Currently netdev_get_carrier() returns both a carrier status and
an error code. However, usage of the error code was inconsistent:
most callers either ignored it or didn't perform their task if an
error occured, which prevented bond rebalancing. This makes the
handling consistent by translating an error into a down status in
the netdev library.
ovs-vsctl: Check for dirty reads within transactions.
OVSDB is transactional but it does not implement any form of locking. This
means that read-modify-write operations must verify that the values that
they read are still in place before writing. This commit adds such
checking.
vswitch: Make unique "name" columns immutable, to simplify transactions.
OVSDB has transactions but not locking, so a transaction that must
maintain an invariant must check that the starting state is what it
expects. For example, to add a bridge a client must verify that the new
bridge's name does not conflict with any existing bridge's name, given
that the set of bridges might have changed. One way to do that is for
the client to verify that that the set of bridges is the same and that none
of the bridges has been renamed to the new bridge's name. By making
bridge names immutable, the latter part of the check can be omitted.
Mirror names are not required to be unique so this commit does not make
them immutable.
netflow: Back-out optimization that could lead to infinite loop
Commit 924282 (netflow: Do 64-bit division less often.) attempted to
remove the 64-bit division used to break flow records with large byte
counts into multiple NetFlow records. The calculation to determine the
number of records was incorrect and should have shifted "byte_delta" by
31 instead of 32. This commit reverts the change (while keeping commit
f22a24 (netflow: Avoid (theoretically) looping 2**32 times.) ), since
the logic is more straight-forward than the optimized version.
ofproto: Drop flows from datapath more quickly under heavy load.
In normal operation it makes sense to keep track of all of the flows that
have been seen recently and to cache all of them in the kernel. Under
unusual conditions, such as those caused by network scanning tools or by an
actual targeted DoS attack against the vswitch, the number of flows can
explode to extremely high numbers (hundreds of thousands or more). In such
a situation the vswitch needs to guard against memory exhaustion by
expiring flows more quickly and more often. This commit implements an
inexpensive technique for determining which flows should be dropped in such
a situation.