Changelog v24.03.0

Changes from 23.09.0 to v24.03.0

  • 669adeb1 Set release date for 24.03.0.
  • 4aa0755c encaps: Support backward compatibility for tunnel chassis id change.
  • 24ea5b28 northd: Don’t create fair Sb meters for ACLs with logging disabled.
  • f2085921 ci: Update crun in GitHub actions runner.
  • c31e3a11 controller: ofctrl: Use index for meter lookups.
  • 21a1206e physical: Don’t reset encap ID across pipelines.
  • 152e888d tests: Check unit tests logs for errors.
  • b4768e31 tests: Speed up “multicast group buffer split”.
  • eb11803f tests: Fix “router port type update and then …”.
  • c35265b4 tests: Fix “Load balancer incremental processing”.
  • af3b1805 tests: Fix “ovn-controller - Chassis other_config”.
  • 31ec213a tests: Fix “ofctrl wait before clearing flows”.
  • f7a6d2c0 tests: Fix flaky “ovn-controller-vtep - binding 1”.
  • f46d3098 tests: Fix flaky “options:requested-chassis …”.
  • b7e2447a tests: Fix typos in tests.
  • 87985ac2 tests: Have tests fail when adding veth peer fails.
  • 19f1dc43 ci: Update crun in Cirrus CI cloud image.
  • fb6a98b6 northd: Initialize hmap size in lflow_mgr.
  • adc2b14a northd: lflow-mgr: Allocate DP reference counters on a second use.
  • 6c662627 northd: Fix lflow ref node’s reference counting.
  • 52c4aea9 northd: Don’t add ARP request responder flows for NAT multiple times.
  • 5263889e northd: Don’t add lr_out_delivery default drop flow for each lrp.
  • 3e80bd11 pinctrl: dns: Ignore additional records.
  • f68cb094 ovn-ic: Fix global blacklist filter for IPv6 addresses.
  • e7fb2ca1 tests: Fix macro OVN_CHECK_PACKETS_CONTAIN.
  • 784a5e7b features.c: Always wait on the rconn.
  • f27be65b ci: Bump CirrusCI Ubuntu image version
  • f535026c Documentation: Fix broken links in ovn-sandbox.rst.
  • 3b5e351e ovn-sb.xml: Remove IPv4-only restriction from Service Monitors.
  • 0b7ae044 github: Update versions of action dependencies (Node.js 20).
  • 152e9d90 northd: Remove the protocol match from ECMP symmetric reply flows.
  • f2e8130d northd: Explicitly handle SNAT for ICMP need frag.
  • c76cb232 actions: Adjust the ct_commit_nat action.
  • f424fdc9 ic/tests: Add unit test for ic sync command.
  • 3c61d2e4 OVN-IC: Make it possible for CMS to detect when the ISB is up-to-date.
  • c189225c ovn-ic: Implement basic INB change handling status.
  • 76a924bb OVN-IC: Interconnect DBs add basic Information Flow columns.
  • ebb70763 northd: Add I-P for NB_Global and SB_Global.
  • d9023258 northd: Add northd change handler for sync_to_sb_lb node.
  • cde8814c northd: Add a noop handler for northd SB mac binding.
  • 6bd56619 northd: Add ls_stateful handler for lflow engine node.
  • 2f64686a northd: Add lr_stateful handler for lflow engine node.
  • c1cc6f9f northd: Handle lb changes in lflow engine.
  • deb6ec8f northd: Move ovn_lb_datapaths from lib to northd module.
  • d314d81a northd: Use lflow_ref when adding all logical flows.
  • a5d00edb northd: Refactor lflow management into a separate module.
  • 38f6a7e7 northd: Add a new node ’ls_stateful'.
  • c54cbc1b northd: Generate router’s stateful flows using lr_stateful data.
  • bff1b102 northd: Add a new engine ’lr_stateful’ to manage lr’s stateful data.
  • 2c37d7ec northd: Add a new engine ’lr_nat’ to manage lr NAT data.
  • dee37085 Prepare for 24.03.0.
  • f480ad3f tests: Fix incorrect ‘check_engine_stats’ helper function.
  • 804821f5 northd: Remove unnecessary string comparison.
  • 4885e337 rbac: Only allow relevant chassis to update BFD.
  • bfac19d7 rbac: Restrict IGMP_Group updates to relevant chassis.
  • c3bc0f85 rbac: Only allow relevant chassis to update service monitors.
  • 57e5e2b2 northd: Add qos packet marking.
  • 62d5491c northd: Add BFD support for ECMP route policy.
  • 815d5256 ovn-nbctl: Fix nbctl_pre_lr_route_add for BFD.
  • 4357bcd2 test: Fix false positive in BFD system test.
  • 1f04ab0f tests: Fix flaky test ‘SB Port binding incremental processing’.
  • dc34b4d9 ovs: Bump submodule to latest OVS branch-3.3.
  • deed68ab tests: Fix grep warning.
  • 3ae0d09f util: Replace and remove ovn_smap_get_uint
  • 7aaf4a77 actions: Use random port selection for SNAT with external_port_range.
  • 37fd1dd3 ovn-ic: Handle NB:name updates properly.
  • 17b6a12f ovn-controller: Support VIF-based local encap IPs selection.
  • 41eefcb2 encaps: Create separate tunnels for multiple local encap IPs.
  • 858b5c15 encaps: Refactor the naming related to tunnels.
  • 12166167 northd: Move router ports SB PB options sync to sync_to_sb_pb node.
  • dd5cd73e northd: Make sure that affinity flows match on VIP.
  • b0f9a4f4 system-tests: Wait for the meter in CoPP tests
  • dd65889f tests: Reduce flakiness of daemon ssl files change test
  • c69119ca tests: Add a couple of tests in ovn-northd for I-P.
  • 876179c6 northd: Refactor the northd change tracking.
  • 620203f9 Fix segfault due to ssl-ciphers.
  • 221476a0 ovn: Add tunnel PMTUD support.
  • 425f699e controller: fixed potential segfault when changing tunnel_key and deleting ls.
  • e3b798be northd: Use proper field for lookup_nd
  • 0ce21f2a checkpatch.py: Port checkpatch related changes from the OVS repo.
  • 9283a584 actions: Make sure affinity learnt flows are auto deleted.
  • b187e038 ovn-ctl: Add option to skip schema conversion
  • 50f22629 pinctrl: Directly retrieve desired port_binding MAC.
  • 9a0f3075 northd: Add option to enable conntrack for router port
  • 16d35a39 test: add dedicated test for garp-max-timeout
  • a5d7ceb6 treewide: Fix small memory leaks reported by static analysis
  • 3d0edc7f Documentation: Add note about pinning the container after release
  • 23e82a7c ci: Cover more container posibilities
  • 910efaf4 ci: Build container image before very job
  • 66ef6709 ovs: Bump submodule to include IDL “spurious delete” fix.
  • 8b15ea37 treewide: Cleanup free() calls.
  • 5372ac41 ovn-northd-ddlog: Remove.
  • 58dcbef8 Correct ethtype referencing incorrect values
  • 78851b6f northd: Support CIDR-based MAC binding aging threshold.
  • ef45415a Revert “ovn: add geneve PMTUD support”
  • 22dcf5ab AUTHORS: Add Daniel Ding.
  • fe1c5df9 northd: forward arp request to lrp snat on.
  • 0608e708 northd: fix missing port up when deleting and adding back an lsp
  • 96dd8549 ovn-macros: Make sure stopped daemons continue before the test ends.
  • b87e502a system-test: Fix tcpdump usage in LB template tests.
  • 147a126e perf-northd.at: Add ovn-northd recompute statistics.
  • 9e3cf5ff perf-northd.at: Parse and display more stopwatch data.
  • 207f4140 perf-northd.at: Don’t start ovn-controllers.
  • 33cfa465 tests: Move SCTP test from kernel only to general OVN system tests.
  • 8c6381af tests: Remove ‘protoinfo’ from the conntrack entries for SCTP tests.
  • feb91843 northd: Skip transient IDL records.
  • 907b4fe1 system-tests: Consolidate wait condition in CoPP test
  • 69faa2e9 pinctrl: Fix up comments about sending RST packets for healthcheck.
  • 450e41e7 ovn: add geneve PMTUD support
  • 56f62ef2 fmt_pkt: make sure scapy-server is started once
  • ec88b715 fmt_pkt: improve scapy-server logging
  • cd3dd364 fmt_pkt: use -S check to wait for scapy sock file
  • 74e7ba1b fmt_pkt: don’t subshell when calling ovs-appctl
  • 8c165db6 controller: fix group_table and meter_table allocation
  • 2638d1eb tests: Use fmt_pkt in icmp_reply: 1 HVs, 2 LSs, 1 lport/LS, 1 LR.
  • da783918 tests: Use fmt_pkt in 2 HVs, 2 LRs connected via LS, gateway router.
  • 046e11ff tests: Use fmt_pkt in 2 HVs, 3 LRs connected via LS, static routes.
  • 20617e1e tests: Use fmt_pkt in 2 HVs, 3 LS, 1 lport/LS, …
  • 1ef5eb75 tests: Use fmt_pkt in 1 HV, 2 LSs, 1 lport/LS, 1 LR.
  • 7eaf0138 tests: Use fmt_pkt in 1 HV, 1 LS, 2 lport/LS, 1 LR.
  • 21e85be0 tests: Use fmt_pkt in portsecurity : 3 HVs, 1 LS, 3 lports/HV.
  • 0baca3e5 tests: Use fmt_pkt in 3 HVs, 3 LS, 3 lports/LS.
  • 7b8a2e65 tests: Use fmt_pkt in vtep: 3 HVs, 1 VIFs/HV, 1 GW, 1 LS.
  • b80808d9 tests: Use fmt_pkt in VLAN transparency, …
  • 4fce17d6 tests: Use fmt_pkt in VLAN transparency, …
  • da398463 tests: Use fmt_pkt in 3 HVs, 1 LS, 3 lports/HV.
  • 3a93f4e8 tests: Use fmt_pkt in ovn – allows ACLs to match …
  • 06c0a4a3 northd: Add missing stopwatch initialization.
  • 2132acb1 Reduce number of DHCP responder flows for LSPs
  • f3a14907 controller: avoid extra flows if localnet_learn_fdb is disabled
  • 2acf91e9 controller: FDB entries for localnet should not overwrite entries for vifs
  • 5ef2a08a ci: cirrus: Fix test ranges.
  • ae632127 controller: Disable inactivity probe for statctrl
  • 0224e45a ci: Remove ‘–recheck’ in CI.
  • 1622526f DNS: allow defining records that owned by OVN only
  • 8e71bee7 pinctrl: reset success and failures n_count regardless of svc state
  • a35725a7 pinctrl: send RST instead of RST_ACK bit for lb hc
  • 1d6d953b controller: Don’t artificially limit group and meter IDs to 16bit.
  • ef51c943 treewide: Avoid empty initializer
  • 9e3a09f9 AUTHORS: Add Martin Kalcok.
  • 0cd5dd1c tests: fixed race_condition with max_prefix
  • 346e695c tests: have CHECK_NO_CHANGE_AFTER_RECOMPUTE potentially wait for ports up
  • 8b65cbd0 tests: fixed “ovn-nbctl - daemon retry connection”
  • 17f20bc0 tests: fixed system test “LR with SNAT fragmentation needed for external server”.
  • ce2a2333 tests: fixed “interconnection - static multicast” and “- IGMP/MLD multicast”
  • abc28926 ovn-ctl man: Add election timer config to manpage
  • 4848bbc9 Fix flows not removed in ha migration
  • c81c305c binding: handle pb->chassis and pb->up from if-status module
  • 527ee3ac binding: slight refactor if no local binding in consider_iface_release
  • 971256e9 controller: have I+P assigning ct_zones for l3gateway ports
  • abe1d312 tests: fixed another set of flaky ovn-ic tests
  • f9ebf0cf tests: wait for all flows to be installed before sending packets
  • 20c97795 tests: fixed “ipsec – basic configuration”
  • bb6eb536 tests: fixed “LSP incremental processing”
  • c12d246c tests: do not start backup-northd by default
  • 9857ef8f tests: fixed multiple tests not properly waiting for packets to be received
  • 278e0d3f ci: Pin Python, Fedora and Ubuntu runner versions.
  • df8043c5 ovs: Bump submodule to include E721 fixes.
  • 1531ea06 tests: Remove broken “feature inactivity probe” test.
  • b9e8cb62 README: Add build badges.
  • a12f3080 readthedocs: Add the configuration file.
  • e90b5d50 Documentation: Use theme from Read The Docs.
  • 271186fa py-requirements: Remove hacking dependency and use recent flake8.
  • 3bf67405 physical: Fix else-if typo.
  • f49306c6 ovn-ic: Destroy the created index row for ts.
  • 325c7b20 controller: split mg action in table 39 and 40 to fit kernel netlink buffer size
  • cb90eb3c ovs: Bump submodule to include latest fixes.
  • 7bfe3881 ovn-ic: wakeup on ovsdb transaction failures
  • cf1b9920 ovn-ic: fix potential segmentation violation when ts is deleted
  • d0c3a01c system-tests: Adjust test for fragmented traffic through LB
  • 12edbf79 nbctl: Add optional ha-chassis-group arg to ha-chassis-group-list
  • c16e5da8 controller: disable OpenFlow inactivity probing
  • 4db5ab2b fix a copy-paste typo
  • 2a12cda8 controller, northd: Wait for cleanup before replying to exit
  • f67cc665 tests: Add missing check for scapy.
  • d19b4380 ci: Apply the ASAN workaround only for Clang <16
  • c0135294 ci: Use proper uname argument to get the HW type
  • 0b512d72 tests: Wait for new ovn-controllers to connect to Southbound.
  • 5efdf010 northd: Reset ls_datapath_group if not all chassis support it.
  • 0c22ac36 AUTHORS: Add Xie Liu.
  • 2d03e9ff northd: Avoid snat on reply packets for dgw
  • b5387b3d northd: Incrementally process SB.Load_balancer updates.
  • 31ee58ad tests: Add missing –wait=sb to the LB I-P test.
  • b7d5dd27 system-tests: Make sure that IPv6 address is available right away
  • ab7a8fe4 northd: introduce ls_datapath_group column in lb sb db table
  • a349ec5c northd: sync lb applied to logical routers in sb db lb table
  • a9051a17 Don’t mention packet cloning when failing to find tunnel
  • 0e49f49c northd: Allow need frag to be SNATed
  • 3efa120a docs: require ovn-set-local-ip for co-located ovn-controllers
  • 11cd04af memory-trim: Fix timestamp overflow warning right after reboot.
  • 1d22b962 Fix missing flows in ls_in_dhcp_options table
  • f64818d4 controller: throttle port claim attempts from if-status
  • 8594ca1d ci: Free up additional space for ovn-k jobs.
  • c9393da1 ci: Handle google-cloud-sdk -> google-cloud-cli package name change.
  • 440751ad ci: Free up disk space in a more robust way.
  • c48b1988 ci: Update apt cache before installing gcc-multilib.
  • cbe35945 tests: fixed “send gratuitous ARP for NAT rules on HA distributed router”
  • f8df5585 tests: move trim_zeros() to ovn-macros
  • 4f7359e0 tests: skip test “MAC binding aging” if scapy not available.
  • 49e216e1 tests: fixed “L2 Drop and Allow ACL w/ Stateful ACL”
  • 7c6a2073 tests: fixed multiple tests missing ovn-nbctl “wait”
  • 9441717e tests: fixed “options:requested-chassis for logical port”
  • 66bea3a4 tests: fixed “Logical router policy packet marking”
  • 9bda749a tests: fixed multiple ovn-ic tests
  • 430c0fd3 pinctrl: Reply with correct destination for ICMPv6 RA packets
  • 2b1d8e14 ovn-controller: Add monitor condition for FDB.
  • 686caaf6 test: get rid of debugging code
  • 01252a21 Rename scapy-server into scapy-server.py
  • 57966112 northd: Improve HA reference chassis build logic.
  • b906c74a northd: Fix naming and comments related to HA reference chassis.
  • 641833ed Add ovnkube-identity binary to the ovn-kubernetes Dockerfile
  • e3c3b8a5 tests: offload scapy transformations to a separate unixctl daemon
  • f76780f6 northd: Remove hosting-chassis only if it’s specified
  • 9fe6c7bf Set release date for 23.09.0.
  • b039d26e QoS: Properly set qos when ovs db is read only
  • b1f8d726 ovn-ic: support learning routes in same AZ
  • 918ba7b2 ovn-ic fix multiple routers in an az
  • e53a3ace ovn-northd: Fix unknown table “port_group_set” warning.
  • ef9a78b9 northd: check if parent_name is set for tag_request 0
  • aa352ac8 northd: Fix LSP incremental processing if dhcp options are set.
  • 5ad4e539 ofctrl: Prevent conjunction duplication
  • f4d24c09 ofctrl: Do not try to program long flows
  • 96088d49 controller: Properly handle DHCPv6 Release message
  • 280bef8b northd: Handle load balancer/group changes for a logical router.
  • b16121f9 northd: Sync SB Port bindings NAT column in a separate engine node.
  • cc27dcc3 northd: Handle load balancer group changes for a logical switch.
  • 505ceec8 northd: Handle load balancer changes for a logical switch.
  • 23fdc5fe northd: Always ct commit ECMP symmetric traffic in the original direction.
  • 937a9b59 ci, tests: Use parallelization permutations for few jobs
  • b6939c16 northd: Refactor the ’northd’ node code which handles logical switch changes.
  • a24eed5c northd: Add initial I-P for load balancer and load balancer groups
  • 8c84b8ba northd: Add a new engine node - lb_data.
  • 5e5aeaa9 northd I-P: Sync SB load balancers in a separate engine node.
  • bfc39651 ovn-northd.at: Fix “Load balancer CT related backwards compatibility”.
  • 97c1b176 northd: Don’t check ct_lb_related feature for skip_snat/force_snat.
  • d1e43a91 northd: Support an option to ignore chassis features.
  • d50ee1bb ovn-northd.at: Update LB health check test to use ct_lb_mark.
  • bb715746 Use correct nw_ttl=255 to match against legit NAs
  • b7ee624d checkpatch: Ignore yml files when checking line lengths.
  • 1f639c2e Prepare for post-v23.09.0.