forked from pool/openvswitch
Dirk Mueller
82fd454fe8
Submit home:dpitchumani:branches:network/openvswitch to network/openvswitch Description : - Update openvswitch to 3.3.1. For a list of changes, check https://github.com/openvswitch/ovs/blob/v3.3.1/NEWS - Update OVN to 24.03.3. For a list of changes, check https://github.com/ovn-org/ovn/blob/v24.03.3/NEWS - Drop upstream fixed patches, * CVE-2023-1668.patch * CVE-2023-3152.patch * CVE-2023-5366.patch * openvswitch-2.17.8-gcc14-build-fix.patch * openvswitch-CVE-2023-3966.patch - Updated the patch for version v3.3.1 * install-ovsdb-tools.patch OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=263
2221 lines
103 KiB
Plaintext
2221 lines
103 KiB
Plaintext
-------------------------------------------------------------------
|
|
Wed Aug 28 05:18:36 UTC 2024 - Duraisankar P <Duraisankar.pitchumani@suse.com>
|
|
|
|
- Update openvswitch to 3.3.1. For a list of changes, check
|
|
https://github.com/openvswitch/ovs/blob/v3.3.1/NEWS
|
|
- Update OVN to 24.03.3. For a list of changes, check
|
|
https://github.com/ovn-org/ovn/blob/v24.03.3/NEWS
|
|
- Drop upstream fixed patches,
|
|
* CVE-2023-1668.patch
|
|
* CVE-2023-3152.patch
|
|
* CVE-2023-5366.patch
|
|
* openvswitch-2.17.8-gcc14-build-fix.patch
|
|
* openvswitch-CVE-2023-3966.patch
|
|
- Updated the patch for version v3.3.1
|
|
* install-ovsdb-tools.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 30 13:50:21 UTC 2024 - pgajdos@suse.com
|
|
|
|
- remove dependency on /usr/bin/python3 using
|
|
%python3_fix_shebang_path macro, [bsc#1212476]
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 4 09:48:39 UTC 2024 - Martin Jambor <mjambor@suse.com>
|
|
|
|
- GCC 14 started to advertise c_atomic extension, older versions
|
|
didn't do that. Add check for __clang__, so GCC doesn't include
|
|
headers designed for Clang
|
|
(openvswitch-2.17.8-gcc14-build-fix.patch) [boo#1225906]
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 26 12:38:17 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Use %patch -P N instead of deprecated %patchN.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 15 06:53:54 UTC 2024 - Duraisankar P <Duraisankar.pitchumani@suse.com>
|
|
|
|
- Fix CVE-2023-3966 [bsc#1219465] openvswitch3: Invalid memory access in Geneve with HW offload
|
|
- Added patch,
|
|
+openvswitch-CVE-2023-3966.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 1 19:34:16 UTC 2024 - Duraisankar P <Duraisankar.pitchumani@suse.com>
|
|
|
|
- Fix CVE-2023-5366 [bsc#1216002], openvswitch: missing masks on a final stage with ports trie
|
|
- Added patch,
|
|
* CVE-2023-5366.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 14 11:55:19 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- convert to sysuser generated users
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 4 15:52:33 UTC 2023 - Ana Guerrero <ana.guerrero@suse.com>
|
|
|
|
- Add BuildRequires on python-setuptools. Previously this was pulled
|
|
by python-Sphinx in the build environment.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 7 07:55:29 UTC 2023 - Duraisankar P <Duraisankar.pitchumani@suse.com>
|
|
|
|
- Fix CVE-2023-3153 [bsc#1212125], VUL-0: CVE-2023-3153: openvswitch,openvswitch3: service monitor MAC flow is not rate limited
|
|
- Added patch,
|
|
CVE-2023-3152.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 17 09:46:44 UTC 2023 - Duraisankar P <Duraisankar.pitchumani@suse.com>
|
|
|
|
- Fix CVE-2023-1668 [bsc#1210054], openvswitch: remote traffic denial of service via crafted packets with IP proto 0
|
|
- Added patch,
|
|
CVE-2023-1668.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 2 07:48:43 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Remove python/ovs/dirs.py prior to building: have this
|
|
re-generated based on the shipped template (boo#1210479).
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 5 21:14:59 UTC 2023 - Duraisankar P <Duraisankar.pitchumani@suse.com>
|
|
|
|
- Update OVS version to v3.1.0 and OVN version to v23.03.0
|
|
Some of the features are,
|
|
- ovs-vswitchd now detects changes in CPU affinity and adjusts the number
|
|
of handler and revalidator threads if necessary.
|
|
- AF_XDP:
|
|
* Added support for building with libxdp and libbpf >= 0.7.
|
|
* Support for AF_XDP is now enabled by default if all dependencies are
|
|
available at the build time. Use --disable-afxdp to disable.
|
|
Use --enable-afxdp to fail the build if dependencies are not present.
|
|
- ovs-appctl:
|
|
* "ovs-appctl ofproto/trace" command can now display port names with the
|
|
"--names" option.
|
|
- OVSDB-IDL:
|
|
* Add the support to specify the persistent uuid for row insert in both
|
|
C and Python IDLs.
|
|
- Windows:
|
|
* Conntrack IPv6 fragment support.
|
|
- DPDK:
|
|
* Add support for DPDK 22.11.1.
|
|
- For the QoS max-rate and STP/RSTP path-cost configuration OVS now assumes
|
|
10 Gbps link speed by default in case the actual link speed cannot be
|
|
determined. Previously it was 10 Mbps. Values can still be overridden
|
|
by specifying 'max-rate' or '[r]stp-path-cost' accordingly.
|
|
- OpenFlow:
|
|
* New OpenFlow extension NXT_CT_FLUSH to flush connections matching
|
|
the specified fields.
|
|
- ovs-ctl:
|
|
* New option '--dump-hugepages' to include hugepages in core dumps. This
|
|
can assist with postmortem analysis involving DPDK, but may also produce
|
|
significantly larger core dump files.
|
|
- ovs-dpctl and 'ovs-appctl dpctl/' commands:
|
|
* 'flush-conntrack' is now capable of handling partial 5-tuple,
|
|
with additional optional parameter to specify the reply direction.
|
|
- ovs-ofctl:
|
|
* New command 'flush-conntrack' that accepts zone and 5-tuple (or partial
|
|
5-tuple) for both directions.
|
|
- Support for travis-ci.org based continuous integration builds has been
|
|
dropped.
|
|
- Userspace datapath:
|
|
* Add '-secs' argument to appctl 'dpif-netdev/pmd-rxq-show' to show
|
|
the pmd usage of an Rx queue over a configurable time period.
|
|
* Add new experimental PMD load based sleeping feature. PMD threads can
|
|
request to sleep up to a user configured 'pmd-maxsleep' value under
|
|
low load conditions.
|
|
-For more details, check
|
|
https://github.com/openvswitch/ovs/blob/v3.1.0/NEWS
|
|
-Includes secrity fix for CVE-2022-4338 (bsc#1206580) and CVE-2022-4337 (bsc#1206581)
|
|
- Removed patches,
|
|
* 0001-Replace-deprecated-var-run-with-run.patch
|
|
* 0001-openvswitch-merge-compiler.h-files-into-one-file.patch
|
|
* openvswitch-CVE-2021-36980.patch
|
|
* 0002-build-Seperated-common-used-headers.patch
|
|
* a77ad9693c8b49055389559187fe74eddb619746.patch
|
|
* 0001-m4-Test-avx512-for-x86-only.patch
|
|
* openvswitch-2.17.2-Fix-tests-with-GNU-grep-3.8.patch
|
|
- Renamed and rebased patches,
|
|
* 0001-Don-t-change-permissions-of-dev-hugepages.patch
|
|
* 0001-Use-double-hash-for-OVS_USER_ID-comment.patch
|
|
* 0001-Run-ovn-as-openvswitch-openvswitch.patch
|
|
* 0001-Use-strongswan-for-openvswitch-ipsec-service.patch
|
|
* 0001-Run-openvswitch-as-openvswitch-openvswitch.patch
|
|
- Added ovsb tool install patch,
|
|
* install-ovsdb-tools.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 29 11:58:47 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- add a77ad9693c8b49055389559187fe74eddb619746.patch to avoid
|
|
the cpu detection code being compiled with AVX512 enabled
|
|
- add 0001-m4-Test-avx512-for-x86-only.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 12 19:55:30 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- fix tests with GNU grep 3.8 boo#1203239
|
|
add openvswitch-2.17.2-Fix-tests-with-GNU-grep-3.8.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 3 11:11:36 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 2.17.2:
|
|
- Bug fixes
|
|
- DPDK:
|
|
* OVS validated with DPDK 21.11.1. It is recommended to use this version
|
|
until further releases.
|
|
- Bug fixes
|
|
- libopenvswitch API change:
|
|
* To fix the Undefined Behavior issue causing the compiler to incorrectly
|
|
optimize important parts of code, container iteration macros (e.g.,
|
|
LIST_FOR_EACH) have been re-implemented in a UB-safe way.
|
|
* Backwards compatibility has mostly been preserved, however the
|
|
user-provided pointer is now set to NULL after the loop (unless it
|
|
exited via "break;")
|
|
* Users of libopenvswitch will need to double-check the use of such loop
|
|
macros before compiling with a new version.
|
|
* Since the change is limited to the definitions within the headers, the
|
|
ABI is not affected.
|
|
- refresh 0001-openvswitch-merge-compiler.h-files-into-one-file.patch
|
|
0002-build-Seperated-common-used-headers.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 13 15:52:24 UTC 2022 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Allow dpdk version 21.11.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 22 20:42:31 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
|
|
|
|
- Python package: Do not use C json parser on 32bit as large numbers
|
|
will overflow.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Apr 3 13:12:28 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
|
|
|
|
- Mention openvswitch-rpmlintrc as Source in spec file
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 14 13:55:07 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
|
|
|
|
- Fix installation of files shared with OVN (required for building
|
|
OVN without openvswitch sources), remove custom installation
|
|
of internal headers from SPEC-install section and use patches
|
|
(for upstreaming) instead.
|
|
* install-ovsdb-tools.patch
|
|
* Added 0001-openvswitch-merge-compiler.h-files-into-one-file.patch
|
|
* Added 0002-build-Seperated-common-used-headers.patch
|
|
- Enabled check section / running testsuite by default to validate
|
|
build result. There must no problems with the testsuite anymore as
|
|
upstream runs it by CI and checked before release of a new version.
|
|
- Renamed 0001-Don-t-change-permissions-of-dev-hugepages.patch to
|
|
Don-t-change-permissions-of-dev-hugepages.patch
|
|
- Renamed 0001-Run-openvswitch-as-openvswitch-openvswitch.patch to
|
|
Run-openvswitch-as-openvswitch-openvswitch.patch
|
|
- Renamed 0001-Use-double-hash-for-OVS_USER_ID-comment.patch to
|
|
Use-double-hash-for-OVS_USER_ID-comment.patch
|
|
- Rebased 0001-Use-strongswan-for-openvswitch-ipsec-service.patch to
|
|
Use-strongswan-for-openvswitch-ipsec-service.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 11 11:33:18 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
|
|
|
|
- Fix OVS location for python bindings (dirs.py), boo#1196978
|
|
Make sure dirs.py is freshly generated
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 7 12:04:30 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- fix python3 requires (bsc#1196758)
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 27 19:24:57 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
|
|
|
|
- Added install-ovsdb-tools.patch to install ovsdb tools required
|
|
for building OVN
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Feb 26 22:11:06 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
|
|
|
|
- Enable multiple python3 flavor subpackages on Tumbleweed / Factory
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Feb 26 00:56:03 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
|
|
|
|
- Update OVS to version 2.17.0
|
|
* Userspace datapath:
|
|
* Optimized flow lookups for datapath flows with simple match criteria.
|
|
* New per-interface configuration knob 'other_config:tx-steering'.
|
|
* Removed experimental tag for PMD Auto Load Balance.
|
|
* New configuration knob 'other_config:n-offload-threads' to change the
|
|
number of HW offloading threads.
|
|
* DPDK:
|
|
* EAL argument --socket-mem is no longer configured by default upon
|
|
start-up. If dpdk-socket-mem and dpdk-alloc-mem are not specified,
|
|
DPDK defaults will be used.
|
|
* EAL argument --socket-limit no longer takes on the value of --socket-mem
|
|
by default. 'other_config:dpdk-socket-limit' can be set equal to
|
|
the 'other_config:dpdk-socket-mem' to preserve the legacy memory
|
|
limiting behavior.
|
|
* EAL argument --in-memory is applied by default if supported.
|
|
* Add support for DPDK 21.11.
|
|
* Forbid use of DPDK multiprocess feature.
|
|
* Add support for running threads on cores >= RTE_MAX_LCORE.
|
|
* Python: For SSL support, the use of the pyOpenSSL library has
|
|
been replaced with the native 'ssl' module.
|
|
* OVSDB:
|
|
* Python library for OVSDB clients now also supports faster
|
|
resynchronization with a clustered database after a brief disconnection,
|
|
i.e. 'monitor_cond_since' monitoring method.
|
|
* Major improvement in the performance of the OVSDB server.
|
|
* OpenFlow:
|
|
* Default selection method for select groups with up to 256 buckets is
|
|
now dp_hash. Previously this was limited to 64 buckets. This change
|
|
is mainly for the benefit of OVN load balancing configurations.
|
|
* Encap & Decap action support for MPLS packet type.
|
|
- Update OVS to version 2.16.0
|
|
* Fix CVE-2021-36980 (boo#1188524)
|
|
openvswitch 2.11.0 through 2.15.0 has a use-after-free in
|
|
decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode)
|
|
during the decoding of a RAW_ENCAP action
|
|
* Removed support for 1024-bit Diffie-Hellman key exchange
|
|
* Rate limiting configuration now supports setting packet-per-second
|
|
limits in addition to the previously configurable byte rate settings.
|
|
* OVSDB:
|
|
* Introduced new database service model - "relay".
|
|
* New command line options --record/--replay for ovsdb-server and
|
|
ovsdb-client to record and replay all the incoming transactions,
|
|
monitors, etc.
|
|
* The Python Idl class now has a cooperative_yield() method
|
|
* In ovs-vsctl and vtep-ctl, the "find" command now accept new
|
|
operators {in} and {not-in}.
|
|
* Various Userspace datapath improvements
|
|
* ovs-ctl:
|
|
* New option '--no-record-hostname' to disable hostname configuration
|
|
in ovsdb on startup.
|
|
* New command 'record-hostname-if-not-set' to update hostname in ovsdb.
|
|
* ovs-appctl: Added ability to add and delete static mac entries using:
|
|
'ovs-appctl fdb/add <bridge> <port> <vlan> <mac>'
|
|
'ovs-appctl fdb/del <bridge> <vlan> <mac>'
|
|
* Linux datapath:
|
|
* ovs-vswitchd will configure the kernel module using per-cpu dispatch
|
|
mode (if available). This changes the way upcalls are delivered to
|
|
user space in order to resolve a number of issues with per-vport dispatch.
|
|
* New vswitchd unixctl command `dpif-netlink/dispatch-mode` will return
|
|
the current dispatch mode for each datapath.
|
|
- Update OVS to version 2.15.0
|
|
* OVSDB:
|
|
* Changed format in which ovsdb transactions are stored in
|
|
database files. Now each transaction contains diff of data
|
|
instead of the whole new value of a column.
|
|
* New unixctl command 'ovsdb-server/get-db-storage-status'
|
|
* New unixctl command 'ovsdb-server/memory-trim-on-compaction on|off'.
|
|
* Maximum backlog on RAFT connections limited to 500 messages or 4GB.
|
|
* DPDK: Removed support for vhost-user dequeue zero-copy.
|
|
* Add support for DPDK 20.11.
|
|
* The environment variable OVS_UNBOUND_CONF, if set, is now used
|
|
as the DNS resolver's (unbound) configuration file.
|
|
* Linux datapath: Support for kernel versions up to 5.8.x.
|
|
* Building the Linux kernel module from the OVS source tree is deprecated
|
|
* Support for the Linux kernel is capped at version 5.8
|
|
* Only bug fixes for the Linux OOT kernel module will be accepted.
|
|
* The Linux kernel module will be fully removed from the OVS source tree
|
|
in OVS branch 2.18
|
|
- Rebased 0001-Use-strongswan-for-openvswitch-ipsec-service.patch
|
|
- Drop upstream fixed 0001-Replace-deprecated-var-run-with-run.patch
|
|
- Separated OVN
|
|
* Stand alone package, this enables better maintenance
|
|
especially updates.
|
|
* Drop 0001-Run-ovn-as-openvswitch-openvswitch.patch from OVN
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 10 10:28:32 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- add openssl(cli) dependency on pki (bsc#1185839)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 29 16:05:49 UTC 2021 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- Replace deprecated /var/run with /run (bsc#1185176, bsc#1185177).
|
|
* 0001-Replace-deprecated-var-run-with-run.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 12 10:36:03 UTC 2021 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- Update openvswitch to 2.14.2. For a list of changes, check
|
|
https://github.com/openvswitch/ovs/blob/v2.14.2/NEWS
|
|
Includes security fix for CVE-2020-27827 (bsc#1181345) and CVE-2020-35498
|
|
(bsc#1181742).
|
|
- Removed patches no longer applying to code base:
|
|
* 0001-rhel-Fix-reload-of-OVS_USER_ID-on-startup.patch
|
|
* 0001-ipsec-Fix-Strongswan-configuration-syntax.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 3 10:50:49 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- Replaced `%service_del_postun -n` with `%service_del_postun_without_restart`
|
|
(bsc#1117483).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 29 10:41:30 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- Fix wrong default directories for OVS python utilities (bsc#1176273).
|
|
- Add upstream patches to fix openvswitch-ipsec service (bsc#1176273).
|
|
* 0001-ipsec-Fix-Strongswan-configuration-syntax.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 1 13:50:47 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- Update openvswitch to 2.14.0. For a list of changes, check
|
|
https://github.com/openvswitch/ovs/blob/v2.14.0/NEWS
|
|
- Update OVN to 20.06.2. For a list of changes, check
|
|
https://github.com/ovn-org/ovn/blob/v20.06.2/NEWS
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 15 13:21:22 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- Fix preserving old default OVS_USER_ID for users that removed the
|
|
override at /etc/sysconfig/openvswitch or for users affected by
|
|
fillup bug below (bsc#1172861).
|
|
- Add patch to workaround a possible fillup issue that could cause
|
|
existing openvswitch configuration to be unintendedly altered during
|
|
upgrades (bsc#1172929).
|
|
* 0001-Use-double-hash-for-OVS_USER_ID-comment.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 3 14:53:21 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- add missing provides/obsoletes for python3-openvswitch-test
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 4 11:38:26 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- Update openvswitch to 2.13.0.
|
|
* For a list of changes, check
|
|
https://github.com/openvswitch/ovs/blob/v2.13.0/NEWS
|
|
* This version drops python2 binding support. Only python3 bindings
|
|
provided going forward.
|
|
* Tool ovs-vlan-bug-workaround is no longer provided.
|
|
- OVN was split to its own repo but is still built together with OVS and as
|
|
such from this same source package. OVN initial version is 20.03.
|
|
* For a list of changes, check
|
|
https://github.com/ovn-org/ovn/blob/v20.03.0/NEWS
|
|
* Packages openvswitch-ovn* are renamed to ovn*.
|
|
* OVN now has its own sysconfig and log paths.
|
|
- Add OVS patch to be proposed upstream:
|
|
* 0001-rhel-Fix-reload-of-OVS_USER_ID-on-startup.patch
|
|
- Patch instead of post-processing configuration files to set running
|
|
credentials (bsc#1157338):
|
|
* 0001-Run-openvswitch-as-openvswitch-openvswitch.patch
|
|
* 0001-Run-ovn-as-openvswitch-openvswitch.patch
|
|
- Will no longer change group ownership of /dev/hugepages to 'hugetlbfs'
|
|
(bsc#1140835). System admin should mount hugepages on a path and permissions of
|
|
his choosing for OVS. Add patch:
|
|
* 0001-Don-t-change-permissions-of-dev-hugepages.patch
|
|
- Will no longer install udev rule to change group ownership of vfio devices to
|
|
'hugetlbfs'. Group name does not make much sense in this case and ownership of
|
|
vfio devices should be coordinated system wide or per device.
|
|
- Will no longer run under group 'hugetlbfs' on new installs with DPDK enabled.
|
|
OVS will now run under group 'openvswitch' whether compiled with DPDK support
|
|
or not.
|
|
- OVS persistent state is now saved on /var/lib/openvswitch instead of
|
|
/etc/openvswitch for new installs.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 13 18:06:02 UTC 2020 - Dirk Mueller <dmueller@suse.com>
|
|
|
|
- add missing sortedcontainers dependency to the python bindings
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 28 14:56:34 UTC 2019 - Jaime Caamaño Ruiz <jcaamano@suse.com>
|
|
|
|
- Update openvswitch to 2.12.0. For a list of changes, check
|
|
https://github.com/openvswitch/ovs/blob/master/NEWS
|
|
- Removed patches that are already included upstream:
|
|
* 0001-rhel-secure-openvswitch-useropts.patch
|
|
* 0002-rhel-let-ctl-handle-runtime-directory.patch
|
|
- Rebased patches:
|
|
* 0001-Use-strongswan-for-openvswitch-ipsec-service.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 8 11:55:36 UTC 2019 - <jcaamano@suse.com>
|
|
|
|
- Fixed missing obsoletes for old python-ovs (bsc#1138948).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 16 09:10:42 UTC 2019 - <jcaamano@suse.com>
|
|
|
|
- Add unbound as a build requirement to support asynchronous DNS
|
|
resolving for remotes.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 20 12:00:42 UTC 2019 - <jcaamano@suse.com>
|
|
|
|
- Update DPDK dependency to support DPDK 18.11.2.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 10 17:12:00 UTC 2019 - <jcaamano@suse.com>
|
|
|
|
- Add upstream patches to fix bsc#1135884:
|
|
* 0001-rhel-secure-openvswitch-useropts.patch
|
|
* 0002-rhel-let-ctl-handle-runtime-directory.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 6 17:08:26 UTC 2019 - <jcaamano@suse.com>
|
|
|
|
- Use temporary directory for python build.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 29 14:12:36 UTC 2019 - <jcaamano@suse.com>
|
|
|
|
- Fix problem preventing new installs to run as non root (bsc#1132029),
|
|
including:
|
|
* Align with upstream so that no running configuration is changed on
|
|
upgrades, specifically to avoid changes on the user Open vSwitch runs
|
|
under.
|
|
* hugetblfs groups is created as system group.
|
|
- Add missing opnvswitch-ipsec package and systemd service.
|
|
- Add patch to use strongswan instead of libreswan for openvswitch-ipsec.
|
|
libreswan package not available currently.
|
|
* 0001-Use-strongswan-for-openvswitch-ipsec-service.patch
|
|
- Add missing ovs-delete-transient-ports systemd service.
|
|
- Align installed headers with upstream.
|
|
- Fix problem preventing rpm build '--with check'.
|
|
- Fix python environment that had directories pointing to /usr/local.
|
|
- Version bump to 2.11.1. Some of the changes are:
|
|
* netdev-tc-offloads: Fix probe tc block support
|
|
* rhel: Include all header files in the Fedora's devel package
|
|
* reconnect.c: Don't transition back to ACTIVE when forced to RECONNECT.
|
|
* OVN: Make periodic RAs consistent with RA responder.
|
|
* OVN: Always send prefix option in RAs
|
|
* OVN: Use offset instead of pointer into ofpbuf
|
|
* ofproto: fix the bug of bucket counter is not updated
|
|
* netdev-dpdk: Print netdev name for txq mapping.
|
|
* dpif-netdev-perf: Fix millisecond stats precision with slower TSC.
|
|
* ifupdown.sh: Add missing "--may-exist" option
|
|
* dpif-netdev-perf: Fix double update of perf histograms.
|
|
* dpdk: Stop dumping memzones to stdout.
|
|
* dpctl: Drop parser debug information.
|
|
* netdev-tc-offloads: Properly get the block id on flow del/get
|
|
* netdev-tc-offloads: Improve log message for icmpv6 offload not supported
|
|
* conntrack: Replace structure copy by memcpy().
|
|
* conntrack: Lookup only 'UNNAT conns' in 'nat_clean()'.
|
|
* conntrack: Fix race for NAT cleanup.
|
|
* ovn-nbctl: Don't segfault when ovn-northd doesn't configure dynamic addresses.
|
|
* datapath-windows: Add annotations to find vport functions
|
|
* datapath-windows: Guard vport usage in user.c
|
|
* datapath-windows: Fix potential deadlock in event subscription
|
|
* datapath-windows: Fix race condition during port creation
|
|
* datapath-windows: Fix nbl cleanup when memory allocation fails
|
|
* netdev-linux: Remove ingress qdisc before trying to add shared block
|
|
* netdev-tc-offloads: Remove ingress qdisc on tc init flow api
|
|
* ovsdb-idl: Fix memory leak of idl->remote.
|
|
* travis: Remove 'sudo' configuration.
|
|
* OVN: Add port addresses to IPAM after all ports are joined.
|
|
* dpif-netlink: Free leaked ofpbuf by using ofpbuf_delete
|
|
* OVN: update RA next_announce according to {min, max}_interval
|
|
* rconn: Avoid occasional immediate connection failures.
|
|
* dpdk: Fix case-sensitivity of dpdk-init knob.
|
|
* NEWS: Clean up the 2.11.0 release notes a bit.
|
|
* conntrack: Fix L4 csum for V6 extension hdr pkts.
|
|
* packets: Change return type for 'packet_csum_upperlayer6()'.
|
|
* ovsdb-client: Fix typo.
|
|
* ovn-nbctl: Daemon mode should retry when IDL connection lost.
|
|
* ofctl: break the loop if ovs_pcap_read returns error
|
|
* netlink: added check to prevent netlink attribute overflow
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 25 14:18:56 UTC 2019 - <jcaamano@suse.com>
|
|
|
|
- Disable dpdk on ix86, aligned with dpdk package.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 21 15:12:55 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Combine %service_* calls to reduce generated boilerplate.
|
|
- Reduce scriptlets' hard dependency on systemd.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 28 11:16:58 UTC 2019 - jcaamano@suse.com
|
|
|
|
- Version bump to 2.11.0. Some of the changes are:
|
|
* Linux datapath:
|
|
- Support for the kernel versions 4.16.x and 4.17.x.
|
|
- Support for the kernel versions 4.18.x
|
|
* OpenFlow:
|
|
- OFPMP_TABLE_FEATURES_REQUEST can now modify table features.
|
|
* ovs-ofctl:
|
|
- "mod-table" command can now change OpenFlow table names.
|
|
* The environment variable OVS_SYSLOG_METHOD, if set, is now used
|
|
as the default syslog method.
|
|
* The environment variable OVS_CTL_TIMEOUT, if set, is now used
|
|
as the default timeout for control utilities.
|
|
* ovn:
|
|
- OVN-SB schema changed: duplicated IP with same Encapsulation type
|
|
is not allowed any more. Please refer to
|
|
Documentation/intro/install/ovn-upgrades.rst for the instructions
|
|
in case there are problems encountered when upgrading from an earlier
|
|
version.
|
|
- New support for IPSEC encrypted tunnels between hypervisors.
|
|
- ovn-ctl: allow passing user:group ids to the OVN daemons.
|
|
- IPAM/MACAM:
|
|
* add the capability to dynamically assign just L2 addresses
|
|
* add the capability to specify a static ip address and get the L2 one
|
|
allocated dynamically using the following syntax:
|
|
ovn-nbctl lsp-set-addresses <port> "dynamic <IP>"
|
|
* DPDK:
|
|
- Add support for DPDK 18.11
|
|
- Add support for port representors.
|
|
* Userspace datapath:
|
|
- Add option for simple round-robin based Rxq to PMD assignment.
|
|
It can be set with pmd-rxq-assign.
|
|
- Add support for Auto load balancing of PMDs (experimental)
|
|
- Added new per-port configurable option to manage EMC:
|
|
'other_config:emc-enable'.
|
|
* Add 'symmetric_l3' hash function.
|
|
* OVS now honors 'updelay' and 'downdelay' for bonds with LACP configured.
|
|
* ovs-vswitchd:
|
|
- New configuration option "offload-rebalance", that enables dynamic
|
|
rebalancing of offloaded flows.
|
|
* The environment variable OVS_RESOLV_CONF, if set, is now used
|
|
as the DNS server configuration file.
|
|
* RHEL packaging:
|
|
- OVN packages are split from OVS packages. A new spec
|
|
file - ovn-fedora.spec.in is added to generate OVN packages.
|
|
- Revisit DISABLE_RESTART_ON_UPDATE and DISABLE_STOP_ON_REMOVAL options
|
|
(bsc#1117483). DISABLE_STOP_ON_REMOVAL is removed. DISABLE_RESTART_ON_UPDATE
|
|
is replaced by '%service_del_postun -n'. $FIRST_ARG is replaced by $1.
|
|
- Add extra openvswitch headers (bsc#1125897).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 15 16:16:32 UTC 2019 - jcaamano@suse.com
|
|
|
|
- Obsolete old python[2]-openvswitch-test subpackages (bsc#1124435).
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 24 16:52:16 UTC 2019 - jcaamano@suse.com
|
|
|
|
- Fixed package name libopenvswitch-2_10-0 to libopenvswitch-2_11-0
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 24 11:34:15 UTC 2019 - Jaime Caamaño (jcaamano@suse.com)
|
|
|
|
- Version bump to 2.11.0+git20190123.ad83fc9ab. Some of the changes are:
|
|
* Linux datapath:
|
|
- Support for the kernel versions 4.16.x and 4.17.x.
|
|
* OpenFlow:
|
|
- OFPMP_TABLE_FEATURES_REQUEST can now modify table features.
|
|
* ovs-ofctl:
|
|
- "mod-table" command can now change OpenFlow table names.
|
|
* The environment variable OVS_SYSLOG_METHOD, if set, is now used
|
|
as the default syslog method.
|
|
* The environment variable OVS_CTL_TIMEOUT, if set, is now used
|
|
as the default timeout for control utilities.
|
|
* ovn:
|
|
- OVN-SB schema changed: duplicated IP with same Encapsulation type
|
|
is not allowed any more. Please refer to
|
|
Documentation/intro/install/ovn-upgrades.rst for the instructions
|
|
in case there are problems encountered when upgrading from an earlier
|
|
version.
|
|
- New support for IPSEC encrypted tunnels between hypervisors.
|
|
- ovn-ctl: allow passing user:group ids to the OVN daemons.
|
|
- IPAM/MACAM:
|
|
* add the capability to dynamically assign just L2 addresses
|
|
* add the capability to specify a static ip address and get the L2 one
|
|
allocated dynamically using the following syntax:
|
|
ovn-nbctl lsp-set-addresses <port> "dynamic <IP>"
|
|
* DPDK:
|
|
- Add support for DPDK 18.11
|
|
- Add support for port representors.
|
|
* Userspace datapath:
|
|
- Add option for simple round-robin based Rxq to PMD assignment.
|
|
It can be set with pmd-rxq-assign.
|
|
- Add support for Auto load balancing of PMDs (experimental)
|
|
- Added new per-port configurable option to manage EMC:
|
|
'other_config:emc-enable'.
|
|
* Add 'symmetric_l3' hash function.
|
|
* OVS now honors 'updelay' and 'downdelay' for bonds with LACP configured.
|
|
* ovs-vswitchd:
|
|
- New configuration option "offload-rebalance", that enables dynamic
|
|
rebalancing of offloaded flows.
|
|
* The environment variable OVS_RESOLV_CONF, if set, is now used
|
|
as the DNS server configuration file.
|
|
* RHEL packaging:
|
|
- OVN packages are split from OVS packages. A new spec
|
|
file - ovn-fedora.spec.in is added to generate OVN packages.
|
|
- Remove upstreamed patch:
|
|
* 0001-python-c-ext-Fix-memory-leak-in-Parser_finish.patch
|
|
- Remove DISABLE_RESTART_ON_UPDATE and DISABLE_STOP_ON_REMOVAL options (bsc#1117483).
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 20 07:58:20 UTC 2019 - Thomas Bechtold <tbechtold@suse.com>
|
|
|
|
- python2-ovs provides now also python-ovs which is the standard
|
|
for singlespec python packages.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 26 11:07:30 UTC 2018 - jcaamano@suse.com
|
|
|
|
- Backport upstream fix for python json parser memory leak (bsc#1116437)
|
|
* 0001-python-c-ext-Fix-memory-leak-in-Parser_finish.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 8 11:17:38 UTC 2018 - Markos Chandras <mchandras@suse.de>
|
|
|
|
- Improve python packaging (bsc#1115085)
|
|
* Rename python*-openvswitch subpackages to python*-ovs to follow
|
|
the openSUSE policy that packages should be named after the modules
|
|
they install.
|
|
* Build the JSON C bindings and as a result the 'noarch' BuildArch
|
|
needs to be removed.
|
|
* Drop the python*-openvswitch-test packages and merge them with the
|
|
test subpackage
|
|
* Build the python bindings using setuptools
|
|
* Include the egg-info package.
|
|
* Use libopenvswitch as dependency to python bindings
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 22 09:38:00 UTC 2018 - Markos Chandras <mchandras@suse.de>
|
|
|
|
- Version bump to 2.10.1. Some of the changes are:
|
|
* dpif-netdev.at: Add missing backslash.
|
|
* ofproto-dpif-xlate: Avoid deadlock on multicast snooping recursion.
|
|
* dpif-netdev-perf: Print SMC statistics.
|
|
* dpif-netdev-unixctl: Change 'masked' to 'megaflow'.
|
|
* ovn-controller: Support processing DHCPv6 information request message type
|
|
* ovn-ctl: Fix the wrong pidfile argument passed to ovsdb-servers
|
|
* ovndb-servers.ocf: Add ssl support for managing OVN DB resources with pacemaker using LB VIP.
|
|
* ovn-ctl: Allow passing ssl certs when starting OVN DBs in ssl mode.
|
|
* expr: Disallow < <= >= > comparisons against empty value set.
|
|
* expr: Set a limit on the depth of nested parentheses
|
|
* ovn: Fix IPv6 DAD failure for container ports
|
|
* dpif-netdev: Add vlan to mask for flow_put operation.
|
|
* ovs-save: Parse geneve tlv map correctly.
|
|
* extend-table: Fix a bug that iterates wrong table
|
|
* odp-util: Fix a use-after-free bug.
|
|
* ofp-packet: Fix NXT_RESUME with geneve tunnel metadata
|
|
* dpif-netlink: Fix null pointer.
|
|
* ofproto-dpif-xlate.c: Fix uninitialized variable warning.
|
|
* dpif: Remove support for multiple queues per port.
|
|
* dpif-netlink: don't allocate per thread netlink sockets
|
|
* ovsdb-types: Refactor structs so as to comply with C++ standard
|
|
* bfd: Make the tp_dst masking megaflow-friendly.
|
|
* ovsdb-data: Improve grammar in error message.
|
|
* condition: Reject <, <=, >=, > with optional scalar against empty set.
|
|
* condition: Fix ==, !=, includes, excludes on optional scalars.
|
|
* netdev: Properly clear 'details' when iterating in NETDEV_QOS_FOR_EACH.
|
|
* lex: Fix buffer overrun parsing overlong hexadecimal constants.
|
|
* sflow: Set agent address properly based on collector address.
|
|
* ovsdb-client: Fix a bug that uses wrong index
|
|
* ofproto: Fix build with some GCC versions.
|
|
* ofproto-dpif-xlate: Fix conntrack fields on NXT_RESUME
|
|
* ofproto: Handle OpenFlow version mismatch for requestforward with groups.
|
|
* ovs-save: save and restore groups on restart
|
|
* sparse: check if floatn-common.h is available.
|
|
* flow: Fix uninitialized flow fields in IPv6 error case.
|
|
* ofproto-dpif: Fix NXT_RESUME flow stats
|
|
* ovn: Add the documentation for the DHCP opt 'wpad' in proper section
|
|
* meta-flow: Make "nw_frag" a synonym for "ip_frag".
|
|
* gre: Rename fallback devices to avoid udev's interference
|
|
* ovsdb-server: Alleviate the possible data loss in an active/standby setup
|
|
* ovsdb-idlc: Use ALIGNED_CAST to avoid spurious warnings for index rows.
|
|
* ofproto-dpif-xlate: Fix translation of groups with no buckets.
|
|
* ovn: Add DHCP support for option 252.
|
|
* ofp-port: Don't leak on error in ofputil_pull_ofp14_port_stats().
|
|
* ofp-print: Fix a memory leak reported by fuzz
|
|
* ovs-save: Don't always include the default flow during restore
|
|
* lib/tc: treat vlan id and prio as independent fields
|
|
* odp-util: Don't attempt to write IPv6 flow label bits that don't exist.
|
|
* lib/tc: reject offloading of non-Ethernet packets
|
|
* dhparams: Fix .c file generation with OpenSSL >= 1.1.1-pre9
|
|
* ovs-ctl: Allow add-remote without vswitchd started.
|
|
* system-traffic: Fix conntrack per zone limit test.
|
|
* erspan: set erspan_ver to 1 by default when adding an erspan dev
|
|
* ovn.at: Skip ACL rate-limiting test on slow/overloaded systems.
|
|
* daemon-unix: Use same name for original or restarted children.
|
|
* dpif-netdev: Prevent unsafe access when retrieving meter stats.
|
|
* utilities: Drop shebang from bash completion script
|
|
* ofp-actions: Re-fix error path for parsing OpenFlow actions.
|
|
* nx-match: Avoid double-free on some error paths.
|
|
* netdev-dpdk: Support the link speed of XL710
|
|
* ovn-northd: Support learning neighbor from ARP request.
|
|
* ovn-northd: LR respond ARP from valid subnet only.
|
|
* ovn: Fix the issue in IPv6 Neigh Solicitation responder for router IPs
|
|
* dpctl: Fix memory leak in dp_exists().
|
|
* ofproto-dpif: Check for EBUSY as well
|
|
* tunnel, tests: Sort flow output in ERSPAN v1/v2 metadata
|
|
* erspan: add big endian bit fields.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 27 16:06:58 UTC 2018 - Markos Chandras <mchandras@suse.de>
|
|
|
|
- Use correct user for logrotate script (bsc#1104049, b096fa42ddc2)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 24 12:46:34 UTC 2018 - Markos Chandras <mchandras@suse.de>
|
|
|
|
- Fix package name for shared library.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 28 09:21:19 UTC 2018 - mchandras@suse.de
|
|
|
|
- Version bump to 2.10.0. Some of the changes are:
|
|
* ovs-vswitchd and utilities now support DNS names in OpenFlow and
|
|
OVSDB remotes.
|
|
* ovs-vswitchd:
|
|
- New options --l7 and --l7-len to "ofproto/trace" command.
|
|
- Previous versions gave OpenFlow tables default names of the form
|
|
"table#". These are not helpful names for the purpose of accepting
|
|
and displaying table names, so now tables by default have no names.
|
|
- The "null" interface type, deprecated since 2013, has been removed.
|
|
- Add minimum network namespace support for Linux.
|
|
- New command "lacp/show-stats"
|
|
* ovs-ofctl:
|
|
- ovs-ofctl now accepts and display table names in place of numbers. By
|
|
default it always accepts names and in interactive use it displays them;
|
|
use --names or --no-names to override. See ovs-ofctl(8) for details.
|
|
* ovs-vsctl: New commands "add-bond-iface" and "del-bond-iface".
|
|
* ovs-dpctl:
|
|
- New commands "ct-set-limits", "ct-del-limits", and "ct-get-limits".
|
|
* OpenFlow:
|
|
- OFPT_ROLE_STATUS is now available in OpenFlow 1.3.
|
|
- OpenFlow 1.5 extensible statistics (OXS) now implemented.
|
|
- New OpenFlow 1.0 extensions for group support.
|
|
- Default selection method for select groups is now dp_hash with improved
|
|
accuracy.
|
|
* ovn:
|
|
- Implemented icmp4/icmp6/tcp_reset actions in order to drop the packet
|
|
and reply with a RST for TCP or ICMPv4/ICMPv6 unreachable message for
|
|
other IPv4/IPv6-based protocols whenever a reject ACL rule is hit.
|
|
- ACL match conditions can now match on Port_Groups as well as address
|
|
sets that are automatically generated by Port_Groups. ACLs can be
|
|
applied directly to Port_Groups as well.
|
|
- ovn-nbctl can now run as a daemon (long-lived, background process).
|
|
See ovn-nbctl(8) for details.
|
|
* DPDK:
|
|
- New 'check-dpdk' Makefile target to run a new system testsuite.
|
|
See Testing topic for the details.
|
|
- Add LSC interrupt support for DPDK physical devices.
|
|
- Allow init to fail and record DPDK status/version in OVS database.
|
|
- Add experimental flow hardware offload support
|
|
- Support both shared and per port mempools for DPDK devices.
|
|
* Userspace datapath:
|
|
- Commands ovs-appctl dpif-netdev/pmd-*-show can now work on a single PMD
|
|
- Detailed PMD performance metrics available with new command
|
|
ovs-appctl dpif-netdev/pmd-perf-show
|
|
- Supervision of PMD performance metrics and logging of suspicious
|
|
iterations
|
|
- Add signature match cache (SMC) as experimental feature. When turned on,
|
|
it improves throughput when traffic has many more flows than EMC size.
|
|
* ERSPAN:
|
|
- Implemented ERSPAN protocol (draft-foschiano-erspan-00.txt) for
|
|
both kernel datapath and userspace datapath.
|
|
- Added port-based and flow-based ERSPAN tunnel port support, added
|
|
OpenFlow rules matching ERSPAN fields. See ovs-fields(7).
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 16 08:26:19 UTC 2018 - mchandras@suse.de
|
|
|
|
- Fix conditional to only include vfio udev rules when building with
|
|
DPDK support
|
|
- Exclude %_docdir from main package which seems to be packaged by
|
|
default on older openSUSE releases.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 7 10:00:35 UTC 2018 - mchandras@suse.de
|
|
|
|
- Restrict DPDK version to 18.02 since Open vSwitch 2.9 is not going
|
|
to work with any newer releases.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 29 08:06:29 UTC 2018 - mchandras@suse.de
|
|
|
|
- Version bump to 2.9.2. Some of the changes are:
|
|
* OVSDB has new, experimental support for database clustering:
|
|
- New high-level documentation in ovsdb(7).
|
|
- New file format documentation for developers in ovsdb(5).
|
|
- Protocol documentation moved from ovsdb-server(1) to ovsdb-server(7).
|
|
- ovsdb-server now supports online schema conversion via
|
|
"ovsdb-client convert".
|
|
- ovsdb-server now always hosts a built-in database named _Server. See
|
|
ovsdb-server(5) for more details.
|
|
- ovsdb-client: New "get-schema-cksum", "query", "backup", "restore",
|
|
and "wait" commands. New --timeout option.
|
|
- ovsdb-tool: New "create-cluster", "join-cluster", "db-cid", "db-sid",
|
|
"db-local-address", "db-is-clustered", "db-is-standalone", "db-name",
|
|
"schema-name", "compare-versions", and "check-cluster" commands.
|
|
- ovsdb-server: New ovs-appctl commands for managing clusters.
|
|
- ovs-sandbox: New support for clustered databases.
|
|
* OVN:
|
|
- ovn-sbctl, ovn-nbctl: New options --leader-only, --no-leader-only.
|
|
* Bug fixes
|
|
|
|
- Use openvswitch user/group for the log directory (3f556d66edb9)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 9 07:24:44 UTC 2018 - mchandras@suse.de
|
|
|
|
- Add support for RedHat distributions. All SUSE macros are now
|
|
conditional and the spec file has been adapted based on the upstream
|
|
one (fate#324537)
|
|
- spec-cleaner fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 2 07:58:27 UTC 2018 - mchandras@suse.de
|
|
|
|
- Move openvswitch user/group creation to %pre scriptlet. The default
|
|
ownership of the configuration files expects the user and group to
|
|
be available as early as possible (bsc#1091408)
|
|
- spec-cleaner fixes.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 23 09:33:02 UTC 2018 - mchandras@suse.de
|
|
|
|
- Preserve 'enable' status of openvswitch.service file when upgrading
|
|
from <SLE-12-SP3. The service file has been moved from the old
|
|
openvswitch-switch subpackage to the main openvswitch one so we
|
|
need to handle this migration step in %posttrans (bsc#1089476)
|
|
- Move DISABLE_STOP_ON_REMOVAL=yes to %preun. This variable is only
|
|
checked in %service_del_preun macro
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 22 10:39:10 UTC 2018 - mchandras@suse.de
|
|
|
|
- Fix file permissions in /etc/openvswitch for upgrades (951d79e638ec)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 21 21:03:21 UTC 2018 - dmueller@suse.com
|
|
|
|
- set rundir to %_rundir
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 1 10:39:54 UTC 2018 - mchandras@suse.de
|
|
|
|
- Version bump to 2.9.0. Some of the changes are:
|
|
* NSH implementation now conforms to latest draft (draft-ietf-sfc-nsh-28).
|
|
* OVSDB:
|
|
- ovsdb-client: New "get-schema-cksum" and "query" commands.
|
|
- ovsdb-client: New "backup" and "restore" commands.
|
|
- ovsdb-client: New --timeout option.
|
|
- ovsdb-tool: New "db-name" and "schema-name" commands.
|
|
* ovs-vsctl and other commands that display data in tables now support a
|
|
--max-column-width option to limit column width.
|
|
* No longer slow-path traffic that sends to a controller. Applications,
|
|
such as OVN ACL logging, want to send a copy of a packet to a
|
|
controller while leaving the actual packet forwarding in the datapath.
|
|
* OVN:
|
|
- The "requested-chassis" option for a logical switch port now accepts a
|
|
chassis "hostname" in addition to a chassis "name".
|
|
- IPv6
|
|
* Added support to send IPv6 Router Advertisement packets in response to
|
|
the IPv6 Router Solicitation packets from the VIF ports.
|
|
* Added support to generate Neighbor Solicitation packets using the OVN
|
|
action 'nd_ns' to resolve unknown next hop MAC addresses for the
|
|
IPv6 packets.
|
|
- ovn-ctl: New commands run_nb_ovsdb and run_sb_ovsdb.
|
|
* OpenFlow:
|
|
- ct_clear action is now backed by kernel datapath. Support is probed for
|
|
when OVS starts.
|
|
- ovs-dpctl and related ovs-appctl commands:
|
|
* "flush-conntrack" now accept a 5-tuple to delete a specific
|
|
connection tracking entry.
|
|
* New "ct-set-maxconns", "ct-get-maxconns", and "ct-get-nconns" commands
|
|
for userspace datapath.
|
|
- No longer send packets to the Linux TAP device if it's DOWN unless it is
|
|
in another networking namespace.
|
|
* DPDK:
|
|
- Add support for DPDK v17.11
|
|
- Add support for vHost IOMMU
|
|
- New debug appctl command 'netdev-dpdk/get-mempool-info'.
|
|
* Custom statistics:
|
|
- DPDK physical ports now return custom set of "dropped", "error" and
|
|
"management" statistics.
|
|
- ovs-ofctl dump-ports command now prints new of set custom statistics
|
|
if available (for OpenFlow 1.4+).
|
|
- New appctl command 'dpif-netdev/pmd-rxq-rebalance' to rebalance rxq to
|
|
pmd assignments.
|
|
- Add rxq utilization of pmd to appctl 'dpif-netdev/pmd-rxq-show'.
|
|
- Add support for vHost dequeue zero copy (experimental)
|
|
* Userspace datapath:
|
|
- Output packet batching support.
|
|
* vswitchd:
|
|
- Datapath IDs may now be specified as 0x1 (etc.) instead of 16 digits.
|
|
- Configuring a controller, or unconfiguring all controllers, now deletes
|
|
all groups and meters (as well as all flows).
|
|
- New --enable-sparse configure option enables "sparse" checking by default.
|
|
- Added additional information to vhost-user status.
|
|
- For the complete list of changes, please refer to
|
|
http://openvswitch.org/releases/NEWS-2.9.0
|
|
- Fix incorrect python3 dependencies for python2 subpackages
|
|
- Drop upstream patches for DPDK 17.11 support. They have been merged upstream
|
|
* 0001-netdev-dpdk-replace-uint8_t-with-dpdk_port_t.patch
|
|
* 0002-netdev-dpdk-DPDK-v17.11-upgrade.patch
|
|
* 0003-netdev-dpdk-vHost-IOMMU-support.patch
|
|
- Get rid of the old openvswitch DPDK migration steps everybody should have
|
|
migrated from <2.6 to latest releases by now.
|
|
* 0001-utilities-Add-script-to-support-DPDK-option-migratio.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 9 16:25:48 UTC 2018 - mchandras@suse.de
|
|
|
|
- Add upstream patches to support DPDK 17.11 (fate#322609)
|
|
* 0001-netdev-dpdk-replace-uint8_t-with-dpdk_port_t.patch
|
|
* 0002-netdev-dpdk-DPDK-v17.11-upgrade.patch
|
|
* 0003-netdev-dpdk-vHost-IOMMU-support.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 27 17:05:35 UTC 2017 - mchandras@suse.de
|
|
|
|
- Python fixes and improvements
|
|
* Build Python3 subpackages for Open vSwitch python bindings
|
|
* Switch build architecture to 'noarch' for python bindings.
|
|
* Fix license for python subpackages
|
|
* Build and ship python bytecode files.
|
|
- Do not mark files in /usr/share/* as configuration files
|
|
- Replace version macro with actual version number of Obsoletes tags.
|
|
The DPDK packages have been merged with the regular OvS ones in the
|
|
2.7.0 release so make it more explicit which ones we are obsoleting.
|
|
- spec-cleaner fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 6 14:00:55 UTC 2017 - mchandras@suse.de
|
|
|
|
- Fix documentation installation. It's best to install everything to
|
|
%buildroot and then remove the files we don't need instead of the
|
|
other way around since some files need to be present in the source
|
|
directory for the testsuite to run (bsc#1076284)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 23 13:38:56 UTC 2017 - rbrown@suse.com
|
|
|
|
- Replace references to /var/adm/fillup-templates with new
|
|
%_fillupdir macro (boo#1069468)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 29 19:46:56 UTC 2017 - mchandras@suse.de
|
|
|
|
- Version bump to 2.8.1. Some of the changes are:
|
|
* connmgr: Fix violation of flow monitoring protocol description.
|
|
* ovn/actions: Improve OVN load-balancing performance.
|
|
* dpif-netdev: Fix a zero-rate bug for meter
|
|
* conntrack: Tighten handling of alg reverse conns.
|
|
* conntrack: Add function ct_print_conn_info().
|
|
* conntrack: Create nat_conn_keys_insert().
|
|
* netdev-dpdk: reset packet_type for reused dp_packets.
|
|
* ofp-util: Fix memory leaks when parsing OF1.5 group properties (cve-2017-14970) (bsc#1061310)
|
|
* ofp-util: Fix memory leaks on error cases in ofputil_decode_group_mod() (cve-2017-14970) (bsc#1061310)
|
|
* ofp-util: Fix buffer overread in ofputil_decode_bundle_add().
|
|
* ofproto: Include patch ports in mtu overriden check
|
|
* netdev-tc-offloads: Fix vxlan tunnel offloading
|
|
* bridge: Fix controller status update to passive connections
|
|
* lib/odp: Fix handling of set masked action in parse_odp_action
|
|
* tests: Fix sparse error on test-ovn.c
|
|
* dpif-netdev: Fix per packet cycles statistics.
|
|
* netdev-dpdk: update vhost user client port status.
|
|
* ovsdb-server.1: Fix mention of wrong option.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 4 07:22:47 UTC 2017 - mchandras@suse.de
|
|
|
|
- Version bump to 2.8.0 (fate#323334, bsc#1050700). Some of the changes are:
|
|
* ovs-ofctl can now accept and display port names in place of numbers. By
|
|
default it always accepts names and in interactive use it displays them;
|
|
use --names or --no-names to override. See ovs-ofctl(8) for details.
|
|
* "ovs-ofctl dump-flows" now accepts --no-stats to omit flow statistics.
|
|
* New ovs-dpctl command "ct-stats-show" to show connection tracking stats.
|
|
* DPDK log messages redirected to OVS logging subsystem.
|
|
Log level can be changed in a usual OVS way using
|
|
'ovs-appctl vlog' commands for 'dpdk' module. Lower bound
|
|
still can be configured via extra arguments for DPDK EAL.
|
|
* dpdkvhostuser ports are marked as deprecated. They will be removed
|
|
in an upcoming release.
|
|
* Support for DPDK v17.05.1.
|
|
* New support for multiple VLANs (802.1ad or "QinQ"), including a new
|
|
"dot1q-tunnel" port VLAN mode.
|
|
* Added NAT support for userspace datapath.
|
|
* Added FTP and TFTP support with NAT for userspace datapath.
|
|
* Experimental NSH (Network Service Header) support in userspace datapath.
|
|
* Tracing with ofproto/trace now traces through recirculation.
|
|
* New support for role-based access control (see ovsdb-server(1)).
|
|
* New commands 'stp/show' and 'rstp/show' (see ovs-vswitchd(8)).
|
|
* All features required by OpenFlow 1.4 are now implemented, so
|
|
ovs-vswitchd now enables OpenFlow 1.4 by default (in addition to
|
|
OpenFlow 1.0 to 1.3).
|
|
* Increased support for OpenFlow 1.6 (draft).
|
|
* Bundles now support hashing by just nw_src or nw_dst.
|
|
* The "learn" action now supports a "limit" option (see ovs-ofctl(8)).
|
|
* The port status bit OFPPS_LIVE now reflects link aliveness.
|
|
* OpenFlow 1.5 packet-out is now supported.
|
|
* Support for OpenFlow 1.5 field packet_type and packet-type-aware
|
|
pipeline (PTAP).
|
|
* Added generic encap and decap actions (EXT-382).
|
|
First supported use case is encap/decap for Ethernet.
|
|
* Added NSH (Network Service Header) support in userspace
|
|
Used generic encap and decap actions to implement encapsulation and
|
|
decapsulation of NSH header.
|
|
IETF NSH draft - https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh/
|
|
* ovs-vswitchd and ovsdb-server run as non-root users by default.
|
|
* Add --cleanup option to command 'ovs-appctl exit' (see ovs-vswitchd(8)).
|
|
* Use new tunnel port option "packet_type" to configure L2 vs. L3.
|
|
* In conjunction with PTAP tunnel ports can handle a mix of L2 and L3
|
|
payload.
|
|
* New vxlan tunnel extension "gpe" to support VXLAN-GPE tunnels.
|
|
* New support for non-Ethernet (L3) payloads in GRE and VXLAN-GPE.
|
|
* Add experimental support for hardware offloading
|
|
* HW offloading is disabled by default.
|
|
* HW offloading is done through the TC interface.
|
|
* The next major version of OVS will introduce a change in the
|
|
conntrack API. Conntrack state is only available to the processing
|
|
path that follows the "recirc_table" argument of the ct() action.
|
|
Starting in OVS 2.9, this state will be cleared for the current
|
|
processing path whenever ct() is called.
|
|
- Create new openvswitch-doc subpackage for the Open vSwitch documentation
|
|
- Fix filename for logrotate configuration (bsc#1057357)
|
|
- Fix constrains with Provides/Obsoletes tags (bsc#1057357)
|
|
- Misc cleanups from spec-cleaner
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 10 15:12:23 UTC 2017 - olaf@aepfle.de
|
|
|
|
- Update filename in /var/adm/update-messages to match documentation,
|
|
and build-compare pattern
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 27 13:05:42 UTC 2017 - mchandras@suse.de
|
|
|
|
- Do not restart the ovs-vswitchd and ovsdb-server services
|
|
on package updates (bsc#1002734)
|
|
- Do not restart the ovs-vswitchd, ovsdb-server and openvswitch
|
|
services on package removals. This facilitates potential future
|
|
package moves but also preserves connectivity when the package is
|
|
removed (bsc#1050896)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 19 07:32:59 UTC 2017 - mchandras@suse.de
|
|
|
|
- Version bump to 2.7.2. Some of the changes are:
|
|
* Revert "netdev: Fix netdev_open() to adhere to class type if given"
|
|
* connmgr: Fix crash when in_band_create() fails.
|
|
* db-ctl-base: Fix reference-following feature in get_row_by_id().
|
|
* netdev: Fix crash when ifa_netmask is null.
|
|
* ovn-controller: fix use-after-free in physical_run()
|
|
* ovn-controller: avoid crash when vswitchd connection is lost
|
|
* ovsdb-types: Fix memory leak on error path.
|
|
* vswitchd: Fix IFACE_STAT name error in iface_refresh_stats
|
|
* netdev: Fix crash when interface option is changed to invalid value.
|
|
* ofp-util: fix memory leak in ofputil_pull_ofp11_buckets
|
|
* configure: Fix check for rte_config.h to handle cross-compilation.
|
|
* ofp-util: Check length of buckets in ofputil_pull_ofp15_group_mod() (cve-2017-9265) (bsc#1041447)
|
|
* ofp-print: Don't abort on unknown reason in role status message (cve-2017-9263) (bsc#1041470)
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jul 8 20:42:27 UTC 2017 - jengelh@inai.de
|
|
|
|
- Remove irrelevant wording from summaries/description.
|
|
Diversify summaries.
|
|
- Get rid of an empty if block by inverting the condition.
|
|
- Implement shared library packaging guideline.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 6 07:59:30 UTC 2017 - mchandras@suse.de
|
|
|
|
- Version bump to 2.7.1. Some of the changes are:
|
|
* Add --cleanup option to command 'ovs-appctl exit' (see ovs-vswitchd(8)).
|
|
* libopenvswitch-2 was renamed to libopenvswitch-2.7. Applications built
|
|
against libopenvswitch must be recompiled against the newer library.
|
|
* ovs-ctl: allow passing user:group to daemons
|
|
* ofproto/bond: Fix bond reconfiguration race condition
|
|
* ofproto/bond: Fix bond post recirc rule leak.
|
|
* ofproto/bond: fix interal flow leak of tcp-balance bond
|
|
* mcast-snooping: Avoid segfault for vswitchd.
|
|
* tun-metadata: Fix memory leak in tun_metadata_table_mod().
|
|
* netdev-dpdk: Fix mempool segfault.
|
|
* mirror: Allow concurrent lookups.
|
|
* ofp-util: Fix buffer overread in ofputil_pull_queue_get_config_reply10() (bsc#1040543)
|
|
* ovsdb: Check null before deref in ovsdb_monitor_table_condition_update().
|
|
* For the complete list of changes, please see:
|
|
- https://github.com/openvswitch/ovs/compare/v2.7.0...v2.7.1
|
|
- Remove upstreamed patch
|
|
* 0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch
|
|
- OVN services are no longer restarted automatically after upgrade (44dd4cc49c8a)
|
|
|
|
-------------------------------------------------------------------
|
|
Sat May 27 08:39:25 UTC 2017 - mchandras@suse.de
|
|
|
|
- Install firewalld OVN files with chmod 644 instead of 755 (4a54614120ea)
|
|
- Use python-six instead of python2-six dependency to cover distributions
|
|
which are not using the python-singlespec packaging specification yet (bsc#1041110)
|
|
- Add upstream patch to fix a buffer overread vulnerability (cve-2017-9214) (bsc#1040543)
|
|
* 0001-ofp-util-Fix-buffer-overread-in-ofputil_pull_queue_g.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 28 09:24:48 UTC 2017 - mchandras@suse.de
|
|
|
|
- Version bump to 2.7.0 (fate#321541). Some of the changes are:
|
|
* Utilities and daemons that support SSL now allow protocols and
|
|
ciphers to be configured with --ssl-protocols and --ssl-ciphers.
|
|
* OVN:
|
|
- QoS is now implemented via egress shaping rather than ingress policing.
|
|
- DSCP marking is now supported, via the new northbound QoS table.
|
|
- IPAM now supports fixed MAC addresses.
|
|
- Support for source IP address based routing.
|
|
- ovn-trace:
|
|
* New --ovs option to also print OpenFlow flows.
|
|
* put_dhcp_opts and put_dhcp_optsv6 actions may now be traced.
|
|
- Support for managing SSL and remote connection configuration in
|
|
northbound and southbound databases.
|
|
* Fixed regression in table stats maintenance introduced in OVS
|
|
2.3.0, wherein the number of OpenFlow table hits and misses was
|
|
not accurate.
|
|
* OpenFlow:
|
|
- OFPT_PACKET_OUT messages are now supported in bundles.
|
|
- A new "selection_method=dp_hash" type for OpenFlow select group
|
|
bucket selection that uses the datapath computed 5-tuple hash
|
|
without making datapath flows match the 5-tuple fields, which
|
|
is useful for more efficient load balancing, for example. This
|
|
uses the Netronome extension to OpenFlow 1.5+ that allows
|
|
control over the OpenFlow select groups selection method. See
|
|
"selection_method" and related options in ovs-ofctl(8) for
|
|
details.
|
|
- The "sample" action now supports "ingress" and "egress" options.
|
|
- The "ct" action now supports the TFTP ALG where support is available.
|
|
- New actions "clone" and "ct_clear".
|
|
* ovs-ofctl:
|
|
- 'bundle' command now supports packet-out messages.
|
|
- New syntax for 'ovs-ofctl packet-out' command, which uses the
|
|
same string parser as the 'bundle' command. The old 'packet-out'
|
|
syntax is deprecated and will be removed in a later OVS
|
|
release.
|
|
- New unixctl "ofctl/packet-out" command, which can be used to
|
|
instruct a flow monitor to issue OpenFlow packet-out messages.
|
|
* ovsdb-server:
|
|
- Remote connections can now be made read-only (see ovsdb-server(1)).
|
|
* DPDK:
|
|
- Support for DPDK v16.11.
|
|
- Support for rx checksum offload. Refer DPDK HOWTO for details.
|
|
- Port Hotplug is now supported.
|
|
- DPDK physical ports can now have arbitrary names. The PCI address of
|
|
the device must be set using the 'dpdk-devargs' option. Compatibility
|
|
with the old dpdk<portid> naming scheme is broken, and as such a
|
|
device will not be available for use until a valid dpdk-devargs is
|
|
specified.
|
|
- Virtual DPDK Poll Mode Driver (vdev PMD) support.
|
|
* For the complete list of changes, please see:
|
|
- http://openvswitch.org/releases/NEWS-2.7.0
|
|
- Add patch to fix DPDK configuration migration for < 2.6 installations
|
|
* 0001-utilities-Add-script-to-support-DPDK-option-migratio.patch
|
|
- Rework spec file
|
|
* Enable DPDK by default and drop openvswitch-dpdk* packages. DPDK is only
|
|
enabled on supported architectures though.
|
|
- Remove openvswitch-dpdk.changes
|
|
- Remove openvswitch-dpdk.spec
|
|
- Remove pre_checkin.sh
|
|
* Merge openvswitch and openvswitch-switch into a single package since there
|
|
was no compelling reason to keep the switch functionality in a separate
|
|
subpackage.
|
|
* Split OVN package to ovn-common, ovn-central, ovn-docker, ovn-host and
|
|
ovn-controller similar to the Debian and RedHat packages.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 25 16:36:40 UTC 2016 - mchandras@suse.de
|
|
|
|
- Relax the DPDK dependency a bit so we can support stable and
|
|
possibly new minor releases as well.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 21 11:53:00 UTC 2016 - mchandras@suse.de
|
|
|
|
- Do not restart the openvswitch service after a package update.
|
|
Restarting the systemd service may break connectivity so let the
|
|
user decide when it is the best time for such an action. (bsc#1002734)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 3 10:48:32 UTC 2016 - mchandras@suse.de
|
|
|
|
- Version bump to 2.6.1. Some of the changes are:
|
|
* ovn: Do not reply to ARP or ND NS for a VM's own IP address.
|
|
* ovs-ofctl: Tolerate differences in IPv6 formatting.
|
|
* netdev-linux: double tagged packets should use 0x88a8
|
|
* expr: Fix abort when simplifying "x != 0/0".
|
|
* dpif-netdev: Fix crash in dpif_netdev_execute().
|
|
* ovn-controller: Container can have connection to a hosting VM.
|
|
* stream-ssl: Fix memory leak on error path.
|
|
* Other bug fixes.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 3 08:26:10 UTC 2016 - mchandras@suse.de
|
|
|
|
- Version bump to 2.6.0. Some of the changes are:
|
|
* First supported release of OVN. See ovn-architecture(7) for more
|
|
details.
|
|
* ovsdb-server:
|
|
- New "monitor_cond" "monitor_cond_update" and "update2" extensions to
|
|
RFC 7047.
|
|
* OpenFlow:
|
|
- OpenFlow 1.3+ bundles now expire after 10 seconds since the
|
|
last time the bundle was either opened, modified, or closed.
|
|
- OpenFlow 1.3 Extension 230, adding OpenFlow Bundles support, is
|
|
now implemented.
|
|
- OpenFlow 1.3+ bundles are now supported for group mods as well as
|
|
flow mods and port mods. Both 'atomic' and 'ordered' bundle
|
|
flags are supported for group mods as well as flow mods.
|
|
- Internal OpenFlow rule representation for load and set-field
|
|
actions is now much more memory efficient. For a complex flow
|
|
table this can reduce rule memory consumption by 40%.
|
|
- Bundles are now much more memory efficient than in OVS 2.5.
|
|
Together with memory efficiency improvements in OpenFlow rule
|
|
representation, the peak OVS resident memory use during a
|
|
bundle commit for large complex set of flow mods can be only
|
|
25% of that in OVS 2.5 (4x lower).
|
|
- OpenFlow 1.1+ OFPT_QUEUE_GET_CONFIG_REQUEST now supports OFPP_ANY.
|
|
- OpenFlow 1.4+ OFPMP_QUEUE_DESC is now supported.
|
|
- OpenFlow 1.4+ OFPT_TABLE_STATUS is now supported.
|
|
- New property-based packet-in message format NXT_PACKET_IN2 with support
|
|
for arbitrary user-provided data and for serializing flow table
|
|
traversal into a continuation for later resumption.
|
|
- New extension message NXT_SET_ASYNC_CONFIG2 to allow OpenFlow 1.4-like
|
|
control over asynchronous messages in earlier versions of OpenFlow.
|
|
- [...]
|
|
- For a complete list of changes, please see
|
|
http://openvswitch.org/releases/NEWS-2.6.0
|
|
- Remove obsolete patches and files
|
|
* 0001-Remove-broken-pipe-warning-logs-from-ovsdb-server.lo.patch
|
|
* 0001-ovs-ctl-Add-new-DPDK_OPTIONS-environment-variable.patch
|
|
* openvswitch-2.5.0-detect-dpdk-installation.patch
|
|
* openvswitch-switch.logrotate
|
|
* openvswitch.service
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 28 08:06:43 UTC 2016 - mchandras@suse.de
|
|
|
|
- New upstream bugfix release 2.5.1 (bsc#1001657)
|
|
* DPDK:
|
|
- New appctl command 'dpif-netdev/pmd-rxq-show' to check the port/rxq
|
|
assignment.
|
|
- Type of log messages from PMD threads changed from INFO to DBG.
|
|
* ovs-pki: Changed message digest algorithm from SHA-1 to SHA-512 because
|
|
SHA-1 is no longer secure and some operating systems have started to
|
|
disable it in OpenSSL.
|
|
* Bug fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 6 10:11:49 UTC 2016 - mchandras@suse.de
|
|
|
|
- Add new DPDK_OPTIONS environment variable to hold the dpdk
|
|
vswitchd options so that the systemd unit files can be used to
|
|
launch an ovs-vswitcd DPDK capable instance instead of doing
|
|
it manually. (bsc#987265)
|
|
* 0001-ovs-ctl-Add-new-DPDK_OPTIONS-environment-variable.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Aug 14 11:05:59 CEST 2016 - ro@suse.de
|
|
|
|
- enable openvswitch-dpdk on aarch64 since dpdk
|
|
builds on aarch64 now
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Aug 7 21:11:51 CEST 2016 - ro@suse.de
|
|
|
|
- remove aarch from openvswitch-dpdk until we have a dpdk
|
|
that builds for aarch64
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 12 10:41:14 UTC 2016 - mchandras@suse.de
|
|
|
|
- Add missing licenses (bsc#988513)
|
|
- Misc spec file cleanups highlighted by the spec-cleaner tool.
|
|
- Allow aarch64 builds for openvswitch-dpdk
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 4 12:08:06 UTC 2016 - mchandras@suse.de
|
|
|
|
- Allow the OvS daemon to run as non-root (bsc#987545)
|
|
- Add missing 'Conflicts' statements to all the subpackages as
|
|
required by the Factory review tools.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 29 15:17:07 UTC 2016 - mchandras@suse.de
|
|
|
|
- Remove the ?_with_dpdk macro usage since this is not being set
|
|
without explicitly passing --with/--without during an OBS build.
|
|
This reverts back to using the %{with dpdk} style which is set
|
|
automatically based on %bcond_with* macros (bsc#989335).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 28 13:21:12 UTC 2016 - mchandras@suse.de
|
|
|
|
- Fix subpackage dependencies to not require the non-existent python
|
|
DPDK subpackages (bsc#986835). We do not provide DPDK versions of
|
|
the python bindings so nothing should depend on these subpackages.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 22 15:07:01 UTC 2016 - jengelh@inai.de
|
|
|
|
- Update rpm groups, acronym forms.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 21 14:10:15 UTC 2016 - mchandras@suse.de
|
|
|
|
- Multiple fixes for the openvswitch-dpdk package (bsc#985878)
|
|
* Rename main package name to openvswitch-dpdk
|
|
* Do not build the python and kmp packages since they do not
|
|
depend on the DPDK capabilities
|
|
* Remove the open_virtual_switch capability. The
|
|
openvswitch-common will be used by reverse dependencies to
|
|
require either of the OvS packages.
|
|
* Provide virtual capabilities for all DPDK subpackages.
|
|
* Fix the dependencies in the python package to require either
|
|
of the OvS packages.
|
|
* Suggest the kmp package only if it's actually provided.
|
|
* Small cleanups.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 27 13:49:15 UTC 2016 - mchandras@suse.de
|
|
|
|
- Add %check directive to run the openvswitch testsuite on demand.
|
|
The openvswitch contains hundreds of tests covering simple and
|
|
complex openvswitch configuration so it's beneficial to run them
|
|
during package builds. However, running the testsuite is not enabled
|
|
by default. Also add the following upstream patch:
|
|
* 0001-Remove-broken-pipe-warning-logs-from-ovsdb-server.lo.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 26 15:40:04 UTC 2016 - mchandras@suse.de
|
|
|
|
- Build a DPDK-enabled Open vSwitch (fate#319170)
|
|
* Apply the following changes to the openvswitch.spec file
|
|
- Add support for building with DPDK capabilities
|
|
- Add conflicts between the two packages.
|
|
- Add new 'open_virtual_switch-*' capabilities for openvswitch,
|
|
openvswitch-switch, openvswitch-test packages which can be used
|
|
by reverse dependencies to select between the two openvswitch
|
|
implementations.
|
|
* Add pre_checkin.sh to generate the openvswitch_dpdk.spec file
|
|
based on the openvswitch.spec one.
|
|
* Add upstream openvswitch-2.5.0-detect-dpdk-installation.patch
|
|
patch to detect and link against a DPDK installation.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 23 18:33:13 UTC 2016 - jengelh@inai.de
|
|
|
|
- Keep %prep small for speedier `quilt setup`. Kill __DATE__ from
|
|
source. Drop all .la files that are in %_libdir.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 20 09:54:16 UTC 2016 - mchandras@suse.de
|
|
|
|
- Add missing %dir directive for /var/log/openvswitch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 19 10:13:41 UTC 2016 - dmueller@suse.com
|
|
|
|
- remove aarch64 conditional, no longer needed
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 5 09:00:26 UTC 2016 - mchandras@suse.de
|
|
|
|
- Multiple spec file and package fixes.
|
|
* Drop obsolete log-check-module-loop.patch patch.
|
|
* Drop conditional code for older openSUSE releases. This also removes
|
|
all of the sysvinit files which were pulled in when the package was
|
|
originally developed.
|
|
* Drop support for building the GUI. The GUI code has been removed in
|
|
7868fbc6c97c2 ("ovsdbmonitor: Remove.") upstream commit and it does
|
|
not exist since v2.2.0 so drop the code in the spec file.
|
|
* Use the upstream systemd service files for the OVN components instead
|
|
of maintaining our own downstream.
|
|
* Drop the unofficial ipsec support. It hasn't been enabled in years.
|
|
* Drop support for building the upstream kernel module since it's being
|
|
shipped with the kernel package in latest releases. Restore the
|
|
%bcond_with kmp to make it easier to build the external kernel module
|
|
if needed.
|
|
* Fix some suse-missing-rclink rpmlint warnings for the ovn subpackage
|
|
* Base our service unit to the upstream one.
|
|
* Stop silently enabling the GRE protocol in iptables by default.
|
|
* Install the upstream sysconfig file to pass more information to the
|
|
openvswitch service unit.
|
|
* Use make install instead of %makeinstall
|
|
* Drop brcompat leftovers.
|
|
* spec-cleaner fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 1 10:39:26 UTC 2016 - dmueller@suse.com
|
|
|
|
- address dimstars concerns
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 22 18:06:40 UTC 2016 - mchandras@suse.de
|
|
|
|
- Prevent systemd from autogenerating a service file for
|
|
openvswitch-switch which conflicts with the opevswitch
|
|
one. (bsc#966762)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 18 10:20:02 UTC 2016 - kmroz@suse.com
|
|
|
|
- Add missing %defattr to ovn files section.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 8 13:16:03 UTC 2016 - kmroz@suse.com
|
|
|
|
- Add additional install requirements for python-openvswitch-test
|
|
package.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 4 14:38:16 UTC 2016 - kmroz@suse.com
|
|
|
|
- Add support for building both 2.4.0 and 2.5.0 from the same spec
|
|
file. Needed to fix SLE11 builds as OVS-2.5.0 no longer supports
|
|
python < 2.7. SLE11 SP3 and SP4 use python 2.6.
|
|
- Added: openvswitch-2.4.0.tar.gz
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 3 13:47:04 UTC 2016 - kmroz@suse.com
|
|
|
|
- New upstream version 2.5.0 (LTS)
|
|
- Dropped support for Python older than version 2.7. As a consequence,
|
|
using Open vSwitch 2.5 or later on XenServer 6.5 or earlier (which
|
|
have Python 2.4) requires first installing Python 2.7.
|
|
- OpenFlow:
|
|
* Group chaining (where one OpenFlow group triggers another) is
|
|
now supported.
|
|
* OpenFlow 1.4+ "importance" is now considered for flow eviction.
|
|
* OpenFlow 1.4+ OFPTC_EVICTION is now implemented.
|
|
* OpenFlow 1.4+ OFPTC_VACANCY_EVENTS is now implemented.
|
|
* OpenFlow 1.4+ OFPMP_TABLE_DESC is now implemented.
|
|
* Allow modifying the ICMPv4/ICMPv6 type and code fields.
|
|
* OpenFlow 1.4+ OFPT_SET_ASYNC_CONFIG and OFPT_GET_ASYNC_CONFIG are
|
|
now implemented.
|
|
- ovs-ofctl:
|
|
* New "out_group" keyword for OpenFlow 1.1+ matching on output group.
|
|
- Tunnels:
|
|
* Geneve tunnels can now match and set options and the OAM bit.
|
|
* The nonstandard GRE64 tunnel extension has been dropped.
|
|
- Support Multicast Listener Discovery (MLDv1 and MLDv2).
|
|
- Add 'symmetric_l3l4' and 'symmetric_l3l4+udp' hash functions.
|
|
- sFlow agent now reports tunnel and MPLS structures.
|
|
- New 'check-system-userspace', 'check-kmod' and 'check-kernel' Makefile
|
|
targets to run a new system testsuite. These tests can be run inside
|
|
a Vagrant box. See INSTALL.md for details
|
|
- Mark --syslog-target argument as deprecated. It will be removed in
|
|
the next OVS release.
|
|
- Added --user option to all daemons
|
|
- Add support for connection tracking through the new "ct" action
|
|
and "ct_state"/"ct_zone"/"ct_mark"/"ct_label" match fields. Only
|
|
available on Linux kernels with the connection tracking module loaded.
|
|
- Add experimental version of OVN. OVN, the Open Virtual Network, is a
|
|
system to support virtual network abstraction. OVN complements the
|
|
existing capabilities of OVS to add native support for virtual network
|
|
abstractions, such as virtual L2 and L3 overlays and security groups.
|
|
- RHEL packaging:
|
|
* DPDK ports may now be created via network scripts (see README.RHEL).
|
|
- DPDK:
|
|
* Requires DPDK 2.2
|
|
* Added multiqueue support to vhost-user
|
|
* Note: QEMU 2.5+ required for multiqueue support
|
|
- SELinux:
|
|
* Introduced SELinux policy package.
|
|
|
|
- New package: openvswitch-ovn
|
|
- Removed: openvswitch-2.4.0.tar.gg
|
|
- Added: openvswitch-2.5.0.tar.gg
|
|
- Added: openvswitch-testcontroller.init
|
|
- Added: ovn-controller-vtep.service
|
|
- Added: ovn-controller.service
|
|
- Added: ovn-northd.service
|
|
- TODO: Explicit DPDK support not yet added to spec.
|
|
- Spec file work and cleanup.
|
|
- Includes fixes (or obsoletes) the following issues:
|
|
* bsc#948840, bsc#941466, bsc#936780, bnc#935750, bnc#867964
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 1 08:43:19 UTC 2016 - kmroz@suse.com
|
|
|
|
- Tighten up openvswitch service ordering.
|
|
bsc#968205 (openSUSE), bsc#951314 (SLE).
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 24 15:23:20 UTC 2016 - kmroz@suse.com
|
|
|
|
- Don't install INSTALL.* files.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 24 13:45:52 UTC 2016 - kmroz@suse.com
|
|
|
|
- Removed: openvswitch-switch.template
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 24 12:53:50 UTC 2016 - kmroz@suse.com
|
|
|
|
- New upstream version 2.4.0
|
|
- Flow table modifications are now atomic, meaning that each packet
|
|
now sees a coherent version of the OpenFlow pipeline. For
|
|
example, if a controller removes all flows with a single OpenFlow
|
|
"flow_mod", no packet sees an intermediate version of the OpenFlow
|
|
pipeline where only some of the flows have been deleted.
|
|
- Added support for SFQ, FQ_CoDel and CoDel qdiscs.
|
|
- Add bash command-line completion support for ovs-vsctl Please check
|
|
utilities/ovs-command-compgen.INSTALL.md for how to use.
|
|
- The MAC learning feature now includes per-port fairness to mitigate
|
|
MAC flooding attacks.
|
|
- New support for a "conjunctive match" OpenFlow extension, which
|
|
allows constructing OpenFlow matches of the form "field1 in
|
|
{a,b,c...} AND field2 in {d,e,f...}" and generalizations. For details,
|
|
see documentation for the "conjunction" action in ovs-ofctl(8).
|
|
- Add bash command-line completion support for ovs-appctl/ovs-dpctl/
|
|
ovs-ofctl/ovsdb-tool commands. Please check
|
|
utilities/ovs-command-compgen.INSTALL.md for how to use.
|
|
- The "learn" action supports a new flag "delete_learned" that causes
|
|
the learned flows to be deleted when the flow with the "learn" action
|
|
is deleted.
|
|
- Basic support for the Geneve tunneling protocol. It is not yet
|
|
possible to generate or match options. This is planned for a future
|
|
release. The protocol is documented at
|
|
http://tools.ietf.org/html/draft-gross-geneve-00
|
|
- The OVS database now reports controller rate limiting statistics.
|
|
- sflow now exports information about LACP-based bonds, port names, and
|
|
OpenFlow port numbers, as well as datapath performance counters.
|
|
- ovs-dpctl functionality is now available for datapaths integrated
|
|
into ovs-vswitchd, via ovs-appctl. Some existing ovs-appctl
|
|
commands are now redundant and will be removed in a future
|
|
release. See ovs-vswitchd(8) for details.
|
|
- OpenFlow:
|
|
* OpenFlow 1.4 bundles are now supported for flow mods and port
|
|
mods. For flow mods, both 'atomic' and 'ordered' bundle flags
|
|
are trivially supported, as all bundled messages are executed
|
|
in the order they were added and all flow table modifications
|
|
are now atomic to the datapath. Port mods may not appear in
|
|
atomic bundles, as port status modifications are not atomic.
|
|
* IPv6 flow label and neighbor discovery fields are now modifiable.
|
|
* OpenFlow 1.5 extended registers are now supported.
|
|
* The OpenFlow 1.5 actset_output field is now supported.
|
|
* OpenFlow 1.5 Copy-Field action is now supported.
|
|
* OpenFlow 1.5 masked Set-Field action is now supported.
|
|
* OpenFlow 1.3+ table features requests are now supported (read-only).
|
|
* Nicira extension "move" actions may now be included in action sets.
|
|
* "resubmit" actions may now be included in action sets. The resubmit
|
|
is executed last, and only if the action set has no "output" or "group"
|
|
action.
|
|
* OpenFlow 1.4+ flow "importance" is now maintained in the flow table.
|
|
* A new Netronome extension to OpenFlow 1.5+ allows control over the
|
|
fields hashed for OpenFlow select groups. See "selection_method" and
|
|
related options in ovs-ofctl(8) for details.
|
|
- ovs-ofctl has a new '--bundle' option that makes the flow mod commands
|
|
('add-flow', 'add-flows', 'mod-flows', 'del-flows', and 'replace-flows')
|
|
use an OpenFlow 1.4 bundle to operate the modifications as a single
|
|
atomic transaction. If any of the flow mods in a transaction fail, none
|
|
of them are executed. All flow mods in a bundle appear to datapath
|
|
lookups simultaneously.
|
|
- ovs-ofctl 'add-flow' and 'add-flows' commands now accept arbitrary flow
|
|
mods as an input by allowing the flow specification to start with an
|
|
explicit 'add', 'modify', 'modify_strict', 'delete', or 'delete_strict'
|
|
keyword. A missing keyword is treated as 'add', so this is fully
|
|
backwards compatible. With the new '--bundle' option all the flow mods
|
|
are executed as a single atomic transaction using an OpenFlow 1.4 bundle.
|
|
- ovs-pki: Changed message digest algorithm from MD5 to SHA-1 because
|
|
MD5 is no longer secure and some operating systems have started to disable
|
|
it in OpenSSL.
|
|
- ovsdb-server: New OVSDB protocol extension allows inequality tests on
|
|
"optional scalar" columns. See ovsdb-server(1) for details.
|
|
- ovs-vsctl now permits immutable columns in a new row to be modified in
|
|
the same transaction that creates the row.
|
|
- test-controller has been renamed ovs-testcontroller at request of users
|
|
who find it useful for testing basic OpenFlow setups. It is still not
|
|
a necessary or desirable part of most Open vSwitch deployments.
|
|
- Support for travis-ci.org based continuous integration builds has been
|
|
added. Build failures are reported to build@openvswitch.org. See INSTALL.md
|
|
file for additional details.
|
|
- Support for the Rapid Spanning Tree Protocol (IEEE 802.1D-2004).
|
|
The implementation has been tested successfully against the Ixia Automated
|
|
Network Validation Library (ANVL).
|
|
- Stats are no longer updated on fake bond interface.
|
|
- Keep active bond slave selection across OVS restart.
|
|
- A simple wrapper script, 'ovs-docker', to integrate OVS with Docker
|
|
containers. If and when there is a native integration of Open vSwitch
|
|
with Docker, the wrapper script will be retired.
|
|
- Added support for DPDK Tunneling. VXLAN, GRE, and Geneve are supported
|
|
protocols. This is generic tunneling mechanism for userspace datapath.
|
|
- Support for multicast snooping (IGMPv1, IGMPv2 and IGMPv3)
|
|
- Support for Linux kernels up to 4.0.x
|
|
- The documentation now use the term 'destination' to mean one of syslog,
|
|
console or file for vlog logging instead of the previously used term
|
|
'facility'.
|
|
- Support for VXLAN Group Policy extension
|
|
- Initial support for the IETF Auto-Attach SPBM draft standard. This
|
|
contains rudimentary support for the LLDP protocol as needed for
|
|
Auto-Attach.
|
|
- The default OpenFlow and OVSDB ports are now the IANA-assigned
|
|
numbers. OpenFlow is 6653 and OVSDB is 6640.
|
|
- Support for DPDK vHost.
|
|
- Support for outer UDP checksums in Geneve and VXLAN.
|
|
- The kernel vports with dependencies are no longer part of the overall
|
|
openvswitch.ko but built and loaded automatically as individual kernel
|
|
modules (vport-*.ko).
|
|
- Support for STT tunneling.
|
|
- Support to configure method (--syslog-method argument) that determines
|
|
how daemons will talk with syslog.
|
|
- Support for "ovs-appctl vlog/list-pattern" command that lets to query
|
|
logging message format for each destination.
|
|
- GRE64 and ipsec_gre64 tunnel protocol is deprecated and will be removed
|
|
from OVS v2.5 release.
|
|
* The openvswitch-testcontroller package is new. It reintroduces the
|
|
simple OpenFlow controller that was packaged with Open vSwitch prior to
|
|
version 2.1, at request of users who find it useful for testing basic
|
|
OpenFlow setups. It is still not a necessary or desirable part of most
|
|
Open vSwitch deployments.
|
|
|
|
- Fixed: log-check-module-loop.patch to work with new version.
|
|
- Removed: openvswitch-2.3.1.tar.gz
|
|
- Added: openvswitch-2.4.0.tar.gz
|
|
- Spec file work and cleanup.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 10 17:55:22 UTC 2016 - antoine.belvire@laposte.net
|
|
|
|
- Add calls to /sbin/ldconfig in %post and %postun
|
|
- Fix typo in Url
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Dec 28 21:27:49 UTC 2014 - andrea@opensuse.org
|
|
|
|
- new upstream version 2.3.1
|
|
- Compatibility with autoconf 2.63 (previously >=2.64)
|
|
- ovs-pki: Changed message digest algorithm from MD5 to SHA-1 because
|
|
MD5 is no longer secure and some operating systems have started to disable
|
|
it in OpenSSL.
|
|
- Keep active bond slave selection across OVS restart.
|
|
|
|
* v2.3.0 - 14 Aug 2014
|
|
- OpenFlow 1.1, 1.2, and 1.3 are now enabled by default in
|
|
ovs-vswitchd.
|
|
- Linux kernel datapath now has an exact match cache optimizing the
|
|
flow matching process.
|
|
- Datapath flows now have partially wildcarded tranport port field
|
|
matches. This reduces userspace upcalls, but increases the
|
|
number of different masks in the datapath. The kernel datapath
|
|
exact match cache removes the overhead of matching the incoming
|
|
packets with the larger number of masks, but when paired with an
|
|
older kernel module, some workloads may perform worse with the
|
|
new userspace.
|
|
|
|
* v2.2.0 - Internal Release
|
|
- Internal ports are no longer brought up by default, because it
|
|
should be an administrator task to bring up devices as they are
|
|
configured properly.
|
|
- ovs-vsctl now reports when ovs-vswitchd fails to create a new port or
|
|
bridge.
|
|
- The "ovsdbmonitor" graphical tool has been removed, because it was
|
|
poorly maintained and not widely used.
|
|
- New "check-ryu" Makefile target for running Ryu tests for OpenFlow
|
|
controllers against Open vSwitch. See INSTALL for details.
|
|
- Added IPFIX support for SCTP flows and templates for ICMPv4/v6 flows.
|
|
- Upon the receipt of a SIGHUP signal, ovs-vswitchd no longer reopens its
|
|
log file (it will terminate instead). Please use 'ovs-appctl vlog/reopen'
|
|
instead.
|
|
- Support for Linux kernels up to 3.14. From Kernel 3.12 onwards OVS uses
|
|
tunnel API for GRE and VXLAN.
|
|
- Added experimental DPDK support.
|
|
- Added support for custom vlog patterns in Python
|
|
|
|
- removed datapath-Add-support-for-Linux-3.12.patch no more required
|
|
- removed sle11-device-ops-backport.diff , not used before
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 21 11:24:25 UTC 2014 - dmueller@suse.com
|
|
|
|
- fix rcX link
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 23 08:40:15 UTC 2014 - dmueller@suse.com
|
|
|
|
- disable shipped kmp module build for newer distros
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 22 07:11:35 UTC 2014 - dmueller@suse.com
|
|
|
|
- update to 2.1.3:
|
|
datapath: Drop packets when interdev is not up
|
|
Fix two memory leaks.
|
|
tests: Remove extraneous parenthesis from test name.
|
|
build: Allow building with autoconf 2.63
|
|
ovsdb: Don't add ovsdb-server.c to libovsdb.
|
|
stp: Make stp-disabled port forward stp bpdu packets.
|
|
dpif-linux: Fix bad backport in previous commit.
|
|
dpif-linux: Avoid null dereference if all ports disappear.
|
|
ofp-msgs: Correct code for queue configuration messages in OpenFlow 1.0.
|
|
ofp-util: Fix null pointer dereference in ofputil_pull_buckets().
|
|
tests: Disable glibc memory checking under glibc <= 2.11.
|
|
datapath/flow_netlink: Fix NDP flow mask validation
|
|
datapath: Change u64_stats_* to use _irq instead of _bh().
|
|
datapath: Use exact lookup for flow_get and flow_del.
|
|
json: Fix parsing of strings that end with a backslash.
|
|
dpif: When executing actions needs help, use "set" action to set tunnel.
|
|
datapath: Rehash 16-bit skbuff hashes into 32 bits.
|
|
upcall: Configure datapath max-idle through ovs-vsctl.
|
|
upcall: Add appctl call to set flow_limit.
|
|
stream-ssl: Enable TLSv1.1 and TLSv1.2.
|
|
lib/classifier: Fix use of uninitialized memory.
|
|
lib/classifier: Clarify trie_lookup_value().
|
|
ovs-lib: allow non-root users to check service status
|
|
rhel: Add Patch Port support to initscripts
|
|
rhel: support persistent mac addresses on OVS bridges
|
|
netflow: Fold netflow_expire() into netflow_flow_clear().
|
|
ofproto: Fix memory leak in ofproto_destroy().
|
|
ofproto: Send monitor updates if a flow mod changes a rules actions
|
|
lib/match: Add mask bits for nd_target for ICMPv6
|
|
bridge: Initialize dscp for mgmt connections.
|
|
datapath: Fix build from stats backport.
|
|
openvswitch: fix a possible deadlock and lockdep warning
|
|
AUTHORS: Fix spelling of Anoob Soman's name.
|
|
ofproto-dpif-xlate: Fix null pointer dereference
|
|
ovs-ctl: Don't decrease max open fds if already set higher
|
|
Makefiles: Fix invocation of dot2pic when builddir != srcdir.
|
|
dot2pic: Stop assuming the path of the interpreter
|
|
dot2pic: Use "> $@; mv $@.tmp $@" notation to make this reliably fail
|
|
tunnel: Fix bug where misconfiguration persists.
|
|
netdev: Safely increment refcount in netdev_open().
|
|
datapath: Fix feature check for HAVE_RXHASH.
|
|
datapath: clear l4_rxhash in skb_clear_hash.
|
|
ofproto-dpif-xlate: Fix in_port=controller case for NORMAL action
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 2 03:38:11 UTC 2014 - e.istomin@edss.ee
|
|
|
|
- updated to 2.1.2.
|
|
This contains bug fixes related to sending packet-in messages to the controller.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 29 17:16:22 UTC 2014 - e.istomin@edss.ee
|
|
|
|
- updated to 2.1.1. This release removes the "ovsdbmonitor" program and contains bug fixes.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 2 14:25:35 UTC 2014 - kmroz@suse.com
|
|
|
|
- Prevent ovsdb-server from entering an infinite loop when
|
|
processing logging levels during bringup.
|
|
added: log-check-module-loop.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 27 12:56:32 UTC 2014 - dmueller@suse.com
|
|
|
|
- update to 2.1.0:
|
|
- Address prefix tracking support for flow tables. New columns
|
|
"prefixes" in OVS-DB table "Flow_Table" controls which packet
|
|
header fields are used for address prefix tracking. Prefix
|
|
tracking allows the classifier to skip rules with longer than
|
|
necessary prefixes, resulting in better wildcarding for datapath
|
|
flows. Default configuration is to not use any fields for prefix
|
|
tracking. However, if any flow tables contain both exact matches
|
|
and masked matches for IP address fields, OVS performance may be
|
|
increased by using this feature.
|
|
* As of now, the fields for which prefix lookup can be enabled
|
|
are: 'tun_id', 'tun_src', 'tun_dst', 'nw_src', 'nw_dst' (or
|
|
aliases 'ip_src' and 'ip_dst'), 'ipv6_src', and 'ipv6_dst'.
|
|
(Using this feature for 'tun_id' would only make sense if the
|
|
tunnel IDs have prefix structure similar to IP addresses.)
|
|
* There is a maximum number of fields that can be enabled for any
|
|
one flow table. Currently this limit is 3.
|
|
* Examples:
|
|
$ ovs-vsctl set Bridge br0 flow_tables:0=@N1 -- \
|
|
--id=@N1 create Flow_Table name=table0
|
|
$ ovs-vsctl set Bridge br0 flow_tables:1=@N1 -- \
|
|
--id=@N1 create Flow_Table name=table1
|
|
$ ovs-vsctl set Flow_Table table0 prefixes=ip_dst,ip_src
|
|
$ ovs-vsctl set Flow_Table table1 prefixes=[]
|
|
- TCP flags matching: OVS now supports matching of TCP flags. This
|
|
has an adverse performance impact when using OVS userspace 1.10
|
|
or older (no megaflows support) together with the new OVS kernel
|
|
module. It is recommended that the kernel and userspace modules
|
|
both are upgraded at the same time.
|
|
- The default OpenFlow and OVSDB ports will change to
|
|
IANA-assigned numbers in a future release. Consider updating
|
|
your installations to specify port numbers instead of using the
|
|
defaults.
|
|
- OpenFlow:
|
|
* The OpenFlow 1.1+ "Write-Actions" instruction is now supported.
|
|
* OVS limits the OpenFlow port numbers it assigns to port 32767 and
|
|
below, leaving port numbers above that range free for assignment
|
|
by the controller.
|
|
* ovs-vswitchd now honors changes to the "ofport_request" column
|
|
in the Interface table by changing the port's OpenFlow port
|
|
number.
|
|
- ovs-vswitchd.conf.db.5 man page will contain graphviz/dot
|
|
diagram only if graphviz package was installed at the build time.
|
|
- Support for Linux kernels up to 3.11
|
|
- ovs-dpctl:
|
|
The "show" command also displays mega flow mask stats.
|
|
- ovs-ofctl:
|
|
* New command "ofp-parse-pcap" to dump OpenFlow from PCAP files.
|
|
- ovs-controller has been renamed test-controller. It is no longer
|
|
packaged or installed by default, because too many users assumed
|
|
incorrectly that ovs-controller was a necessary or desirable part
|
|
of an Open vSwitch deployment.
|
|
- Added vlog option to export to a UDP syslog sink.
|
|
- ovsdb-client:
|
|
* The "monitor" command can now monitor all tables in a database,
|
|
instead of being limited to a single table.
|
|
- The flow-eviction-threshold has been replaced by the flow-limit which is a
|
|
hard limit on the number of flows in the datapath. It defaults to 200,000
|
|
flows. OVS automatically adjusts this number depending on network
|
|
conditions.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 27 12:55:44 UTC 2014 - dmueller@suse.com
|
|
|
|
- allow to use kmod as well
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 3 17:13:36 UTC 2014 - dmueller@suse.com
|
|
|
|
- another fix in logrotate
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 27 10:42:05 UTC 2014 - dmueller@suse.com
|
|
|
|
- fix logrotate configuration
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 21 08:48:03 UTC 2014 - dmueller@suse.com
|
|
|
|
- add openvswitch.service for systemd distros
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 14 15:03:56 UTC 2014 - dmueller@suse.com
|
|
|
|
- add kernel-312.diff (build against Kernel 3.12.x)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 3 17:54:10 UTC 2014 - dmueller@suse.com
|
|
|
|
- do not build with valgrind-devel on aarch64 (doesn't exist)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 5 13:14:11 UTC 2013 - dmueller@suse.com
|
|
|
|
- update to 2.0.0:
|
|
- The ovs-vswitchd process is no longer single-threaded. Multiple
|
|
threads are now used to handle flow set up and asynchronous
|
|
logging.
|
|
- OpenFlow:
|
|
* Experimental support for OpenFlow 1.1 (in addition to 1.2 and
|
|
1.3, which had experimental support in 1.10).
|
|
* New support for matching outer source and destination IP address
|
|
of tunneled packets, for tunnel ports configured with the newly
|
|
added "remote_ip=flow" and "local_ip=flow" options.
|
|
* Support for matching on metadata 'pkt_mark' for interacting with
|
|
other system components. On Linux this corresponds to the skb
|
|
mark.
|
|
* Support matching, rewriting SCTP ports
|
|
- The Interface table in the database has a new "ifindex" column to
|
|
report the interface's OS-assigned ifindex.
|
|
- New "check-oftest" Makefile target for running OFTest against Open
|
|
vSwitch. See README-OFTest for details.
|
|
- The flow eviction threshold has been moved to the Open_vSwitch table.
|
|
- Database names are now mandatory when specifying ovsdb-server options
|
|
through database paths (e.g. Private key option with the database name
|
|
should look like "--private-key=db:Open_vSwitch,SSL,private_key").
|
|
- Added ovs-dev.py, a utility script helpful for Open vSwitch developers.
|
|
- Support for Linux kernels up to 3.10
|
|
- ovs-ofctl:
|
|
* New "ofp-parse" for printing OpenFlow messages read from a file.
|
|
- Added configurable flow caching support to IPFIX exporter.
|
|
- Dropped support for Linux pre-2.6.32.
|
|
- Log file timestamps and ovsdb commit timestamps are now reported
|
|
with millisecond resolution. (Previous versions only reported
|
|
whole seconds.)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 4 11:44:02 CET 2013 - jsuchome@suse.cz
|
|
|
|
- added try-restart action to openvswitch-switch init script
|
|
(bnc#849222)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 20 02:51:57 UTC 2013 - kmroz@suse.com
|
|
|
|
- Incorporate ubuntu Linux 3.11 fix to prevent kernel datapath panics.
|
|
Addresses bnc#851395
|
|
+ added datapath-add-support-for-linux-3.11.patch
|
|
-------------------------------------------------------------------
|
|
Tue Oct 1 07:21:16 UTC 2013 - speilicke@suse.com
|
|
|
|
- Let openvswitch-switch depend on util-linux instead of uuid-runtime
|
|
(Debian package name). The ovs-ctl / ovs-pki tools use /usr/bin/uuidgen
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 24 13:17:25 UTC 2013 - bwiedemann@suse.com
|
|
|
|
- add vlan_apichange.patch to compensate kernel API changes
|
|
between 3.8 and 3.11 in commits f646968f and 86a9bad3
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 13 15:25:40 UTC 2013 - dmueller@suse.com
|
|
|
|
- update to 1.11.0:
|
|
* http://openvswitch.org/releases/NEWS-1.11.0
|
|
- remove accept-newer-kernel-versions.diff
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 13 10:09:18 UTC 2013 - dmueller@suse.com
|
|
|
|
- sign modules for secure boot (bnc#839838)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 2 17:08:11 UTC 2013 - tpaszkowski@novell.com
|
|
|
|
- Build openvswitch kernel module for xen kernel flavor.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jun 16 05:30:24 UTC 2013 - vuntz@suse.com
|
|
|
|
- Add openvswitch-ipsec.init, Module.supported,
|
|
Module.supported.updates and README.packager as sources: they
|
|
were not listed as such.
|
|
- Install openvswitch-ipsec.init if we build ipsec support.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 6 14:28:07 UTC 2013 - tpaszkowski@novell.com
|
|
|
|
- mark openvswitch module shipped with package as supported
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 17 11:58:32 UTC 2013 - dmueller@suse.com
|
|
|
|
- only call boot.sh for newer distros
|
|
- build parallel
|
|
- accept-newer-kernel-versions.diff:
|
|
Accept newer kernel versions
|
|
- sle11-device-ops-backport.diff
|
|
Handle sle11 device ops backport
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 3 14:28:00 UTC 2013 - e.istomin@edss.ee
|
|
|
|
- New upstream version 1.10.0
|
|
http://openvswitch.org/releases/NEWS-1.10.0
|
|
- Removed openvswitch-1.7.0-stp-fwd-delay.patch because of bridge compatibility support removing
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 3 09:30:20 UTC 2013 - tpaszkowski@novell.com
|
|
|
|
- %make_install macro no longer works on SLE11. Spec file now uses %makeinstall.
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 26 11:21:37 UTC 2013 - speilicke@suse.com
|
|
|
|
- Use build conditionals instead of %define and disable GUI by default
|
|
everywhere
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 21 13:23:36 UTC 2013 - tpaszkowski@novell.com
|
|
|
|
- Fix openvswitch-controller init script
|
|
- Add openflow-controller sysconfig file with default binding to ptcp:
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 12 13:36:57 UTC 2013 - tpaszkowski@suse.com
|
|
|
|
- ipsec build temporary disabled
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 8 14:16:57 UTC 2013 - tpaszkowski@suse.com
|
|
|
|
- Provides and Obsolete for former openvswitch-common package
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 7 21:49:09 UTC 2013 - tpaszkowski@suse.com
|
|
|
|
- always build in openvswitch kernel module (gre tunelling not present
|
|
within the standard kernel module)
|
|
- removed unnedded build rquirements (move to appropriate subpackage)
|
|
- moved common stuff to main pkg
|
|
- added group filed to packages and sub packages
|
|
- switch pkg suggest kernel module pkg
|
|
- moved python test stuff to python-openvswitch-test sub pkg
|
|
- moved ui interface requirements to ovsdbmonitor sub pkg
|
|
- ovsdbmonitor will not be build on sles (for now)
|
|
- sub pkg test require python-twisted (ovs-test)
|
|
- don't call boot.sh on sles11 (old autoconf). Shipped configuration stuff
|
|
is ok (we don't patch plenty of stuff)
|
|
- ovs-parse-backtrace now part of main pkg
|
|
- addes ovs-l3ping,ovs-vlan-test to test sub pkg
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 28 22:17:11 UTC 2013 - e.istomin@edss.ee
|
|
|
|
- New upstream version 1.9.0
|
|
http://openvswitch.org/releases/NEWS-1.9.0
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 15 08:59:41 UTC 2012 - rhafer@suse.com
|
|
|
|
- New patch openvswitch-1.7.1-ovs-pki-permissions.patch: Avoid
|
|
creating world writeable directory (bnc#774332, CVE-2012-3449)
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Sep 9 15:33:08 UTC 2012 - on@morlock.nu
|
|
|
|
- New upstream version 1.7.1
|
|
* This release only contain bug fixes.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 31 12:41:19 UTC 2012 - on@morlock.nu
|
|
|
|
- New upstream version 1.7.0
|
|
* kernel modules are renamed. openvswitch_mod.ko is now
|
|
openvswitch.ko and brcompat_mod.ko is now brcompat.ko.
|
|
* Increased the number of NXM registers to 8.
|
|
* Added ability to configure DSCP setting for manager and controller
|
|
connections. By default, these connections have a DSCP value of
|
|
Internetwork Control (0xc0).
|
|
* Added the granular link health statistics, 'cfm_health', to an
|
|
interface.
|
|
* OpenFlow:
|
|
- Added support to mask nd_target for ICMPv6 neighbor discovery flows.
|
|
- Added support for OpenFlow 1.3 port description (OFPMP_PORT_DESC)
|
|
multipart messages.
|
|
* ovs-ofctl:
|
|
- Added the "dump-ports-desc" command to retrieve port
|
|
information using the new port description multipart messages.
|
|
* ovs-test:
|
|
- Added support for spawning ovs-test server from the client.
|
|
- Now ovs-test is able to automatically create test bridges and ports.
|
|
* "ovs-dpctl dump-flows" now prints observed TCP flags in TCP flows.
|
|
* Tripled flow setup performance.
|
|
* The "coverage/log" command previously available through ovs-appctl
|
|
has been replaced by "coverage/show". The new command replies with
|
|
coverage counter values, instead of logging them.
|
|
- Adjusted openvswitch-1.1.0-stp-fwd-delay.patch (new filename)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 26 11:47:36 UTC 2012 - rhafer@suse.com
|
|
|
|
- The kernel modules where renamed in recent kernels. Backported a
|
|
patch from the 1.7 branch to use the new kernel names when
|
|
building on openSUSE > 12.1.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 26 15:09:02 UTC 2012 - on@morlock.nu
|
|
|
|
- New upstream version 1.6.1
|
|
* Added support for bitwise matching on TCP and UDP ports.
|
|
* Support for limiting the number of flows in an OpenFlow flow
|
|
table, with configurable policy for evicting flows upon
|
|
overflow.
|
|
* Added an OpenFlow extension that allows controllers more precise
|
|
control over which messages they receive asynchronously.
|
|
* CFM module CCM broadcasts can now be tagged with an 802.1p priority.
|
|
* Load balancing for bonds can be disabled.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 6 15:04:45 UTC 2012 - on@morlock.nu
|
|
|
|
- New upstream version 1.5.0
|
|
* OpenFlow:
|
|
- Added support for querying, modifying, and deleting flows
|
|
based on flow cookie when using NXM.
|
|
- Added new NXM_PACKET_IN format.
|
|
* ovs-ofctl:
|
|
- Added daemonization support to the monitor and snoop commands.
|
|
* ovs-vsctl:
|
|
- The "find" command supports new set relational operators
|
|
{=}, {!=}, {<}, {>}, {<=}, and {>=}.
|
|
* ovsdb-tool now uses the typical database and schema installation
|
|
directories as defaults.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 10 22:32:34 UTC 2012 - on@morlock.nu
|
|
|
|
- New upstream version 1.4.1
|
|
* The default MAC learning timeout has been increased from 60 seconds
|
|
to 300 seconds. The MAC learning timeout is now configurable.
|
|
* Bug fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 5 10:08:32 UTC 2012 - on@morlock.nu
|
|
|
|
- Build KMP packages from kernel-source on openSuSE > 12.1.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 13 12:16:43 UTC 2012 - mvidner@suse.com
|
|
|
|
- Specify defattr for pki subpackage to fix 11.4 build.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 1 13:35:52 UTC 2012 - dmacvicar@suse.de
|
|
|
|
- Rewrite the package based on the debian version instead
|
|
* current package was tied to xenserver config without
|
|
even requiring it
|
|
* instead of one big package depending even on qt4, there
|
|
are -switch, -controller, -test subpackages now
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 20 23:39:50 UTC 2012 - on@morlock.nu
|
|
|
|
- New upstream version 1.4.0
|
|
* Compatible with Open vSwitch kernel module included in Linux 3.3.
|
|
* Don't require the "normal" action to use mirrors.
|
|
* New "VLAN splinters" feature to work around buggy device driver in old Linux versions.
|
|
* Added ability to match ECN and TTL in IPv4 and IPv6 headers.
|
|
* Added ability to match IPv6 flow label.
|
|
* Added ability to modify ECN bits and TTL in IPv4 headers.
|
|
* And many others. See the full change log here:
|
|
http://openvswitch.org/releases/NEWS-1.4.0
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 2 09:11:21 UTC 2011 - andrea@opensuse.org
|
|
|
|
- new uopstream version 1.2.1
|
|
* The release only contains bug fixes for the 1.2.0 release
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 8 17:47:58 UTC 2011 - andrea@opensuse.org
|
|
|
|
- new upstream version 1.2.0
|
|
* New abstraction layer to make better use of switching ASICs
|
|
* Packaging for Red Hat (RHEL) 5.6 and 6.0
|
|
* Datapath support for Linux kernels up to 3.0
|
|
* And many others. See the full change log here:
|
|
http://openvswitch.org/releases/ChangeLog-1.2.0
|
|
- rebased openvswitch-1.1.0-suse.patch as
|
|
openvswitch-1.2.0-suse.patch to apply to the files
|
|
-------------------------------------------------------------------
|
|
Thu Jun 23 06:49:16 UTC 2011 - andrea@opensuse.org
|
|
|
|
- new upstream version 1.1.1
|
|
* bug fix release
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 18 10:09:45 UTC 2011 - andrea@opensuse.org
|
|
|
|
- re-enabled kmp package since openvswitch_mod.ko and
|
|
brcompat_mod.ko are not available on suse kernel rpms
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 17 12:04:05 UTC 2011 - andrea@opensuse.org
|
|
|
|
- new upstream version 1.1.0 (stable)
|
|
- spec file clean up
|
|
- added as dependency all python modules to enable additional
|
|
functionalities
|
|
- rebase patches
|
|
- build pyside support only if pyside is available
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 31 15:26:59 UTC 2010 - pmullaney@novell.com
|
|
|
|
- updates for build issues
|
|
- fixes for libvirt integration
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Dec 11 19:57:28 UTC 2010 - pmullaney@novell.com
|
|
|
|
- initial version 1.1
|
|
|