Changelog v25.09.0

Changes from 25.03.0 to v25.09.0

  • 8890abf5 Set release date for 25.09.0.
  • 8bf633fa en-advertised-route-sync: Fix connected-as-host behavior for LLA-only ports.
  • 4c8f53b4 controller: Always check table_id for netlink dumped routes.
  • 3f7e5a45 ovn-sandbox: Fix typo that doesn’t allow starting a sandbox without IC.
  • 662028f6 Revert “northd: Use lower priority for all src routes.”.
  • aa6b625e northd, controller: Fix lb health check related upgrade issues.
  • a9a0aca4 ovn-sb: Adjust Datapath_Binding schema to avoid problems.
  • 848e9a52 en-learned-route-sync: Fix Learned_Route cleanup for removed router ports.
  • b4a0ddd7 northd: Always prefer bound ovn_port versions when available.
  • 447e011c northd: Omit alert for write-only SB.Static_Mac_Binding table.
  • 2f1f1b8c mac-cache: Handle never hit flows correctly.
  • 563b3f10 northd: Update the SB datapath reference for Static MAC binding.
  • 1a9fdbb7 northd: Make sure we properly update logical port and IP for static MAC bindings.
  • c23618e0 northd: Remove stale Static MAC Bindings during SB datapath re-creation.
  • fb88fc55 ci: ovn-kubernetes: Bump to the most recent stable branch, release-1.1.
  • 375cdc99 ci: ovn-kubernetes: Use the new ovn-kubernetes/libovsdb org.
  • 684ee57d tests: Fix flaky “pod to pod with localnet_learn_fdb”.
  • d7dcd7ca ic: Removing unnecessary null checks.
  • ae44ca46 Prepare for 25.09.0.
  • d2c4d327 ovn-sbctl: Add filtering capability to ‘ovn-sbctl show’ command.
  • d99fa3df ovs: Bump ovs submodule vesrion.
  • f40a5c3c ic: Implement cross-AZ service monitor synchronization.
  • 840e441f northd, controller: Add support for remote LB health checks.
  • e37d0fcc northd: Add logical flows for IC-learned service monitors.
  • 8511d085 northd: Support IC-learned service monitors in handling.
  • 079e0ea7 ic: Move AZ zone structure to IC context.
  • 54735d25 northd: Add node for ic learned service monitors.
  • ba964c84 multinode.at: Add EVPN L2 test.
  • d58f683f multinode.at: Factor configuration of BGP FRR speakers and OVN topology.
  • 32d5252c controller, northd: Add an option to advertise FDB over EVPN.
  • 889e1fc5 controller, northd: Add logical flows to use the EVPN static FDBs.
  • 3826e407 controller: Create physical flows based on the advertised EVPN FDBs.
  • 6b66d634 northd: Add an option to specify EVPN vni in logical switches.
  • 33a68819 controller: Create physical flows based on EVPN structures.
  • dbcd3e10 controller: Pair remote VTEPs with datapaths.
  • af34c561 controller: Create EVPN tunnel based on new option.
  • 795fd50f controller: Add support for remote VTEP learning.
  • a6bd68fe controller: Add I-P to monitor host interfaces and synchronize neighbors.
  • 2257c01f controller: Add host-if-monitor to track (Linux) interface indices.
  • f2426797 controller: Watch for (Linux) neighbor changes.
  • ad3a0a55 controller: Support monitoring/updating neighbor entries through Netlink.
  • 2a0476a7 northd: Use synced datapaths everywhere.
  • 4a6216ce datapaths: Add incremental processing for synced datapaths.
  • 2cbacb71 northd: datapath-sync: Add IP for LS and LR inputs.
  • 5405e5fa northd: datapath-sync: Move dp_tnlids map in ovn_synced_datapaths.
  • 50a48308 northd: Add IP for new logical switches in en-datapath-logical-switch node.
  • 05b99fb0 en-datapath-logical-router: Incrementally process unsynced routers.
  • 7bb513bc northd: Refactor datapath syncing.
  • 6919992d Datapath_Binding: Separate type column and sync NB.UUID to SB.
  • 513048b0 controller/route-exchange: Fix route-exchange retry on error mechanism.
  • a2fa8b22 northd: Update virtual port on parent port update.
  • 97c4fec1 northd: Fix table number related comments on functions.
  • 23884f51 utilities/containers/*/Dockerfile: Install dhclient.
  • 7ff2c6be controller: Fix potentially missing vif entries in fdb.
  • 7d8b14eb controller: Update next_cfg when transaction succeeded.
  • a1d82e9f northd: Process port_group changes incrementally.
  • fd651a26 northd: Change the argument ls_stateful_record_set_acls.
  • 9c6d19f0 route-exchange-netlink: Use stub for the netlink requests.
  • 65ca4a3c northd: controller: Support local-only dynamic route advertisements.
  • ac1c0026 northd: Do not advertise NAT and LBs when “connected-as-host” is configured.
  • b130dc7d BGP Multinode Test
  • b515f466 multinode.at: Make sure VRF support is available for the BGP test.
  • c92e19aa treewide: Consolidate put_load() function.
  • fb14d85f utilities: Remove the docker directory.
  • 31c704a3 northd: Incremental processing of LSPs IPAM in “northd” node.
  • 22184f5f northd: Move ipam functions from northd.c to ipam.c.
  • ab193754 logical-fields: Fix IPv6 dp flow explosion caused by ip6.mcast_rsvd.
  • 045b14c2 actions: Save/restore intermediate registers in ct_xxx actions.
  • 8e6f9a83 northd: Fix HW offload problem related to ct_tuple.
  • 06ffe491 logical-fields: Fix inconsistency of register usage.
  • 543631a4 ovn-trace: Fix pop action in trace.
  • 9d8afd44 physical: Support ct.new state in ct_xxx actions.
  • 0d2560be multinode: Check proper GARP generation.
  • 195331f5 controller: Fix missing garp while gw are fighting.
  • 9c2f897b controller: Do not postpone claim for highest priority chassis.
  • 01f33a2a multinode tests: Fix tests for ENABLE_SSL=“yes” clusters.
  • 1a628147 tests: Fix flaky “interconnection”.
  • 4b5d27da tests: Fix flaky “ovn-ic – route sync – loadbalancer”.
  • d1b37926 tests: Add missing check for scapy.
  • c8446124 tests: Remove unused commands from mac-binding test.
  • 03df5301 tests: Fix flaky “send arp for nexthop”.
  • fe0b2a7f tests: Fix flaky “tag allocation”.
  • c5e9c192 tests: Fix flaky tests not properly waiting for ovn-controller exit.
  • 8d51bcfe tests: Fix flaky “NAT on a provider network with no localnet ports”.
  • 0156e7da tests: Avoid calling ovs/ovn commands when ovs/ovn are stopped.
  • f38ee3ac tests: Avoid unloading not existing modules.
  • 84bda928 tests: Fix ovn-macro when ovn_check_packets__ fails.
  • da651050 ovn-nbctl: Fix lrp set gateway chassis duplicate gc.
  • 6e8dbef8 inc-proc-eng: Print proper values when changing state.
  • 8170783f tests: Add support for running system tests under retis.
  • 27cc274e northd: Use lower priority for all src routes.
  • 93fc05d0 multinode.at: Cleanup test interfaces created in br-ex.
  • 863e2211 multinode-macros: Cleanup and check resources on all chassis.
  • f04c518c ovn-controller: Use IDL to get the number of flow table prefixes.
  • b4959865 ovn-ctl: Fix ovsdb-server/sync-status command output.
  • 4c573e82 northd: Remove redundant check if DBs are writable.
  • 4c4da1f7 multinode tests: Dump logs when test exits.
  • 52652dc0 multinode: Avoid code duplication in macros.
  • d9e98bcb ovn-northd.at: Fix unreliable ‘sb_cfg propagation’ test.
  • b27d9aeb northd: Avoid unnecessary lflow recomputes when no BFD state changes.
  • fa9f3a8f route-exchange: Don’t keep trying to delete non-existent VRFs.
  • 0ba75693 ovn-nbctl: Add –all option for acl-list.
  • ee753d37 AUTHORS: Add Sragdhara Datta Chaudhuri.
  • 89d38510 route-table-notify: Avoid unnecessary lookups.
  • acc34859 controller: Don’t run garp_rarp recompute or unrelated changes.
  • 68c83ffb controller: Prevent assert with BGP when SB is read only.
  • c27b2956 controller: Slightly optimize the runtime_data handler for sb_ro.
  • 137ed00a ic: Advertise and learn routes for loadbalancer VIPs.
  • 7147f977 AUTHORS: Add Igal Tsoiref.
  • 006ad4d9 ovn-ctl: Add –ovn-controller-system-id option to pass -n to ovn-controller.
  • 342eb7fe Revert “northd: Don’t skip the unSNAT stage for traffic towards VIPs.”
  • 98822b90 controller: Remove ovn-ofctrl-wait-before-clear option.
  • 358b1dd5 controller: Delay initial flow upload to OVS.
  • aa088003 controller: Modify the behavior of lport_pb_is_chassis_resident.
  • be97d028 test: Add missing sync calls.
  • 875be80b controller: Install QoS rules even on ‘system’ ports.
  • d8ee7b08 ci: Bump ovn-fake-multinode tag.
  • 42d68ddc ci: Rebalance system tests to speed up the testing.
  • 778e9812 tests: Update ovn-sbctl count-flows test to test with NB UUIDs.
  • 3b8b33d9 AUTHORS: Add Mairtin O’Loingsigh.
  • e9a65745 ovn-nbctl: Support get command on port groups.
  • 05527bd6 controller: Extract garp_rarp to engine node.
  • 57e9a66b controller: Make sure we run engine_cleanup after thread destroy.
  • 662753c4 lib: inc-proc-eng: Add more debug info to recompute events.
  • fb477aff northd: Process ACL changes incrementally.
  • 34d01525 northd: Handle port group ACL changes incrementally.
  • b2ac717f northd: Avoid recompute of lflow from ACLs without meters.
  • b7130fe2 northd: Make lflow_table_add_lflow macros consistant.
  • e97202a5 ovn.at: Change MAC Bindings used by check packet length test.
  • 853bd782 multinode: Fix “HA: Check for missing garp … “.
  • 3f6570c4 multinode: Fix removing databases.
  • 0904c9f9 system-ovn.at: Fix ’load-balancer and firewall tuple conflict’ tests.
  • 30587c6e controller: Add en_route_exchange_status I-P node.
  • 45b9fbb4 controller: Take into account nl failures updating VRF and configured routes.
  • d6d95704 ovn-northd.at: Fix ’enable-stateless-acl-with-lb usage’ test.
  • e457633d en-advertised-route-sync: Advertise routes for all NAT/LB IPs owned by routers.
  • eef64685 ci: Bump Fedora image versions.
  • cae43afc multinode: Adjust the ping check.
  • 76ca59b2 system-test: Prevent flakiness of “virtual port with floating IP” test.
  • ad076178 ovs: Bump submodule to get compilation fixes.
  • 7fdbc43f ci: Disable apparmor for test runs.
  • 0458d7fd multinode tests: Add HA test checking for GARP.
  • 252c07b5 multinode tests: Update macros for cleaner exit.
  • 289ec19b pinctrl: Fix missing garp.
  • 0ffa5754 binding: Avoid 100% CPU when postponing claims.
  • b3f93e68 controller: Fix ct zone assignment I+P.
  • 32158404 controller: Defer until sb data is available.
  • 1850925e controller: Fix advertised_route incremental handler.
  • b91b1b17 route-exchange-netlink: Remove unused re_nl_dump() declaration.
  • 696acced northd: Remove lr_list from en_northd data.
  • 94fba1cb en-global-config: Cache vxlan mode and max tunnel key.
  • a5b14782 northd: Sample_Collector.set_ids can actually be 32-bit values.
  • 420ad4c5 tests: Added missing package dependency check.
  • 6448363c AUTHORS: Add Paulo Guilherme da Silva.
  • abbc272a northd: Add option to make work lb with stateless ACL.
  • f22b77b5 ovn-ic: Add support for route prefix filter.
  • 20a96b9d northd: Allow fragmented traffic through LB.
  • acf9c8a9 ovn-trace: Populate CT fields during CT actions.
  • de864315 cksum: Added checksum for pipeline stages.
  • d3cb5a0b ovn-ic: Avoid igmp/mld traffic flooding.
  • c03bda69 ic: Fix lrp and lsp orphan route learn or advertise.
  • e1495fbc northd: Remove delay in sb_cfg propagation.
  • 56d0615e MAINTAINERS: Move Gurucharan Shetty to emeritus status.
  • e4ddb5d4 northd: Trigger full recompute only for lport mirror updates.
  • 01ccab4e tests: Don’t assume first bucket will be chosen.
  • 4febf4d3 utilities: Print mirror rules in sorted order.
  • 8828b612 northd: Remove redundant ct state matches.
  • 0baaa026 en-lflow: Return correct type in northd_handler.
  • e1423abf ci: Add permanent fix for /etc/hosts file.
  • 1397d745 pinctrl: Remove useless volatile qualifier.
  • 82adbfd9 tests: Add direct lsp to dynamic-routing tests.
  • 7a7f727e ovn-controller: Update handlers for route changes.
  • 0be99718 route: Filter datapaths that should advertise.
  • 4b30df06 inc-proc-eng: Make engine_set_node_state() private.
  • d8a8b3fe inc-proc-eng: Update return type of change handlers.
  • 45557dd2 inc-proc-eng: Update return type of run() callbacks.
  • 2d38a91f inc-proc-eng: Remove NAME_STR argument from ENGINE_NODE variants.
  • 353cf28e inc-proc-eng: Streamline ENGINE_NODE macros.
  • 0aa2a482 northd: Set REGBIT_CONNTRACK_COMMIT earlier.
  • 845f2af8 northd: Use vector instead of list.
  • e81f5af6 controller: Use vector instead of list.
  • 58c628d2 mac-cache: Use vector instead of list.
  • add626fa lib: Replace manual x2nrealloc with vector.
  • 31b55135 ic: Replace manual x2nrealloc with vector.
  • 89d752c7 controller: Replace manual x2nrealloc with vector.
  • acac935b northd: Replace manual x2nrealloc with vector.
  • 9051e76c utilities: Replace manual x2nrealloc with vector.
  • fbe854be vec: Add new data type called vector.
  • 994f3714 Revert “tests: Set inactivity_probe for ovn-remote.”
  • ebd1b99b local_data: Track only relevant column for non_vif_data.
  • a6d90698 Provide the global option “enable_chassis_nb_cfg_update”.
  • 27c0dc6b tests: Set inactivity_probe for ovn-remote.
  • 6ccb3507 controller: Added support for port mirroring in OVN overlay.
  • 2a2fe266 northd: Added support for port mirroring in OVN overlay.
  • 3dd8f36b utilities: Cli commands for overlay port mirroring.
  • 9a30e047 contoller, northd: Limit number of claims for virtual ports.
  • a6b00079 controller: Remove only commited virtual port binding requests.
  • a3f72e44 controller: Make sure we will update routes on tracked port change.
  • ddd2124c northd: Prevent SB LB duplicates.
  • 9ca70580 controller: Remove unused struct fields.
  • b195678e tests: Fix racy hard_age value.
  • 33d0957a tests: Prevent flakiness of “LR ct-commit-all” test.
  • 52834c19 northd: Introduce exclude-router-ips-from-garp option for lsp.
  • 29d5b171 ovn-nb: Improve docs for nbctl –template lb-add.
  • 85fd52b9 ovn-nbctl.8: Document the “–route-table” option.
  • 8fbc52a1 ovn-architecture.7: Fix outdated nb_cfg description.
  • c99110a0 tests: Don’t hardcode table numbers in the default flows test.
  • 2faba6a0 test: multinode: Add hairpin and condition-nat test for transit router scenario.
  • 17aae8dd MAINTAINERS: Add Aleš Musil.
  • 35a3092a northd: Avoid matching on ct_state.dnat in logical flows.
  • a0870575 lib: northd: Add a new ct-state-save feature flag.
  • 5cd237a2 lib: ovn-controller: Add a new ct_state_save() logical action.
  • f1c391c1 controller: Optimize adding ‘dps’ to the local datapaths.
  • cf7ecdcc controller: Expand the helper lport_get_peer().
  • a0c2ab2b MAINTAINERS: Move Justin to emeritus status.
  • 6f7f8694 northd: Limit flooding the self originated neigh disc packets.
  • 5273d918 README: Add coverity scan badge.
  • e711ddd1 northd: Fix network_id computation for IPv6 LRP networks.
  • 2b05305d ovn-nbctl: Add –template option for lb-add.
  • 1be5c9e0 ovn-northd: Remove redundant check in update_sequence_numbers().
  • dc92afeb tests: Use scapy contrib BFD implementation.
  • 73b8a552 treewide: Remove support for deprecated TLSv1 and TLSv1.1.
  • 51566e02 treewide: Remove support for deprecated STT encapsulation.
  • 0771a2e2 northd, controller: Remove “hairpin_orig_tuple” compatibility option.
  • b3180262 checkpatch.py: Fix line numbering.
  • b0a69008 controller, northd: Add command to enable time warp.
  • f5be73d2 AUTHORS: Add Aditya Mehakare.
  • c375b4ac northd, lib: Add COPP support for DHCPv4 Relay.
  • c9edcafe lib: Fixed pipeline len for logical flows.
  • e03fe5a2 ci: Add extra distcheck job.
  • b74a18ca treewide: Use ovn-appctl instead of ovs-appctl where applicable.
  • f69ebdc1 controller: Add support for additional activation strategies.
  • 4f3952a6 .ci: ovn-fake-multinode-tests: Test upgrades from the latest LTS (24.03).
  • eed88276 docs: Fix up stage-hint ovn-sb documentation.
  • da552943 northd: Do not drop ip traffic with destination vip expressed via template vars.
  • af6e8370 northd: Use next-hop network for SNAT when lb_force_snat_ip=router_ip.
  • f68cc0ce ovs: Update the submodule to include python F824 fix.
  • f65e5a86 multinode tests: Use the correct container in multinode_sbctl().
  • 92e56b2a objdep: Simplify the passing of UUIDs to update.
  • 6e2e489e ci: Add missing llvm package into Fedora.
  • fad4b56b controller: Redirect traffic for container port.
  • 3baa8c64 multinode tests: Simplify/Cleanup migration test.
  • 894724d7 lb: Make the LB validation consistent.
  • cb0f7493 tests: Handle proto ovn in iproute.
  • 189a6ac5 route-exchange-netlink: Use existing RTPROT_OVN.
  • 093c87ea controller: Add option to specify cleanup behavior on exit.
  • 3571ccd1 tests: Ignore FDB transaction errors.
  • 0d1fc674 controller: Add a helper lport_get_cr_port().
  • 6aed782d controller: Fix possible NULL ptr access in lport_is_local().
  • ef64e386 controller: Add debug/dump-local-datapaths unixctl.
  • e64a15ef Modified the CI to use ovn-fake-multinode v0.3.
  • d3e6caa7 controller: Fix active mac-binding refresh for IPv6.
  • 586c81e3 tests: Fix flaky “IGMP incremental processing”.
  • 25a5d72f system-tests: Compare I+P and recompute flows.
  • 9f052bdb tests: Compare I+P flows with with recompute ones.
  • 5527101e tests: Avoid adding two similar load balancers.
  • 7ce6c700 ovn-macros: CHECK(FLOWS, RELATED_PORTS)_AFTER_RECOMPUTE improvements.
  • b1ff19e3 Fix missing load balancer hairpin flows.
  • 10725ce9 controller: (nit) Avoid setting again same register.
  • 821d3b89 physical: Simplify the MC group split buf processing.
  • 8879c817 .ci: ovn-fake-multinode-tests: Run containers with apparmor=unconfined.
  • 412aeebb ovn.at: Run ‘ACL Conntrack ID propagation’ for each northd type.
  • 407a9426 ci: Bump the Ubuntu image to 24.04.
  • 801b05e1 Set release date for 25.03.0.
  • 6c9becec docs: Move “Transit Router” notes to the “Logical_Router” section.
  • 98c9929d containers: Get sparse from the official GitHub mirror.
  • da27bc3e statctrl: Add visibility into how long each stats node run lasts.
  • f8d17f09 controller: Avoid unnecessary recomputes due to bfd_chassis.
  • 01821a08 northd: Remove unnecessary flag check for ct-commit-all.
  • 1e4d4409 controller: Send ARP/ND for stale mac_bindings entries.
  • 7c16f3df controller: Use xxreg1 for lookup_nd_ip() and get_nd() actions.
  • 9fc291c8 controller: Update OFTABLE_MAC_CACHE_USE for ARP reply generated by the tracked device.
  • 7849eb2b tests: Fix “interconnection” ic test.
  • 0f324ce8 multinode-tests: Cleanup before starting migration test.
  • 34900515 controller: Avoid potential 100% cpu when ports are postponed.
  • c0af4187 northd: Fix action parsing in build_lb_vip_actions().
  • b5ee1296 system-tests: Use alternate lease and configuration files for dhcpd.
  • e585fbd9 actions: Make sure all action opcodes have string representation.
  • b7f6cc6b docs: Make routing redirect options stable.
  • 3d443af1 docs: Configuration of BGP unnumbered.
  • 4d5e114e northd: Support I+P of lflows on route changes.
  • 302caaea northd: Add lflow_ref for route entries.
  • 6979a961 northd: Support I+P for group_ecmp_route engine.
  • 4a8d58e9 northd: Add group ecmp route engine node.
  • 1d61e3fc northd: Add en-learned-route-sync I+P handling.
  • 83b48029 northd: Prevent assert with wrong LSP configuration.
  • df45f0e5 northd/en-advertised-route-sync: Avoid reparsing NAT/LB IPs.
  • 646094d2 northd/en-advertised-route-sync: Store parsed data instead of IDL pointers.
  • 4936acae northd: Move functions that announce LB/NAT IPs.
  • 7cefb0f7 en-advertised-route-sync: Don’t assume that switch peers are routers.
  • dde3bdca Fixes ‘unkown’ typo in dynamic routing logging.
  • fe26d5b5 northd/en-advertised-route-sync: Be more consistent in function naming.
  • 23460c03 northd/en-advertised-route-sync: Skip prefix length for host routes.
  • 523e05dc ovn-detrace: Adjust the indentation of ovn-detrace output.
  • c4f248a3 ic: Fix denylist for IPv6 with same prefix length.
  • 705e1745 ovs: Move the submodule to the official v3.5.0.
  • f12c8a29 tests: Fix conntrack not being flushed between tests.
  • c1780ed0 northd: Fix onesided LRP peers.
  • 6e41bc42 tests: Fix flaky I+P tests.
  • d59fec14 ovn-nbctl.8: Document broadcasting behavior of ‘switch’ ports.
  • 4e406279 northd: Fix broadcast of all traffic within a transit spine switch.
  • d03d1944 northd: Fix broadcast of all traffic within a spine switch.
  • d3c79135 northd: Fix missing tier related ACL flows.
  • 00e4f782 controller: Support migration of container ports.
  • db7e33be controller: Also log port up for container ports.
  • 08aec1af Revert “ovn-controller: Remove monitor all of chassis private.”
  • a5dfcee8 Prepare for post-v25.03.0.