2 * Copyright (c) 2009, 2010, 2011 Nicira Networks.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include "ofproto/ofproto-provider.h"
26 #include "byte-order.h"
31 #include "dynamic-string.h"
32 #include "fail-open.h"
35 #include "mac-learning.h"
36 #include "multipath.h"
43 #include "ofp-print.h"
44 #include "ofproto-dpif-sflow.h"
45 #include "poll-loop.h"
47 #include "unaligned.h"
49 #include "vlan-bitmap.h"
52 VLOG_DEFINE_THIS_MODULE(ofproto_dpif);
54 COVERAGE_DEFINE(ofproto_dpif_ctlr_action);
55 COVERAGE_DEFINE(ofproto_dpif_expired);
56 COVERAGE_DEFINE(ofproto_dpif_no_packet_in);
57 COVERAGE_DEFINE(ofproto_dpif_xlate);
58 COVERAGE_DEFINE(facet_changed_rule);
59 COVERAGE_DEFINE(facet_invalidated);
60 COVERAGE_DEFINE(facet_revalidate);
61 COVERAGE_DEFINE(facet_unexpected);
63 /* Maximum depth of flow table recursion (due to resubmit actions) in a
64 * flow translation. */
65 #define MAX_RESUBMIT_RECURSION 16
73 long long int used; /* Time last used; time created if not used. */
77 * - Do include packets and bytes from facets that have been deleted or
78 * whose own statistics have been folded into the rule.
80 * - Do include packets and bytes sent "by hand" that were accounted to
81 * the rule without any facet being involved (this is a rare corner
82 * case in rule_execute()).
84 * - Do not include packet or bytes that can be obtained from any facet's
85 * packet_count or byte_count member or that can be obtained from the
86 * datapath by, e.g., dpif_flow_get() for any facet.
88 uint64_t packet_count; /* Number of packets received. */
89 uint64_t byte_count; /* Number of bytes received. */
91 struct list facets; /* List of "struct facet"s. */
94 static struct rule_dpif *rule_dpif_cast(const struct rule *rule)
96 return rule ? CONTAINER_OF(rule, struct rule_dpif, up) : NULL;
99 static struct rule_dpif *rule_dpif_lookup(struct ofproto_dpif *,
100 const struct flow *, uint8_t table);
102 #define MAX_MIRRORS 32
103 typedef uint32_t mirror_mask_t;
104 #define MIRROR_MASK_C(X) UINT32_C(X)
105 BUILD_ASSERT_DECL(sizeof(mirror_mask_t) * CHAR_BIT >= MAX_MIRRORS);
107 struct ofproto_dpif *ofproto; /* Owning ofproto. */
108 size_t idx; /* In ofproto's "mirrors" array. */
109 void *aux; /* Key supplied by ofproto's client. */
110 char *name; /* Identifier for log messages. */
112 /* Selection criteria. */
113 struct hmapx srcs; /* Contains "struct ofbundle *"s. */
114 struct hmapx dsts; /* Contains "struct ofbundle *"s. */
115 unsigned long *vlans; /* Bitmap of chosen VLANs, NULL selects all. */
117 /* Output (mutually exclusive). */
118 struct ofbundle *out; /* Output port or NULL. */
119 int out_vlan; /* Output VLAN or -1. */
122 static void mirror_destroy(struct ofmirror *);
124 /* A group of one or more OpenFlow ports. */
125 #define OFBUNDLE_FLOOD ((struct ofbundle *) 1)
127 struct ofproto_dpif *ofproto; /* Owning ofproto. */
128 struct hmap_node hmap_node; /* In struct ofproto's "bundles" hmap. */
129 void *aux; /* Key supplied by ofproto's client. */
130 char *name; /* Identifier for log messages. */
133 struct list ports; /* Contains "struct ofport"s. */
134 int vlan; /* -1=trunk port, else a 12-bit VLAN ID. */
135 unsigned long *trunks; /* Bitmap of trunked VLANs, if 'vlan' == -1.
136 * NULL if all VLANs are trunked. */
137 struct lacp *lacp; /* LACP if LACP is enabled, otherwise NULL. */
138 struct bond *bond; /* Nonnull iff more than one port. */
141 bool floodable; /* True if no port has OFPPC_NO_FLOOD set. */
143 /* Port mirroring info. */
144 mirror_mask_t src_mirrors; /* Mirrors triggered when packet received. */
145 mirror_mask_t dst_mirrors; /* Mirrors triggered when packet sent. */
146 mirror_mask_t mirror_out; /* Mirrors that output to this bundle. */
149 static void bundle_remove(struct ofport *);
150 static void bundle_destroy(struct ofbundle *);
151 static void bundle_del_port(struct ofport_dpif *);
152 static void bundle_run(struct ofbundle *);
153 static void bundle_wait(struct ofbundle *);
155 struct action_xlate_ctx {
156 /* action_xlate_ctx_init() initializes these members. */
159 struct ofproto_dpif *ofproto;
161 /* Flow to which the OpenFlow actions apply. xlate_actions() will modify
162 * this flow when actions change header fields. */
165 /* The packet corresponding to 'flow', or a null pointer if we are
166 * revalidating without a packet to refer to. */
167 const struct ofpbuf *packet;
169 /* If nonnull, called just before executing a resubmit action.
171 * This is normally null so the client has to set it manually after
172 * calling action_xlate_ctx_init(). */
173 void (*resubmit_hook)(struct action_xlate_ctx *, struct rule_dpif *);
175 /* xlate_actions() initializes and uses these members. The client might want
176 * to look at them after it returns. */
178 struct ofpbuf *odp_actions; /* Datapath actions. */
179 tag_type tags; /* Tags associated with OFPP_NORMAL actions. */
180 bool may_set_up_flow; /* True ordinarily; false if the actions must
181 * be reassessed for every packet. */
182 uint16_t nf_output_iface; /* Output interface index for NetFlow. */
184 /* xlate_actions() initializes and uses these members, but the client has no
185 * reason to look at them. */
187 int recurse; /* Recursion level, via xlate_table_action. */
188 uint32_t priority; /* Current flow priority. 0 if none. */
189 struct flow base_flow; /* Flow at the last commit. */
190 uint32_t base_priority; /* Priority at the last commit. */
191 uint8_t table_id; /* OpenFlow table ID where flow was found. */
194 static void action_xlate_ctx_init(struct action_xlate_ctx *,
195 struct ofproto_dpif *, const struct flow *,
196 const struct ofpbuf *);
197 static struct ofpbuf *xlate_actions(struct action_xlate_ctx *,
198 const union ofp_action *in, size_t n_in);
200 /* An exact-match instantiation of an OpenFlow flow. */
202 long long int used; /* Time last used; time created if not used. */
206 * - Do include packets and bytes sent "by hand", e.g. with
209 * - Do include packets and bytes that were obtained from the datapath
210 * when a flow was deleted (e.g. dpif_flow_del()) or when its
211 * statistics were reset (e.g. dpif_flow_put() with
212 * DPIF_FP_ZERO_STATS).
214 * - Do not include any packets or bytes that can currently be obtained
215 * from the datapath by, e.g., dpif_flow_get().
217 uint64_t packet_count; /* Number of packets received. */
218 uint64_t byte_count; /* Number of bytes received. */
220 uint64_t dp_packet_count; /* Last known packet count in the datapath. */
221 uint64_t dp_byte_count; /* Last known byte count in the datapath. */
223 uint64_t rs_packet_count; /* Packets pushed to resubmit children. */
224 uint64_t rs_byte_count; /* Bytes pushed to resubmit children. */
225 long long int rs_used; /* Used time pushed to resubmit children. */
227 /* Number of bytes passed to account_cb. This may include bytes that can
228 * currently obtained from the datapath (thus, it can be greater than
230 uint64_t accounted_bytes;
232 struct hmap_node hmap_node; /* In owning ofproto's 'facets' hmap. */
233 struct list list_node; /* In owning rule's 'facets' list. */
234 struct rule_dpif *rule; /* Owning rule. */
235 struct flow flow; /* Exact-match flow. */
236 bool installed; /* Installed in datapath? */
237 bool may_install; /* True ordinarily; false if actions must
238 * be reassessed for every packet. */
239 size_t actions_len; /* Number of bytes in actions[]. */
240 struct nlattr *actions; /* Datapath actions. */
241 tag_type tags; /* Tags. */
242 struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */
245 static struct facet *facet_create(struct rule_dpif *, const struct flow *,
246 const struct ofpbuf *packet);
247 static void facet_remove(struct ofproto_dpif *, struct facet *);
248 static void facet_free(struct facet *);
250 static struct facet *facet_find(struct ofproto_dpif *, const struct flow *);
251 static struct facet *facet_lookup_valid(struct ofproto_dpif *,
252 const struct flow *);
253 static bool facet_revalidate(struct ofproto_dpif *, struct facet *);
255 static void facet_execute(struct ofproto_dpif *, struct facet *,
256 struct ofpbuf *packet);
258 static int facet_put__(struct ofproto_dpif *, struct facet *,
259 const struct nlattr *actions, size_t actions_len,
260 struct dpif_flow_stats *);
261 static void facet_install(struct ofproto_dpif *, struct facet *,
263 static void facet_uninstall(struct ofproto_dpif *, struct facet *);
264 static void facet_flush_stats(struct ofproto_dpif *, struct facet *);
266 static void facet_make_actions(struct ofproto_dpif *, struct facet *,
267 const struct ofpbuf *packet);
268 static void facet_update_time(struct ofproto_dpif *, struct facet *,
270 static void facet_update_stats(struct ofproto_dpif *, struct facet *,
271 const struct dpif_flow_stats *);
272 static void facet_reset_counters(struct facet *);
273 static void facet_reset_dp_stats(struct facet *, struct dpif_flow_stats *);
274 static void facet_push_stats(struct facet *);
275 static void facet_account(struct ofproto_dpif *, struct facet *,
276 uint64_t extra_bytes);
278 static bool facet_is_controller_flow(struct facet *);
280 static void flow_push_stats(const struct rule_dpif *,
281 struct flow *, uint64_t packets, uint64_t bytes,
288 struct ofbundle *bundle; /* Bundle that contains this port, if any. */
289 struct list bundle_node; /* In struct ofbundle's "ports" list. */
290 struct cfm *cfm; /* Connectivity Fault Management, if any. */
291 tag_type tag; /* Tag associated with this port. */
292 uint32_t bond_stable_id; /* stable_id to use as bond slave, or 0. */
293 bool may_enable; /* May be enabled in bonds. */
296 static struct ofport_dpif *
297 ofport_dpif_cast(const struct ofport *ofport)
299 assert(ofport->ofproto->ofproto_class == &ofproto_dpif_class);
300 return ofport ? CONTAINER_OF(ofport, struct ofport_dpif, up) : NULL;
303 static void port_run(struct ofport_dpif *);
304 static void port_wait(struct ofport_dpif *);
305 static int set_cfm(struct ofport *, const struct cfm_settings *);
307 struct dpif_completion {
308 struct list list_node;
309 struct ofoperation *op;
312 struct ofproto_dpif {
321 struct netflow *netflow;
322 struct dpif_sflow *sflow;
323 struct hmap bundles; /* Contains "struct ofbundle"s. */
324 struct mac_learning *ml;
325 struct ofmirror *mirrors[MAX_MIRRORS];
326 bool has_bonded_bundles;
329 struct timer next_expiration;
333 bool need_revalidate;
334 struct tag_set revalidate_set;
336 /* Support for debugging async flow mods. */
337 struct list completions;
339 bool has_bundle_action; /* True when the first bundle action appears. */
342 /* Defer flow mod completion until "ovs-appctl ofproto/unclog"? (Useful only
343 * for debugging the asynchronous flow_mod implementation.) */
346 static void ofproto_dpif_unixctl_init(void);
348 static struct ofproto_dpif *
349 ofproto_dpif_cast(const struct ofproto *ofproto)
351 assert(ofproto->ofproto_class == &ofproto_dpif_class);
352 return CONTAINER_OF(ofproto, struct ofproto_dpif, up);
355 static struct ofport_dpif *get_ofp_port(struct ofproto_dpif *,
357 static struct ofport_dpif *get_odp_port(struct ofproto_dpif *,
360 /* Packet processing. */
361 static void update_learning_table(struct ofproto_dpif *,
362 const struct flow *, int vlan,
364 static bool is_admissible(struct ofproto_dpif *, const struct flow *,
365 bool have_packet, tag_type *, int *vlanp,
366 struct ofbundle **in_bundlep);
367 static void handle_upcall(struct ofproto_dpif *, struct dpif_upcall *);
369 /* Flow expiration. */
370 static int expire(struct ofproto_dpif *);
373 static int send_packet(struct ofproto_dpif *, uint32_t odp_port,
374 const struct ofpbuf *packet);
376 /* Global variables. */
377 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
379 /* Factory functions. */
382 enumerate_types(struct sset *types)
384 dp_enumerate_types(types);
388 enumerate_names(const char *type, struct sset *names)
390 return dp_enumerate_names(type, names);
394 del(const char *type, const char *name)
399 error = dpif_open(name, type, &dpif);
401 error = dpif_delete(dpif);
407 /* Basic life-cycle. */
409 static struct ofproto *
412 struct ofproto_dpif *ofproto = xmalloc(sizeof *ofproto);
417 dealloc(struct ofproto *ofproto_)
419 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
424 construct(struct ofproto *ofproto_, int *n_tablesp)
426 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
427 const char *name = ofproto->up.name;
431 error = dpif_create_and_open(name, ofproto->up.type, &ofproto->dpif);
433 VLOG_ERR("failed to open datapath %s: %s", name, strerror(error));
437 ofproto->max_ports = dpif_get_max_ports(ofproto->dpif);
438 ofproto->n_matches = 0;
440 error = dpif_recv_set_mask(ofproto->dpif,
441 ((1u << DPIF_UC_MISS) |
442 (1u << DPIF_UC_ACTION) |
443 (1u << DPIF_UC_SAMPLE)));
445 VLOG_ERR("failed to listen on datapath %s: %s", name, strerror(error));
446 dpif_close(ofproto->dpif);
449 dpif_flow_flush(ofproto->dpif);
450 dpif_recv_purge(ofproto->dpif);
452 ofproto->netflow = NULL;
453 ofproto->sflow = NULL;
454 hmap_init(&ofproto->bundles);
455 ofproto->ml = mac_learning_create();
456 for (i = 0; i < MAX_MIRRORS; i++) {
457 ofproto->mirrors[i] = NULL;
459 ofproto->has_bonded_bundles = false;
461 timer_set_duration(&ofproto->next_expiration, 1000);
463 hmap_init(&ofproto->facets);
464 ofproto->need_revalidate = false;
465 tag_set_init(&ofproto->revalidate_set);
467 list_init(&ofproto->completions);
469 ofproto_dpif_unixctl_init();
471 ofproto->has_bundle_action = false;
478 complete_operations(struct ofproto_dpif *ofproto)
480 struct dpif_completion *c, *next;
482 LIST_FOR_EACH_SAFE (c, next, list_node, &ofproto->completions) {
483 ofoperation_complete(c->op, 0);
484 list_remove(&c->list_node);
490 destruct(struct ofproto *ofproto_)
492 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
493 struct rule_dpif *rule, *next_rule;
494 struct classifier *table;
497 complete_operations(ofproto);
499 OFPROTO_FOR_EACH_TABLE (table, &ofproto->up) {
500 struct cls_cursor cursor;
502 cls_cursor_init(&cursor, table, NULL);
503 CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, up.cr, &cursor) {
504 ofproto_rule_destroy(&rule->up);
508 for (i = 0; i < MAX_MIRRORS; i++) {
509 mirror_destroy(ofproto->mirrors[i]);
512 netflow_destroy(ofproto->netflow);
513 dpif_sflow_destroy(ofproto->sflow);
514 hmap_destroy(&ofproto->bundles);
515 mac_learning_destroy(ofproto->ml);
517 hmap_destroy(&ofproto->facets);
519 dpif_close(ofproto->dpif);
523 run(struct ofproto *ofproto_)
525 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
526 struct ofport_dpif *ofport;
527 struct ofbundle *bundle;
531 complete_operations(ofproto);
533 dpif_run(ofproto->dpif);
535 for (i = 0; i < 50; i++) {
536 struct dpif_upcall packet;
539 error = dpif_recv(ofproto->dpif, &packet);
541 if (error == ENODEV) {
542 /* Datapath destroyed. */
548 handle_upcall(ofproto, &packet);
551 if (timer_expired(&ofproto->next_expiration)) {
552 int delay = expire(ofproto);
553 timer_set_duration(&ofproto->next_expiration, delay);
556 if (ofproto->netflow) {
557 netflow_run(ofproto->netflow);
559 if (ofproto->sflow) {
560 dpif_sflow_run(ofproto->sflow);
563 HMAP_FOR_EACH (ofport, up.hmap_node, &ofproto->up.ports) {
566 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
570 /* Now revalidate if there's anything to do. */
571 if (ofproto->need_revalidate
572 || !tag_set_is_empty(&ofproto->revalidate_set)) {
573 struct tag_set revalidate_set = ofproto->revalidate_set;
574 bool revalidate_all = ofproto->need_revalidate;
575 struct facet *facet, *next;
577 /* Clear the revalidation flags. */
578 tag_set_init(&ofproto->revalidate_set);
579 ofproto->need_revalidate = false;
581 HMAP_FOR_EACH_SAFE (facet, next, hmap_node, &ofproto->facets) {
583 || tag_set_intersects(&revalidate_set, facet->tags)) {
584 facet_revalidate(ofproto, facet);
593 wait(struct ofproto *ofproto_)
595 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
596 struct ofport_dpif *ofport;
597 struct ofbundle *bundle;
599 if (!clogged && !list_is_empty(&ofproto->completions)) {
600 poll_immediate_wake();
603 dpif_wait(ofproto->dpif);
604 dpif_recv_wait(ofproto->dpif);
605 if (ofproto->sflow) {
606 dpif_sflow_wait(ofproto->sflow);
608 if (!tag_set_is_empty(&ofproto->revalidate_set)) {
609 poll_immediate_wake();
611 HMAP_FOR_EACH (ofport, up.hmap_node, &ofproto->up.ports) {
614 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
617 if (ofproto->need_revalidate) {
618 /* Shouldn't happen, but if it does just go around again. */
619 VLOG_DBG_RL(&rl, "need revalidate in ofproto_wait_cb()");
620 poll_immediate_wake();
622 timer_wait(&ofproto->next_expiration);
627 flush(struct ofproto *ofproto_)
629 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
630 struct facet *facet, *next_facet;
632 HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) {
633 /* Mark the facet as not installed so that facet_remove() doesn't
634 * bother trying to uninstall it. There is no point in uninstalling it
635 * individually since we are about to blow away all the facets with
636 * dpif_flow_flush(). */
637 facet->installed = false;
638 facet->dp_packet_count = 0;
639 facet->dp_byte_count = 0;
640 facet_remove(ofproto, facet);
642 dpif_flow_flush(ofproto->dpif);
646 get_features(struct ofproto *ofproto_ OVS_UNUSED,
647 bool *arp_match_ip, uint32_t *actions)
649 *arp_match_ip = true;
650 *actions = ((1u << OFPAT_OUTPUT) |
651 (1u << OFPAT_SET_VLAN_VID) |
652 (1u << OFPAT_SET_VLAN_PCP) |
653 (1u << OFPAT_STRIP_VLAN) |
654 (1u << OFPAT_SET_DL_SRC) |
655 (1u << OFPAT_SET_DL_DST) |
656 (1u << OFPAT_SET_NW_SRC) |
657 (1u << OFPAT_SET_NW_DST) |
658 (1u << OFPAT_SET_NW_TOS) |
659 (1u << OFPAT_SET_TP_SRC) |
660 (1u << OFPAT_SET_TP_DST) |
661 (1u << OFPAT_ENQUEUE));
665 get_tables(struct ofproto *ofproto_, struct ofp_table_stats *ots)
667 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
670 strcpy(ots->name, "classifier");
672 dpif_get_dp_stats(ofproto->dpif, &s);
673 put_32aligned_be64(&ots->lookup_count, htonll(s.n_hit + s.n_missed));
674 put_32aligned_be64(&ots->matched_count,
675 htonll(s.n_hit + ofproto->n_matches));
679 set_netflow(struct ofproto *ofproto_,
680 const struct netflow_options *netflow_options)
682 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
684 if (netflow_options) {
685 if (!ofproto->netflow) {
686 ofproto->netflow = netflow_create();
688 return netflow_set_options(ofproto->netflow, netflow_options);
690 netflow_destroy(ofproto->netflow);
691 ofproto->netflow = NULL;
696 static struct ofport *
699 struct ofport_dpif *port = xmalloc(sizeof *port);
704 port_dealloc(struct ofport *port_)
706 struct ofport_dpif *port = ofport_dpif_cast(port_);
711 port_construct(struct ofport *port_)
713 struct ofport_dpif *port = ofport_dpif_cast(port_);
714 struct ofproto_dpif *ofproto = ofproto_dpif_cast(port->up.ofproto);
716 port->odp_port = ofp_port_to_odp_port(port->up.ofp_port);
719 port->tag = tag_create_random();
720 port->may_enable = true;
722 if (ofproto->sflow) {
723 dpif_sflow_add_port(ofproto->sflow, port->odp_port,
724 netdev_get_name(port->up.netdev));
731 port_destruct(struct ofport *port_)
733 struct ofport_dpif *port = ofport_dpif_cast(port_);
734 struct ofproto_dpif *ofproto = ofproto_dpif_cast(port->up.ofproto);
736 bundle_remove(port_);
737 set_cfm(port_, NULL);
738 if (ofproto->sflow) {
739 dpif_sflow_del_port(ofproto->sflow, port->odp_port);
744 port_modified(struct ofport *port_)
746 struct ofport_dpif *port = ofport_dpif_cast(port_);
748 if (port->bundle && port->bundle->bond) {
749 bond_slave_set_netdev(port->bundle->bond, port, port->up.netdev);
754 port_reconfigured(struct ofport *port_, ovs_be32 old_config)
756 struct ofport_dpif *port = ofport_dpif_cast(port_);
757 struct ofproto_dpif *ofproto = ofproto_dpif_cast(port->up.ofproto);
758 ovs_be32 changed = old_config ^ port->up.opp.config;
760 if (changed & htonl(OFPPC_NO_RECV | OFPPC_NO_RECV_STP |
761 OFPPC_NO_FWD | OFPPC_NO_FLOOD)) {
762 ofproto->need_revalidate = true;
767 set_sflow(struct ofproto *ofproto_,
768 const struct ofproto_sflow_options *sflow_options)
770 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
771 struct dpif_sflow *ds = ofproto->sflow;
774 struct ofport_dpif *ofport;
776 ds = ofproto->sflow = dpif_sflow_create(ofproto->dpif);
777 HMAP_FOR_EACH (ofport, up.hmap_node, &ofproto->up.ports) {
778 dpif_sflow_add_port(ds, ofport->odp_port,
779 netdev_get_name(ofport->up.netdev));
782 dpif_sflow_set_options(ds, sflow_options);
784 dpif_sflow_destroy(ds);
785 ofproto->sflow = NULL;
791 set_cfm(struct ofport *ofport_, const struct cfm_settings *s)
793 struct ofport_dpif *ofport = ofport_dpif_cast(ofport_);
800 ofport->cfm = cfm_create(netdev_get_name(ofport->up.netdev));
803 if (cfm_configure(ofport->cfm, s)) {
809 cfm_destroy(ofport->cfm);
815 get_cfm_fault(const struct ofport *ofport_)
817 struct ofport_dpif *ofport = ofport_dpif_cast(ofport_);
819 return ofport->cfm ? cfm_get_fault(ofport->cfm) : -1;
824 /* Expires all MAC learning entries associated with 'port' and forces ofproto
825 * to revalidate every flow. */
827 bundle_flush_macs(struct ofbundle *bundle)
829 struct ofproto_dpif *ofproto = bundle->ofproto;
830 struct mac_learning *ml = ofproto->ml;
831 struct mac_entry *mac, *next_mac;
833 ofproto->need_revalidate = true;
834 LIST_FOR_EACH_SAFE (mac, next_mac, lru_node, &ml->lrus) {
835 if (mac->port.p == bundle) {
836 mac_learning_expire(ml, mac);
841 static struct ofbundle *
842 bundle_lookup(const struct ofproto_dpif *ofproto, void *aux)
844 struct ofbundle *bundle;
846 HMAP_FOR_EACH_IN_BUCKET (bundle, hmap_node, hash_pointer(aux, 0),
848 if (bundle->aux == aux) {
855 /* Looks up each of the 'n_auxes' pointers in 'auxes' as bundles and adds the
856 * ones that are found to 'bundles'. */
858 bundle_lookup_multiple(struct ofproto_dpif *ofproto,
859 void **auxes, size_t n_auxes,
860 struct hmapx *bundles)
865 for (i = 0; i < n_auxes; i++) {
866 struct ofbundle *bundle = bundle_lookup(ofproto, auxes[i]);
868 hmapx_add(bundles, bundle);
874 bundle_del_port(struct ofport_dpif *port)
876 struct ofbundle *bundle = port->bundle;
878 bundle->ofproto->need_revalidate = true;
880 list_remove(&port->bundle_node);
884 lacp_slave_unregister(bundle->lacp, port);
887 bond_slave_unregister(bundle->bond, port);
890 bundle->floodable = true;
891 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
892 if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)) {
893 bundle->floodable = false;
899 bundle_add_port(struct ofbundle *bundle, uint32_t ofp_port,
900 struct lacp_slave_settings *lacp,
901 uint32_t bond_stable_id)
903 struct ofport_dpif *port;
905 port = get_ofp_port(bundle->ofproto, ofp_port);
910 if (port->bundle != bundle) {
911 bundle->ofproto->need_revalidate = true;
913 bundle_del_port(port);
916 port->bundle = bundle;
917 list_push_back(&bundle->ports, &port->bundle_node);
918 if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)) {
919 bundle->floodable = false;
923 lacp_slave_register(bundle->lacp, port, lacp);
926 port->bond_stable_id = bond_stable_id;
932 bundle_destroy(struct ofbundle *bundle)
934 struct ofproto_dpif *ofproto;
935 struct ofport_dpif *port, *next_port;
942 ofproto = bundle->ofproto;
943 for (i = 0; i < MAX_MIRRORS; i++) {
944 struct ofmirror *m = ofproto->mirrors[i];
946 if (m->out == bundle) {
948 } else if (hmapx_find_and_delete(&m->srcs, bundle)
949 || hmapx_find_and_delete(&m->dsts, bundle)) {
950 ofproto->need_revalidate = true;
955 LIST_FOR_EACH_SAFE (port, next_port, bundle_node, &bundle->ports) {
956 bundle_del_port(port);
959 bundle_flush_macs(bundle);
960 hmap_remove(&ofproto->bundles, &bundle->hmap_node);
962 free(bundle->trunks);
963 lacp_destroy(bundle->lacp);
964 bond_destroy(bundle->bond);
969 bundle_set(struct ofproto *ofproto_, void *aux,
970 const struct ofproto_bundle_settings *s)
972 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
973 bool need_flush = false;
974 const unsigned long *trunks;
975 struct ofport_dpif *port;
976 struct ofbundle *bundle;
981 bundle_destroy(bundle_lookup(ofproto, aux));
985 assert(s->n_slaves == 1 || s->bond != NULL);
986 assert((s->lacp != NULL) == (s->lacp_slaves != NULL));
988 bundle = bundle_lookup(ofproto, aux);
990 bundle = xmalloc(sizeof *bundle);
992 bundle->ofproto = ofproto;
993 hmap_insert(&ofproto->bundles, &bundle->hmap_node,
994 hash_pointer(aux, 0));
998 list_init(&bundle->ports);
1000 bundle->trunks = NULL;
1001 bundle->lacp = NULL;
1002 bundle->bond = NULL;
1004 bundle->floodable = true;
1006 bundle->src_mirrors = 0;
1007 bundle->dst_mirrors = 0;
1008 bundle->mirror_out = 0;
1011 if (!bundle->name || strcmp(s->name, bundle->name)) {
1013 bundle->name = xstrdup(s->name);
1018 if (!bundle->lacp) {
1019 bundle->lacp = lacp_create();
1021 lacp_configure(bundle->lacp, s->lacp);
1023 lacp_destroy(bundle->lacp);
1024 bundle->lacp = NULL;
1027 /* Update set of ports. */
1029 for (i = 0; i < s->n_slaves; i++) {
1030 if (!bundle_add_port(bundle, s->slaves[i],
1031 s->lacp ? &s->lacp_slaves[i] : NULL,
1032 s->bond_stable_ids ? s->bond_stable_ids[i] : 0)) {
1036 if (!ok || list_size(&bundle->ports) != s->n_slaves) {
1037 struct ofport_dpif *next_port;
1039 LIST_FOR_EACH_SAFE (port, next_port, bundle_node, &bundle->ports) {
1040 for (i = 0; i < s->n_slaves; i++) {
1041 if (s->slaves[i] == port->up.ofp_port) {
1046 bundle_del_port(port);
1050 assert(list_size(&bundle->ports) <= s->n_slaves);
1052 if (list_is_empty(&bundle->ports)) {
1053 bundle_destroy(bundle);
1058 if (s->vlan != bundle->vlan) {
1059 bundle->vlan = s->vlan;
1063 /* Get trunked VLANs. */
1064 trunks = s->vlan == -1 ? NULL : s->trunks;
1065 if (!vlan_bitmap_equal(trunks, bundle->trunks)) {
1066 free(bundle->trunks);
1067 bundle->trunks = vlan_bitmap_clone(trunks);
1072 if (!list_is_short(&bundle->ports)) {
1073 bundle->ofproto->has_bonded_bundles = true;
1075 if (bond_reconfigure(bundle->bond, s->bond)) {
1076 ofproto->need_revalidate = true;
1079 bundle->bond = bond_create(s->bond);
1080 ofproto->need_revalidate = true;
1083 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
1084 bond_slave_register(bundle->bond, port, port->bond_stable_id,
1088 bond_destroy(bundle->bond);
1089 bundle->bond = NULL;
1092 /* If we changed something that would affect MAC learning, un-learn
1093 * everything on this port and force flow revalidation. */
1095 bundle_flush_macs(bundle);
1102 bundle_remove(struct ofport *port_)
1104 struct ofport_dpif *port = ofport_dpif_cast(port_);
1105 struct ofbundle *bundle = port->bundle;
1108 bundle_del_port(port);
1109 if (list_is_empty(&bundle->ports)) {
1110 bundle_destroy(bundle);
1111 } else if (list_is_short(&bundle->ports)) {
1112 bond_destroy(bundle->bond);
1113 bundle->bond = NULL;
1119 send_pdu_cb(void *port_, const struct lacp_pdu *pdu)
1121 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 10);
1122 struct ofport_dpif *port = port_;
1123 uint8_t ea[ETH_ADDR_LEN];
1126 error = netdev_get_etheraddr(port->up.netdev, ea);
1128 struct lacp_pdu *packet_pdu;
1129 struct ofpbuf packet;
1131 ofpbuf_init(&packet, 0);
1132 packet_pdu = eth_compose(&packet, eth_addr_lacp, ea, ETH_TYPE_LACP,
1133 sizeof *packet_pdu);
1135 error = netdev_send(port->up.netdev, &packet);
1137 VLOG_WARN_RL(&rl, "port %s: sending LACP PDU on iface %s failed "
1138 "(%s)", port->bundle->name,
1139 netdev_get_name(port->up.netdev), strerror(error));
1141 ofpbuf_uninit(&packet);
1143 VLOG_ERR_RL(&rl, "port %s: cannot obtain Ethernet address of iface "
1144 "%s (%s)", port->bundle->name,
1145 netdev_get_name(port->up.netdev), strerror(error));
1150 bundle_send_learning_packets(struct ofbundle *bundle)
1152 struct ofproto_dpif *ofproto = bundle->ofproto;
1153 int error, n_packets, n_errors;
1154 struct mac_entry *e;
1156 error = n_packets = n_errors = 0;
1157 LIST_FOR_EACH (e, lru_node, &ofproto->ml->lrus) {
1158 if (e->port.p != bundle) {
1159 int ret = bond_send_learning_packet(bundle->bond, e->mac, e->vlan);
1169 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1170 VLOG_WARN_RL(&rl, "bond %s: %d errors sending %d gratuitous learning "
1171 "packets, last error was: %s",
1172 bundle->name, n_errors, n_packets, strerror(error));
1174 VLOG_DBG("bond %s: sent %d gratuitous learning packets",
1175 bundle->name, n_packets);
1180 bundle_run(struct ofbundle *bundle)
1183 lacp_run(bundle->lacp, send_pdu_cb);
1186 struct ofport_dpif *port;
1188 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
1189 bond_slave_set_may_enable(bundle->bond, port, port->may_enable);
1192 bond_run(bundle->bond, &bundle->ofproto->revalidate_set,
1193 lacp_negotiated(bundle->lacp));
1194 if (bond_should_send_learning_packets(bundle->bond)) {
1195 bundle_send_learning_packets(bundle);
1201 bundle_wait(struct ofbundle *bundle)
1204 lacp_wait(bundle->lacp);
1207 bond_wait(bundle->bond);
1214 mirror_scan(struct ofproto_dpif *ofproto)
1218 for (idx = 0; idx < MAX_MIRRORS; idx++) {
1219 if (!ofproto->mirrors[idx]) {
1226 static struct ofmirror *
1227 mirror_lookup(struct ofproto_dpif *ofproto, void *aux)
1231 for (i = 0; i < MAX_MIRRORS; i++) {
1232 struct ofmirror *mirror = ofproto->mirrors[i];
1233 if (mirror && mirror->aux == aux) {
1242 mirror_set(struct ofproto *ofproto_, void *aux,
1243 const struct ofproto_mirror_settings *s)
1245 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1246 mirror_mask_t mirror_bit;
1247 struct ofbundle *bundle;
1248 struct ofmirror *mirror;
1249 struct ofbundle *out;
1250 struct hmapx srcs; /* Contains "struct ofbundle *"s. */
1251 struct hmapx dsts; /* Contains "struct ofbundle *"s. */
1254 mirror = mirror_lookup(ofproto, aux);
1256 mirror_destroy(mirror);
1262 idx = mirror_scan(ofproto);
1264 VLOG_WARN("bridge %s: maximum of %d port mirrors reached, "
1266 ofproto->up.name, MAX_MIRRORS, s->name);
1270 mirror = ofproto->mirrors[idx] = xzalloc(sizeof *mirror);
1271 mirror->ofproto = ofproto;
1274 mirror->out_vlan = -1;
1275 mirror->name = NULL;
1278 if (!mirror->name || strcmp(s->name, mirror->name)) {
1280 mirror->name = xstrdup(s->name);
1283 /* Get the new configuration. */
1284 if (s->out_bundle) {
1285 out = bundle_lookup(ofproto, s->out_bundle);
1287 mirror_destroy(mirror);
1293 out_vlan = s->out_vlan;
1295 bundle_lookup_multiple(ofproto, s->srcs, s->n_srcs, &srcs);
1296 bundle_lookup_multiple(ofproto, s->dsts, s->n_dsts, &dsts);
1298 /* If the configuration has not changed, do nothing. */
1299 if (hmapx_equals(&srcs, &mirror->srcs)
1300 && hmapx_equals(&dsts, &mirror->dsts)
1301 && vlan_bitmap_equal(mirror->vlans, s->src_vlans)
1302 && mirror->out == out
1303 && mirror->out_vlan == out_vlan)
1305 hmapx_destroy(&srcs);
1306 hmapx_destroy(&dsts);
1310 hmapx_swap(&srcs, &mirror->srcs);
1311 hmapx_destroy(&srcs);
1313 hmapx_swap(&dsts, &mirror->dsts);
1314 hmapx_destroy(&dsts);
1316 free(mirror->vlans);
1317 mirror->vlans = vlan_bitmap_clone(s->src_vlans);
1320 mirror->out_vlan = out_vlan;
1322 /* Update bundles. */
1323 mirror_bit = MIRROR_MASK_C(1) << mirror->idx;
1324 HMAP_FOR_EACH (bundle, hmap_node, &mirror->ofproto->bundles) {
1325 if (hmapx_contains(&mirror->srcs, bundle)) {
1326 bundle->src_mirrors |= mirror_bit;
1328 bundle->src_mirrors &= ~mirror_bit;
1331 if (hmapx_contains(&mirror->dsts, bundle)) {
1332 bundle->dst_mirrors |= mirror_bit;
1334 bundle->dst_mirrors &= ~mirror_bit;
1337 if (mirror->out == bundle) {
1338 bundle->mirror_out |= mirror_bit;
1340 bundle->mirror_out &= ~mirror_bit;
1344 ofproto->need_revalidate = true;
1345 mac_learning_flush(ofproto->ml);
1351 mirror_destroy(struct ofmirror *mirror)
1353 struct ofproto_dpif *ofproto;
1354 mirror_mask_t mirror_bit;
1355 struct ofbundle *bundle;
1361 ofproto = mirror->ofproto;
1362 ofproto->need_revalidate = true;
1363 mac_learning_flush(ofproto->ml);
1365 mirror_bit = MIRROR_MASK_C(1) << mirror->idx;
1366 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
1367 bundle->src_mirrors &= ~mirror_bit;
1368 bundle->dst_mirrors &= ~mirror_bit;
1369 bundle->mirror_out &= ~mirror_bit;
1372 hmapx_destroy(&mirror->srcs);
1373 hmapx_destroy(&mirror->dsts);
1374 free(mirror->vlans);
1376 ofproto->mirrors[mirror->idx] = NULL;
1382 set_flood_vlans(struct ofproto *ofproto_, unsigned long *flood_vlans)
1384 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1385 if (mac_learning_set_flood_vlans(ofproto->ml, flood_vlans)) {
1386 ofproto->need_revalidate = true;
1387 mac_learning_flush(ofproto->ml);
1393 is_mirror_output_bundle(struct ofproto *ofproto_, void *aux)
1395 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1396 struct ofbundle *bundle = bundle_lookup(ofproto, aux);
1397 return bundle && bundle->mirror_out != 0;
1401 forward_bpdu_changed(struct ofproto *ofproto_)
1403 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1404 /* Revalidate cached flows whenever forward_bpdu option changes. */
1405 ofproto->need_revalidate = true;
1410 static struct ofport_dpif *
1411 get_ofp_port(struct ofproto_dpif *ofproto, uint16_t ofp_port)
1413 struct ofport *ofport = ofproto_get_port(&ofproto->up, ofp_port);
1414 return ofport ? ofport_dpif_cast(ofport) : NULL;
1417 static struct ofport_dpif *
1418 get_odp_port(struct ofproto_dpif *ofproto, uint32_t odp_port)
1420 return get_ofp_port(ofproto, odp_port_to_ofp_port(odp_port));
1424 ofproto_port_from_dpif_port(struct ofproto_port *ofproto_port,
1425 struct dpif_port *dpif_port)
1427 ofproto_port->name = dpif_port->name;
1428 ofproto_port->type = dpif_port->type;
1429 ofproto_port->ofp_port = odp_port_to_ofp_port(dpif_port->port_no);
1433 port_run(struct ofport_dpif *ofport)
1435 bool enable = netdev_get_carrier(ofport->up.netdev);
1438 cfm_run(ofport->cfm);
1440 if (cfm_should_send_ccm(ofport->cfm)) {
1441 struct ofpbuf packet;
1443 ofpbuf_init(&packet, 0);
1444 cfm_compose_ccm(ofport->cfm, &packet, ofport->up.opp.hw_addr);
1445 send_packet(ofproto_dpif_cast(ofport->up.ofproto),
1446 ofport->odp_port, &packet);
1447 ofpbuf_uninit(&packet);
1450 enable = enable && !cfm_get_fault(ofport->cfm);
1453 if (ofport->bundle) {
1454 enable = enable && lacp_slave_may_enable(ofport->bundle->lacp, ofport);
1457 if (ofport->may_enable != enable) {
1458 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofport->up.ofproto);
1460 if (ofproto->has_bundle_action) {
1461 ofproto->need_revalidate = true;
1465 ofport->may_enable = enable;
1469 port_wait(struct ofport_dpif *ofport)
1472 cfm_wait(ofport->cfm);
1477 port_query_by_name(const struct ofproto *ofproto_, const char *devname,
1478 struct ofproto_port *ofproto_port)
1480 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1481 struct dpif_port dpif_port;
1484 error = dpif_port_query_by_name(ofproto->dpif, devname, &dpif_port);
1486 ofproto_port_from_dpif_port(ofproto_port, &dpif_port);
1492 port_add(struct ofproto *ofproto_, struct netdev *netdev, uint16_t *ofp_portp)
1494 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1498 error = dpif_port_add(ofproto->dpif, netdev, &odp_port);
1500 *ofp_portp = odp_port_to_ofp_port(odp_port);
1506 port_del(struct ofproto *ofproto_, uint16_t ofp_port)
1508 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1511 error = dpif_port_del(ofproto->dpif, ofp_port_to_odp_port(ofp_port));
1513 struct ofport_dpif *ofport = get_ofp_port(ofproto, ofp_port);
1515 /* The caller is going to close ofport->up.netdev. If this is a
1516 * bonded port, then the bond is using that netdev, so remove it
1517 * from the bond. The client will need to reconfigure everything
1518 * after deleting ports, so then the slave will get re-added. */
1519 bundle_remove(&ofport->up);
1525 struct port_dump_state {
1526 struct dpif_port_dump dump;
1531 port_dump_start(const struct ofproto *ofproto_, void **statep)
1533 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1534 struct port_dump_state *state;
1536 *statep = state = xmalloc(sizeof *state);
1537 dpif_port_dump_start(&state->dump, ofproto->dpif);
1538 state->done = false;
1543 port_dump_next(const struct ofproto *ofproto_ OVS_UNUSED, void *state_,
1544 struct ofproto_port *port)
1546 struct port_dump_state *state = state_;
1547 struct dpif_port dpif_port;
1549 if (dpif_port_dump_next(&state->dump, &dpif_port)) {
1550 ofproto_port_from_dpif_port(port, &dpif_port);
1553 int error = dpif_port_dump_done(&state->dump);
1555 return error ? error : EOF;
1560 port_dump_done(const struct ofproto *ofproto_ OVS_UNUSED, void *state_)
1562 struct port_dump_state *state = state_;
1565 dpif_port_dump_done(&state->dump);
1572 port_poll(const struct ofproto *ofproto_, char **devnamep)
1574 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1575 return dpif_port_poll(ofproto->dpif, devnamep);
1579 port_poll_wait(const struct ofproto *ofproto_)
1581 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
1582 dpif_port_poll_wait(ofproto->dpif);
1586 port_is_lacp_current(const struct ofport *ofport_)
1588 const struct ofport_dpif *ofport = ofport_dpif_cast(ofport_);
1589 return (ofport->bundle && ofport->bundle->lacp
1590 ? lacp_slave_is_current(ofport->bundle->lacp, ofport)
1594 /* Upcall handling. */
1596 /* Given 'upcall', of type DPIF_UC_ACTION or DPIF_UC_MISS, sends an
1597 * OFPT_PACKET_IN message to each OpenFlow controller as necessary according to
1598 * their individual configurations.
1600 * If 'clone' is true, the caller retains ownership of 'upcall->packet'.
1601 * Otherwise, ownership is transferred to this function. */
1603 send_packet_in(struct ofproto_dpif *ofproto, struct dpif_upcall *upcall,
1604 const struct flow *flow, bool clone)
1606 struct ofputil_packet_in pin;
1608 pin.packet = upcall->packet;
1609 pin.in_port = flow->in_port;
1610 pin.reason = upcall->type == DPIF_UC_MISS ? OFPR_NO_MATCH : OFPR_ACTION;
1611 pin.buffer_id = 0; /* not yet known */
1612 pin.send_len = upcall->userdata;
1613 connmgr_send_packet_in(ofproto->up.connmgr, &pin, flow,
1614 clone ? NULL : upcall->packet);
1618 process_special(struct ofproto_dpif *ofproto, const struct flow *flow,
1619 const struct ofpbuf *packet)
1621 if (cfm_should_process_flow(flow)) {
1622 struct ofport_dpif *ofport = get_ofp_port(ofproto, flow->in_port);
1623 if (packet && ofport && ofport->cfm) {
1624 cfm_process_heartbeat(ofport->cfm, packet);
1627 } else if (flow->dl_type == htons(ETH_TYPE_LACP)) {
1628 struct ofport_dpif *port = get_ofp_port(ofproto, flow->in_port);
1629 if (packet && port && port->bundle && port->bundle->lacp) {
1630 const struct lacp_pdu *pdu = parse_lacp_packet(packet);
1632 lacp_process_pdu(port->bundle->lacp, port, pdu);
1641 handle_miss_upcall(struct ofproto_dpif *ofproto, struct dpif_upcall *upcall)
1643 struct facet *facet;
1646 /* Obtain in_port and tun_id, at least. */
1647 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
1649 /* Set header pointers in 'flow'. */
1650 flow_extract(upcall->packet, flow.tun_id, flow.in_port, &flow);
1652 /* Handle 802.1ag and LACP. */
1653 if (process_special(ofproto, &flow, upcall->packet)) {
1654 ofpbuf_delete(upcall->packet);
1655 ofproto->n_matches++;
1659 /* Check with in-band control to see if this packet should be sent
1660 * to the local port regardless of the flow table. */
1661 if (connmgr_msg_in_hook(ofproto->up.connmgr, &flow, upcall->packet)) {
1662 send_packet(ofproto, ODPP_LOCAL, upcall->packet);
1665 facet = facet_lookup_valid(ofproto, &flow);
1667 struct rule_dpif *rule = rule_dpif_lookup(ofproto, &flow, 0);
1669 /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */
1670 struct ofport_dpif *port = get_ofp_port(ofproto, flow.in_port);
1672 if (port->up.opp.config & htonl(OFPPC_NO_PACKET_IN)) {
1673 COVERAGE_INC(ofproto_dpif_no_packet_in);
1674 /* XXX install 'drop' flow entry */
1675 ofpbuf_delete(upcall->packet);
1679 VLOG_WARN_RL(&rl, "packet-in on unknown port %"PRIu16,
1683 send_packet_in(ofproto, upcall, &flow, false);
1687 facet = facet_create(rule, &flow, upcall->packet);
1688 } else if (!facet->may_install) {
1689 /* The facet is not installable, that is, we need to process every
1690 * packet, so process the current packet's actions into 'facet'. */
1691 facet_make_actions(ofproto, facet, upcall->packet);
1694 if (facet->rule->up.cr.priority == FAIL_OPEN_PRIORITY) {
1696 * Extra-special case for fail-open mode.
1698 * We are in fail-open mode and the packet matched the fail-open rule,
1699 * but we are connected to a controller too. We should send the packet
1700 * up to the controller in the hope that it will try to set up a flow
1701 * and thereby allow us to exit fail-open.
1703 * See the top-level comment in fail-open.c for more information.
1705 send_packet_in(ofproto, upcall, &flow, true);
1708 facet_execute(ofproto, facet, upcall->packet);
1709 facet_install(ofproto, facet, false);
1710 ofproto->n_matches++;
1714 handle_upcall(struct ofproto_dpif *ofproto, struct dpif_upcall *upcall)
1718 switch (upcall->type) {
1719 case DPIF_UC_ACTION:
1720 COVERAGE_INC(ofproto_dpif_ctlr_action);
1721 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
1722 send_packet_in(ofproto, upcall, &flow, false);
1725 case DPIF_UC_SAMPLE:
1726 if (ofproto->sflow) {
1727 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
1728 dpif_sflow_received(ofproto->sflow, upcall, &flow);
1730 ofpbuf_delete(upcall->packet);
1734 handle_miss_upcall(ofproto, upcall);
1737 case DPIF_N_UC_TYPES:
1739 VLOG_WARN_RL(&rl, "upcall has unexpected type %"PRIu32, upcall->type);
1744 /* Flow expiration. */
1746 static int facet_max_idle(const struct ofproto_dpif *);
1747 static void update_stats(struct ofproto_dpif *);
1748 static void rule_expire(struct rule_dpif *);
1749 static void expire_facets(struct ofproto_dpif *, int dp_max_idle);
1751 /* This function is called periodically by run(). Its job is to collect
1752 * updates for the flows that have been installed into the datapath, most
1753 * importantly when they last were used, and then use that information to
1754 * expire flows that have not been used recently.
1756 * Returns the number of milliseconds after which it should be called again. */
1758 expire(struct ofproto_dpif *ofproto)
1760 struct rule_dpif *rule, *next_rule;
1761 struct classifier *table;
1764 /* Update stats for each flow in the datapath. */
1765 update_stats(ofproto);
1767 /* Expire facets that have been idle too long. */
1768 dp_max_idle = facet_max_idle(ofproto);
1769 expire_facets(ofproto, dp_max_idle);
1771 /* Expire OpenFlow flows whose idle_timeout or hard_timeout has passed. */
1772 OFPROTO_FOR_EACH_TABLE (table, &ofproto->up) {
1773 struct cls_cursor cursor;
1775 cls_cursor_init(&cursor, table, NULL);
1776 CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, up.cr, &cursor) {
1781 /* All outstanding data in existing flows has been accounted, so it's a
1782 * good time to do bond rebalancing. */
1783 if (ofproto->has_bonded_bundles) {
1784 struct ofbundle *bundle;
1786 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
1788 bond_rebalance(bundle->bond, &ofproto->revalidate_set);
1793 return MIN(dp_max_idle, 1000);
1796 /* Update 'packet_count', 'byte_count', and 'used' members of installed facets.
1798 * This function also pushes statistics updates to rules which each facet
1799 * resubmits into. Generally these statistics will be accurate. However, if a
1800 * facet changes the rule it resubmits into at some time in between
1801 * update_stats() runs, it is possible that statistics accrued to the
1802 * old rule will be incorrectly attributed to the new rule. This could be
1803 * avoided by calling update_stats() whenever rules are created or
1804 * deleted. However, the performance impact of making so many calls to the
1805 * datapath do not justify the benefit of having perfectly accurate statistics.
1808 update_stats(struct ofproto_dpif *p)
1810 const struct dpif_flow_stats *stats;
1811 struct dpif_flow_dump dump;
1812 const struct nlattr *key;
1815 dpif_flow_dump_start(&dump, p->dpif);
1816 while (dpif_flow_dump_next(&dump, &key, &key_len, NULL, NULL, &stats)) {
1817 struct facet *facet;
1820 if (odp_flow_key_to_flow(key, key_len, &flow)) {
1824 odp_flow_key_format(key, key_len, &s);
1825 VLOG_WARN_RL(&rl, "failed to convert ODP flow key to flow: %s",
1831 facet = facet_find(p, &flow);
1833 if (facet && facet->installed) {
1835 if (stats->n_packets >= facet->dp_packet_count) {
1836 uint64_t extra = stats->n_packets - facet->dp_packet_count;
1837 facet->packet_count += extra;
1839 VLOG_WARN_RL(&rl, "unexpected packet count from the datapath");
1842 if (stats->n_bytes >= facet->dp_byte_count) {
1843 facet->byte_count += stats->n_bytes - facet->dp_byte_count;
1845 VLOG_WARN_RL(&rl, "unexpected byte count from datapath");
1848 facet->dp_packet_count = stats->n_packets;
1849 facet->dp_byte_count = stats->n_bytes;
1851 facet_update_time(p, facet, stats->used);
1852 facet_account(p, facet, 0);
1853 facet_push_stats(facet);
1855 /* There's a flow in the datapath that we know nothing about.
1857 COVERAGE_INC(facet_unexpected);
1858 dpif_flow_del(p->dpif, key, key_len, NULL);
1861 dpif_flow_dump_done(&dump);
1864 /* Calculates and returns the number of milliseconds of idle time after which
1865 * facets should expire from the datapath and we should fold their statistics
1866 * into their parent rules in userspace. */
1868 facet_max_idle(const struct ofproto_dpif *ofproto)
1871 * Idle time histogram.
1873 * Most of the time a switch has a relatively small number of facets. When
1874 * this is the case we might as well keep statistics for all of them in
1875 * userspace and to cache them in the kernel datapath for performance as
1878 * As the number of facets increases, the memory required to maintain
1879 * statistics about them in userspace and in the kernel becomes
1880 * significant. However, with a large number of facets it is likely that
1881 * only a few of them are "heavy hitters" that consume a large amount of
1882 * bandwidth. At this point, only heavy hitters are worth caching in the
1883 * kernel and maintaining in userspaces; other facets we can discard.
1885 * The technique used to compute the idle time is to build a histogram with
1886 * N_BUCKETS buckets whose width is BUCKET_WIDTH msecs each. Each facet
1887 * that is installed in the kernel gets dropped in the appropriate bucket.
1888 * After the histogram has been built, we compute the cutoff so that only
1889 * the most-recently-used 1% of facets (but at least
1890 * ofproto->up.flow_eviction_threshold flows) are kept cached. At least
1891 * the most-recently-used bucket of facets is kept, so actually an
1892 * arbitrary number of facets can be kept in any given expiration run
1893 * (though the next run will delete most of those unless they receive
1896 * This requires a second pass through the facets, in addition to the pass
1897 * made by update_stats(), because the former function never looks
1898 * at uninstallable facets.
1900 enum { BUCKET_WIDTH = ROUND_UP(100, TIME_UPDATE_INTERVAL) };
1901 enum { N_BUCKETS = 5000 / BUCKET_WIDTH };
1902 int buckets[N_BUCKETS] = { 0 };
1903 int total, subtotal, bucket;
1904 struct facet *facet;
1908 total = hmap_count(&ofproto->facets);
1909 if (total <= ofproto->up.flow_eviction_threshold) {
1910 return N_BUCKETS * BUCKET_WIDTH;
1913 /* Build histogram. */
1915 HMAP_FOR_EACH (facet, hmap_node, &ofproto->facets) {
1916 long long int idle = now - facet->used;
1917 int bucket = (idle <= 0 ? 0
1918 : idle >= BUCKET_WIDTH * N_BUCKETS ? N_BUCKETS - 1
1919 : (unsigned int) idle / BUCKET_WIDTH);
1923 /* Find the first bucket whose flows should be expired. */
1924 subtotal = bucket = 0;
1926 subtotal += buckets[bucket++];
1927 } while (bucket < N_BUCKETS &&
1928 subtotal < MAX(ofproto->up.flow_eviction_threshold, total / 100));
1930 if (VLOG_IS_DBG_ENABLED()) {
1934 ds_put_cstr(&s, "keep");
1935 for (i = 0; i < N_BUCKETS; i++) {
1937 ds_put_cstr(&s, ", drop");
1940 ds_put_format(&s, " %d:%d", i * BUCKET_WIDTH, buckets[i]);
1943 VLOG_INFO("%s: %s (msec:count)", ofproto->up.name, ds_cstr(&s));
1947 return bucket * BUCKET_WIDTH;
1951 facet_active_timeout(struct ofproto_dpif *ofproto, struct facet *facet)
1953 if (ofproto->netflow && !facet_is_controller_flow(facet) &&
1954 netflow_active_timeout_expired(ofproto->netflow, &facet->nf_flow)) {
1955 struct ofexpired expired;
1957 if (facet->installed) {
1958 struct dpif_flow_stats stats;
1960 facet_put__(ofproto, facet, facet->actions, facet->actions_len,
1962 facet_update_stats(ofproto, facet, &stats);
1965 expired.flow = facet->flow;
1966 expired.packet_count = facet->packet_count;
1967 expired.byte_count = facet->byte_count;
1968 expired.used = facet->used;
1969 netflow_expire(ofproto->netflow, &facet->nf_flow, &expired);
1974 expire_facets(struct ofproto_dpif *ofproto, int dp_max_idle)
1976 long long int cutoff = time_msec() - dp_max_idle;
1977 struct facet *facet, *next_facet;
1979 HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) {
1980 facet_active_timeout(ofproto, facet);
1981 if (facet->used < cutoff) {
1982 facet_remove(ofproto, facet);
1987 /* If 'rule' is an OpenFlow rule, that has expired according to OpenFlow rules,
1988 * then delete it entirely. */
1990 rule_expire(struct rule_dpif *rule)
1992 struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
1993 struct facet *facet, *next_facet;
1997 /* Has 'rule' expired? */
1999 if (rule->up.hard_timeout
2000 && now > rule->up.created + rule->up.hard_timeout * 1000) {
2001 reason = OFPRR_HARD_TIMEOUT;
2002 } else if (rule->up.idle_timeout && list_is_empty(&rule->facets)
2003 && now > rule->used + rule->up.idle_timeout * 1000) {
2004 reason = OFPRR_IDLE_TIMEOUT;
2009 COVERAGE_INC(ofproto_dpif_expired);
2011 /* Update stats. (This is a no-op if the rule expired due to an idle
2012 * timeout, because that only happens when the rule has no facets left.) */
2013 LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) {
2014 facet_remove(ofproto, facet);
2017 /* Get rid of the rule. */
2018 ofproto_rule_expire(&rule->up, reason);
2023 /* Creates and returns a new facet owned by 'rule', given a 'flow' and an
2024 * example 'packet' within that flow.
2026 * The caller must already have determined that no facet with an identical
2027 * 'flow' exists in 'ofproto' and that 'flow' is the best match for 'rule' in
2028 * the ofproto's classifier table. */
2029 static struct facet *
2030 facet_create(struct rule_dpif *rule, const struct flow *flow,
2031 const struct ofpbuf *packet)
2033 struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
2034 struct facet *facet;
2036 facet = xzalloc(sizeof *facet);
2037 facet->used = time_msec();
2038 hmap_insert(&ofproto->facets, &facet->hmap_node, flow_hash(flow, 0));
2039 list_push_back(&rule->facets, &facet->list_node);
2041 facet->flow = *flow;
2042 netflow_flow_init(&facet->nf_flow);
2043 netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, facet->used);
2045 facet_make_actions(ofproto, facet, packet);
2051 facet_free(struct facet *facet)
2053 free(facet->actions);
2057 /* Executes, within 'ofproto', the 'n_actions' actions in 'actions' on
2058 * 'packet', which arrived on 'in_port'.
2060 * Takes ownership of 'packet'. */
2062 execute_odp_actions(struct ofproto_dpif *ofproto, const struct flow *flow,
2063 const struct nlattr *odp_actions, size_t actions_len,
2064 struct ofpbuf *packet)
2066 if (actions_len == NLA_ALIGN(NLA_HDRLEN + sizeof(uint64_t))
2067 && odp_actions->nla_type == ODP_ACTION_ATTR_USERSPACE) {
2068 /* As an optimization, avoid a round-trip from userspace to kernel to
2069 * userspace. This also avoids possibly filling up kernel packet
2070 * buffers along the way. */
2071 struct dpif_upcall upcall;
2073 upcall.type = DPIF_UC_ACTION;
2074 upcall.packet = packet;
2077 upcall.userdata = nl_attr_get_u64(odp_actions);
2078 upcall.sample_pool = 0;
2079 upcall.actions = NULL;
2080 upcall.actions_len = 0;
2082 send_packet_in(ofproto, &upcall, flow, false);
2086 struct odputil_keybuf keybuf;
2090 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
2091 odp_flow_key_from_flow(&key, flow);
2093 error = dpif_execute(ofproto->dpif, key.data, key.size,
2094 odp_actions, actions_len, packet);
2096 ofpbuf_delete(packet);
2101 /* Executes the actions indicated by 'facet' on 'packet' and credits 'facet''s
2102 * statistics appropriately. 'packet' must have at least sizeof(struct
2103 * ofp_packet_in) bytes of headroom.
2105 * For correct results, 'packet' must actually be in 'facet''s flow; that is,
2106 * applying flow_extract() to 'packet' would yield the same flow as
2109 * 'facet' must have accurately composed ODP actions; that is, it must not be
2110 * in need of revalidation.
2112 * Takes ownership of 'packet'. */
2114 facet_execute(struct ofproto_dpif *ofproto, struct facet *facet,
2115 struct ofpbuf *packet)
2117 struct dpif_flow_stats stats;
2119 assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in));
2121 flow_extract_stats(&facet->flow, packet, &stats);
2122 stats.used = time_msec();
2123 if (execute_odp_actions(ofproto, &facet->flow,
2124 facet->actions, facet->actions_len, packet)) {
2125 facet_update_stats(ofproto, facet, &stats);
2129 /* Remove 'facet' from 'ofproto' and free up the associated memory:
2131 * - If 'facet' was installed in the datapath, uninstalls it and updates its
2132 * rule's statistics, via facet_uninstall().
2134 * - Removes 'facet' from its rule and from ofproto->facets.
2137 facet_remove(struct ofproto_dpif *ofproto, struct facet *facet)
2139 facet_uninstall(ofproto, facet);
2140 facet_flush_stats(ofproto, facet);
2141 hmap_remove(&ofproto->facets, &facet->hmap_node);
2142 list_remove(&facet->list_node);
2146 /* Composes the ODP actions for 'facet' based on its rule's actions. */
2148 facet_make_actions(struct ofproto_dpif *p, struct facet *facet,
2149 const struct ofpbuf *packet)
2151 const struct rule_dpif *rule = facet->rule;
2152 struct ofpbuf *odp_actions;
2153 struct action_xlate_ctx ctx;
2155 action_xlate_ctx_init(&ctx, p, &facet->flow, packet);
2156 odp_actions = xlate_actions(&ctx, rule->up.actions, rule->up.n_actions);
2157 facet->tags = ctx.tags;
2158 facet->may_install = ctx.may_set_up_flow;
2159 facet->nf_flow.output_iface = ctx.nf_output_iface;
2161 if (facet->actions_len != odp_actions->size
2162 || memcmp(facet->actions, odp_actions->data, odp_actions->size)) {
2163 free(facet->actions);
2164 facet->actions_len = odp_actions->size;
2165 facet->actions = xmemdup(odp_actions->data, odp_actions->size);
2168 ofpbuf_delete(odp_actions);
2171 /* Updates 'facet''s flow in the datapath setting its actions to 'actions_len'
2172 * bytes of actions in 'actions'. If 'stats' is non-null, statistics counters
2173 * in the datapath will be zeroed and 'stats' will be updated with traffic new
2174 * since 'facet' was last updated.
2176 * Returns 0 if successful, otherwise a positive errno value.*/
2178 facet_put__(struct ofproto_dpif *ofproto, struct facet *facet,
2179 const struct nlattr *actions, size_t actions_len,
2180 struct dpif_flow_stats *stats)
2182 struct odputil_keybuf keybuf;
2183 enum dpif_flow_put_flags flags;
2187 flags = DPIF_FP_CREATE | DPIF_FP_MODIFY;
2189 flags |= DPIF_FP_ZERO_STATS;
2192 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
2193 odp_flow_key_from_flow(&key, &facet->flow);
2195 ret = dpif_flow_put(ofproto->dpif, flags, key.data, key.size,
2196 actions, actions_len, stats);
2199 facet_reset_dp_stats(facet, stats);
2205 /* If 'facet' is installable, inserts or re-inserts it into 'p''s datapath. If
2206 * 'zero_stats' is true, clears any existing statistics from the datapath for
2209 facet_install(struct ofproto_dpif *p, struct facet *facet, bool zero_stats)
2211 struct dpif_flow_stats stats;
2213 if (facet->may_install
2214 && !facet_put__(p, facet, facet->actions, facet->actions_len,
2215 zero_stats ? &stats : NULL)) {
2216 facet->installed = true;
2221 vlan_tci_to_openflow_vlan(ovs_be16 vlan_tci)
2223 return vlan_tci != htons(0) ? vlan_tci_to_vid(vlan_tci) : OFP_VLAN_NONE;
2227 facet_account(struct ofproto_dpif *ofproto,
2228 struct facet *facet, uint64_t extra_bytes)
2230 uint64_t total_bytes, n_bytes;
2231 struct ofbundle *in_bundle;
2232 const struct nlattr *a;
2238 total_bytes = facet->byte_count + extra_bytes;
2239 if (total_bytes <= facet->accounted_bytes) {
2242 n_bytes = total_bytes - facet->accounted_bytes;
2243 facet->accounted_bytes = total_bytes;
2245 /* Test that 'tags' is nonzero to ensure that only flows that include an
2246 * OFPP_NORMAL action are used for learning and bond slave rebalancing.
2247 * This works because OFPP_NORMAL always sets a nonzero tag value.
2249 * Feed information from the active flows back into the learning table to
2250 * ensure that table is always in sync with what is actually flowing
2251 * through the datapath. */
2253 || !is_admissible(ofproto, &facet->flow, false, &dummy,
2254 &vlan, &in_bundle)) {
2258 update_learning_table(ofproto, &facet->flow, vlan, in_bundle);
2260 if (!ofproto->has_bonded_bundles) {
2264 /* This loop feeds byte counters to bond_account() for rebalancing to use
2265 * as a basis. We also need to track the actual VLAN on which the packet
2266 * is going to be sent to ensure that it matches the one passed to
2267 * bond_choose_output_slave(). (Otherwise, we will account to the wrong
2269 vlan_tci = facet->flow.vlan_tci;
2270 NL_ATTR_FOR_EACH_UNSAFE (a, left, facet->actions, facet->actions_len) {
2271 struct ofport_dpif *port;
2273 switch (nl_attr_type(a)) {
2274 case ODP_ACTION_ATTR_OUTPUT:
2275 port = get_odp_port(ofproto, nl_attr_get_u32(a));
2276 if (port && port->bundle && port->bundle->bond) {
2277 bond_account(port->bundle->bond, &facet->flow,
2278 vlan_tci_to_openflow_vlan(vlan_tci), n_bytes);
2282 case ODP_ACTION_ATTR_STRIP_VLAN:
2283 vlan_tci = htons(0);
2286 case ODP_ACTION_ATTR_SET_DL_TCI:
2287 vlan_tci = nl_attr_get_be16(a);
2293 /* If 'rule' is installed in the datapath, uninstalls it. */
2295 facet_uninstall(struct ofproto_dpif *p, struct facet *facet)
2297 if (facet->installed) {
2298 struct odputil_keybuf keybuf;
2299 struct dpif_flow_stats stats;
2303 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
2304 odp_flow_key_from_flow(&key, &facet->flow);
2306 error = dpif_flow_del(p->dpif, key.data, key.size, &stats);
2307 facet_reset_dp_stats(facet, &stats);
2309 facet_update_stats(p, facet, &stats);
2311 facet->installed = false;
2313 assert(facet->dp_packet_count == 0);
2314 assert(facet->dp_byte_count == 0);
2318 /* Returns true if the only action for 'facet' is to send to the controller.
2319 * (We don't report NetFlow expiration messages for such facets because they
2320 * are just part of the control logic for the network, not real traffic). */
2322 facet_is_controller_flow(struct facet *facet)
2325 && facet->rule->up.n_actions == 1
2326 && action_outputs_to_port(&facet->rule->up.actions[0],
2327 htons(OFPP_CONTROLLER)));
2330 /* Resets 'facet''s datapath statistics counters. This should be called when
2331 * 'facet''s statistics are cleared in the datapath. If 'stats' is non-null,
2332 * it should contain the statistics returned by dpif when 'facet' was reset in
2333 * the datapath. 'stats' will be modified to only included statistics new
2334 * since 'facet' was last updated. */
2336 facet_reset_dp_stats(struct facet *facet, struct dpif_flow_stats *stats)
2338 if (stats && facet->dp_packet_count <= stats->n_packets
2339 && facet->dp_byte_count <= stats->n_bytes) {
2340 stats->n_packets -= facet->dp_packet_count;
2341 stats->n_bytes -= facet->dp_byte_count;
2344 facet->dp_packet_count = 0;
2345 facet->dp_byte_count = 0;
2348 /* Folds all of 'facet''s statistics into its rule. Also updates the
2349 * accounting ofhook and emits a NetFlow expiration if appropriate. All of
2350 * 'facet''s statistics in the datapath should have been zeroed and folded into
2351 * its packet and byte counts before this function is called. */
2353 facet_flush_stats(struct ofproto_dpif *ofproto, struct facet *facet)
2355 assert(!facet->dp_byte_count);
2356 assert(!facet->dp_packet_count);
2358 facet_push_stats(facet);
2359 facet_account(ofproto, facet, 0);
2361 if (ofproto->netflow && !facet_is_controller_flow(facet)) {
2362 struct ofexpired expired;
2363 expired.flow = facet->flow;
2364 expired.packet_count = facet->packet_count;
2365 expired.byte_count = facet->byte_count;
2366 expired.used = facet->used;
2367 netflow_expire(ofproto->netflow, &facet->nf_flow, &expired);
2370 facet->rule->packet_count += facet->packet_count;
2371 facet->rule->byte_count += facet->byte_count;
2373 /* Reset counters to prevent double counting if 'facet' ever gets
2375 facet_reset_counters(facet);
2377 netflow_flow_clear(&facet->nf_flow);
2380 /* Searches 'ofproto''s table of facets for one exactly equal to 'flow'.
2381 * Returns it if found, otherwise a null pointer.
2383 * The returned facet might need revalidation; use facet_lookup_valid()
2384 * instead if that is important. */
2385 static struct facet *
2386 facet_find(struct ofproto_dpif *ofproto, const struct flow *flow)
2388 struct facet *facet;
2390 HMAP_FOR_EACH_WITH_HASH (facet, hmap_node, flow_hash(flow, 0),
2392 if (flow_equal(flow, &facet->flow)) {
2400 /* Searches 'ofproto''s table of facets for one exactly equal to 'flow'.
2401 * Returns it if found, otherwise a null pointer.
2403 * The returned facet is guaranteed to be valid. */
2404 static struct facet *
2405 facet_lookup_valid(struct ofproto_dpif *ofproto, const struct flow *flow)
2407 struct facet *facet = facet_find(ofproto, flow);
2409 /* The facet we found might not be valid, since we could be in need of
2410 * revalidation. If it is not valid, don't return it. */
2412 && ofproto->need_revalidate
2413 && !facet_revalidate(ofproto, facet)) {
2414 COVERAGE_INC(facet_invalidated);
2421 /* Re-searches 'ofproto''s classifier for a rule matching 'facet':
2423 * - If the rule found is different from 'facet''s current rule, moves
2424 * 'facet' to the new rule and recompiles its actions.
2426 * - If the rule found is the same as 'facet''s current rule, leaves 'facet'
2427 * where it is and recompiles its actions anyway.
2429 * - If there is none, destroys 'facet'.
2431 * Returns true if 'facet' still exists, false if it has been destroyed. */
2433 facet_revalidate(struct ofproto_dpif *ofproto, struct facet *facet)
2435 struct action_xlate_ctx ctx;
2436 struct ofpbuf *odp_actions;
2437 struct rule_dpif *new_rule;
2438 bool actions_changed;
2440 COVERAGE_INC(facet_revalidate);
2442 /* Determine the new rule. */
2443 new_rule = rule_dpif_lookup(ofproto, &facet->flow, 0);
2445 /* No new rule, so delete the facet. */
2446 facet_remove(ofproto, facet);
2450 /* Calculate new ODP actions.
2452 * We do not modify any 'facet' state yet, because we might need to, e.g.,
2453 * emit a NetFlow expiration and, if so, we need to have the old state
2454 * around to properly compose it. */
2455 action_xlate_ctx_init(&ctx, ofproto, &facet->flow, NULL);
2456 odp_actions = xlate_actions(&ctx,
2457 new_rule->up.actions, new_rule->up.n_actions);
2458 actions_changed = (facet->actions_len != odp_actions->size
2459 || memcmp(facet->actions, odp_actions->data,
2460 facet->actions_len));
2462 /* If the ODP actions changed or the installability changed, then we need
2463 * to talk to the datapath. */
2464 if (actions_changed || ctx.may_set_up_flow != facet->installed) {
2465 if (ctx.may_set_up_flow) {
2466 struct dpif_flow_stats stats;
2468 facet_put__(ofproto, facet,
2469 odp_actions->data, odp_actions->size, &stats);
2470 facet_update_stats(ofproto, facet, &stats);
2472 facet_uninstall(ofproto, facet);
2475 /* The datapath flow is gone or has zeroed stats, so push stats out of
2476 * 'facet' into 'rule'. */
2477 facet_flush_stats(ofproto, facet);
2480 /* Update 'facet' now that we've taken care of all the old state. */
2481 facet->tags = ctx.tags;
2482 facet->nf_flow.output_iface = ctx.nf_output_iface;
2483 facet->may_install = ctx.may_set_up_flow;
2484 if (actions_changed) {
2485 free(facet->actions);
2486 facet->actions_len = odp_actions->size;
2487 facet->actions = xmemdup(odp_actions->data, odp_actions->size);
2489 if (facet->rule != new_rule) {
2490 COVERAGE_INC(facet_changed_rule);
2491 list_remove(&facet->list_node);
2492 list_push_back(&new_rule->facets, &facet->list_node);
2493 facet->rule = new_rule;
2494 facet->used = new_rule->up.created;
2495 facet->rs_used = facet->used;
2498 ofpbuf_delete(odp_actions);
2503 /* Updates 'facet''s used time. Caller is responsible for calling
2504 * facet_push_stats() to update the flows which 'facet' resubmits into. */
2506 facet_update_time(struct ofproto_dpif *ofproto, struct facet *facet,
2509 if (used > facet->used) {
2511 if (used > facet->rule->used) {
2512 facet->rule->used = used;
2514 netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, used);
2518 /* Folds the statistics from 'stats' into the counters in 'facet'.
2520 * Because of the meaning of a facet's counters, it only makes sense to do this
2521 * if 'stats' are not tracked in the datapath, that is, if 'stats' represents a
2522 * packet that was sent by hand or if it represents statistics that have been
2523 * cleared out of the datapath. */
2525 facet_update_stats(struct ofproto_dpif *ofproto, struct facet *facet,
2526 const struct dpif_flow_stats *stats)
2528 if (stats->n_packets || stats->used > facet->used) {
2529 facet_update_time(ofproto, facet, stats->used);
2530 facet->packet_count += stats->n_packets;
2531 facet->byte_count += stats->n_bytes;
2532 facet_push_stats(facet);
2533 netflow_flow_update_flags(&facet->nf_flow, stats->tcp_flags);
2538 facet_reset_counters(struct facet *facet)
2540 facet->packet_count = 0;
2541 facet->byte_count = 0;
2542 facet->rs_packet_count = 0;
2543 facet->rs_byte_count = 0;
2544 facet->accounted_bytes = 0;
2548 facet_push_stats(struct facet *facet)
2550 uint64_t rs_packets, rs_bytes;
2552 assert(facet->packet_count >= facet->rs_packet_count);
2553 assert(facet->byte_count >= facet->rs_byte_count);
2554 assert(facet->used >= facet->rs_used);
2556 rs_packets = facet->packet_count - facet->rs_packet_count;
2557 rs_bytes = facet->byte_count - facet->rs_byte_count;
2559 if (rs_packets || rs_bytes || facet->used > facet->rs_used) {
2560 facet->rs_packet_count = facet->packet_count;
2561 facet->rs_byte_count = facet->byte_count;
2562 facet->rs_used = facet->used;
2564 flow_push_stats(facet->rule, &facet->flow,
2565 rs_packets, rs_bytes, facet->used);
2569 struct ofproto_push {
2570 struct action_xlate_ctx ctx;
2577 push_resubmit(struct action_xlate_ctx *ctx, struct rule_dpif *rule)
2579 struct ofproto_push *push = CONTAINER_OF(ctx, struct ofproto_push, ctx);
2582 rule->packet_count += push->packets;
2583 rule->byte_count += push->bytes;
2584 rule->used = MAX(push->used, rule->used);
2588 /* Pushes flow statistics to the rules which 'flow' resubmits into given
2589 * 'rule''s actions. */
2591 flow_push_stats(const struct rule_dpif *rule,
2592 struct flow *flow, uint64_t packets, uint64_t bytes,
2595 struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
2596 struct ofproto_push push;
2598 push.packets = packets;
2602 action_xlate_ctx_init(&push.ctx, ofproto, flow, NULL);
2603 push.ctx.resubmit_hook = push_resubmit;
2604 ofpbuf_delete(xlate_actions(&push.ctx,
2605 rule->up.actions, rule->up.n_actions));
2610 static struct rule_dpif *
2611 rule_dpif_lookup(struct ofproto_dpif *ofproto, const struct flow *flow,
2614 return rule_dpif_cast(rule_from_cls_rule(
2615 classifier_lookup(&ofproto->up.tables[table_id],
2620 complete_operation(struct rule_dpif *rule)
2622 struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
2624 ofproto->need_revalidate = true;
2626 struct dpif_completion *c = xmalloc(sizeof *c);
2627 c->op = rule->up.pending;
2628 list_push_back(&ofproto->completions, &c->list_node);
2630 ofoperation_complete(rule->up.pending, 0);
2634 static struct rule *
2637 struct rule_dpif *rule = xmalloc(sizeof *rule);
2642 rule_dealloc(struct rule *rule_)
2644 struct rule_dpif *rule = rule_dpif_cast(rule_);
2649 rule_construct(struct rule *rule_)
2651 struct rule_dpif *rule = rule_dpif_cast(rule_);
2652 struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
2653 struct rule_dpif *victim;
2656 error = validate_actions(rule->up.actions, rule->up.n_actions,
2657 &rule->up.cr.flow, ofproto->max_ports);
2662 rule->used = rule->up.created;
2663 rule->packet_count = 0;
2664 rule->byte_count = 0;
2666 victim = rule_dpif_cast(ofoperation_get_victim(rule->up.pending));
2667 if (victim && !list_is_empty(&victim->facets)) {
2668 struct facet *facet;
2670 rule->facets = victim->facets;
2671 list_moved(&rule->facets);
2672 LIST_FOR_EACH (facet, list_node, &rule->facets) {
2673 /* XXX: We're only clearing our local counters here. It's possible
2674 * that quite a few packets are unaccounted for in the datapath
2675 * statistics. These will be accounted to the new rule instead of
2676 * cleared as required. This could be fixed by clearing out the
2677 * datapath statistics for this facet, but currently it doesn't
2679 facet_reset_counters(facet);
2683 /* Must avoid list_moved() in this case. */
2684 list_init(&rule->facets);
2687 complete_operation(rule);
2692 rule_destruct(struct rule *rule_)
2694 struct rule_dpif *rule = rule_dpif_cast(rule_);
2695 struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
2696 struct facet *facet, *next_facet;
2698 LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) {
2699 facet_revalidate(ofproto, facet);
2702 complete_operation(rule);
2706 rule_get_stats(struct rule *rule_, uint64_t *packets, uint64_t *bytes)
2708 struct rule_dpif *rule = rule_dpif_cast(rule_);
2709 struct facet *facet;
2711 /* Start from historical data for 'rule' itself that are no longer tracked
2712 * in facets. This counts, for example, facets that have expired. */
2713 *packets = rule->packet_count;
2714 *bytes = rule->byte_count;
2716 /* Add any statistics that are tracked by facets. This includes
2717 * statistical data recently updated by ofproto_update_stats() as well as
2718 * stats for packets that were executed "by hand" via dpif_execute(). */
2719 LIST_FOR_EACH (facet, list_node, &rule->facets) {
2720 *packets += facet->packet_count;
2721 *bytes += facet->byte_count;
2726 rule_execute(struct rule *rule_, struct flow *flow, struct ofpbuf *packet)
2728 struct rule_dpif *rule = rule_dpif_cast(rule_);
2729 struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
2730 struct action_xlate_ctx ctx;
2731 struct ofpbuf *odp_actions;
2732 struct facet *facet;
2735 /* First look for a related facet. If we find one, account it to that. */
2736 facet = facet_lookup_valid(ofproto, flow);
2737 if (facet && facet->rule == rule) {
2738 facet_execute(ofproto, facet, packet);
2742 /* Otherwise, if 'rule' is in fact the correct rule for 'packet', then
2743 * create a new facet for it and use that. */
2744 if (rule_dpif_lookup(ofproto, flow, 0) == rule) {
2745 facet = facet_create(rule, flow, packet);
2746 facet_execute(ofproto, facet, packet);
2747 facet_install(ofproto, facet, true);
2751 /* We can't account anything to a facet. If we were to try, then that
2752 * facet would have a non-matching rule, busting our invariants. */
2753 action_xlate_ctx_init(&ctx, ofproto, flow, packet);
2754 odp_actions = xlate_actions(&ctx, rule->up.actions, rule->up.n_actions);
2755 size = packet->size;
2756 if (execute_odp_actions(ofproto, flow, odp_actions->data,
2757 odp_actions->size, packet)) {
2758 rule->used = time_msec();
2759 rule->packet_count++;
2760 rule->byte_count += size;
2761 flow_push_stats(rule, flow, 1, size, rule->used);
2763 ofpbuf_delete(odp_actions);
2769 rule_modify_actions(struct rule *rule_)
2771 struct rule_dpif *rule = rule_dpif_cast(rule_);
2772 struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
2775 error = validate_actions(rule->up.actions, rule->up.n_actions,
2776 &rule->up.cr.flow, ofproto->max_ports);
2778 ofoperation_complete(rule->up.pending, error);
2782 complete_operation(rule);
2785 /* Sends 'packet' out of port 'odp_port' within 'p'.
2786 * Returns 0 if successful, otherwise a positive errno value. */
2788 send_packet(struct ofproto_dpif *ofproto, uint32_t odp_port,
2789 const struct ofpbuf *packet)
2791 struct ofpbuf key, odp_actions;
2792 struct odputil_keybuf keybuf;
2796 flow_extract((struct ofpbuf *) packet, 0, 0, &flow);
2797 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
2798 odp_flow_key_from_flow(&key, &flow);
2800 ofpbuf_init(&odp_actions, 32);
2801 nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_OUTPUT, odp_port);
2802 error = dpif_execute(ofproto->dpif,
2804 odp_actions.data, odp_actions.size,
2806 ofpbuf_uninit(&odp_actions);
2809 VLOG_WARN_RL(&rl, "%s: failed to send packet on port %"PRIu32" (%s)",
2810 ofproto->up.name, odp_port, strerror(error));
2815 /* OpenFlow to ODP action translation. */
2817 static void do_xlate_actions(const union ofp_action *in, size_t n_in,
2818 struct action_xlate_ctx *ctx);
2819 static void xlate_normal(struct action_xlate_ctx *);
2822 commit_odp_actions(struct action_xlate_ctx *ctx)
2824 const struct flow *flow = &ctx->flow;
2825 struct flow *base = &ctx->base_flow;
2826 struct ofpbuf *odp_actions = ctx->odp_actions;
2828 if (base->tun_id != flow->tun_id) {
2829 nl_msg_put_be64(odp_actions, ODP_ACTION_ATTR_SET_TUNNEL, flow->tun_id);
2830 base->tun_id = flow->tun_id;
2833 if (base->nw_src != flow->nw_src) {
2834 nl_msg_put_be32(odp_actions, ODP_ACTION_ATTR_SET_NW_SRC, flow->nw_src);
2835 base->nw_src = flow->nw_src;
2838 if (base->nw_dst != flow->nw_dst) {
2839 nl_msg_put_be32(odp_actions, ODP_ACTION_ATTR_SET_NW_DST, flow->nw_dst);
2840 base->nw_dst = flow->nw_dst;
2843 if (base->nw_tos != flow->nw_tos) {
2844 nl_msg_put_u8(odp_actions, ODP_ACTION_ATTR_SET_NW_TOS, flow->nw_tos);
2845 base->nw_tos = flow->nw_tos;
2848 if (base->vlan_tci != flow->vlan_tci) {
2849 if (!(flow->vlan_tci & htons(VLAN_CFI))) {
2850 nl_msg_put_flag(odp_actions, ODP_ACTION_ATTR_STRIP_VLAN);
2852 nl_msg_put_be16(odp_actions, ODP_ACTION_ATTR_SET_DL_TCI,
2853 flow->vlan_tci & ~htons(VLAN_CFI));
2855 base->vlan_tci = flow->vlan_tci;
2858 if (base->tp_src != flow->tp_src) {
2859 nl_msg_put_be16(odp_actions, ODP_ACTION_ATTR_SET_TP_SRC, flow->tp_src);
2860 base->tp_src = flow->tp_src;
2863 if (base->tp_dst != flow->tp_dst) {
2864 nl_msg_put_be16(odp_actions, ODP_ACTION_ATTR_SET_TP_DST, flow->tp_dst);
2865 base->tp_dst = flow->tp_dst;
2868 if (!eth_addr_equals(base->dl_src, flow->dl_src)) {
2869 nl_msg_put_unspec(odp_actions, ODP_ACTION_ATTR_SET_DL_SRC,
2870 flow->dl_src, ETH_ADDR_LEN);
2871 memcpy(base->dl_src, flow->dl_src, ETH_ADDR_LEN);
2874 if (!eth_addr_equals(base->dl_dst, flow->dl_dst)) {
2875 nl_msg_put_unspec(odp_actions, ODP_ACTION_ATTR_SET_DL_DST,
2876 flow->dl_dst, ETH_ADDR_LEN);
2877 memcpy(base->dl_dst, flow->dl_dst, ETH_ADDR_LEN);
2880 if (ctx->base_priority != ctx->priority) {
2881 if (ctx->priority) {
2882 nl_msg_put_u32(odp_actions, ODP_ACTION_ATTR_SET_PRIORITY,
2885 nl_msg_put_flag(odp_actions, ODP_ACTION_ATTR_POP_PRIORITY);
2887 ctx->base_priority = ctx->priority;
2892 add_output_action(struct action_xlate_ctx *ctx, uint16_t ofp_port)
2894 const struct ofport_dpif *ofport = get_ofp_port(ctx->ofproto, ofp_port);
2895 uint16_t odp_port = ofp_port_to_odp_port(ofp_port);
2898 if (ofport->up.opp.config & htonl(OFPPC_NO_FWD)) {
2899 /* Forwarding disabled on port. */
2904 * We don't have an ofport record for this port, but it doesn't hurt to
2905 * allow forwarding to it anyhow. Maybe such a port will appear later
2906 * and we're pre-populating the flow table.
2910 commit_odp_actions(ctx);
2911 nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_OUTPUT, odp_port);
2912 ctx->nf_output_iface = ofp_port;
2916 xlate_table_action(struct action_xlate_ctx *ctx,
2917 uint16_t in_port, uint8_t table_id)
2919 if (ctx->recurse < MAX_RESUBMIT_RECURSION) {
2920 struct rule_dpif *rule;
2921 uint16_t old_in_port;
2922 uint8_t old_table_id;
2924 old_table_id = ctx->table_id;
2925 ctx->table_id = table_id;
2927 /* Look up a flow with 'in_port' as the input port. Then restore the
2928 * original input port (otherwise OFPP_NORMAL and OFPP_IN_PORT will
2929 * have surprising behavior). */
2930 old_in_port = ctx->flow.in_port;
2931 ctx->flow.in_port = in_port;
2932 rule = rule_dpif_lookup(ctx->ofproto, &ctx->flow, table_id);
2933 ctx->flow.in_port = old_in_port;
2935 if (ctx->resubmit_hook) {
2936 ctx->resubmit_hook(ctx, rule);
2941 do_xlate_actions(rule->up.actions, rule->up.n_actions, ctx);
2945 ctx->table_id = old_table_id;
2947 static struct vlog_rate_limit recurse_rl = VLOG_RATE_LIMIT_INIT(1, 1);
2949 VLOG_ERR_RL(&recurse_rl, "resubmit actions recursed over %d times",
2950 MAX_RESUBMIT_RECURSION);
2955 xlate_resubmit_table(struct action_xlate_ctx *ctx,
2956 const struct nx_action_resubmit *nar)
2961 in_port = (nar->in_port == htons(OFPP_IN_PORT)
2963 : ntohs(nar->in_port));
2964 table_id = nar->table == 255 ? ctx->table_id : nar->table;
2966 xlate_table_action(ctx, in_port, table_id);
2970 flood_packets(struct action_xlate_ctx *ctx, ovs_be32 mask)
2972 struct ofport_dpif *ofport;
2974 commit_odp_actions(ctx);
2975 HMAP_FOR_EACH (ofport, up.hmap_node, &ctx->ofproto->up.ports) {
2976 uint16_t ofp_port = ofport->up.ofp_port;
2977 if (ofp_port != ctx->flow.in_port && !(ofport->up.opp.config & mask)) {
2978 nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_OUTPUT,
2983 ctx->nf_output_iface = NF_OUT_FLOOD;
2987 xlate_output_action__(struct action_xlate_ctx *ctx,
2988 uint16_t port, uint16_t max_len)
2990 uint16_t prev_nf_output_iface = ctx->nf_output_iface;
2992 ctx->nf_output_iface = NF_OUT_DROP;
2996 add_output_action(ctx, ctx->flow.in_port);
2999 xlate_table_action(ctx, ctx->flow.in_port, ctx->table_id);
3005 flood_packets(ctx, htonl(OFPPC_NO_FLOOD));
3008 flood_packets(ctx, htonl(0));
3010 case OFPP_CONTROLLER:
3011 commit_odp_actions(ctx);
3012 nl_msg_put_u64(ctx->odp_actions, ODP_ACTION_ATTR_USERSPACE, max_len);
3015 add_output_action(ctx, OFPP_LOCAL);
3020 if (port != ctx->flow.in_port) {
3021 add_output_action(ctx, port);
3026 if (prev_nf_output_iface == NF_OUT_FLOOD) {
3027 ctx->nf_output_iface = NF_OUT_FLOOD;
3028 } else if (ctx->nf_output_iface == NF_OUT_DROP) {
3029 ctx->nf_output_iface = prev_nf_output_iface;
3030 } else if (prev_nf_output_iface != NF_OUT_DROP &&
3031 ctx->nf_output_iface != NF_OUT_FLOOD) {
3032 ctx->nf_output_iface = NF_OUT_MULTI;
3037 xlate_output_reg_action(struct action_xlate_ctx *ctx,
3038 const struct nx_action_output_reg *naor)
3042 ofp_port = nxm_read_field_bits(naor->src, naor->ofs_nbits, &ctx->flow);
3044 if (ofp_port <= UINT16_MAX) {
3045 xlate_output_action__(ctx, ofp_port, ntohs(naor->max_len));
3050 xlate_output_action(struct action_xlate_ctx *ctx,
3051 const struct ofp_action_output *oao)
3053 xlate_output_action__(ctx, ntohs(oao->port), ntohs(oao->max_len));
3057 xlate_enqueue_action(struct action_xlate_ctx *ctx,
3058 const struct ofp_action_enqueue *oae)
3060 uint16_t ofp_port, odp_port;
3061 uint32_t ctx_priority, priority;
3064 error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(oae->queue_id),
3067 /* Fall back to ordinary output action. */
3068 xlate_output_action__(ctx, ntohs(oae->port), 0);
3072 /* Figure out ODP output port. */
3073 ofp_port = ntohs(oae->port);
3074 if (ofp_port == OFPP_IN_PORT) {
3075 ofp_port = ctx->flow.in_port;
3077 odp_port = ofp_port_to_odp_port(ofp_port);
3079 /* Add ODP actions. */
3080 ctx_priority = ctx->priority;
3081 ctx->priority = priority;
3082 add_output_action(ctx, odp_port);
3083 ctx->priority = ctx_priority;
3085 /* Update NetFlow output port. */
3086 if (ctx->nf_output_iface == NF_OUT_DROP) {
3087 ctx->nf_output_iface = odp_port;
3088 } else if (ctx->nf_output_iface != NF_OUT_FLOOD) {
3089 ctx->nf_output_iface = NF_OUT_MULTI;
3094 xlate_set_queue_action(struct action_xlate_ctx *ctx,
3095 const struct nx_action_set_queue *nasq)
3100 error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(nasq->queue_id),
3103 /* Couldn't translate queue to a priority, so ignore. A warning
3104 * has already been logged. */
3108 ctx->priority = priority;
3111 struct xlate_reg_state {
3117 xlate_autopath(struct action_xlate_ctx *ctx,
3118 const struct nx_action_autopath *naa)
3120 uint16_t ofp_port = ntohl(naa->id);
3121 struct ofport_dpif *port = get_ofp_port(ctx->ofproto, ofp_port);
3123 if (!port || !port->bundle) {
3124 ofp_port = OFPP_NONE;
3125 } else if (port->bundle->bond) {
3126 /* Autopath does not support VLAN hashing. */
3127 struct ofport_dpif *slave = bond_choose_output_slave(
3128 port->bundle->bond, &ctx->flow, OFP_VLAN_NONE, &ctx->tags);
3130 ofp_port = slave->up.ofp_port;
3133 autopath_execute(naa, &ctx->flow, ofp_port);
3137 slave_enabled_cb(uint16_t ofp_port, void *ofproto_)
3139 struct ofproto_dpif *ofproto = ofproto_;
3140 struct ofport_dpif *port;
3150 case OFPP_CONTROLLER: /* Not supported by the bundle action. */
3153 port = get_ofp_port(ofproto, ofp_port);
3154 return port ? port->may_enable : false;
3159 do_xlate_actions(const union ofp_action *in, size_t n_in,
3160 struct action_xlate_ctx *ctx)
3162 const struct ofport_dpif *port;
3163 const union ofp_action *ia;
3166 port = get_ofp_port(ctx->ofproto, ctx->flow.in_port);
3168 && port->up.opp.config & htonl(OFPPC_NO_RECV | OFPPC_NO_RECV_STP) &&
3169 port->up.opp.config & (eth_addr_equals(ctx->flow.dl_dst, eth_addr_stp)
3170 ? htonl(OFPPC_NO_RECV_STP)
3171 : htonl(OFPPC_NO_RECV))) {
3172 /* Drop this flow. */
3176 OFPUTIL_ACTION_FOR_EACH_UNSAFE (ia, left, in, n_in) {
3177 const struct ofp_action_dl_addr *oada;
3178 const struct nx_action_resubmit *nar;
3179 const struct nx_action_set_tunnel *nast;
3180 const struct nx_action_set_queue *nasq;
3181 const struct nx_action_multipath *nam;
3182 const struct nx_action_autopath *naa;
3183 const struct nx_action_bundle *nab;
3184 const struct nx_action_output_reg *naor;
3185 enum ofputil_action_code code;
3188 code = ofputil_decode_action_unsafe(ia);
3190 case OFPUTIL_OFPAT_OUTPUT:
3191 xlate_output_action(ctx, &ia->output);
3194 case OFPUTIL_OFPAT_SET_VLAN_VID:
3195 ctx->flow.vlan_tci &= ~htons(VLAN_VID_MASK);
3196 ctx->flow.vlan_tci |= ia->vlan_vid.vlan_vid | htons(VLAN_CFI);
3199 case OFPUTIL_OFPAT_SET_VLAN_PCP:
3200 ctx->flow.vlan_tci &= ~htons(VLAN_PCP_MASK);
3201 ctx->flow.vlan_tci |= htons(
3202 (ia->vlan_pcp.vlan_pcp << VLAN_PCP_SHIFT) | VLAN_CFI);
3205 case OFPUTIL_OFPAT_STRIP_VLAN:
3206 ctx->flow.vlan_tci = htons(0);
3209 case OFPUTIL_OFPAT_SET_DL_SRC:
3210 oada = ((struct ofp_action_dl_addr *) ia);
3211 memcpy(ctx->flow.dl_src, oada->dl_addr, ETH_ADDR_LEN);
3214 case OFPUTIL_OFPAT_SET_DL_DST:
3215 oada = ((struct ofp_action_dl_addr *) ia);
3216 memcpy(ctx->flow.dl_dst, oada->dl_addr, ETH_ADDR_LEN);
3219 case OFPUTIL_OFPAT_SET_NW_SRC:
3220 ctx->flow.nw_src = ia->nw_addr.nw_addr;
3223 case OFPUTIL_OFPAT_SET_NW_DST:
3224 ctx->flow.nw_dst = ia->nw_addr.nw_addr;
3227 case OFPUTIL_OFPAT_SET_NW_TOS:
3228 ctx->flow.nw_tos = ia->nw_tos.nw_tos & IP_DSCP_MASK;
3231 case OFPUTIL_OFPAT_SET_TP_SRC:
3232 ctx->flow.tp_src = ia->tp_port.tp_port;
3235 case OFPUTIL_OFPAT_SET_TP_DST:
3236 ctx->flow.tp_dst = ia->tp_port.tp_port;
3239 case OFPUTIL_OFPAT_ENQUEUE:
3240 xlate_enqueue_action(ctx, (const struct ofp_action_enqueue *) ia);
3243 case OFPUTIL_NXAST_RESUBMIT:
3244 nar = (const struct nx_action_resubmit *) ia;
3245 xlate_table_action(ctx, ntohs(nar->in_port), ctx->table_id);
3248 case OFPUTIL_NXAST_RESUBMIT_TABLE:
3249 xlate_resubmit_table(ctx, (const struct nx_action_resubmit *) ia);
3252 case OFPUTIL_NXAST_SET_TUNNEL:
3253 nast = (const struct nx_action_set_tunnel *) ia;
3254 tun_id = htonll(ntohl(nast->tun_id));
3255 ctx->flow.tun_id = tun_id;
3258 case OFPUTIL_NXAST_SET_QUEUE:
3259 nasq = (const struct nx_action_set_queue *) ia;
3260 xlate_set_queue_action(ctx, nasq);
3263 case OFPUTIL_NXAST_POP_QUEUE:
3267 case OFPUTIL_NXAST_REG_MOVE:
3268 nxm_execute_reg_move((const struct nx_action_reg_move *) ia,
3272 case OFPUTIL_NXAST_REG_LOAD:
3273 nxm_execute_reg_load((const struct nx_action_reg_load *) ia,
3277 case OFPUTIL_NXAST_NOTE:
3278 /* Nothing to do. */
3281 case OFPUTIL_NXAST_SET_TUNNEL64:
3282 tun_id = ((const struct nx_action_set_tunnel64 *) ia)->tun_id;
3283 ctx->flow.tun_id = tun_id;
3286 case OFPUTIL_NXAST_MULTIPATH:
3287 nam = (const struct nx_action_multipath *) ia;
3288 multipath_execute(nam, &ctx->flow);
3291 case OFPUTIL_NXAST_AUTOPATH:
3292 naa = (const struct nx_action_autopath *) ia;
3293 xlate_autopath(ctx, naa);
3296 case OFPUTIL_NXAST_BUNDLE:
3297 ctx->ofproto->has_bundle_action = true;
3298 nab = (const struct nx_action_bundle *) ia;
3299 xlate_output_action__(ctx, bundle_execute(nab, &ctx->flow,
3304 case OFPUTIL_NXAST_BUNDLE_LOAD:
3305 ctx->ofproto->has_bundle_action = true;
3306 nab = (const struct nx_action_bundle *) ia;
3307 bundle_execute_load(nab, &ctx->flow, slave_enabled_cb,
3311 case OFPUTIL_NXAST_OUTPUT_REG:
3312 naor = (const struct nx_action_output_reg *) ia;
3313 xlate_output_reg_action(ctx, naor);
3320 action_xlate_ctx_init(struct action_xlate_ctx *ctx,
3321 struct ofproto_dpif *ofproto, const struct flow *flow,
3322 const struct ofpbuf *packet)
3324 ctx->ofproto = ofproto;
3326 ctx->packet = packet;
3327 ctx->resubmit_hook = NULL;
3330 static struct ofpbuf *
3331 xlate_actions(struct action_xlate_ctx *ctx,
3332 const union ofp_action *in, size_t n_in)
3334 COVERAGE_INC(ofproto_dpif_xlate);
3336 ctx->odp_actions = ofpbuf_new(512);
3338 ctx->may_set_up_flow = true;
3339 ctx->nf_output_iface = NF_OUT_DROP;
3342 ctx->base_priority = 0;
3343 ctx->base_flow = ctx->flow;
3346 if (process_special(ctx->ofproto, &ctx->flow, ctx->packet)) {
3347 ctx->may_set_up_flow = false;
3349 do_xlate_actions(in, n_in, ctx);
3352 /* Check with in-band control to see if we're allowed to set up this
3354 if (!connmgr_may_set_up_flow(ctx->ofproto->up.connmgr, &ctx->flow,
3355 ctx->odp_actions->data,
3356 ctx->odp_actions->size)) {
3357 ctx->may_set_up_flow = false;
3360 return ctx->odp_actions;
3363 /* OFPP_NORMAL implementation. */
3366 struct ofport_dpif *port;
3371 struct dst builtin[32];
3373 size_t n, allocated;
3376 static void dst_set_init(struct dst_set *);
3377 static void dst_set_add(struct dst_set *, const struct dst *);
3378 static void dst_set_free(struct dst_set *);
3380 static struct ofport_dpif *ofbundle_get_a_port(const struct ofbundle *);
3383 set_dst(struct action_xlate_ctx *ctx, struct dst *dst,
3384 const struct ofbundle *in_bundle, const struct ofbundle *out_bundle)
3386 dst->vlan = (out_bundle->vlan >= 0 ? OFP_VLAN_NONE
3387 : in_bundle->vlan >= 0 ? in_bundle->vlan
3388 : ctx->flow.vlan_tci == 0 ? OFP_VLAN_NONE
3389 : vlan_tci_to_vid(ctx->flow.vlan_tci));
3391 dst->port = (!out_bundle->bond
3392 ? ofbundle_get_a_port(out_bundle)
3393 : bond_choose_output_slave(out_bundle->bond, &ctx->flow,
3394 dst->vlan, &ctx->tags));
3396 return dst->port != NULL;
3400 mirror_mask_ffs(mirror_mask_t mask)
3402 BUILD_ASSERT_DECL(sizeof(unsigned int) >= sizeof(mask));
3407 dst_set_init(struct dst_set *set)
3409 set->dsts = set->builtin;
3411 set->allocated = ARRAY_SIZE(set->builtin);
3415 dst_set_add(struct dst_set *set, const struct dst *dst)
3417 if (set->n >= set->allocated) {
3418 size_t new_allocated;
3419 struct dst *new_dsts;
3421 new_allocated = set->allocated * 2;
3422 new_dsts = xmalloc(new_allocated * sizeof *new_dsts);
3423 memcpy(new_dsts, set->dsts, set->n * sizeof *new_dsts);
3427 set->dsts = new_dsts;
3428 set->allocated = new_allocated;
3430 set->dsts[set->n++] = *dst;
3434 dst_set_free(struct dst_set *set)
3436 if (set->dsts != set->builtin) {
3442 dst_is_duplicate(const struct dst_set *set, const struct dst *test)
3445 for (i = 0; i < set->n; i++) {
3446 if (set->dsts[i].vlan == test->vlan
3447 && set->dsts[i].port == test->port) {
3455 ofbundle_trunks_vlan(const struct ofbundle *bundle, uint16_t vlan)
3457 return (bundle->vlan < 0
3458 && (!bundle->trunks || bitmap_is_set(bundle->trunks, vlan)));
3462 ofbundle_includes_vlan(const struct ofbundle *bundle, uint16_t vlan)
3464 return vlan == bundle->vlan || ofbundle_trunks_vlan(bundle, vlan);
3467 /* Returns an arbitrary interface within 'bundle'. */
3468 static struct ofport_dpif *
3469 ofbundle_get_a_port(const struct ofbundle *bundle)
3471 return CONTAINER_OF(list_front(&bundle->ports),
3472 struct ofport_dpif, bundle_node);
3476 compose_dsts(struct action_xlate_ctx *ctx, uint16_t vlan,
3477 const struct ofbundle *in_bundle,
3478 const struct ofbundle *out_bundle, struct dst_set *set)
3482 if (out_bundle == OFBUNDLE_FLOOD) {
3483 struct ofbundle *bundle;
3485 HMAP_FOR_EACH (bundle, hmap_node, &ctx->ofproto->bundles) {
3486 if (bundle != in_bundle
3487 && ofbundle_includes_vlan(bundle, vlan)
3488 && bundle->floodable
3489 && !bundle->mirror_out
3490 && set_dst(ctx, &dst, in_bundle, bundle)) {
3491 dst_set_add(set, &dst);
3494 ctx->nf_output_iface = NF_OUT_FLOOD;
3495 } else if (out_bundle && set_dst(ctx, &dst, in_bundle, out_bundle)) {
3496 dst_set_add(set, &dst);
3497 ctx->nf_output_iface = dst.port->odp_port;
3502 vlan_is_mirrored(const struct ofmirror *m, int vlan)
3504 return !m->vlans || bitmap_is_set(m->vlans, vlan);
3507 /* Returns true if a packet with Ethernet destination MAC 'dst' may be mirrored
3508 * to a VLAN. In general most packets may be mirrored but we want to drop
3509 * protocols that may confuse switches. */
3511 eth_dst_may_rspan(const uint8_t dst[ETH_ADDR_LEN])
3513 /* If you change this function's behavior, please update corresponding
3514 * documentation in vswitch.xml at the same time. */
3515 if (dst[0] != 0x01) {
3516 /* All the currently banned MACs happen to start with 01 currently, so
3517 * this is a quick way to eliminate most of the good ones. */
3519 if (eth_addr_is_reserved(dst)) {
3520 /* Drop STP, IEEE pause frames, and other reserved protocols
3521 * (01-80-c2-00-00-0x). */
3525 if (dst[0] == 0x01 && dst[1] == 0x00 && dst[2] == 0x0c) {
3527 if ((dst[3] & 0xfe) == 0xcc &&
3528 (dst[4] & 0xfe) == 0xcc &&
3529 (dst[5] & 0xfe) == 0xcc) {
3530 /* Drop the following protocols plus others following the same
3533 CDP, VTP, DTP, PAgP (01-00-0c-cc-cc-cc)
3534 Spanning Tree PVSTP+ (01-00-0c-cc-cc-cd)
3535 STP Uplink Fast (01-00-0c-cd-cd-cd) */
3539 if (!(dst[3] | dst[4] | dst[5])) {
3540 /* Drop Inter Switch Link packets (01-00-0c-00-00-00). */
3549 compose_mirror_dsts(struct action_xlate_ctx *ctx,
3550 uint16_t vlan, const struct ofbundle *in_bundle,
3551 struct dst_set *set)
3553 struct ofproto_dpif *ofproto = ctx->ofproto;
3554 mirror_mask_t mirrors;
3558 mirrors = in_bundle->src_mirrors;
3559 for (i = 0; i < set->n; i++) {
3560 mirrors |= set->dsts[i].port->bundle->dst_mirrors;
3567 flow_vlan = vlan_tci_to_vid(ctx->flow.vlan_tci);
3568 if (flow_vlan == 0) {
3569 flow_vlan = OFP_VLAN_NONE;
3573 struct ofmirror *m = ofproto->mirrors[mirror_mask_ffs(mirrors) - 1];
3574 if (vlan_is_mirrored(m, vlan)) {
3578 if (set_dst(ctx, &dst, in_bundle, m->out)
3579 && !dst_is_duplicate(set, &dst)) {
3580 dst_set_add(set, &dst);
3582 } else if (eth_dst_may_rspan(ctx->flow.dl_dst)) {
3583 struct ofbundle *bundle;
3585 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
3586 if (ofbundle_includes_vlan(bundle, m->out_vlan)
3587 && set_dst(ctx, &dst, in_bundle, bundle))
3589 if (bundle->vlan < 0) {
3590 dst.vlan = m->out_vlan;
3592 if (dst_is_duplicate(set, &dst)) {
3596 /* Use the vlan tag on the original flow instead of
3597 * the one passed in the vlan parameter. This ensures
3598 * that we compare the vlan from before any implicit
3599 * tagging tags place. This is necessary because
3600 * dst->vlan is the final vlan, after removing implicit
3602 if (bundle == in_bundle && dst.vlan == flow_vlan) {
3603 /* Don't send out input port on same VLAN. */
3606 dst_set_add(set, &dst);
3611 mirrors &= mirrors - 1;
3616 compose_actions(struct action_xlate_ctx *ctx, uint16_t vlan,
3617 const struct ofbundle *in_bundle,
3618 const struct ofbundle *out_bundle)
3620 uint16_t initial_vlan, cur_vlan;
3621 const struct dst *dst;
3625 compose_dsts(ctx, vlan, in_bundle, out_bundle, &set);
3626 compose_mirror_dsts(ctx, vlan, in_bundle, &set);
3628 /* Output all the packets we can without having to change the VLAN. */
3629 initial_vlan = vlan_tci_to_vid(ctx->flow.vlan_tci);
3630 if (initial_vlan == 0) {
3631 initial_vlan = OFP_VLAN_NONE;
3633 for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) {
3634 if (dst->vlan != initial_vlan) {
3637 nl_msg_put_u32(ctx->odp_actions,
3638 ODP_ACTION_ATTR_OUTPUT, dst->port->odp_port);
3641 /* Then output the rest. */
3642 cur_vlan = initial_vlan;
3643 for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) {
3644 if (dst->vlan == initial_vlan) {
3647 if (dst->vlan != cur_vlan) {
3648 if (dst->vlan == OFP_VLAN_NONE) {
3649 nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_STRIP_VLAN);
3652 tci = htons(dst->vlan & VLAN_VID_MASK);
3653 tci |= ctx->flow.vlan_tci & htons(VLAN_PCP_MASK);
3654 nl_msg_put_be16(ctx->odp_actions,
3655 ODP_ACTION_ATTR_SET_DL_TCI, tci);
3657 cur_vlan = dst->vlan;
3659 nl_msg_put_u32(ctx->odp_actions,
3660 ODP_ACTION_ATTR_OUTPUT, dst->port->odp_port);
3666 /* Returns the effective vlan of a packet, taking into account both the
3667 * 802.1Q header and implicitly tagged ports. A value of 0 indicates that
3668 * the packet is untagged and -1 indicates it has an invalid header and
3669 * should be dropped. */
3671 flow_get_vlan(struct ofproto_dpif *ofproto, const struct flow *flow,
3672 struct ofbundle *in_bundle, bool have_packet)
3674 int vlan = vlan_tci_to_vid(flow->vlan_tci);
3675 if (in_bundle->vlan >= 0) {
3678 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3679 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
3680 "packet received on port %s configured with "
3681 "implicit VLAN %"PRIu16,
3682 ofproto->up.name, vlan,
3683 in_bundle->name, in_bundle->vlan);
3687 vlan = in_bundle->vlan;
3689 if (!ofbundle_includes_vlan(in_bundle, vlan)) {
3691 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3692 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
3693 "packet received on port %s not configured for "
3695 ofproto->up.name, vlan, in_bundle->name, vlan);
3704 /* A VM broadcasts a gratuitous ARP to indicate that it has resumed after
3705 * migration. Older Citrix-patched Linux DomU used gratuitous ARP replies to
3706 * indicate this; newer upstream kernels use gratuitous ARP requests. */
3708 is_gratuitous_arp(const struct flow *flow)
3710 return (flow->dl_type == htons(ETH_TYPE_ARP)
3711 && eth_addr_is_broadcast(flow->dl_dst)
3712 && (flow->nw_proto == ARP_OP_REPLY
3713 || (flow->nw_proto == ARP_OP_REQUEST
3714 && flow->nw_src == flow->nw_dst)));
3718 update_learning_table(struct ofproto_dpif *ofproto,
3719 const struct flow *flow, int vlan,
3720 struct ofbundle *in_bundle)
3722 struct mac_entry *mac;
3724 if (!mac_learning_may_learn(ofproto->ml, flow->dl_src, vlan)) {
3728 mac = mac_learning_insert(ofproto->ml, flow->dl_src, vlan);
3729 if (is_gratuitous_arp(flow)) {
3730 /* We don't want to learn from gratuitous ARP packets that are
3731 * reflected back over bond slaves so we lock the learning table. */
3732 if (!in_bundle->bond) {
3733 mac_entry_set_grat_arp_lock(mac);
3734 } else if (mac_entry_is_grat_arp_locked(mac)) {
3739 if (mac_entry_is_new(mac) || mac->port.p != in_bundle) {
3740 /* The log messages here could actually be useful in debugging,
3741 * so keep the rate limit relatively high. */
3742 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300);
3743 VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is "
3744 "on port %s in VLAN %d",
3745 ofproto->up.name, ETH_ADDR_ARGS(flow->dl_src),
3746 in_bundle->name, vlan);
3748 mac->port.p = in_bundle;
3749 tag_set_add(&ofproto->revalidate_set,
3750 mac_learning_changed(ofproto->ml, mac));
3754 /* Determines whether packets in 'flow' within 'br' should be forwarded or
3755 * dropped. Returns true if they may be forwarded, false if they should be
3758 * If 'have_packet' is true, it indicates that the caller is processing a
3759 * received packet. If 'have_packet' is false, then the caller is just
3760 * revalidating an existing flow because configuration has changed. Either
3761 * way, 'have_packet' only affects logging (there is no point in logging errors
3762 * during revalidation).
3764 * Sets '*in_portp' to the input port. This will be a null pointer if
3765 * flow->in_port does not designate a known input port (in which case
3766 * is_admissible() returns false).
3768 * When returning true, sets '*vlanp' to the effective VLAN of the input
3769 * packet, as returned by flow_get_vlan().
3771 * May also add tags to '*tags', although the current implementation only does
3772 * so in one special case.
3775 is_admissible(struct ofproto_dpif *ofproto, const struct flow *flow,
3777 tag_type *tags, int *vlanp, struct ofbundle **in_bundlep)
3779 struct ofport_dpif *in_port;
3780 struct ofbundle *in_bundle;
3783 /* Find the port and bundle for the received packet. */
3784 in_port = get_ofp_port(ofproto, flow->in_port);
3785 *in_bundlep = in_bundle = in_port ? in_port->bundle : NULL;
3786 if (!in_port || !in_bundle) {
3787 /* No interface? Something fishy... */
3789 /* Odd. A few possible reasons here:
3791 * - We deleted a port but there are still a few packets queued up
3794 * - Someone externally added a port (e.g. "ovs-dpctl add-if") that
3795 * we don't know about.
3797 * - Packet arrived on the local port but the local port is not
3800 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3802 VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown "
3804 ofproto->up.name, flow->in_port);
3808 *vlanp = vlan = flow_get_vlan(ofproto, flow, in_bundle, have_packet);
3813 /* Drop frames for reserved multicast addresses
3814 * only if forward_bpdu option is absent. */
3815 if (eth_addr_is_reserved(flow->dl_dst) &&
3816 !ofproto->up.forward_bpdu) {
3820 /* Drop frames on bundles reserved for mirroring. */
3821 if (in_bundle->mirror_out) {
3823 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3824 VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port "
3825 "%s, which is reserved exclusively for mirroring",
3826 ofproto->up.name, in_bundle->name);
3831 if (in_bundle->bond) {
3832 struct mac_entry *mac;
3834 switch (bond_check_admissibility(in_bundle->bond, in_port,
3835 flow->dl_dst, tags)) {
3842 case BV_DROP_IF_MOVED:
3843 mac = mac_learning_lookup(ofproto->ml, flow->dl_src, vlan, NULL);
3844 if (mac && mac->port.p != in_bundle &&
3845 (!is_gratuitous_arp(flow)
3846 || mac_entry_is_grat_arp_locked(mac))) {
3857 xlate_normal(struct action_xlate_ctx *ctx)
3859 struct ofbundle *in_bundle;
3860 struct ofbundle *out_bundle;
3861 struct mac_entry *mac;
3864 /* Check whether we should drop packets in this flow. */
3865 if (!is_admissible(ctx->ofproto, &ctx->flow, ctx->packet != NULL,
3866 &ctx->tags, &vlan, &in_bundle)) {
3871 /* Learn source MAC (but don't try to learn from revalidation). */
3873 update_learning_table(ctx->ofproto, &ctx->flow, vlan, in_bundle);
3876 /* Determine output bundle. */
3877 mac = mac_learning_lookup(ctx->ofproto->ml, ctx->flow.dl_dst, vlan,
3880 out_bundle = mac->port.p;
3881 } else if (!ctx->packet && !eth_addr_is_multicast(ctx->flow.dl_dst)) {
3882 /* If we are revalidating but don't have a learning entry then eject
3883 * the flow. Installing a flow that floods packets opens up a window
3884 * of time where we could learn from a packet reflected on a bond and
3885 * blackhole packets before the learning table is updated to reflect
3886 * the correct port. */
3887 ctx->may_set_up_flow = false;
3890 out_bundle = OFBUNDLE_FLOOD;
3893 /* Don't send packets out their input bundles. */
3894 if (in_bundle == out_bundle) {
3900 compose_actions(ctx, vlan, in_bundle, out_bundle);
3905 get_drop_frags(struct ofproto *ofproto_)
3907 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
3910 dpif_get_drop_frags(ofproto->dpif, &drop_frags);
3915 set_drop_frags(struct ofproto *ofproto_, bool drop_frags)
3917 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
3919 dpif_set_drop_frags(ofproto->dpif, drop_frags);
3923 packet_out(struct ofproto *ofproto_, struct ofpbuf *packet,
3924 const struct flow *flow,
3925 const union ofp_action *ofp_actions, size_t n_ofp_actions)
3927 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
3930 error = validate_actions(ofp_actions, n_ofp_actions, flow,
3931 ofproto->max_ports);
3933 struct odputil_keybuf keybuf;
3934 struct action_xlate_ctx ctx;
3935 struct ofpbuf *odp_actions;
3938 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
3939 odp_flow_key_from_flow(&key, flow);
3941 action_xlate_ctx_init(&ctx, ofproto, flow, packet);
3942 odp_actions = xlate_actions(&ctx, ofp_actions, n_ofp_actions);
3943 dpif_execute(ofproto->dpif, key.data, key.size,
3944 odp_actions->data, odp_actions->size, packet);
3945 ofpbuf_delete(odp_actions);
3951 get_netflow_ids(const struct ofproto *ofproto_,
3952 uint8_t *engine_type, uint8_t *engine_id)
3954 struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
3956 dpif_get_netflow_ids(ofproto->dpif, engine_type, engine_id);
3959 static struct ofproto_dpif *
3960 ofproto_dpif_lookup(const char *name)
3962 struct ofproto *ofproto = ofproto_lookup(name);
3963 return (ofproto && ofproto->ofproto_class == &ofproto_dpif_class
3964 ? ofproto_dpif_cast(ofproto)
3969 ofproto_unixctl_fdb_show(struct unixctl_conn *conn,
3970 const char *args, void *aux OVS_UNUSED)
3972 struct ds ds = DS_EMPTY_INITIALIZER;
3973 const struct ofproto_dpif *ofproto;
3974 const struct mac_entry *e;
3976 ofproto = ofproto_dpif_lookup(args);
3978 unixctl_command_reply(conn, 501, "no such bridge");
3982 ds_put_cstr(&ds, " port VLAN MAC Age\n");
3983 LIST_FOR_EACH (e, lru_node, &ofproto->ml->lrus) {
3984 struct ofbundle *bundle = e->port.p;
3985 ds_put_format(&ds, "%5d %4d "ETH_ADDR_FMT" %3d\n",
3986 ofbundle_get_a_port(bundle)->odp_port,
3987 e->vlan, ETH_ADDR_ARGS(e->mac), mac_entry_age(e));
3989 unixctl_command_reply(conn, 200, ds_cstr(&ds));
3993 struct ofproto_trace {
3994 struct action_xlate_ctx ctx;
4000 trace_format_rule(struct ds *result, uint8_t table_id, int level,
4001 const struct rule_dpif *rule)
4003 ds_put_char_multiple(result, '\t', level);
4005 ds_put_cstr(result, "No match\n");
4009 ds_put_format(result, "Rule: table=%"PRIu8" cookie=%#"PRIx64" ",
4010 table_id, ntohll(rule->up.flow_cookie));
4011 cls_rule_format(&rule->up.cr, result);
4012 ds_put_char(result, '\n');
4014 ds_put_char_multiple(result, '\t', level);
4015 ds_put_cstr(result, "OpenFlow ");
4016 ofp_print_actions(result, rule->up.actions, rule->up.n_actions);
4017 ds_put_char(result, '\n');
4021 trace_format_flow(struct ds *result, int level, const char *title,
4022 struct ofproto_trace *trace)
4024 ds_put_char_multiple(result, '\t', level);
4025 ds_put_format(result, "%s: ", title);
4026 if (flow_equal(&trace->ctx.flow, &trace->flow)) {
4027 ds_put_cstr(result, "unchanged");
4029 flow_format(result, &trace->ctx.flow);
4030 trace->flow = trace->ctx.flow;
4032 ds_put_char(result, '\n');
4036 trace_format_regs(struct ds *result, int level, const char *title,
4037 struct ofproto_trace *trace)
4041 ds_put_char_multiple(result, '\t', level);
4042 ds_put_format(result, "%s:", title);
4043 for (i = 0; i < FLOW_N_REGS; i++) {
4044 ds_put_format(result, " reg%zu=0x%"PRIx32, i, trace->flow.regs[i]);
4046 ds_put_char(result, '\n');
4050 trace_resubmit(struct action_xlate_ctx *ctx, struct rule_dpif *rule)
4052 struct ofproto_trace *trace = CONTAINER_OF(ctx, struct ofproto_trace, ctx);
4053 struct ds *result = trace->result;
4055 ds_put_char(result, '\n');
4056 trace_format_flow(result, ctx->recurse + 1, "Resubmitted flow", trace);
4057 trace_format_regs(result, ctx->recurse + 1, "Resubmitted regs", trace);
4058 trace_format_rule(result, ctx->table_id, ctx->recurse + 1, rule);
4062 ofproto_unixctl_trace(struct unixctl_conn *conn, const char *args_,
4063 void *aux OVS_UNUSED)
4065 char *dpname, *arg1, *arg2, *arg3;
4066 char *args = xstrdup(args_);
4067 char *save_ptr = NULL;
4068 struct ofproto_dpif *ofproto;
4069 struct ofpbuf odp_key;
4070 struct ofpbuf *packet;
4071 struct rule_dpif *rule;
4077 ofpbuf_init(&odp_key, 0);
4080 dpname = strtok_r(args, " ", &save_ptr);
4081 arg1 = strtok_r(NULL, " ", &save_ptr);
4082 arg2 = strtok_r(NULL, " ", &save_ptr);
4083 arg3 = strtok_r(NULL, "", &save_ptr); /* Get entire rest of line. */
4084 if (dpname && arg1 && !arg2 && !arg3) {
4085 /* ofproto/trace dpname flow */
4088 /* Convert string to ODP key. */
4089 ofpbuf_init(&odp_key, 0);
4090 error = odp_flow_key_from_string(arg1, &odp_key);
4092 unixctl_command_reply(conn, 501, "Bad flow syntax");
4096 /* Convert odp_key to flow. */
4097 error = odp_flow_key_to_flow(odp_key.data, odp_key.size, &flow);
4099 unixctl_command_reply(conn, 501, "Invalid flow");
4102 } else if (dpname && arg1 && arg2 && arg3) {
4103 /* ofproto/trace dpname tun_id in_port packet */
4107 tun_id = htonll(strtoull(arg1, NULL, 0));
4108 in_port = ofp_port_to_odp_port(atoi(arg2));
4110 packet = ofpbuf_new(strlen(args) / 2);
4111 arg3 = ofpbuf_put_hex(packet, arg3, NULL);
4112 arg3 += strspn(arg3, " ");
4113 if (*arg3 != '\0') {
4114 unixctl_command_reply(conn, 501, "Trailing garbage in command");
4117 if (packet->size < ETH_HEADER_LEN) {
4118 unixctl_command_reply(conn, 501,
4119 "Packet data too short for Ethernet");
4123 ds_put_cstr(&result, "Packet: ");
4124 s = ofp_packet_to_string(packet->data, packet->size, packet->size);
4125 ds_put_cstr(&result, s);
4128 flow_extract(packet, tun_id, in_port, &flow);
4130 unixctl_command_reply(conn, 501, "Bad command syntax");
4134 ofproto = ofproto_dpif_lookup(dpname);
4136 unixctl_command_reply(conn, 501, "Unknown ofproto (use ofproto/list "
4141 ds_put_cstr(&result, "Flow: ");
4142 flow_format(&result, &flow);
4143 ds_put_char(&result, '\n');
4145 rule = rule_dpif_lookup(ofproto, &flow, 0);
4146 trace_format_rule(&result, 0, 0, rule);
4148 struct ofproto_trace trace;
4149 struct ofpbuf *odp_actions;
4151 trace.result = &result;
4153 action_xlate_ctx_init(&trace.ctx, ofproto, &flow, packet);
4154 trace.ctx.resubmit_hook = trace_resubmit;
4155 odp_actions = xlate_actions(&trace.ctx,
4156 rule->up.actions, rule->up.n_actions);
4158 ds_put_char(&result, '\n');
4159 trace_format_flow(&result, 0, "Final flow", &trace);
4160 ds_put_cstr(&result, "Datapath actions: ");
4161 format_odp_actions(&result, odp_actions->data, odp_actions->size);
4162 ofpbuf_delete(odp_actions);
4164 if (!trace.ctx.may_set_up_flow) {
4166 ds_put_cstr(&result, "\nThis flow is not cachable.");
4168 ds_put_cstr(&result, "\nThe datapath actions are incomplete--"
4169 "for complete actions, please supply a packet.");
4174 unixctl_command_reply(conn, 200, ds_cstr(&result));
4177 ds_destroy(&result);
4178 ofpbuf_delete(packet);
4179 ofpbuf_uninit(&odp_key);
4184 ofproto_dpif_clog(struct unixctl_conn *conn OVS_UNUSED,
4185 const char *args_ OVS_UNUSED, void *aux OVS_UNUSED)
4188 unixctl_command_reply(conn, 200, NULL);
4192 ofproto_dpif_unclog(struct unixctl_conn *conn OVS_UNUSED,
4193 const char *args_ OVS_UNUSED, void *aux OVS_UNUSED)
4196 unixctl_command_reply(conn, 200, NULL);
4200 ofproto_dpif_unixctl_init(void)
4202 static bool registered;
4208 unixctl_command_register("ofproto/trace", ofproto_unixctl_trace, NULL);
4209 unixctl_command_register("fdb/show", ofproto_unixctl_fdb_show, NULL);
4211 unixctl_command_register("ofproto/clog", ofproto_dpif_clog, NULL);
4212 unixctl_command_register("ofproto/unclog", ofproto_dpif_unclog, NULL);
4215 const struct ofproto_class ofproto_dpif_class = {
4242 port_is_lacp_current,
4243 NULL, /* rule_choose_table */
4250 rule_modify_actions,
4263 is_mirror_output_bundle,
4264 forward_bpdu_changed,
git://git.onelab.eu / sliver-openvswitch.git / blob