSwitch deployment.
- Added vlog option to export to a UDP syslog sink.
- ovsdb-client:
* The "monitor" command can now monitor all tables in a database,
instead of being limited to a single table.
- The flow-eviction-threshold has been replaced by the flow-limit which is a
hard limit on the number of flows in the datapath. It defaults to 200,000
flows. OVS automatically adjusts this number depending on network
conditions.
* The openvswitch-controller package has been removed, because too many
users assumed incorrectly that ovs-controller was a necessary or
desirable part of an Open vSwitch deployment.
-- Open vSwitch team <[email protected]> Wed, 19 Mar 2014 16:08:38 -0700
openvswitch (2.0.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- The ovs-vswitchd process is no longer single-threaded. Multiple
threads are now used to handle flow set up and asynchronous
logging.
- OpenFlow:
* Experimental support for OpenFlow 1.1 (in addition to 1.2 and
1.3, which had experimental support in 1.10).
* New support for matching outer source and destination IP address
of tunneled packets, for tunnel ports configured with the newly
added "remote_ip=flow" and "local_ip=flow" options.
* Support for matching on metadata 'pkt_mark' for interacting with
other system components. On Linux this corresponds to the skb
mark.
* Support matching, rewriting SCTP ports
- The Interface table in the database has a new "ifindex" column to
report the interface's OS-assigned ifindex.
- New "check-oftest" Makefile target for running OFTest against Open
vSwitch. See README-OFTest for details.
- The flow eviction threshold has been moved to the Open_vSwitch table.
- Database names are now mandatory when specifying ovsdb-server options
through database paths (e.g. Private key option with the database name
should look like "--private-key=db:Open_vSwitch,SSL,private_key").
- Added ovs-dev.py, a utility script helpful for Open vSwitch developers.
- Support for Linux kernels up to 3.10
- ovs-ofctl:
* New "ofp-parse" for printing OpenFlow messages read from a file.
- Added configurable flow caching support to IPFIX exporter.
- Dropped support for Linux pre-2.6.32.
- Log file timestamps and ovsdb commit timestamps are now reported
with millisecond resolution. (Previous versions only reported
whole seconds.)
-- Open vSwitch team <[email protected]> Tue, 15 Oct 2013 15:03:42 -0700
openvswitch (1.11.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- Support for megaflows, which allows wildcarding in the kernel (and
any dpif implementation that supports wildcards). Depending on
the flow table and switch configuration, flow set up rates are
close to the Linux bridge.
- The "tutorial" directory contains a new tutorial for some advanced
Open vSwitch features.
- Stable bond mode has been removed.
- The autopath action has been removed.
- New support for the data encapsulation format of the LISP tunnel
protocol (RFC 6830). An external control plane or manual flow
setup is required for EID-to-RLOC mapping.
- OpenFlow:
* The "dec_mpls_ttl" and "set_mpls_ttl" actions from OpenFlow
1.1 and later are now implemented.
* New "stack" extension for use in actions, to push and pop from
NXM fields.
* The "load" and "set_field" actions can now modify the "in_port". (This
allows one to enable output to a flow's input port by setting the
in_port to some unused value, such as OFPP_NONE.)
- ovs-dpctl:
* New debugging commands "add-flow", "mod-flow", "del-flow".
- In dpif-based bridges, cache action translations, which can improve
flow set up performance by 80% with a complicated flow table.
- New syslog format, prefixed with "ovs|", to be easier to filter.
- RHEL: Removes the default firewall rule that allowed GRE traffic to
pass through. Any users that relied on this automatic firewall hole
will have to manually configure it. The ovs-ctl(8) manpage documents
the "enable-protocol" command that can be used as an alternative.
- New CFM demand mode which uses data traffic to indicate interface
liveness.
-- Open vSwitch team <[email protected]> Wed, 28 Aug 2013 14:31:44 -0700
openvswitch (1.10.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- Bridge compatibility support has been removed. Any uses that
rely on ovs-brcompatd will have to stick with Open vSwitch 1.9.x
or adapt to native Open vSwitch support (e.g. use ovs-vsctl instead
of brctl).
- The maximum size of the MAC learning table is now configurable.
- With the Linux datapath, packets for new flows are now queued
separately on a per-port basis, so it should no longer be
possible for a large number of new flows arriving on one port to
prevent new flows from being processed on other ports.
- Many "ovs-vsctl" database commands now accept an --if-exists option.
Please refer to the ovs-vsctl manpage for details.
- OpenFlow:
- Experimental support for newer versions of OpenFlow. See
the "What versions of OpenFlow does Open vSwitch support?"
question in the FAQ for more details.
- The OpenFlow "dp_desc" may now be configured by setting the
value of other-config:dp-desc in the Bridge table.
- It is possible to request the OpenFlow port number with the
"ofport_request" column in the Interface table.
- Tunneling:
- New support for the VXLAN tunnel protocol (see the IETF draft here:
http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03).
- Tunneling requires the version of the kernel module paired with
Open vSwitch 1.9.0 or later.
- Inheritance of the Don't Fragment bit in IP tunnels (df_inherit)
is no longer supported.
- Path MTU discovery is no longer supported.
- ovs-dpctl:
- The "dump-flows" and "del-flows" no longer require an argument
if only one datapath exists.
- ovs-appctl:
- New "vlog/disable-rate-limit" and "vlog/enable-rate-limit"
commands available allow control over logging rate limits.
- New "dpif/dump-dps", "dpif/show", and "dpif/dump-flows" command
that mimic the equivalent ovs-dpctl commands.
- The ofproto library is now responsible for assigning OpenFlow port
numbers. An ofproto implementation should assign them when
port_construct() is called.
- All dpif-based bridges of a particular type share a common
datapath called "ovs-<type>", e.g. "ovs-system". The ovs-dpctl
commands will now return information on that shared datapath. To
get the equivalent bridge-specific information, use the new
"ovs-appctl dpif/*" commands.
- Backward-incompatible changes:
- Earlier Open vSwitch versions treated ANY as a wildcard in flow
syntax. OpenFlow 1.1 adds a port named ANY, which introduces a
conflict. ANY was rarely used in flow syntax, so we chose to
retire that meaning of ANY in favor of the OpenFlow 1.1 meaning.
- Patch ports no longer require kernel support, so they now work
with FreeBSD and the kernel module built into Linux 3.3 and later.
-- Open vSwitch team <[email protected]> Wed, 01 May 2013 14:28:21 -0700
openvswitch (1.9.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- Datapath:
- Support for ipv6 set action.
- SKB mark matching and setting.
- support for Linux kernels up to 3.8
- FreeBSD is now a supported platform, thanks to code contributions from
Gaetano Catalli, Ed Maste, and Giuseppe Lettieri.
- ovs-bugtool: New --ovs option to report only OVS related information.
- New %t and %T log escapes to identify the subprogram within a
cooperating group of processes or threads that emitted a log message.
The default log patterns now include this information.
- OpenFlow:
- Allow bitwise masking for SHA and THA fields in ARP, SLL and TLL
fields in IPv6 neighbor discovery messages, and IPv6 flow label.
- Adds support for writing to the metadata field for a flow.
- Tunneling:
- The tunneling code no longer assumes input and output keys are
symmetric. If they are not, PMTUD needs to be disabled for
tunneling to work. Note this only applies to flow-based keys.
- New support for a nonstandard form of GRE that supports a 64-bit key.
- Tunnel Path MTU Discovery default value was set to 'disabled'.
This feature is deprecated and will be removed soon.
- Tunnel header caching removed.
- ovs-ofctl:
- Commands and actions that accept port numbers now also accept keywords
that represent those ports (such as LOCAL, NONE, and ALL). This is
also the recommended way to specify these ports, for compatibility
with OpenFlow 1.1 and later (which use the OpenFlow 1.0 numbers
for these ports for different purposes).
- ovs-dpctl:
- Support requesting the port number with the "port_no" option in
the "add-if" command.
- ovs-pki: The "online PKI" features have been removed, along with
the ovs-pki-cgi program that facilitated it, because of some
alarmist insecurity claims. We do not believe that these claims
are true, but because we do not know of any users for this
feature it seems better on balance to remove it. (The ovs-pki-cgi
program was not included in distribution packaging.)
- ovsdb-server now enforces the immutability of immutable columns. This
was not enforced in earlier versions due to an oversight.
- The following features are now deprecated. They will be removed no
earlier than February 2013. Please email [email protected] with
concerns.
- Bridge compatibility.
- Stable bond mode.
- The autopath action.
- Interface type "null".
- Numeric values for reserved ports (see "ovs-ofctl" note above).
- Tunnel Path MTU Discovery.
- CAPWAP tunnel support.
- The data in the RARP packets can now be matched in the same way as the
data in ARP packets.
-- Open vSwitch team <[email protected]> Tue, 26 Feb 2013 11:23:19 -0700
openvswitch (1.8.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
*** Internal only release ***
- New FAQ. Please send updates and additions!
- Authors of controllers, please read the new section titled "Action
Reproduction" in DESIGN, which describes an Open vSwitch change in
behavior in corner cases that may affect some controllers.
- ovs-l3ping:
- A new test utility that can create L3 tunnel between two Open
vSwitches and detect connectivity issues.
- ovs-ofctl:
- New --sort and --rsort options for "dump-flows" command.
- "mod-port" command can now control all OpenFlow config flags.
- OpenFlow:
- Allow general bitwise masking for IPv4 and IPv6 addresses in
IPv4, IPv6, and ARP packets. (Previously, only CIDR masks
were allowed.)
- Allow support for arbitrary Ethernet masks. (Previously, only
the multicast bit in the destination address could be individually
masked.)
- New field OXM_OF_METADATA, to align with OpenFlow 1.1.
- The OFPST_QUEUE request now reports an error if a specified port or
queue does not exist, or for requests for a specific queue on all
ports, if the specified queue does not exist on any port. (Previous
versions generally reported an empty set of results.)
- New "flow monitor" feature to allow controllers to be notified of
flow table changes as they happen.
- Additional protocols are not mirrored and dropped when forward-bpdu is
false. For a full list, see the ovs-vswitchd.conf.db man page.
- Open vSwitch now sends RARP packets in situations where it previously
sent a custom protocol, making it consistent with behavior of QEMU and
VMware.
- All Open vSwitch programs and log files now show timestamps in UTC,
instead the local timezone, by default.
-- Open vSwitch team <[email protected]> Mon, 16 Jul 2012 16:44:52 +0900
openvswitch (1.7.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- kernel modules are renamed. openvswitch_mod.ko is now
openvswitch.ko and brcompat_mod.ko is now brcompat.ko.
- Increased the number of NXM registers to 8.
- Added ability to configure dscp setting for manager and controller
connections. By default, these connections have a DSCP value of
Internetwork Control (0xc0).
- Added the granular link health statistics, 'cfm_health', to an
interface.
- OpenFlow:
- Added support to mask nd_target for ICMPv6 neighbor discovery flows.
- Added support for OpenFlow 1.3 port description (OFPMP_PORT_DESC)
multipart messages.
- ovs-ofctl:
- Added the "dump-ports-desc" command to retrieve port
information using the new port description multipart messages.
- ovs-test:
- Added support for spawning ovs-test server from the client.
- Now ovs-test is able to automatically create test bridges and ports.
- "ovs-dpctl dump-flows" now prints observed TCP flags in TCP flows.
- Tripled flow setup performance.
- The "coverage/log" command previously available through ovs-appctl
has been replaced by "coverage/show". The new command replies with
coverage counter values, instead of logging them.
-- Open vSwitch team <[email protected]> Mon, 30 Jul 2012 17:23:57 +0900
openvswitch (1.6.1-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- Allow OFPP_CONTROLLER as the in_port for packet-out messages.
-- Open vSwitch team <[email protected]> Mon, 25 Jun 2012 13:52:17 +0900
openvswitch (1.6.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- bonding
- LACP bonds no longer fall back to balance-slb when negotiations fail.
Instead they drop traffic.
- The default bond_mode changed from SLB to active-backup, to protect
unsuspecting users from the significant risks of SLB bonds (which are
documented in vswitchd/INTERNALS).
- Load balancing can be disabled by setting the bond-rebalance-interval
to zero.
- OpenFlow:
- Added support for bitwise matching on TCP and UDP ports.
See ovs-ofctl(8) for more information.
- NXM flow dumps now include times elapsed toward idle and hard
timeouts.
- Added an OpenFlow extension NXT_SET_ASYNC_CONFIG that allows
controllers more precise control over which OpenFlow messages they
receive asynchronously.
- New "fin_timeout" action.
- Added "fin_timeout" support to "learn" action.
- The default MAC learning timeout has been increased from 60 seconds
to 300 seconds. The MAC learning timeout is now configurable.
- When QoS settings for an interface do not configure a default queue
(queue 0), Open vSwitch now uses a default configuration for that
queue, instead of dropping all packets as in previous versions.
- Logging to console and file will have UTC timestamp as a default for all
the daemons. An example of the default format is 2012-01-27T16:35:17Z.
ovs-appctl can be used to change the default format as before.
- New support for limiting the number of flows in an OpenFlow flow
table, with configurable policy for evicting flows upon
overflow. See the Flow_Table table in ovs-vswitch.conf.db(5)
for more information.
- New "enable-async-messages" column in the Controller table. If set to
false, OpenFlow connections to the controller will initially have all
asynchronous messages disabled, overriding normal OpenFlow behavior.
- ofproto-provider interface:
- "struct rule" has a new member "used" that ofproto implementations
should maintain by updating with ofproto_rule_update_used().
- ovsdb-client:
- The new option --timestamp causes the "monitor" command to print
a timestamp with every update.
- CFM module CCM broadcasts can now be tagged with an 802.1p priority.
-- Open vSwitch team <[email protected]> Fri, 24 Feb 2012 11:12:48 +0900
openvswitch (1.5.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- OpenFlow:
- Added support for querying, modifying, and deleting flows
based on flow cookie when using NXM.
- Added new NXM_PACKET_IN format.
- ovs-ofctl:
- Added daemonization support to the monitor and snoop commands.
- ovs-vsctl:
- The "find" command supports new set relational operators
{=}, {!=}, {<}, {>}, {<=}, and {>=}.
- ovsdb-tool now uses the typical database and schema installation
directories as defaults.
-- Open vSwitch team <[email protected]> Fri, 01 June 2012 13:06:00 +0900
openvswitch (1.4.0+git20120426-1) unstable; urgency=low
* New upstream release fixing the following bugs:
o Broken log rotation.
o Use-after-free error when ports disappear.
o Minor memory leaks.
o Testsuite failures on big-endian architectures.
-- Ben Pfaff <[email protected]> Thu, 26 Apr 2012 13:46:55 -0700
openvswitch (1.4.0+git20120321-1) unstable; urgency=low
* New upstream version including:
o Features:
- ovs-vsctl: Allow "fake bridges" to be created for VLAN 0.
- vswitchd: Make the MAC entry aging time configurable.
- mac-learning: Increase MAC learning timeout to 300 seconds.
o Bug fixes:
- netdev-linux: Fix use-after-free when netdev_dump_queues() deletes
queues.
- netlink-socket: Increase Netlink socket receive buffer size.
- ofproto: Fix code that keeps track of MTU.
- ovs-monitor-ipsec: Detect correctly IPSEC configuration changes
- bond: Incorrectly reported an error in appctl.
- socket-util: Unlink Unix domain sockets that bind but fail to connect.
- bridge: Remove unwanted ports at time of ofproto creation.
- dpif-linux: Make dpif_linux_port_query_by_name() query only one
datapath.
- ofproto-dpif: Cleanup STP on ports when disabled on their bridge.
- configure: Try to extract kernel source directory from build Makefile.
- vswitchd: Always configure a default queue for QoS.
- ofproto-dpif: Don't output to in_port even if in_port is OFPP_LOCAL.
- sflow_agent: Use snprintf() in place of sprintf().
o Packaging:
- Move PKI directory to FHS-compliant location. Closes: #661090.
Thanks to Andreas Beckmann <[email protected]> for reporting
this bug.
- Use a different way to avoid failing install without kernel module.
- Avoid unit test failure when doing "unofficial" builds.
- Bump standards-version to 3.9.3.
- Remove some useless files from the dkms package.
- Clean .pyc files in "clean" target.
- Remove po-debconf build dependency.
- Build-depend on python-all to pull in all Python versions.
- Add missing ${python:Depends} to openvswitch-test package.
- Improve long descriptions so as to better describe the packages.
- Bump debhelper compat level to 8 and make build-depends consistent.
- Fix exit status of openvswitch-switch init script "status" command.
- Use provided kernel source dir instead of host kernel version.
- Do not run "make" if "configure" fails during DKMS build.
- Look in /lib/modules instead of /usr/src for DKMS kernel sources.
- Fix dependencies for openvswitch-datapath-dkms package.
- Don't install Python modules for obsolete Python versions.
- Add dependency on ${misc:Depends} to openvswitch-test
o Documentation improvements:
- ovsdb-doc: Use minus sign in negative numbers in nroff output.
- ovsdb-doc: Convert '-' preceding a number as a minus sign, not a
hyphen.
- ovsdb-doc: Put NAME section into generated manpage.
- Fix typo in manpage.
- vswitchd: Document behavior of 802.1p priorities with VLAN splinters.
- netdev: Fix typo in error message.
- INSTALL.Linux: minor typo
* Many thanks to Thomas Goirand <[email protected]> for contributing many
of the packaging fixes listed above.
* This version fixes most of the lintian errors described in bug
#663051, but a few remain, so this upload does not close that bug. I
believe that this upload should be suitable for downgrading that bug's
severity.
-- Ben Pfaff <[email protected]> Wed, 21 Mar 2012 10:00:28 -0700
openvswitch (1.4.0-2+nmu1) unstable; urgency=low
* Non maintainer upload.
* Removes all patches in debian/patches, because they are patching stuff
inconditionally in debian/*, and this should be applied by default.
* Uses the correct ${kernel_source_dir} in debian/dkms.conf.in, so that
the kernel module builds as expected (Closes: #659685).
-- Thomas Goirand <[email protected]> Thu, 08 Mar 2012 08:46:24 +0000
openvswitch (1.4.0-2) unstable; urgency=low
* Use explicit DKMS variable for kernel source directory
- 0001-debian-Fix-dependencies-for-openvswitch-datapath-dkm.patch
- 0002-debian-Look-in-lib-modules-instead-of-usr-src-for-DK.patch
- 0001-debian-Use-provided-kernel-source-dir.patch
- 0001-debian-Do-not-run-make-if-configure-fails-during-DKM.patch
- (closes: #659685)
* Don't install Python modules for obsolete Python versions
- 0001-debian-Don-t-install-Python-modules-for-obsolete-Pyt.patch
-- Simon Horman <[email protected]> Tue, 14 Feb 2012 11:43:13 +0900
openvswitch (1.4.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- Compatible with Open vSwitch kernel module included in Linux 3.3.
- New "VLAN splinters" feature to work around buggy device drivers
in old Linux versions. (This feature is deprecated. When
broken device drivers are no longer in widespread use, we will
delete this feature.) See ovs-vswitchd.conf.db(5) for more
information.
- OpenFlow:
- Added ability to match on IPv6 flow label through NXM.
- Added ability to match on ECN bits in IPv4 and IPv6 through NXM.
- Added ability to match on TTL in IPv4 and IPv6 through NXM.
- Added ability to modify ECN bits in IPv4.
- Added ability to modify TTL in IPv4.
- ovs-vswitchd:
- Don't require the "normal" action to use mirrors. Traffic will
now be properly mirrored for any flows, regardless of their
actions.
- Track packet and byte statistics sent on mirrors.
- ovs-appctl:
- New "fdb/flush" command to flush bridge's MAC learning table.
- ovs-test:
- A new distributed testing tool that allows one to diagnose performance
and connectivity issues. This tool currently is not included in RH or
Xen packages.
- RHEL packaging now supports integration with Red Hat network scripts.
- Debian: Depend on python (>= 2.7) | python-argparse instead of
python-argparse to avoid pulling in python2.6
(closes: #653645)
-- Open vSwitch team <[email protected]> Mon, 30 Jan 2012 23:36:00 +0000
openvswitch (1.3.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- OpenFlow:
- Added an OpenFlow extension which allows the "output" action to accept
NXM fields.
- Added an OpenFlow extension for flexible learning.
- Bumped number of NXM registers from four to five.
- ovs-appctl:
- New "version" command to determine version of running daemon.
- If no argument is provided for "cfm/show", displays detailed
information about all interfaces with CFM enabled.
- If no argument is provided for "lacp/show", displays detailed
information about all ports with LACP enabled.
- ovs-vswitchd:
- The software switch now supports 255 OpenFlow tables, instead
of just one. By default, only table 0 is consulted, but the
new NXAST_RESUBMIT_TABLE action can look up in additional
tables. Tables 128 and above are reserved for use by the
switch itself; please use only tables 0 through 127.
- Add support for 802.1D spanning tree (STP).
- Fragment handling extensions:
- New OFPC_FRAG_NX_MATCH fragment handling mode, in which L4
fields are made available for matching in fragments with
offset 0.
- New NXM_NX_IP_FRAG match field for matching IP fragments (usable
via "ip_frag" in ovs-ofctl).
- New ovs-ofctl "get-frags" and "set-frags" commands to get and set
fragment handling policy.
- CAPWAP tunneling now supports an extension to transport a 64-key. By
default it remains compatible with the old version and other
standards-based implementations.
- Flow setups are now processed in a round-robin manner across ports
to prevent any single client from monopolizing the CPU and conducting
a denial of service attack.
- Added support for native VLAN tagging. A new "vlan_mode"
parameter can be set for "port". Possible values: "access",
"trunk", "native-tagged" and "native-untagged".
- test-openflowd has been removed. Please use ovs-vswitchd instead.
-- Open vSwitch team <[email protected]> Mon, 09 Dec 2011 23:36:00 +0000
openvswitch (1.2.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- New "ofproto" abstraction layer to ease porting to hardware
switching ASICs.
- Packaging for Red Hat Enterprise Linux 5.6 and 6.0.
- Datapath support for Linux kernels up to 3.0.
- OpenFlow:
- New "bundle" and "bundle_load" action extensions.
- Database:
- Implement table unique constraints.
- Support cooperative locking between callers.
- ovs-dpctl:
- New "-s" option for "show" command prints packet and byte
counters for each port.
- ovs-ofctl:
- New "--readd" option for "replace-flows".
- ovs-vsctl:
- New "show" command to print an overview of configuration.
- New "comment" command to add remark that explains intentions.
- ovs-brcompatd has been rewritten to fix long-standing bugs.
- ovs-openflowd has been renamed test-openflowd and moved into the
tests directory. Its presence confused too many users. Please
use ovs-vswitchd instead.
- New ovs-benchmark utility to test flow setup performance.
- A new log level "off" has been added. Configuring a log facility
"off" prevents any messages from being logged to it. Previously,
"emer" was effectively "off" because no messages were ever logged at
level "emer". Now, errors that cause a process to exit are logged
at "emer" level.
- "configure" option --with-l26 has been renamed --with-linux, and
--with-l26-source has been renamed --with-linux-source. The old
names will be removed after the next release, so please update
your scripts.
- The "-2.6" suffix has been dropped from the datapath/linux-2.6 and
datapath/linux-2.6/compat-2.6 directories.
- Feature removals:
- Dropped support for "tun_id_from_cookie" OpenFlow extension.
Please use the extensible match extensions instead.
- Removed the Maintenance_Point and Monitor tables in an effort
to simplify 802.1ag configuration.
- Performance and scalability improvements
- Bug fixes
-- Open vSwitch team <[email protected]> Wed, 03 Aug 2011 14:43:00 +0000
openvswitch (1.1.1-1) unstable; urgency=low
[ Open vSwitch team ]
* Bug fixes.
[ Simon Horman ]
* docs: Suppress warning marcro DD not defined
(upstream commit 58f870d0)
* debian: Make openvswitch depend on Python
(upstream commit aa41cb61)
* debian: Don't begin openvswitch-pki description with article.
(upstream commit bc6bb66)
* Debian: Add ${misc:Depends} dependency to python-openvswitch
* Debian: Update standards version from 3.9.1 to 3.9.2
* Debian: ${source:Version} dependency on python openvswitch
* Debian: ${source:Version} dependency for python openvswitch
* Switch to dpkg-source 3.0 (quilt) format
- For local non-debian/ patches (above)
-- Simon Horman <[email protected]> Wed, 15 Jun 2011 10:46:15 +0900
openvswitch (1.1.0-1) unstable; urgency=low
[ Open vSwitch team ]
* New upstream version
- Ability to define policies over IPv6
- LACP
- 802.1ag CCM
- Support for extensible match extensions to OpenFlow
- QoS:
- Support for HFSC qdisc.
- Queue used by in-band control can now be configured.
- Kernel:
- Kernel<->userspace interface has been reworked and should be
close to a stable ABI now.
- "Port group" concept has been dropped.
- GRE over IPSEC tunnels
- Bonding:
- New active backup bonding mode.
- New L4 hashing support when LACP is enabled.
- Source MAC hash now includes VLAN field also.
- miimon support.
- Greatly improved handling of large flow tables
- ovs-dpctl:
- "show" command now prints full vport configuration.
- "dump-groups" command removed since kernel support for
port groups was dropped.
- ovs-vsctl:
- New commands for working with the new Managers table.
- "list" command enhanced with new formatting options and --columns
option.
- "get" command now accepts new --id option.
- New "find" command.
- ovs-ofctl:
- New "queue-stats" command for printing queue stats.
- New commands "replace-flows" and "diff-flows".
- Commands to add and remove flows can now read from files.
- New --flow-format option to enable or disable NXM.
- New --more option to increase OpenFlow message verbosity.
- Removed "tun-cookie" command, which is no longer useful.
- ovs-controller enhancements for testing various features.
- New ovs-vlan-test command for testing for Linux kernel driver VLAN
bugs. New ovs-vlan-bug-workaround command for enabling and
disabling a workaround for these driver bugs.
- OpenFlow support:
- "Resubmit" actions now update flow statistics.
- New "register" extension for use in matching and actions, via NXM.
- New "multipath" experimental action extension.
- New support for matching multicast Ethernet frames, via NXM.
- New extension for OpenFlow vendor error codes.
- New extension to set the QoS output queue without actually
sending to an output port.
- Open vSwitch now reports a single flow table, instead of
separate hash and wildcard tables. This better models the
current implementation.
- New experimental "note" action.
- New "ofproto/trace" ovs-appctl command and associated utilities
to ease debugging complex flow tables.
- Database:
- Schema documentation now includes an entity-relationship diagram.
- The database is now garbage collected. In most tables,
unreferenced rows will be deleted automatically.
- Many tables now include statistics updated periodically by
ovs-vswitchd or ovsdb-server.
- Every table now has an "external-ids" column for use by OVS
integrators.
- There is no default controller anymore. Each bridge must have its
controller individually specified.
- The "fail-mode" is now a property of a Bridge instead of a Controller.
- New versioning and checksum features.
- New Managers table and manager_options column in Open_vSwitch table
for specifying managers. The old "managers" column in the
Open_vSwitch table has been removed.
- Many "name" columns are now immutable.
- Feature removals:
- Dropped support for XenServer pre-5.6.100.
- Dropped support for Linux pre-2.6.18.
- Dropped controller discovery support.
- Dropped "ovs-ofctl status" and the OpenFlow extension that it used.
Statistics reporting in the database is a rough equivalent.
- Dropped the "corekeeper" package (now separate, at
http://openvswitch.org/cgi-bin/gitweb.cgi?p=corekeeper).
- Performance and scalability improvements
- Bug fixes
[ Simon Horman ]
* Add the following fixes from upstream branch-1.1
- 7f1aca9 dpif-linux: Avoid logging error on ENOENT in
dpif_linux_is_internal_device().
- 8996f83 dpif-linux: Avoid segfault on netdev_get_stats() without kernel
module.
- 002d4a3 vswitch: Improve schema documentation.
- 58bd294 cfm: Fix broken fault logic.
- c042664 bridge: Run once before configuring CFM.
* Switch to dpkg-source 3.0 (quilt) format
-- Simon Horman <[email protected]> Wed, 27 Apr 2011 17:11:10 +0900
openvswitch (1.1.0~pre2.g2.ea763e0e-1) unstable; urgency=low
* Git snapshot, including
- tests: Fix Y2011 bug in testsuite
(closes: #609506)
-- Simon Horman <[email protected]> Wed, 12 Jan 2011 08:34:35 +0900
openvswitch (1.1.0~pre2.g1.bbe8d06e-1) unstable; urgency=low
* Git snaptshot
-- Simon Horman <[email protected]> Thu, 06 Jan 2011 11:11:55 +0900
openvswitch (1.1.0~pre2-5) unstable; urgency=low
* Open vSwitch only works on Linux so set
the Architecture of binary packages to linux-any accordingly
-- Simon Horman <[email protected]> Tue, 23 Nov 2010 07:55:19 +0900
openvswitch (1.1.0~pre2-4) unstable; urgency=low
* Add procps to Build-Depends
(closes: #602891)
-- Simon Horman <[email protected]> Tue, 16 Nov 2010 06:46:17 +0900
openvswitch (1.1.0~pre2-3) unstable; urgency=low
* Remove the corekeeper package as it isn't strongly related
to Open vSwitch. It has subsequently been broken off into
a separate source repository and may be uploaded as its
own debian source package.
http://openvswitch.org/cgi-bin/gitweb.cgi?p=corekeeper;a=summary
(closes: #602946)
* Avoid the use of long socket names.
(closes: #602891, closes: #602911)
-- Simon Horman <[email protected]> Thu, 11 Nov 2010 06:35:05 +0900
openvswitch (1.1.0~pre2-2) unstable; urgency=low
* Clarify licensing of files in xenserver/
-- Simon Horman <[email protected]> Thu, 23 Sep 2010 10:56:18 +0900
openvswitch (1.1.0~pre2-1) unstable; urgency=low
* New upstream version
- Bug fixes
-- Simon Horman <[email protected]> Wed, 15 Sep 2010 18:28:59 +0900
openvswitch (1.1.0~pre1-1) unstable; urgency=low
* New upstream version
- OpenFlow 1.0 slicing (QoS) functionality
- Python bindings for configuration database (no write support)
- Performance and scalability improvements
- Bug fixes
-- Open vSwitch team <[email protected]> Tue, 31 Aug 2010 23:20:00 +0000
openvswitch (1.0.1-1) unstable; urgency=low
* New upstream version.
-- Open vSwitch team <[email protected]> Mon, 17 May 2010 10:36:00 +0000