2 * Copyright (c) 2009, 2010 Nicira Networks.
3 * Copyright (c) 2010 Jean Tourrilhes - HP-Labs.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
22 #include <sys/socket.h>
24 #include <netinet/in.h>
27 #include "classifier.h"
29 #include "discovery.h"
31 #include "dynamic-string.h"
32 #include "fail-open.h"
34 #include "mac-learning.h"
38 #include "ofp-print.h"
40 #include "ofproto-sflow.h"
42 #include "openflow/nicira-ext.h"
43 #include "openflow/openflow.h"
44 #include "openvswitch/datapath-protocol.h"
48 #include "poll-loop.h"
49 #include "port-array.h"
54 #include "stream-ssl.h"
62 #define THIS_MODULE VLM_ofproto
65 #include "sflow_api.h"
69 TABLEID_CLASSIFIER = 1
73 struct netdev *netdev;
74 struct ofp_phy_port opp; /* In host byte order. */
77 static void ofport_free(struct ofport *);
78 static void hton_ofp_phy_port(struct ofp_phy_port *);
80 static int xlate_actions(const union ofp_action *in, size_t n_in,
81 const flow_t *flow, struct ofproto *ofproto,
82 const struct ofpbuf *packet,
83 struct odp_actions *out, tag_type *tags,
84 bool *may_set_up_flow, uint16_t *nf_output_iface);
89 uint64_t flow_cookie; /* Controller-issued identifier.
90 (Kept in network-byte order.) */
91 uint16_t idle_timeout; /* In seconds from time of last use. */
92 uint16_t hard_timeout; /* In seconds from time of creation. */
93 bool send_flow_removed; /* Send a flow removed message? */
94 long long int used; /* Last-used time (0 if never used). */
95 long long int created; /* Creation time. */
96 uint64_t packet_count; /* Number of packets received. */
97 uint64_t byte_count; /* Number of bytes received. */
98 uint64_t accounted_bytes; /* Number of bytes passed to account_cb. */
99 tag_type tags; /* Tags (set only by hooks). */
100 struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */
102 /* If 'super' is non-NULL, this rule is a subrule, that is, it is an
103 * exact-match rule (having cr.wc.wildcards of 0) generated from the
104 * wildcard rule 'super'. In this case, 'list' is an element of the
107 * If 'super' is NULL, this rule is a super-rule, and 'list' is the head of
108 * a list of subrules. A super-rule with no wildcards (where
109 * cr.wc.wildcards is 0) will never have any subrules. */
115 * 'n_actions' is the number of elements in the 'actions' array. A single
116 * action may take up more more than one element's worth of space.
118 * A subrule has no actions (it uses the super-rule's actions). */
120 union ofp_action *actions;
124 * A super-rule with wildcard fields never has ODP actions (since the
125 * datapath only supports exact-match flows). */
126 bool installed; /* Installed in datapath? */
127 bool may_install; /* True ordinarily; false if actions must
128 * be reassessed for every packet. */
130 union odp_action *odp_actions;
134 rule_is_hidden(const struct rule *rule)
136 /* Subrules are merely an implementation detail, so hide them from the
138 if (rule->super != NULL) {
142 /* Rules with priority higher than UINT16_MAX are set up by ofproto itself
143 * (e.g. by in-band control) and are intentionally hidden from the
145 if (rule->cr.priority > UINT16_MAX) {
152 static struct rule *rule_create(struct ofproto *, struct rule *super,
153 const union ofp_action *, size_t n_actions,
154 uint16_t idle_timeout, uint16_t hard_timeout,
155 uint64_t flow_cookie, bool send_flow_removed);
156 static void rule_free(struct rule *);
157 static void rule_destroy(struct ofproto *, struct rule *);
158 static struct rule *rule_from_cls_rule(const struct cls_rule *);
159 static void rule_insert(struct ofproto *, struct rule *,
160 struct ofpbuf *packet, uint16_t in_port);
161 static void rule_remove(struct ofproto *, struct rule *);
162 static bool rule_make_actions(struct ofproto *, struct rule *,
163 const struct ofpbuf *packet);
164 static void rule_install(struct ofproto *, struct rule *,
165 struct rule *displaced_rule);
166 static void rule_uninstall(struct ofproto *, struct rule *);
167 static void rule_post_uninstall(struct ofproto *, struct rule *);
168 static void send_flow_removed(struct ofproto *p, struct rule *rule,
169 long long int now, uint8_t reason);
171 /* ofproto supports two kinds of OpenFlow connections:
173 * - "Controller connections": Connections to ordinary OpenFlow controllers.
174 * ofproto maintains persistent connections to these controllers and by
175 * default sends them asynchronous messages such as packet-ins.
177 * - "Transient connections", e.g. from ovs-ofctl. When these connections
178 * drop, it is the other side's responsibility to reconnect them if
179 * necessary. ofproto does not send them asynchronous messages by default.
182 OFCONN_CONTROLLER, /* An OpenFlow controller. */
183 OFCONN_TRANSIENT /* A transient connection. */
186 /* An OpenFlow connection. */
188 struct ofproto *ofproto; /* The ofproto that owns this connection. */
189 struct list node; /* In struct ofproto's "all_conns" list. */
190 struct rconn *rconn; /* OpenFlow connection. */
191 enum ofconn_type type; /* Type. */
193 /* OFPT_PACKET_IN related data. */
194 struct rconn_packet_counter *packet_in_counter; /* # queued on 'rconn'. */
195 struct pinsched *schedulers[2]; /* Indexed by reason code; see below. */
196 struct pktbuf *pktbuf; /* OpenFlow packet buffers. */
197 int miss_send_len; /* Bytes to send of buffered packets. */
199 /* Number of OpenFlow messages queued on 'rconn' as replies to OpenFlow
200 * requests, and the maximum number before we stop reading OpenFlow
202 #define OFCONN_REPLY_MAX 100
203 struct rconn_packet_counter *reply_counter;
205 /* type == OFCONN_CONTROLLER only. */
206 enum nx_role role; /* Role. */
207 struct hmap_node hmap_node; /* In struct ofproto's "controllers" map. */
208 struct discovery *discovery; /* Controller discovery object, if enabled. */
209 struct status_category *ss; /* Switch status category. */
210 enum ofproto_band band; /* In-band or out-of-band? */
213 /* We use OFPR_NO_MATCH and OFPR_ACTION as indexes into struct ofconn's
214 * "schedulers" array. Their values are 0 and 1, and their meanings and values
215 * coincide with _ODPL_MISS_NR and _ODPL_ACTION_NR, so this is convenient. In
216 * case anything ever changes, check their values here. */
217 #define N_SCHEDULERS 2
218 BUILD_ASSERT_DECL(OFPR_NO_MATCH == 0);
219 BUILD_ASSERT_DECL(OFPR_NO_MATCH == _ODPL_MISS_NR);
220 BUILD_ASSERT_DECL(OFPR_ACTION == 1);
221 BUILD_ASSERT_DECL(OFPR_ACTION == _ODPL_ACTION_NR);
223 static struct ofconn *ofconn_create(struct ofproto *, struct rconn *,
225 static void ofconn_destroy(struct ofconn *);
226 static void ofconn_run(struct ofconn *, struct ofproto *);
227 static void ofconn_wait(struct ofconn *);
228 static bool ofconn_receives_async_msgs(const struct ofconn *);
229 static char *ofconn_make_name(const struct ofproto *, const char *target);
231 static void queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn,
232 struct rconn_packet_counter *counter);
234 static void send_packet_in(struct ofproto *, struct ofpbuf *odp_msg);
235 static void do_send_packet_in(struct ofpbuf *odp_msg, void *ofconn);
239 uint64_t datapath_id; /* Datapath ID. */
240 uint64_t fallback_dpid; /* Datapath ID if no better choice found. */
241 char *mfr_desc; /* Manufacturer. */
242 char *hw_desc; /* Hardware. */
243 char *sw_desc; /* Software version. */
244 char *serial_desc; /* Serial number. */
245 char *dp_desc; /* Datapath description. */
249 struct netdev_monitor *netdev_monitor;
250 struct port_array ports; /* Index is ODP port nr; ofport->opp.port_no is
252 struct shash port_by_name;
256 struct switch_status *switch_status;
257 struct fail_open *fail_open;
258 struct netflow *netflow;
259 struct ofproto_sflow *sflow;
261 /* In-band control. */
262 struct in_band *in_band;
263 long long int next_in_band_update;
264 struct sockaddr_in *extra_in_band_remotes;
265 size_t n_extra_remotes;
268 struct classifier cls;
269 bool need_revalidate;
270 long long int next_expiration;
271 struct tag_set revalidate_set;
272 bool tun_id_from_cookie;
274 /* OpenFlow connections. */
275 struct hmap controllers; /* Controller "struct ofconn"s. */
276 struct list all_conns; /* Contains "struct ofconn"s. */
277 struct pvconn **listeners;
279 struct pvconn **snoops;
282 /* Hooks for ovs-vswitchd. */
283 const struct ofhooks *ofhooks;
286 /* Used by default ofhooks. */
287 struct mac_learning *ml;
290 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
292 static const struct ofhooks default_ofhooks;
294 static uint64_t pick_datapath_id(const struct ofproto *);
295 static uint64_t pick_fallback_dpid(void);
297 static void update_used(struct ofproto *);
298 static void update_stats(struct ofproto *, struct rule *,
299 const struct odp_flow_stats *);
300 static void expire_rule(struct cls_rule *, void *ofproto);
301 static void active_timeout(struct ofproto *ofproto, struct rule *rule);
302 static bool revalidate_rule(struct ofproto *p, struct rule *rule);
303 static void revalidate_cb(struct cls_rule *rule_, void *p_);
305 static void handle_odp_msg(struct ofproto *, struct ofpbuf *);
307 static void handle_openflow(struct ofconn *, struct ofproto *,
310 static void refresh_port_groups(struct ofproto *);
312 static void update_port(struct ofproto *, const char *devname);
313 static int init_ports(struct ofproto *);
314 static void reinit_ports(struct ofproto *);
317 ofproto_create(const char *datapath, const char *datapath_type,
318 const struct ofhooks *ofhooks, void *aux,
319 struct ofproto **ofprotop)
321 struct odp_stats stats;
328 /* Connect to datapath and start listening for messages. */
329 error = dpif_open(datapath, datapath_type, &dpif);
331 VLOG_ERR("failed to open datapath %s: %s", datapath, strerror(error));
334 error = dpif_get_dp_stats(dpif, &stats);
336 VLOG_ERR("failed to obtain stats for datapath %s: %s",
337 datapath, strerror(error));
341 error = dpif_recv_set_mask(dpif, ODPL_MISS | ODPL_ACTION | ODPL_SFLOW);
343 VLOG_ERR("failed to listen on datapath %s: %s",
344 datapath, strerror(error));
348 dpif_flow_flush(dpif);
349 dpif_recv_purge(dpif);
351 /* Initialize settings. */
352 p = xzalloc(sizeof *p);
353 p->fallback_dpid = pick_fallback_dpid();
354 p->datapath_id = p->fallback_dpid;
355 p->mfr_desc = xstrdup(DEFAULT_MFR_DESC);
356 p->hw_desc = xstrdup(DEFAULT_HW_DESC);
357 p->sw_desc = xstrdup(DEFAULT_SW_DESC);
358 p->serial_desc = xstrdup(DEFAULT_SERIAL_DESC);
359 p->dp_desc = xstrdup(DEFAULT_DP_DESC);
361 /* Initialize datapath. */
363 p->netdev_monitor = netdev_monitor_create();
364 port_array_init(&p->ports);
365 shash_init(&p->port_by_name);
366 p->max_ports = stats.max_ports;
368 /* Initialize submodules. */
369 p->switch_status = switch_status_create(p);
375 /* Initialize flow table. */
376 classifier_init(&p->cls);
377 p->need_revalidate = false;
378 p->next_expiration = time_msec() + 1000;
379 tag_set_init(&p->revalidate_set);
381 /* Initialize OpenFlow connections. */
382 list_init(&p->all_conns);
383 hmap_init(&p->controllers);
389 /* Initialize hooks. */
391 p->ofhooks = ofhooks;
395 p->ofhooks = &default_ofhooks;
397 p->ml = mac_learning_create();
400 /* Pick final datapath ID. */
401 p->datapath_id = pick_datapath_id(p);
402 VLOG_INFO("using datapath ID %016"PRIx64, p->datapath_id);
409 ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id)
411 uint64_t old_dpid = p->datapath_id;
412 p->datapath_id = datapath_id ? datapath_id : pick_datapath_id(p);
413 if (p->datapath_id != old_dpid) {
414 struct ofconn *ofconn;
416 VLOG_INFO("datapath ID changed to %016"PRIx64, p->datapath_id);
418 /* Force all active connections to reconnect, since there is no way to
419 * notify a controller that the datapath ID has changed. */
420 LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
421 rconn_reconnect(ofconn->rconn);
427 is_discovery_controller(const struct ofproto_controller *c)
429 return !strcmp(c->target, "discover");
433 is_in_band_controller(const struct ofproto_controller *c)
435 return is_discovery_controller(c) || c->band == OFPROTO_IN_BAND;
438 /* Creates a new controller in 'ofproto'. Some of the settings are initially
439 * drawn from 'c', but update_controller() needs to be called later to finish
440 * the new ofconn's configuration. */
442 add_controller(struct ofproto *ofproto, const struct ofproto_controller *c)
444 struct discovery *discovery;
445 struct ofconn *ofconn;
447 if (is_discovery_controller(c)) {
448 int error = discovery_create(c->accept_re, c->update_resolv_conf,
449 ofproto->dpif, ofproto->switch_status,
458 ofconn = ofconn_create(ofproto, rconn_create(5, 8), OFCONN_CONTROLLER);
459 ofconn->pktbuf = pktbuf_create();
460 ofconn->miss_send_len = OFP_DEFAULT_MISS_SEND_LEN;
462 ofconn->discovery = discovery;
464 char *name = ofconn_make_name(ofproto, c->target);
465 rconn_connect(ofconn->rconn, c->target, name);
468 hmap_insert(&ofproto->controllers, &ofconn->hmap_node,
469 hash_string(c->target, 0));
472 /* Reconfigures 'ofconn' to match 'c'. This function cannot update an ofconn's
473 * target or turn discovery on or off (these are done by creating new ofconns
474 * and deleting old ones), but it can update the rest of an ofconn's
477 update_controller(struct ofconn *ofconn, const struct ofproto_controller *c)
479 struct ofproto *ofproto = ofconn->ofproto;
483 ofconn->band = (is_in_band_controller(c)
484 ? OFPROTO_IN_BAND : OFPROTO_OUT_OF_BAND);
486 rconn_set_max_backoff(ofconn->rconn, c->max_backoff);
488 probe_interval = c->probe_interval ? MAX(c->probe_interval, 5) : 0;
489 rconn_set_probe_interval(ofconn->rconn, probe_interval);
491 if (ofconn->discovery) {
492 discovery_set_update_resolv_conf(ofconn->discovery,
493 c->update_resolv_conf);
494 discovery_set_accept_controller_re(ofconn->discovery, c->accept_re);
497 for (i = 0; i < N_SCHEDULERS; i++) {
498 struct pinsched **s = &ofconn->schedulers[i];
500 if (c->rate_limit > 0) {
502 *s = pinsched_create(c->rate_limit, c->burst_limit,
503 ofproto->switch_status);
505 pinsched_set_limits(*s, c->rate_limit, c->burst_limit);
508 pinsched_destroy(*s);
515 ofconn_get_target(const struct ofconn *ofconn)
517 return ofconn->discovery ? "discover" : rconn_get_target(ofconn->rconn);
520 static struct ofconn *
521 find_controller_by_target(struct ofproto *ofproto, const char *target)
523 struct ofconn *ofconn;
525 HMAP_FOR_EACH_WITH_HASH (ofconn, struct ofconn, hmap_node,
526 hash_string(target, 0), &ofproto->controllers) {
527 if (!strcmp(ofconn_get_target(ofconn), target)) {
535 update_in_band_remotes(struct ofproto *ofproto)
537 const struct ofconn *ofconn;
538 struct sockaddr_in *addrs;
539 size_t max_addrs, n_addrs;
543 /* Allocate enough memory for as many remotes as we could possibly have. */
544 max_addrs = ofproto->n_extra_remotes + hmap_count(&ofproto->controllers);
545 addrs = xmalloc(max_addrs * sizeof *addrs);
548 /* Add all the remotes. */
550 HMAP_FOR_EACH (ofconn, struct ofconn, hmap_node, &ofproto->controllers) {
551 struct sockaddr_in *sin = &addrs[n_addrs];
553 if (ofconn->band == OFPROTO_OUT_OF_BAND) {
557 sin->sin_addr.s_addr = rconn_get_remote_ip(ofconn->rconn);
558 if (sin->sin_addr.s_addr) {
559 sin->sin_port = rconn_get_remote_port(ofconn->rconn);
562 if (ofconn->discovery) {
566 for (i = 0; i < ofproto->n_extra_remotes; i++) {
567 addrs[n_addrs++] = ofproto->extra_in_band_remotes[i];
570 /* Create or update or destroy in-band.
572 * Ordinarily we only enable in-band if there's at least one remote
573 * address, but discovery needs the in-band rules for DHCP to be installed
574 * even before we know any remote addresses. */
575 if (n_addrs || discovery) {
576 if (!ofproto->in_band) {
577 in_band_create(ofproto, ofproto->dpif, ofproto->switch_status,
580 if (ofproto->in_band) {
581 in_band_set_remotes(ofproto->in_band, addrs, n_addrs);
583 ofproto->next_in_band_update = time_msec() + 1000;
585 in_band_destroy(ofproto->in_band);
586 ofproto->in_band = NULL;
594 ofproto_set_controllers(struct ofproto *p,
595 const struct ofproto_controller *controllers,
596 size_t n_controllers)
598 struct shash new_controllers;
599 enum ofproto_fail_mode fail_mode;
600 struct ofconn *ofconn, *next;
604 shash_init(&new_controllers);
605 for (i = 0; i < n_controllers; i++) {
606 const struct ofproto_controller *c = &controllers[i];
608 shash_add_once(&new_controllers, c->target, &controllers[i]);
609 if (!find_controller_by_target(p, c->target)) {
610 add_controller(p, c);
614 fail_mode = OFPROTO_FAIL_STANDALONE;
616 HMAP_FOR_EACH_SAFE (ofconn, next, struct ofconn, hmap_node,
618 struct ofproto_controller *c;
620 c = shash_find_data(&new_controllers, ofconn_get_target(ofconn));
622 ofconn_destroy(ofconn);
624 update_controller(ofconn, c);
628 if (c->fail == OFPROTO_FAIL_SECURE) {
629 fail_mode = OFPROTO_FAIL_SECURE;
633 shash_destroy(&new_controllers);
635 update_in_band_remotes(p);
637 if (!hmap_is_empty(&p->controllers)
638 && fail_mode == OFPROTO_FAIL_STANDALONE) {
639 struct rconn **rconns;
643 p->fail_open = fail_open_create(p, p->switch_status);
647 rconns = xmalloc(hmap_count(&p->controllers) * sizeof *rconns);
648 HMAP_FOR_EACH (ofconn, struct ofconn, hmap_node, &p->controllers) {
649 rconns[n++] = ofconn->rconn;
652 fail_open_set_controllers(p->fail_open, rconns, n);
653 /* p->fail_open takes ownership of 'rconns'. */
655 fail_open_destroy(p->fail_open);
659 if (!hmap_is_empty(&p->controllers) && !ss_exists) {
660 ofconn = CONTAINER_OF(hmap_first(&p->controllers),
661 struct ofconn, hmap_node);
662 ofconn->ss = switch_status_register(p->switch_status, "remote",
663 rconn_status_cb, ofconn->rconn);
668 any_extras_changed(const struct ofproto *ofproto,
669 const struct sockaddr_in *extras, size_t n)
673 if (n != ofproto->n_extra_remotes) {
677 for (i = 0; i < n; i++) {
678 const struct sockaddr_in *old = &ofproto->extra_in_band_remotes[i];
679 const struct sockaddr_in *new = &extras[i];
681 if (old->sin_addr.s_addr != new->sin_addr.s_addr ||
682 old->sin_port != new->sin_port) {
690 /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'ofproto''s
691 * in-band control should guarantee access, in the same way that in-band
692 * control guarantees access to OpenFlow controllers. */
694 ofproto_set_extra_in_band_remotes(struct ofproto *ofproto,
695 const struct sockaddr_in *extras, size_t n)
697 if (!any_extras_changed(ofproto, extras, n)) {
701 free(ofproto->extra_in_band_remotes);
702 ofproto->n_extra_remotes = n;
703 ofproto->extra_in_band_remotes = xmemdup(extras, n * sizeof *extras);
705 update_in_band_remotes(ofproto);
709 ofproto_set_desc(struct ofproto *p,
710 const char *mfr_desc, const char *hw_desc,
711 const char *sw_desc, const char *serial_desc,
714 struct ofp_desc_stats *ods;
717 if (strlen(mfr_desc) >= sizeof ods->mfr_desc) {
718 VLOG_WARN("truncating mfr_desc, must be less than %zu characters",
719 sizeof ods->mfr_desc);
722 p->mfr_desc = xstrdup(mfr_desc);
725 if (strlen(hw_desc) >= sizeof ods->hw_desc) {
726 VLOG_WARN("truncating hw_desc, must be less than %zu characters",
727 sizeof ods->hw_desc);
730 p->hw_desc = xstrdup(hw_desc);
733 if (strlen(sw_desc) >= sizeof ods->sw_desc) {
734 VLOG_WARN("truncating sw_desc, must be less than %zu characters",
735 sizeof ods->sw_desc);
738 p->sw_desc = xstrdup(sw_desc);
741 if (strlen(serial_desc) >= sizeof ods->serial_num) {
742 VLOG_WARN("truncating serial_desc, must be less than %zu "
744 sizeof ods->serial_num);
746 free(p->serial_desc);
747 p->serial_desc = xstrdup(serial_desc);
750 if (strlen(dp_desc) >= sizeof ods->dp_desc) {
751 VLOG_WARN("truncating dp_desc, must be less than %zu characters",
752 sizeof ods->dp_desc);
755 p->dp_desc = xstrdup(dp_desc);
760 set_pvconns(struct pvconn ***pvconnsp, size_t *n_pvconnsp,
761 const struct svec *svec)
763 struct pvconn **pvconns = *pvconnsp;
764 size_t n_pvconns = *n_pvconnsp;
768 for (i = 0; i < n_pvconns; i++) {
769 pvconn_close(pvconns[i]);
773 pvconns = xmalloc(svec->n * sizeof *pvconns);
775 for (i = 0; i < svec->n; i++) {
776 const char *name = svec->names[i];
777 struct pvconn *pvconn;
780 error = pvconn_open(name, &pvconn);
782 pvconns[n_pvconns++] = pvconn;
784 VLOG_ERR("failed to listen on %s: %s", name, strerror(error));
792 *n_pvconnsp = n_pvconns;
798 ofproto_set_listeners(struct ofproto *ofproto, const struct svec *listeners)
800 return set_pvconns(&ofproto->listeners, &ofproto->n_listeners, listeners);
804 ofproto_set_snoops(struct ofproto *ofproto, const struct svec *snoops)
806 return set_pvconns(&ofproto->snoops, &ofproto->n_snoops, snoops);
810 ofproto_set_netflow(struct ofproto *ofproto,
811 const struct netflow_options *nf_options)
813 if (nf_options && nf_options->collectors.n) {
814 if (!ofproto->netflow) {
815 ofproto->netflow = netflow_create();
817 return netflow_set_options(ofproto->netflow, nf_options);
819 netflow_destroy(ofproto->netflow);
820 ofproto->netflow = NULL;
826 ofproto_set_sflow(struct ofproto *ofproto,
827 const struct ofproto_sflow_options *oso)
829 struct ofproto_sflow *os = ofproto->sflow;
832 struct ofport *ofport;
833 unsigned int odp_port;
835 os = ofproto->sflow = ofproto_sflow_create(ofproto->dpif);
836 refresh_port_groups(ofproto);
837 PORT_ARRAY_FOR_EACH (ofport, &ofproto->ports, odp_port) {
838 ofproto_sflow_add_port(os, odp_port,
839 netdev_get_name(ofport->netdev));
842 ofproto_sflow_set_options(os, oso);
844 ofproto_sflow_destroy(os);
845 ofproto->sflow = NULL;
850 ofproto_set_stp(struct ofproto *ofproto OVS_UNUSED, bool enable_stp)
854 VLOG_WARN("STP is not yet implemented");
862 ofproto_get_datapath_id(const struct ofproto *ofproto)
864 return ofproto->datapath_id;
868 ofproto_has_controller(const struct ofproto *ofproto)
870 return !hmap_is_empty(&ofproto->controllers);
874 ofproto_get_listeners(const struct ofproto *ofproto, struct svec *listeners)
878 for (i = 0; i < ofproto->n_listeners; i++) {
879 svec_add(listeners, pvconn_get_name(ofproto->listeners[i]));
884 ofproto_get_snoops(const struct ofproto *ofproto, struct svec *snoops)
888 for (i = 0; i < ofproto->n_snoops; i++) {
889 svec_add(snoops, pvconn_get_name(ofproto->snoops[i]));
894 ofproto_destroy(struct ofproto *p)
896 struct ofconn *ofconn, *next_ofconn;
897 struct ofport *ofport;
898 unsigned int port_no;
905 /* Destroy fail-open and in-band early, since they touch the classifier. */
906 fail_open_destroy(p->fail_open);
909 in_band_destroy(p->in_band);
911 free(p->extra_in_band_remotes);
913 ofproto_flush_flows(p);
914 classifier_destroy(&p->cls);
916 LIST_FOR_EACH_SAFE (ofconn, next_ofconn, struct ofconn, node,
918 ofconn_destroy(ofconn);
920 hmap_destroy(&p->controllers);
923 netdev_monitor_destroy(p->netdev_monitor);
924 PORT_ARRAY_FOR_EACH (ofport, &p->ports, port_no) {
927 shash_destroy(&p->port_by_name);
929 switch_status_destroy(p->switch_status);
930 netflow_destroy(p->netflow);
931 ofproto_sflow_destroy(p->sflow);
933 for (i = 0; i < p->n_listeners; i++) {
934 pvconn_close(p->listeners[i]);
938 for (i = 0; i < p->n_snoops; i++) {
939 pvconn_close(p->snoops[i]);
943 mac_learning_destroy(p->ml);
948 free(p->serial_desc);
951 port_array_destroy(&p->ports);
957 ofproto_run(struct ofproto *p)
959 int error = ofproto_run1(p);
961 error = ofproto_run2(p, false);
967 process_port_change(struct ofproto *ofproto, int error, char *devname)
969 if (error == ENOBUFS) {
970 reinit_ports(ofproto);
972 update_port(ofproto, devname);
977 /* Returns a "preference level" for snooping 'ofconn'. A higher return value
978 * means that 'ofconn' is more interesting for monitoring than a lower return
981 snoop_preference(const struct ofconn *ofconn)
983 switch (ofconn->role) {
991 /* Shouldn't happen. */
996 /* One of ofproto's "snoop" pvconns has accepted a new connection on 'vconn'.
997 * Connects this vconn to a controller. */
999 add_snooper(struct ofproto *ofproto, struct vconn *vconn)
1001 struct ofconn *ofconn, *best;
1003 /* Pick a controller for monitoring. */
1005 LIST_FOR_EACH (ofconn, struct ofconn, node, &ofproto->all_conns) {
1006 if (ofconn->type == OFCONN_CONTROLLER
1007 && (!best || snoop_preference(ofconn) > snoop_preference(best))) {
1013 rconn_add_monitor(best->rconn, vconn);
1015 VLOG_INFO_RL(&rl, "no controller connection to snoop");
1021 ofproto_run1(struct ofproto *p)
1023 struct ofconn *ofconn, *next_ofconn;
1028 if (shash_is_empty(&p->port_by_name)) {
1032 for (i = 0; i < 50; i++) {
1036 error = dpif_recv(p->dpif, &buf);
1038 if (error == ENODEV) {
1039 /* Someone destroyed the datapath behind our back. The caller
1040 * better destroy us and give up, because we're just going to
1041 * spin from here on out. */
1042 static struct vlog_rate_limit rl2 = VLOG_RATE_LIMIT_INIT(1, 5);
1043 VLOG_ERR_RL(&rl2, "%s: datapath was destroyed externally",
1044 dpif_name(p->dpif));
1050 handle_odp_msg(p, buf);
1053 while ((error = dpif_port_poll(p->dpif, &devname)) != EAGAIN) {
1054 process_port_change(p, error, devname);
1056 while ((error = netdev_monitor_poll(p->netdev_monitor,
1057 &devname)) != EAGAIN) {
1058 process_port_change(p, error, devname);
1062 if (time_msec() >= p->next_in_band_update) {
1063 update_in_band_remotes(p);
1065 in_band_run(p->in_band);
1068 LIST_FOR_EACH_SAFE (ofconn, next_ofconn, struct ofconn, node,
1070 ofconn_run(ofconn, p);
1073 /* Fail-open maintenance. Do this after processing the ofconns since
1074 * fail-open checks the status of the controller rconn. */
1076 fail_open_run(p->fail_open);
1079 for (i = 0; i < p->n_listeners; i++) {
1080 struct vconn *vconn;
1083 retval = pvconn_accept(p->listeners[i], OFP_VERSION, &vconn);
1085 struct rconn *rconn;
1088 rconn = rconn_create(60, 0);
1089 name = ofconn_make_name(p, vconn_get_name(vconn));
1090 rconn_connect_unreliably(rconn, vconn, name);
1093 ofconn_create(p, rconn, OFCONN_TRANSIENT);
1094 } else if (retval != EAGAIN) {
1095 VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval));
1099 for (i = 0; i < p->n_snoops; i++) {
1100 struct vconn *vconn;
1103 retval = pvconn_accept(p->snoops[i], OFP_VERSION, &vconn);
1105 add_snooper(p, vconn);
1106 } else if (retval != EAGAIN) {
1107 VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval));
1111 if (time_msec() >= p->next_expiration) {
1112 COVERAGE_INC(ofproto_expiration);
1113 p->next_expiration = time_msec() + 1000;
1116 classifier_for_each(&p->cls, CLS_INC_ALL, expire_rule, p);
1118 /* Let the hook know that we're at a stable point: all outstanding data
1119 * in existing flows has been accounted to the account_cb. Thus, the
1120 * hook can now reasonably do operations that depend on having accurate
1121 * flow volume accounting (currently, that's just bond rebalancing). */
1122 if (p->ofhooks->account_checkpoint_cb) {
1123 p->ofhooks->account_checkpoint_cb(p->aux);
1128 netflow_run(p->netflow);
1131 ofproto_sflow_run(p->sflow);
1137 struct revalidate_cbdata {
1138 struct ofproto *ofproto;
1139 bool revalidate_all; /* Revalidate all exact-match rules? */
1140 bool revalidate_subrules; /* Revalidate all exact-match subrules? */
1141 struct tag_set revalidate_set; /* Set of tags to revalidate. */
1145 ofproto_run2(struct ofproto *p, bool revalidate_all)
1147 if (p->need_revalidate || revalidate_all
1148 || !tag_set_is_empty(&p->revalidate_set)) {
1149 struct revalidate_cbdata cbdata;
1151 cbdata.revalidate_all = revalidate_all;
1152 cbdata.revalidate_subrules = p->need_revalidate;
1153 cbdata.revalidate_set = p->revalidate_set;
1154 tag_set_init(&p->revalidate_set);
1155 COVERAGE_INC(ofproto_revalidate);
1156 classifier_for_each(&p->cls, CLS_INC_EXACT, revalidate_cb, &cbdata);
1157 p->need_revalidate = false;
1164 ofproto_wait(struct ofproto *p)
1166 struct ofconn *ofconn;
1169 dpif_recv_wait(p->dpif);
1170 dpif_port_poll_wait(p->dpif);
1171 netdev_monitor_poll_wait(p->netdev_monitor);
1172 LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
1173 ofconn_wait(ofconn);
1176 poll_timer_wait_until(p->next_in_band_update);
1177 in_band_wait(p->in_band);
1180 fail_open_wait(p->fail_open);
1183 ofproto_sflow_wait(p->sflow);
1185 if (!tag_set_is_empty(&p->revalidate_set)) {
1186 poll_immediate_wake();
1188 if (p->need_revalidate) {
1189 /* Shouldn't happen, but if it does just go around again. */
1190 VLOG_DBG_RL(&rl, "need revalidate in ofproto_wait_cb()");
1191 poll_immediate_wake();
1192 } else if (p->next_expiration != LLONG_MAX) {
1193 poll_timer_wait_until(p->next_expiration);
1195 for (i = 0; i < p->n_listeners; i++) {
1196 pvconn_wait(p->listeners[i]);
1198 for (i = 0; i < p->n_snoops; i++) {
1199 pvconn_wait(p->snoops[i]);
1204 ofproto_revalidate(struct ofproto *ofproto, tag_type tag)
1206 tag_set_add(&ofproto->revalidate_set, tag);
1210 ofproto_get_revalidate_set(struct ofproto *ofproto)
1212 return &ofproto->revalidate_set;
1216 ofproto_is_alive(const struct ofproto *p)
1218 return !hmap_is_empty(&p->controllers);
1222 ofproto_send_packet(struct ofproto *p, const flow_t *flow,
1223 const union ofp_action *actions, size_t n_actions,
1224 const struct ofpbuf *packet)
1226 struct odp_actions odp_actions;
1229 error = xlate_actions(actions, n_actions, flow, p, packet, &odp_actions,
1235 /* XXX Should we translate the dpif_execute() errno value into an OpenFlow
1237 dpif_execute(p->dpif, flow->in_port, odp_actions.actions,
1238 odp_actions.n_actions, packet);
1243 ofproto_add_flow(struct ofproto *p,
1244 const flow_t *flow, uint32_t wildcards, unsigned int priority,
1245 const union ofp_action *actions, size_t n_actions,
1249 rule = rule_create(p, NULL, actions, n_actions,
1250 idle_timeout >= 0 ? idle_timeout : 5 /* XXX */,
1252 cls_rule_from_flow(flow, wildcards, priority, &rule->cr);
1253 rule_insert(p, rule, NULL, 0);
1257 ofproto_delete_flow(struct ofproto *ofproto, const flow_t *flow,
1258 uint32_t wildcards, unsigned int priority)
1262 rule = rule_from_cls_rule(classifier_find_rule_exactly(&ofproto->cls,
1266 rule_remove(ofproto, rule);
1271 destroy_rule(struct cls_rule *rule_, void *ofproto_)
1273 struct rule *rule = rule_from_cls_rule(rule_);
1274 struct ofproto *ofproto = ofproto_;
1276 /* Mark the flow as not installed, even though it might really be
1277 * installed, so that rule_remove() doesn't bother trying to uninstall it.
1278 * There is no point in uninstalling it individually since we are about to
1279 * blow away all the flows with dpif_flow_flush(). */
1280 rule->installed = false;
1282 rule_remove(ofproto, rule);
1286 ofproto_flush_flows(struct ofproto *ofproto)
1288 COVERAGE_INC(ofproto_flush);
1289 classifier_for_each(&ofproto->cls, CLS_INC_ALL, destroy_rule, ofproto);
1290 dpif_flow_flush(ofproto->dpif);
1291 if (ofproto->in_band) {
1292 in_band_flushed(ofproto->in_band);
1294 if (ofproto->fail_open) {
1295 fail_open_flushed(ofproto->fail_open);
1300 reinit_ports(struct ofproto *p)
1302 struct svec devnames;
1303 struct ofport *ofport;
1304 unsigned int port_no;
1305 struct odp_port *odp_ports;
1309 svec_init(&devnames);
1310 PORT_ARRAY_FOR_EACH (ofport, &p->ports, port_no) {
1311 svec_add (&devnames, (char *) ofport->opp.name);
1313 dpif_port_list(p->dpif, &odp_ports, &n_odp_ports);
1314 for (i = 0; i < n_odp_ports; i++) {
1315 svec_add (&devnames, odp_ports[i].devname);
1319 svec_sort_unique(&devnames);
1320 for (i = 0; i < devnames.n; i++) {
1321 update_port(p, devnames.names[i]);
1323 svec_destroy(&devnames);
1327 refresh_port_group(struct ofproto *p, unsigned int group)
1331 struct ofport *port;
1332 unsigned int port_no;
1334 assert(group == DP_GROUP_ALL || group == DP_GROUP_FLOOD);
1336 ports = xmalloc(port_array_count(&p->ports) * sizeof *ports);
1338 PORT_ARRAY_FOR_EACH (port, &p->ports, port_no) {
1339 if (group == DP_GROUP_ALL || !(port->opp.config & OFPPC_NO_FLOOD)) {
1340 ports[n_ports++] = port_no;
1343 dpif_port_group_set(p->dpif, group, ports, n_ports);
1350 refresh_port_groups(struct ofproto *p)
1352 size_t n_flood = refresh_port_group(p, DP_GROUP_FLOOD);
1353 size_t n_all = refresh_port_group(p, DP_GROUP_ALL);
1355 ofproto_sflow_set_group_sizes(p->sflow, n_flood, n_all);
1359 static struct ofport *
1360 make_ofport(const struct odp_port *odp_port)
1362 struct netdev_options netdev_options;
1363 enum netdev_flags flags;
1364 struct ofport *ofport;
1365 struct netdev *netdev;
1369 memset(&netdev_options, 0, sizeof netdev_options);
1370 netdev_options.name = odp_port->devname;
1371 netdev_options.ethertype = NETDEV_ETH_TYPE_NONE;
1373 error = netdev_open(&netdev_options, &netdev);
1375 VLOG_WARN_RL(&rl, "ignoring port %s (%"PRIu16") because netdev %s "
1376 "cannot be opened (%s)",
1377 odp_port->devname, odp_port->port,
1378 odp_port->devname, strerror(error));
1382 ofport = xmalloc(sizeof *ofport);
1383 ofport->netdev = netdev;
1384 ofport->opp.port_no = odp_port_to_ofp_port(odp_port->port);
1385 netdev_get_etheraddr(netdev, ofport->opp.hw_addr);
1386 memcpy(ofport->opp.name, odp_port->devname,
1387 MIN(sizeof ofport->opp.name, sizeof odp_port->devname));
1388 ofport->opp.name[sizeof ofport->opp.name - 1] = '\0';
1390 netdev_get_flags(netdev, &flags);
1391 ofport->opp.config = flags & NETDEV_UP ? 0 : OFPPC_PORT_DOWN;
1393 netdev_get_carrier(netdev, &carrier);
1394 ofport->opp.state = carrier ? 0 : OFPPS_LINK_DOWN;
1396 netdev_get_features(netdev,
1397 &ofport->opp.curr, &ofport->opp.advertised,
1398 &ofport->opp.supported, &ofport->opp.peer);
1403 ofport_conflicts(const struct ofproto *p, const struct odp_port *odp_port)
1405 if (port_array_get(&p->ports, odp_port->port)) {
1406 VLOG_WARN_RL(&rl, "ignoring duplicate port %"PRIu16" in datapath",
1409 } else if (shash_find(&p->port_by_name, odp_port->devname)) {
1410 VLOG_WARN_RL(&rl, "ignoring duplicate device %s in datapath",
1419 ofport_equal(const struct ofport *a_, const struct ofport *b_)
1421 const struct ofp_phy_port *a = &a_->opp;
1422 const struct ofp_phy_port *b = &b_->opp;
1424 BUILD_ASSERT_DECL(sizeof *a == 48); /* Detect ofp_phy_port changes. */
1425 return (a->port_no == b->port_no
1426 && !memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr)
1427 && !strcmp((char *) a->name, (char *) b->name)
1428 && a->state == b->state
1429 && a->config == b->config
1430 && a->curr == b->curr
1431 && a->advertised == b->advertised
1432 && a->supported == b->supported
1433 && a->peer == b->peer);
1437 send_port_status(struct ofproto *p, const struct ofport *ofport,
1440 /* XXX Should limit the number of queued port status change messages. */
1441 struct ofconn *ofconn;
1442 LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
1443 struct ofp_port_status *ops;
1446 if (!ofconn_receives_async_msgs(ofconn)) {
1450 ops = make_openflow_xid(sizeof *ops, OFPT_PORT_STATUS, 0, &b);
1451 ops->reason = reason;
1452 ops->desc = ofport->opp;
1453 hton_ofp_phy_port(&ops->desc);
1454 queue_tx(b, ofconn, NULL);
1456 if (p->ofhooks->port_changed_cb) {
1457 p->ofhooks->port_changed_cb(reason, &ofport->opp, p->aux);
1462 ofport_install(struct ofproto *p, struct ofport *ofport)
1464 uint16_t odp_port = ofp_port_to_odp_port(ofport->opp.port_no);
1465 const char *netdev_name = (const char *) ofport->opp.name;
1467 netdev_monitor_add(p->netdev_monitor, ofport->netdev);
1468 port_array_set(&p->ports, odp_port, ofport);
1469 shash_add(&p->port_by_name, netdev_name, ofport);
1471 ofproto_sflow_add_port(p->sflow, odp_port, netdev_name);
1476 ofport_remove(struct ofproto *p, struct ofport *ofport)
1478 uint16_t odp_port = ofp_port_to_odp_port(ofport->opp.port_no);
1480 netdev_monitor_remove(p->netdev_monitor, ofport->netdev);
1481 port_array_delete(&p->ports, odp_port);
1482 shash_delete(&p->port_by_name,
1483 shash_find(&p->port_by_name, (char *) ofport->opp.name));
1485 ofproto_sflow_del_port(p->sflow, odp_port);
1490 ofport_free(struct ofport *ofport)
1493 netdev_close(ofport->netdev);
1499 update_port(struct ofproto *p, const char *devname)
1501 struct odp_port odp_port;
1502 struct ofport *old_ofport;
1503 struct ofport *new_ofport;
1506 COVERAGE_INC(ofproto_update_port);
1508 /* Query the datapath for port information. */
1509 error = dpif_port_query_by_name(p->dpif, devname, &odp_port);
1511 /* Find the old ofport. */
1512 old_ofport = shash_find_data(&p->port_by_name, devname);
1515 /* There's no port named 'devname' but there might be a port with
1516 * the same port number. This could happen if a port is deleted
1517 * and then a new one added in its place very quickly, or if a port
1518 * is renamed. In the former case we want to send an OFPPR_DELETE
1519 * and an OFPPR_ADD, and in the latter case we want to send a
1520 * single OFPPR_MODIFY. We can distinguish the cases by comparing
1521 * the old port's ifindex against the new port, or perhaps less
1522 * reliably but more portably by comparing the old port's MAC
1523 * against the new port's MAC. However, this code isn't that smart
1524 * and always sends an OFPPR_MODIFY (XXX). */
1525 old_ofport = port_array_get(&p->ports, odp_port.port);
1527 } else if (error != ENOENT && error != ENODEV) {
1528 VLOG_WARN_RL(&rl, "dpif_port_query_by_name returned unexpected error "
1529 "%s", strerror(error));
1533 /* Create a new ofport. */
1534 new_ofport = !error ? make_ofport(&odp_port) : NULL;
1536 /* Eliminate a few pathological cases. */
1537 if (!old_ofport && !new_ofport) {
1539 } else if (old_ofport && new_ofport) {
1540 /* Most of the 'config' bits are OpenFlow soft state, but
1541 * OFPPC_PORT_DOWN is maintained the kernel. So transfer the OpenFlow
1542 * bits from old_ofport. (make_ofport() only sets OFPPC_PORT_DOWN and
1543 * leaves the other bits 0.) */
1544 new_ofport->opp.config |= old_ofport->opp.config & ~OFPPC_PORT_DOWN;
1546 if (ofport_equal(old_ofport, new_ofport)) {
1547 /* False alarm--no change. */
1548 ofport_free(new_ofport);
1553 /* Now deal with the normal cases. */
1555 ofport_remove(p, old_ofport);
1558 ofport_install(p, new_ofport);
1560 send_port_status(p, new_ofport ? new_ofport : old_ofport,
1561 (!old_ofport ? OFPPR_ADD
1562 : !new_ofport ? OFPPR_DELETE
1564 ofport_free(old_ofport);
1566 /* Update port groups. */
1567 refresh_port_groups(p);
1571 init_ports(struct ofproto *p)
1573 struct odp_port *ports;
1578 error = dpif_port_list(p->dpif, &ports, &n_ports);
1583 for (i = 0; i < n_ports; i++) {
1584 const struct odp_port *odp_port = &ports[i];
1585 if (!ofport_conflicts(p, odp_port)) {
1586 struct ofport *ofport = make_ofport(odp_port);
1588 ofport_install(p, ofport);
1593 refresh_port_groups(p);
1597 static struct ofconn *
1598 ofconn_create(struct ofproto *p, struct rconn *rconn, enum ofconn_type type)
1600 struct ofconn *ofconn = xzalloc(sizeof *ofconn);
1601 ofconn->ofproto = p;
1602 list_push_back(&p->all_conns, &ofconn->node);
1603 ofconn->rconn = rconn;
1604 ofconn->type = type;
1605 ofconn->role = NX_ROLE_OTHER;
1606 ofconn->packet_in_counter = rconn_packet_counter_create ();
1607 ofconn->pktbuf = NULL;
1608 ofconn->miss_send_len = 0;
1609 ofconn->reply_counter = rconn_packet_counter_create ();
1614 ofconn_destroy(struct ofconn *ofconn)
1616 if (ofconn->type == OFCONN_CONTROLLER) {
1617 hmap_remove(&ofconn->ofproto->controllers, &ofconn->hmap_node);
1619 discovery_destroy(ofconn->discovery);
1621 list_remove(&ofconn->node);
1622 switch_status_unregister(ofconn->ss);
1623 rconn_destroy(ofconn->rconn);
1624 rconn_packet_counter_destroy(ofconn->packet_in_counter);
1625 rconn_packet_counter_destroy(ofconn->reply_counter);
1626 pktbuf_destroy(ofconn->pktbuf);
1631 ofconn_run(struct ofconn *ofconn, struct ofproto *p)
1636 if (ofconn->discovery) {
1637 char *controller_name;
1638 if (rconn_is_connectivity_questionable(ofconn->rconn)) {
1639 discovery_question_connectivity(ofconn->discovery);
1641 if (discovery_run(ofconn->discovery, &controller_name)) {
1642 if (controller_name) {
1643 char *ofconn_name = ofconn_make_name(p, controller_name);
1644 rconn_connect(ofconn->rconn, controller_name, ofconn_name);
1647 rconn_disconnect(ofconn->rconn);
1652 for (i = 0; i < N_SCHEDULERS; i++) {
1653 pinsched_run(ofconn->schedulers[i], do_send_packet_in, ofconn);
1656 rconn_run(ofconn->rconn);
1658 if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) {
1659 /* Limit the number of iterations to prevent other tasks from
1661 for (iteration = 0; iteration < 50; iteration++) {
1662 struct ofpbuf *of_msg = rconn_recv(ofconn->rconn);
1667 fail_open_maybe_recover(p->fail_open);
1669 handle_openflow(ofconn, p, of_msg);
1670 ofpbuf_delete(of_msg);
1674 if (!ofconn->discovery && !rconn_is_alive(ofconn->rconn)) {
1675 ofconn_destroy(ofconn);
1680 ofconn_wait(struct ofconn *ofconn)
1684 if (ofconn->discovery) {
1685 discovery_wait(ofconn->discovery);
1687 for (i = 0; i < N_SCHEDULERS; i++) {
1688 pinsched_wait(ofconn->schedulers[i]);
1690 rconn_run_wait(ofconn->rconn);
1691 if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) {
1692 rconn_recv_wait(ofconn->rconn);
1694 COVERAGE_INC(ofproto_ofconn_stuck);
1698 /* Returns true if 'ofconn' should receive asynchronous messages. */
1700 ofconn_receives_async_msgs(const struct ofconn *ofconn)
1702 if (ofconn->type == OFCONN_CONTROLLER) {
1703 /* Ordinary controllers always get asynchronous messages unless they
1704 * have configured themselves as "slaves". */
1705 return ofconn->role != NX_ROLE_SLAVE;
1707 /* Transient connections don't get asynchronous messages unless they
1708 * have explicitly asked for them by setting a nonzero miss send
1710 return ofconn->miss_send_len > 0;
1714 /* Returns a human-readable name for an OpenFlow connection between 'ofproto'
1715 * and 'target', suitable for use in log messages for identifying the
1718 * The name is dynamically allocated. The caller should free it (with free())
1719 * when it is no longer needed. */
1721 ofconn_make_name(const struct ofproto *ofproto, const char *target)
1723 return xasprintf("%s<->%s", dpif_base_name(ofproto->dpif), target);
1726 /* Caller is responsible for initializing the 'cr' member of the returned
1728 static struct rule *
1729 rule_create(struct ofproto *ofproto, struct rule *super,
1730 const union ofp_action *actions, size_t n_actions,
1731 uint16_t idle_timeout, uint16_t hard_timeout,
1732 uint64_t flow_cookie, bool send_flow_removed)
1734 struct rule *rule = xzalloc(sizeof *rule);
1735 rule->idle_timeout = idle_timeout;
1736 rule->hard_timeout = hard_timeout;
1737 rule->flow_cookie = flow_cookie;
1738 rule->used = rule->created = time_msec();
1739 rule->send_flow_removed = send_flow_removed;
1740 rule->super = super;
1742 list_push_back(&super->list, &rule->list);
1744 list_init(&rule->list);
1746 rule->n_actions = n_actions;
1747 rule->actions = xmemdup(actions, n_actions * sizeof *actions);
1748 netflow_flow_clear(&rule->nf_flow);
1749 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, rule->created);
1754 static struct rule *
1755 rule_from_cls_rule(const struct cls_rule *cls_rule)
1757 return cls_rule ? CONTAINER_OF(cls_rule, struct rule, cr) : NULL;
1761 rule_free(struct rule *rule)
1763 free(rule->actions);
1764 free(rule->odp_actions);
1768 /* Destroys 'rule'. If 'rule' is a subrule, also removes it from its
1769 * super-rule's list of subrules. If 'rule' is a super-rule, also iterates
1770 * through all of its subrules and revalidates them, destroying any that no
1771 * longer has a super-rule (which is probably all of them).
1773 * Before calling this function, the caller must make have removed 'rule' from
1774 * the classifier. If 'rule' is an exact-match rule, the caller is also
1775 * responsible for ensuring that it has been uninstalled from the datapath. */
1777 rule_destroy(struct ofproto *ofproto, struct rule *rule)
1780 struct rule *subrule, *next;
1781 LIST_FOR_EACH_SAFE (subrule, next, struct rule, list, &rule->list) {
1782 revalidate_rule(ofproto, subrule);
1785 list_remove(&rule->list);
1791 rule_has_out_port(const struct rule *rule, uint16_t out_port)
1793 const union ofp_action *oa;
1794 struct actions_iterator i;
1796 if (out_port == htons(OFPP_NONE)) {
1799 for (oa = actions_first(&i, rule->actions, rule->n_actions); oa;
1800 oa = actions_next(&i)) {
1801 if (oa->type == htons(OFPAT_OUTPUT) && oa->output.port == out_port) {
1808 /* Executes the actions indicated by 'rule' on 'packet', which is in flow
1809 * 'flow' and is considered to have arrived on ODP port 'in_port'.
1811 * The flow that 'packet' actually contains does not need to actually match
1812 * 'rule'; the actions in 'rule' will be applied to it either way. Likewise,
1813 * the packet and byte counters for 'rule' will be credited for the packet sent
1814 * out whether or not the packet actually matches 'rule'.
1816 * If 'rule' is an exact-match rule and 'flow' actually equals the rule's flow,
1817 * the caller must already have accurately composed ODP actions for it given
1818 * 'packet' using rule_make_actions(). If 'rule' is a wildcard rule, or if
1819 * 'rule' is an exact-match rule but 'flow' is not the rule's flow, then this
1820 * function will compose a set of ODP actions based on 'rule''s OpenFlow
1821 * actions and apply them to 'packet'. */
1823 rule_execute(struct ofproto *ofproto, struct rule *rule,
1824 struct ofpbuf *packet, const flow_t *flow)
1826 const union odp_action *actions;
1828 struct odp_actions a;
1830 /* Grab or compose the ODP actions.
1832 * The special case for an exact-match 'rule' where 'flow' is not the
1833 * rule's flow is important to avoid, e.g., sending a packet out its input
1834 * port simply because the ODP actions were composed for the wrong
1836 if (rule->cr.wc.wildcards || !flow_equal(flow, &rule->cr.flow)) {
1837 struct rule *super = rule->super ? rule->super : rule;
1838 if (xlate_actions(super->actions, super->n_actions, flow, ofproto,
1839 packet, &a, NULL, 0, NULL)) {
1842 actions = a.actions;
1843 n_actions = a.n_actions;
1845 actions = rule->odp_actions;
1846 n_actions = rule->n_odp_actions;
1849 /* Execute the ODP actions. */
1850 if (!dpif_execute(ofproto->dpif, flow->in_port,
1851 actions, n_actions, packet)) {
1852 struct odp_flow_stats stats;
1853 flow_extract_stats(flow, packet, &stats);
1854 update_stats(ofproto, rule, &stats);
1855 rule->used = time_msec();
1856 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, rule->used);
1861 rule_insert(struct ofproto *p, struct rule *rule, struct ofpbuf *packet,
1864 struct rule *displaced_rule;
1866 /* Insert the rule in the classifier. */
1867 displaced_rule = rule_from_cls_rule(classifier_insert(&p->cls, &rule->cr));
1868 if (!rule->cr.wc.wildcards) {
1869 rule_make_actions(p, rule, packet);
1872 /* Send the packet and credit it to the rule. */
1875 flow_extract(packet, 0, in_port, &flow);
1876 rule_execute(p, rule, packet, &flow);
1879 /* Install the rule in the datapath only after sending the packet, to
1880 * avoid packet reordering. */
1881 if (rule->cr.wc.wildcards) {
1882 COVERAGE_INC(ofproto_add_wc_flow);
1883 p->need_revalidate = true;
1885 rule_install(p, rule, displaced_rule);
1888 /* Free the rule that was displaced, if any. */
1889 if (displaced_rule) {
1890 rule_destroy(p, displaced_rule);
1894 static struct rule *
1895 rule_create_subrule(struct ofproto *ofproto, struct rule *rule,
1898 struct rule *subrule = rule_create(ofproto, rule, NULL, 0,
1899 rule->idle_timeout, rule->hard_timeout,
1901 COVERAGE_INC(ofproto_subrule_create);
1902 cls_rule_from_flow(flow, 0, (rule->cr.priority <= UINT16_MAX ? UINT16_MAX
1903 : rule->cr.priority), &subrule->cr);
1904 classifier_insert_exact(&ofproto->cls, &subrule->cr);
1910 rule_remove(struct ofproto *ofproto, struct rule *rule)
1912 if (rule->cr.wc.wildcards) {
1913 COVERAGE_INC(ofproto_del_wc_flow);
1914 ofproto->need_revalidate = true;
1916 rule_uninstall(ofproto, rule);
1918 classifier_remove(&ofproto->cls, &rule->cr);
1919 rule_destroy(ofproto, rule);
1922 /* Returns true if the actions changed, false otherwise. */
1924 rule_make_actions(struct ofproto *p, struct rule *rule,
1925 const struct ofpbuf *packet)
1927 const struct rule *super;
1928 struct odp_actions a;
1931 assert(!rule->cr.wc.wildcards);
1933 super = rule->super ? rule->super : rule;
1935 xlate_actions(super->actions, super->n_actions, &rule->cr.flow, p,
1936 packet, &a, &rule->tags, &rule->may_install,
1937 &rule->nf_flow.output_iface);
1939 actions_len = a.n_actions * sizeof *a.actions;
1940 if (rule->n_odp_actions != a.n_actions
1941 || memcmp(rule->odp_actions, a.actions, actions_len)) {
1942 COVERAGE_INC(ofproto_odp_unchanged);
1943 free(rule->odp_actions);
1944 rule->n_odp_actions = a.n_actions;
1945 rule->odp_actions = xmemdup(a.actions, actions_len);
1953 do_put_flow(struct ofproto *ofproto, struct rule *rule, int flags,
1954 struct odp_flow_put *put)
1956 memset(&put->flow.stats, 0, sizeof put->flow.stats);
1957 put->flow.key = rule->cr.flow;
1958 put->flow.actions = rule->odp_actions;
1959 put->flow.n_actions = rule->n_odp_actions;
1960 put->flow.flags = 0;
1962 return dpif_flow_put(ofproto->dpif, put);
1966 rule_install(struct ofproto *p, struct rule *rule, struct rule *displaced_rule)
1968 assert(!rule->cr.wc.wildcards);
1970 if (rule->may_install) {
1971 struct odp_flow_put put;
1972 if (!do_put_flow(p, rule,
1973 ODPPF_CREATE | ODPPF_MODIFY | ODPPF_ZERO_STATS,
1975 rule->installed = true;
1976 if (displaced_rule) {
1977 update_stats(p, displaced_rule, &put.flow.stats);
1978 rule_post_uninstall(p, displaced_rule);
1981 } else if (displaced_rule) {
1982 rule_uninstall(p, displaced_rule);
1987 rule_reinstall(struct ofproto *ofproto, struct rule *rule)
1989 if (rule->installed) {
1990 struct odp_flow_put put;
1991 COVERAGE_INC(ofproto_dp_missed);
1992 do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY, &put);
1994 rule_install(ofproto, rule, NULL);
1999 rule_update_actions(struct ofproto *ofproto, struct rule *rule)
2001 bool actions_changed;
2002 uint16_t new_out_iface, old_out_iface;
2004 old_out_iface = rule->nf_flow.output_iface;
2005 actions_changed = rule_make_actions(ofproto, rule, NULL);
2007 if (rule->may_install) {
2008 if (rule->installed) {
2009 if (actions_changed) {
2010 struct odp_flow_put put;
2011 do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY
2012 | ODPPF_ZERO_STATS, &put);
2013 update_stats(ofproto, rule, &put.flow.stats);
2015 /* Temporarily set the old output iface so that NetFlow
2016 * messages have the correct output interface for the old
2018 new_out_iface = rule->nf_flow.output_iface;
2019 rule->nf_flow.output_iface = old_out_iface;
2020 rule_post_uninstall(ofproto, rule);
2021 rule->nf_flow.output_iface = new_out_iface;
2024 rule_install(ofproto, rule, NULL);
2027 rule_uninstall(ofproto, rule);
2032 rule_account(struct ofproto *ofproto, struct rule *rule, uint64_t extra_bytes)
2034 uint64_t total_bytes = rule->byte_count + extra_bytes;
2036 if (ofproto->ofhooks->account_flow_cb
2037 && total_bytes > rule->accounted_bytes)
2039 ofproto->ofhooks->account_flow_cb(
2040 &rule->cr.flow, rule->odp_actions, rule->n_odp_actions,
2041 total_bytes - rule->accounted_bytes, ofproto->aux);
2042 rule->accounted_bytes = total_bytes;
2047 rule_uninstall(struct ofproto *p, struct rule *rule)
2049 assert(!rule->cr.wc.wildcards);
2050 if (rule->installed) {
2051 struct odp_flow odp_flow;
2053 odp_flow.key = rule->cr.flow;
2054 odp_flow.actions = NULL;
2055 odp_flow.n_actions = 0;
2057 if (!dpif_flow_del(p->dpif, &odp_flow)) {
2058 update_stats(p, rule, &odp_flow.stats);
2060 rule->installed = false;
2062 rule_post_uninstall(p, rule);
2067 is_controller_rule(struct rule *rule)
2069 /* If the only action is send to the controller then don't report
2070 * NetFlow expiration messages since it is just part of the control
2071 * logic for the network and not real traffic. */
2073 if (rule && rule->super) {
2074 struct rule *super = rule->super;
2076 return super->n_actions == 1 &&
2077 super->actions[0].type == htons(OFPAT_OUTPUT) &&
2078 super->actions[0].output.port == htons(OFPP_CONTROLLER);
2085 rule_post_uninstall(struct ofproto *ofproto, struct rule *rule)
2087 struct rule *super = rule->super;
2089 rule_account(ofproto, rule, 0);
2091 if (ofproto->netflow && !is_controller_rule(rule)) {
2092 struct ofexpired expired;
2093 expired.flow = rule->cr.flow;
2094 expired.packet_count = rule->packet_count;
2095 expired.byte_count = rule->byte_count;
2096 expired.used = rule->used;
2097 netflow_expire(ofproto->netflow, &rule->nf_flow, &expired);
2100 super->packet_count += rule->packet_count;
2101 super->byte_count += rule->byte_count;
2103 /* Reset counters to prevent double counting if the rule ever gets
2105 rule->packet_count = 0;
2106 rule->byte_count = 0;
2107 rule->accounted_bytes = 0;
2109 netflow_flow_clear(&rule->nf_flow);
2114 queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn,
2115 struct rconn_packet_counter *counter)
2117 update_openflow_length(msg);
2118 if (rconn_send(ofconn->rconn, msg, counter)) {
2124 send_error(const struct ofconn *ofconn, const struct ofp_header *oh,
2125 int error, const void *data, size_t len)
2128 struct ofp_error_msg *oem;
2130 if (!(error >> 16)) {
2131 VLOG_WARN_RL(&rl, "not sending bad error code %d to controller",
2136 COVERAGE_INC(ofproto_error);
2137 oem = make_openflow_xid(len + sizeof *oem, OFPT_ERROR,
2138 oh ? oh->xid : 0, &buf);
2139 oem->type = htons((unsigned int) error >> 16);
2140 oem->code = htons(error & 0xffff);
2141 memcpy(oem->data, data, len);
2142 queue_tx(buf, ofconn, ofconn->reply_counter);
2146 send_error_oh(const struct ofconn *ofconn, const struct ofp_header *oh,
2149 size_t oh_length = ntohs(oh->length);
2150 send_error(ofconn, oh, error, oh, MIN(oh_length, 64));
2154 hton_ofp_phy_port(struct ofp_phy_port *opp)
2156 opp->port_no = htons(opp->port_no);
2157 opp->config = htonl(opp->config);
2158 opp->state = htonl(opp->state);
2159 opp->curr = htonl(opp->curr);
2160 opp->advertised = htonl(opp->advertised);
2161 opp->supported = htonl(opp->supported);
2162 opp->peer = htonl(opp->peer);
2166 handle_echo_request(struct ofconn *ofconn, struct ofp_header *oh)
2168 struct ofp_header *rq = oh;
2169 queue_tx(make_echo_reply(rq), ofconn, ofconn->reply_counter);
2174 handle_features_request(struct ofproto *p, struct ofconn *ofconn,
2175 struct ofp_header *oh)
2177 struct ofp_switch_features *osf;
2179 unsigned int port_no;
2180 struct ofport *port;
2182 osf = make_openflow_xid(sizeof *osf, OFPT_FEATURES_REPLY, oh->xid, &buf);
2183 osf->datapath_id = htonll(p->datapath_id);
2184 osf->n_buffers = htonl(pktbuf_capacity());
2186 osf->capabilities = htonl(OFPC_FLOW_STATS | OFPC_TABLE_STATS |
2187 OFPC_PORT_STATS | OFPC_ARP_MATCH_IP);
2188 osf->actions = htonl((1u << OFPAT_OUTPUT) |
2189 (1u << OFPAT_SET_VLAN_VID) |
2190 (1u << OFPAT_SET_VLAN_PCP) |
2191 (1u << OFPAT_STRIP_VLAN) |
2192 (1u << OFPAT_SET_DL_SRC) |
2193 (1u << OFPAT_SET_DL_DST) |
2194 (1u << OFPAT_SET_NW_SRC) |
2195 (1u << OFPAT_SET_NW_DST) |
2196 (1u << OFPAT_SET_NW_TOS) |
2197 (1u << OFPAT_SET_TP_SRC) |
2198 (1u << OFPAT_SET_TP_DST));
2200 PORT_ARRAY_FOR_EACH (port, &p->ports, port_no) {
2201 hton_ofp_phy_port(ofpbuf_put(buf, &port->opp, sizeof port->opp));
2204 queue_tx(buf, ofconn, ofconn->reply_counter);
2209 handle_get_config_request(struct ofproto *p, struct ofconn *ofconn,
2210 struct ofp_header *oh)
2213 struct ofp_switch_config *osc;
2217 /* Figure out flags. */
2218 dpif_get_drop_frags(p->dpif, &drop_frags);
2219 flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL;
2222 osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf);
2223 osc->flags = htons(flags);
2224 osc->miss_send_len = htons(ofconn->miss_send_len);
2225 queue_tx(buf, ofconn, ofconn->reply_counter);
2231 handle_set_config(struct ofproto *p, struct ofconn *ofconn,
2232 struct ofp_switch_config *osc)
2237 error = check_ofp_message(&osc->header, OFPT_SET_CONFIG, sizeof *osc);
2241 flags = ntohs(osc->flags);
2243 if (ofconn->type == OFCONN_CONTROLLER && ofconn->role != NX_ROLE_SLAVE) {
2244 switch (flags & OFPC_FRAG_MASK) {
2245 case OFPC_FRAG_NORMAL:
2246 dpif_set_drop_frags(p->dpif, false);
2248 case OFPC_FRAG_DROP:
2249 dpif_set_drop_frags(p->dpif, true);
2252 VLOG_WARN_RL(&rl, "requested bad fragment mode (flags=%"PRIx16")",
2258 ofconn->miss_send_len = ntohs(osc->miss_send_len);
2264 add_output_group_action(struct odp_actions *actions, uint16_t group,
2265 uint16_t *nf_output_iface)
2267 odp_actions_add(actions, ODPAT_OUTPUT_GROUP)->output_group.group = group;
2269 if (group == DP_GROUP_ALL || group == DP_GROUP_FLOOD) {
2270 *nf_output_iface = NF_OUT_FLOOD;
2275 add_controller_action(struct odp_actions *actions,
2276 const struct ofp_action_output *oao)
2278 union odp_action *a = odp_actions_add(actions, ODPAT_CONTROLLER);
2279 a->controller.arg = ntohs(oao->max_len);
2282 struct action_xlate_ctx {
2284 flow_t flow; /* Flow to which these actions correspond. */
2285 int recurse; /* Recursion level, via xlate_table_action. */
2286 struct ofproto *ofproto;
2287 const struct ofpbuf *packet; /* The packet corresponding to 'flow', or a
2288 * null pointer if we are revalidating
2289 * without a packet to refer to. */
2292 struct odp_actions *out; /* Datapath actions. */
2293 tag_type *tags; /* Tags associated with OFPP_NORMAL actions. */
2294 bool may_set_up_flow; /* True ordinarily; false if the actions must
2295 * be reassessed for every packet. */
2296 uint16_t nf_output_iface; /* Output interface index for NetFlow. */
2299 static void do_xlate_actions(const union ofp_action *in, size_t n_in,
2300 struct action_xlate_ctx *ctx);
2303 add_output_action(struct action_xlate_ctx *ctx, uint16_t port)
2305 const struct ofport *ofport = port_array_get(&ctx->ofproto->ports, port);
2308 if (ofport->opp.config & OFPPC_NO_FWD) {
2309 /* Forwarding disabled on port. */
2314 * We don't have an ofport record for this port, but it doesn't hurt to
2315 * allow forwarding to it anyhow. Maybe such a port will appear later
2316 * and we're pre-populating the flow table.
2320 odp_actions_add(ctx->out, ODPAT_OUTPUT)->output.port = port;
2321 ctx->nf_output_iface = port;
2324 static struct rule *
2325 lookup_valid_rule(struct ofproto *ofproto, const flow_t *flow)
2328 rule = rule_from_cls_rule(classifier_lookup(&ofproto->cls, flow));
2330 /* The rule we found might not be valid, since we could be in need of
2331 * revalidation. If it is not valid, don't return it. */
2334 && ofproto->need_revalidate
2335 && !revalidate_rule(ofproto, rule)) {
2336 COVERAGE_INC(ofproto_invalidated);
2344 xlate_table_action(struct action_xlate_ctx *ctx, uint16_t in_port)
2346 if (!ctx->recurse) {
2347 uint16_t old_in_port;
2350 /* Look up a flow with 'in_port' as the input port. Then restore the
2351 * original input port (otherwise OFPP_NORMAL and OFPP_IN_PORT will
2352 * have surprising behavior). */
2353 old_in_port = ctx->flow.in_port;
2354 ctx->flow.in_port = in_port;
2355 rule = lookup_valid_rule(ctx->ofproto, &ctx->flow);
2356 ctx->flow.in_port = old_in_port;
2364 do_xlate_actions(rule->actions, rule->n_actions, ctx);
2371 xlate_output_action(struct action_xlate_ctx *ctx,
2372 const struct ofp_action_output *oao)
2375 uint16_t prev_nf_output_iface = ctx->nf_output_iface;
2377 ctx->nf_output_iface = NF_OUT_DROP;
2379 switch (ntohs(oao->port)) {
2381 add_output_action(ctx, ctx->flow.in_port);
2384 xlate_table_action(ctx, ctx->flow.in_port);
2387 if (!ctx->ofproto->ofhooks->normal_cb(&ctx->flow, ctx->packet,
2388 ctx->out, ctx->tags,
2389 &ctx->nf_output_iface,
2390 ctx->ofproto->aux)) {
2391 COVERAGE_INC(ofproto_uninstallable);
2392 ctx->may_set_up_flow = false;
2396 add_output_group_action(ctx->out, DP_GROUP_FLOOD,
2397 &ctx->nf_output_iface);
2400 add_output_group_action(ctx->out, DP_GROUP_ALL, &ctx->nf_output_iface);
2402 case OFPP_CONTROLLER:
2403 add_controller_action(ctx->out, oao);
2406 add_output_action(ctx, ODPP_LOCAL);
2409 odp_port = ofp_port_to_odp_port(ntohs(oao->port));
2410 if (odp_port != ctx->flow.in_port) {
2411 add_output_action(ctx, odp_port);
2416 if (prev_nf_output_iface == NF_OUT_FLOOD) {
2417 ctx->nf_output_iface = NF_OUT_FLOOD;
2418 } else if (ctx->nf_output_iface == NF_OUT_DROP) {
2419 ctx->nf_output_iface = prev_nf_output_iface;
2420 } else if (prev_nf_output_iface != NF_OUT_DROP &&
2421 ctx->nf_output_iface != NF_OUT_FLOOD) {
2422 ctx->nf_output_iface = NF_OUT_MULTI;
2427 xlate_nicira_action(struct action_xlate_ctx *ctx,
2428 const struct nx_action_header *nah)
2430 const struct nx_action_resubmit *nar;
2431 const struct nx_action_set_tunnel *nast;
2432 union odp_action *oa;
2433 int subtype = ntohs(nah->subtype);
2435 assert(nah->vendor == htonl(NX_VENDOR_ID));
2437 case NXAST_RESUBMIT:
2438 nar = (const struct nx_action_resubmit *) nah;
2439 xlate_table_action(ctx, ofp_port_to_odp_port(ntohs(nar->in_port)));
2442 case NXAST_SET_TUNNEL:
2443 nast = (const struct nx_action_set_tunnel *) nah;
2444 oa = odp_actions_add(ctx->out, ODPAT_SET_TUNNEL);
2445 ctx->flow.tun_id = oa->tunnel.tun_id = nast->tun_id;
2448 /* If you add a new action here that modifies flow data, don't forget to
2449 * update the flow key in ctx->flow in the same key. */
2452 VLOG_DBG_RL(&rl, "unknown Nicira action type %"PRIu16, subtype);
2458 do_xlate_actions(const union ofp_action *in, size_t n_in,
2459 struct action_xlate_ctx *ctx)
2461 struct actions_iterator iter;
2462 const union ofp_action *ia;
2463 const struct ofport *port;
2465 port = port_array_get(&ctx->ofproto->ports, ctx->flow.in_port);
2466 if (port && port->opp.config & (OFPPC_NO_RECV | OFPPC_NO_RECV_STP) &&
2467 port->opp.config & (eth_addr_equals(ctx->flow.dl_dst, stp_eth_addr)
2468 ? OFPPC_NO_RECV_STP : OFPPC_NO_RECV)) {
2469 /* Drop this flow. */
2473 for (ia = actions_first(&iter, in, n_in); ia; ia = actions_next(&iter)) {
2474 uint16_t type = ntohs(ia->type);
2475 union odp_action *oa;
2479 xlate_output_action(ctx, &ia->output);
2482 case OFPAT_SET_VLAN_VID:
2483 oa = odp_actions_add(ctx->out, ODPAT_SET_VLAN_VID);
2484 ctx->flow.dl_vlan = oa->vlan_vid.vlan_vid = ia->vlan_vid.vlan_vid;
2487 case OFPAT_SET_VLAN_PCP:
2488 oa = odp_actions_add(ctx->out, ODPAT_SET_VLAN_PCP);
2489 ctx->flow.dl_vlan_pcp = oa->vlan_pcp.vlan_pcp = ia->vlan_pcp.vlan_pcp;
2492 case OFPAT_STRIP_VLAN:
2493 odp_actions_add(ctx->out, ODPAT_STRIP_VLAN);
2494 ctx->flow.dl_vlan = htons(OFP_VLAN_NONE);
2495 ctx->flow.dl_vlan_pcp = 0;
2498 case OFPAT_SET_DL_SRC:
2499 oa = odp_actions_add(ctx->out, ODPAT_SET_DL_SRC);
2500 memcpy(oa->dl_addr.dl_addr,
2501 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2502 memcpy(ctx->flow.dl_src,
2503 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2506 case OFPAT_SET_DL_DST:
2507 oa = odp_actions_add(ctx->out, ODPAT_SET_DL_DST);
2508 memcpy(oa->dl_addr.dl_addr,
2509 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2510 memcpy(ctx->flow.dl_dst,
2511 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2514 case OFPAT_SET_NW_SRC:
2515 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_SRC);
2516 ctx->flow.nw_src = oa->nw_addr.nw_addr = ia->nw_addr.nw_addr;
2519 case OFPAT_SET_NW_DST:
2520 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_DST);
2521 ctx->flow.nw_dst = oa->nw_addr.nw_addr = ia->nw_addr.nw_addr;
2524 case OFPAT_SET_NW_TOS:
2525 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_TOS);
2526 ctx->flow.nw_tos = oa->nw_tos.nw_tos = ia->nw_tos.nw_tos;
2529 case OFPAT_SET_TP_SRC:
2530 oa = odp_actions_add(ctx->out, ODPAT_SET_TP_SRC);
2531 ctx->flow.tp_src = oa->tp_port.tp_port = ia->tp_port.tp_port;
2534 case OFPAT_SET_TP_DST:
2535 oa = odp_actions_add(ctx->out, ODPAT_SET_TP_DST);
2536 ctx->flow.tp_dst = oa->tp_port.tp_port = ia->tp_port.tp_port;
2540 xlate_nicira_action(ctx, (const struct nx_action_header *) ia);
2544 VLOG_DBG_RL(&rl, "unknown action type %"PRIu16, type);
2551 xlate_actions(const union ofp_action *in, size_t n_in,
2552 const flow_t *flow, struct ofproto *ofproto,
2553 const struct ofpbuf *packet,
2554 struct odp_actions *out, tag_type *tags, bool *may_set_up_flow,
2555 uint16_t *nf_output_iface)
2557 tag_type no_tags = 0;
2558 struct action_xlate_ctx ctx;
2559 COVERAGE_INC(ofproto_ofp2odp);
2560 odp_actions_init(out);
2563 ctx.ofproto = ofproto;
2564 ctx.packet = packet;
2566 ctx.tags = tags ? tags : &no_tags;
2567 ctx.may_set_up_flow = true;
2568 ctx.nf_output_iface = NF_OUT_DROP;
2569 do_xlate_actions(in, n_in, &ctx);
2571 /* Check with in-band control to see if we're allowed to set up this
2573 if (!in_band_rule_check(ofproto->in_band, flow, out)) {
2574 ctx.may_set_up_flow = false;
2577 if (may_set_up_flow) {
2578 *may_set_up_flow = ctx.may_set_up_flow;
2580 if (nf_output_iface) {
2581 *nf_output_iface = ctx.nf_output_iface;
2583 if (odp_actions_overflow(out)) {
2584 odp_actions_init(out);
2585 return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_TOO_MANY);
2590 /* Checks whether 'ofconn' is a slave controller. If so, returns an OpenFlow
2591 * error message code (composed with ofp_mkerr()) for the caller to propagate
2592 * upward. Otherwise, returns 0.
2594 * 'oh' is used to make log messages more informative. */
2596 reject_slave_controller(struct ofconn *ofconn, const struct ofp_header *oh)
2598 if (ofconn->type == OFCONN_CONTROLLER && ofconn->role == NX_ROLE_SLAVE) {
2599 static struct vlog_rate_limit perm_rl = VLOG_RATE_LIMIT_INIT(1, 5);
2602 type_name = ofp_message_type_to_string(oh->type);
2603 VLOG_WARN_RL(&perm_rl, "rejecting %s message from slave controller",
2607 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
2614 handle_packet_out(struct ofproto *p, struct ofconn *ofconn,
2615 struct ofp_header *oh)
2617 struct ofp_packet_out *opo;
2618 struct ofpbuf payload, *buffer;
2619 struct odp_actions actions;
2625 error = reject_slave_controller(ofconn, oh);
2630 error = check_ofp_packet_out(oh, &payload, &n_actions, p->max_ports);
2634 opo = (struct ofp_packet_out *) oh;
2636 COVERAGE_INC(ofproto_packet_out);
2637 if (opo->buffer_id != htonl(UINT32_MAX)) {
2638 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(opo->buffer_id),
2640 if (error || !buffer) {
2648 flow_extract(&payload, 0, ofp_port_to_odp_port(ntohs(opo->in_port)), &flow);
2649 error = xlate_actions((const union ofp_action *) opo->actions, n_actions,
2650 &flow, p, &payload, &actions, NULL, NULL, NULL);
2655 dpif_execute(p->dpif, flow.in_port, actions.actions, actions.n_actions,
2657 ofpbuf_delete(buffer);
2663 update_port_config(struct ofproto *p, struct ofport *port,
2664 uint32_t config, uint32_t mask)
2666 mask &= config ^ port->opp.config;
2667 if (mask & OFPPC_PORT_DOWN) {
2668 if (config & OFPPC_PORT_DOWN) {
2669 netdev_turn_flags_off(port->netdev, NETDEV_UP, true);
2671 netdev_turn_flags_on(port->netdev, NETDEV_UP, true);
2674 #define REVALIDATE_BITS (OFPPC_NO_RECV | OFPPC_NO_RECV_STP | OFPPC_NO_FWD)
2675 if (mask & REVALIDATE_BITS) {
2676 COVERAGE_INC(ofproto_costly_flags);
2677 port->opp.config ^= mask & REVALIDATE_BITS;
2678 p->need_revalidate = true;
2680 #undef REVALIDATE_BITS
2681 if (mask & OFPPC_NO_FLOOD) {
2682 port->opp.config ^= OFPPC_NO_FLOOD;
2683 refresh_port_groups(p);
2685 if (mask & OFPPC_NO_PACKET_IN) {
2686 port->opp.config ^= OFPPC_NO_PACKET_IN;
2691 handle_port_mod(struct ofproto *p, struct ofconn *ofconn,
2692 struct ofp_header *oh)
2694 const struct ofp_port_mod *opm;
2695 struct ofport *port;
2698 error = reject_slave_controller(ofconn, oh);
2702 error = check_ofp_message(oh, OFPT_PORT_MOD, sizeof *opm);
2706 opm = (struct ofp_port_mod *) oh;
2708 port = port_array_get(&p->ports,
2709 ofp_port_to_odp_port(ntohs(opm->port_no)));
2711 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_PORT);
2712 } else if (memcmp(port->opp.hw_addr, opm->hw_addr, OFP_ETH_ALEN)) {
2713 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_HW_ADDR);
2715 update_port_config(p, port, ntohl(opm->config), ntohl(opm->mask));
2716 if (opm->advertise) {
2717 netdev_set_advertisements(port->netdev, ntohl(opm->advertise));
2723 static struct ofpbuf *
2724 make_stats_reply(uint32_t xid, uint16_t type, size_t body_len)
2726 struct ofp_stats_reply *osr;
2729 msg = ofpbuf_new(MIN(sizeof *osr + body_len, UINT16_MAX));
2730 osr = put_openflow_xid(sizeof *osr, OFPT_STATS_REPLY, xid, msg);
2732 osr->flags = htons(0);
2736 static struct ofpbuf *
2737 start_stats_reply(const struct ofp_stats_request *request, size_t body_len)
2739 return make_stats_reply(request->header.xid, request->type, body_len);
2743 append_stats_reply(size_t nbytes, struct ofconn *ofconn, struct ofpbuf **msgp)
2745 struct ofpbuf *msg = *msgp;
2746 assert(nbytes <= UINT16_MAX - sizeof(struct ofp_stats_reply));
2747 if (nbytes + msg->size > UINT16_MAX) {
2748 struct ofp_stats_reply *reply = msg->data;
2749 reply->flags = htons(OFPSF_REPLY_MORE);
2750 *msgp = make_stats_reply(reply->header.xid, reply->type, nbytes);
2751 queue_tx(msg, ofconn, ofconn->reply_counter);
2753 return ofpbuf_put_uninit(*msgp, nbytes);
2757 handle_desc_stats_request(struct ofproto *p, struct ofconn *ofconn,
2758 struct ofp_stats_request *request)
2760 struct ofp_desc_stats *ods;
2763 msg = start_stats_reply(request, sizeof *ods);
2764 ods = append_stats_reply(sizeof *ods, ofconn, &msg);
2765 memset(ods, 0, sizeof *ods);
2766 ovs_strlcpy(ods->mfr_desc, p->mfr_desc, sizeof ods->mfr_desc);
2767 ovs_strlcpy(ods->hw_desc, p->hw_desc, sizeof ods->hw_desc);
2768 ovs_strlcpy(ods->sw_desc, p->sw_desc, sizeof ods->sw_desc);
2769 ovs_strlcpy(ods->serial_num, p->serial_desc, sizeof ods->serial_num);
2770 ovs_strlcpy(ods->dp_desc, p->dp_desc, sizeof ods->dp_desc);
2771 queue_tx(msg, ofconn, ofconn->reply_counter);
2777 count_subrules(struct cls_rule *cls_rule, void *n_subrules_)
2779 struct rule *rule = rule_from_cls_rule(cls_rule);
2780 int *n_subrules = n_subrules_;
2788 handle_table_stats_request(struct ofproto *p, struct ofconn *ofconn,
2789 struct ofp_stats_request *request)
2791 struct ofp_table_stats *ots;
2793 struct odp_stats dpstats;
2794 int n_exact, n_subrules, n_wild;
2796 msg = start_stats_reply(request, sizeof *ots * 2);
2798 /* Count rules of various kinds. */
2800 classifier_for_each(&p->cls, CLS_INC_EXACT, count_subrules, &n_subrules);
2801 n_exact = classifier_count_exact(&p->cls) - n_subrules;
2802 n_wild = classifier_count(&p->cls) - classifier_count_exact(&p->cls);
2805 dpif_get_dp_stats(p->dpif, &dpstats);
2806 ots = append_stats_reply(sizeof *ots, ofconn, &msg);
2807 memset(ots, 0, sizeof *ots);
2808 ots->table_id = TABLEID_HASH;
2809 strcpy(ots->name, "hash");
2810 ots->wildcards = htonl(0);
2811 ots->max_entries = htonl(dpstats.max_capacity);
2812 ots->active_count = htonl(n_exact);
2813 ots->lookup_count = htonll(dpstats.n_frags + dpstats.n_hit +
2815 ots->matched_count = htonll(dpstats.n_hit); /* XXX */
2817 /* Classifier table. */
2818 ots = append_stats_reply(sizeof *ots, ofconn, &msg);
2819 memset(ots, 0, sizeof *ots);
2820 ots->table_id = TABLEID_CLASSIFIER;
2821 strcpy(ots->name, "classifier");
2822 ots->wildcards = p->tun_id_from_cookie ? htonl(OVSFW_ALL)
2824 ots->max_entries = htonl(65536);
2825 ots->active_count = htonl(n_wild);
2826 ots->lookup_count = htonll(0); /* XXX */
2827 ots->matched_count = htonll(0); /* XXX */
2829 queue_tx(msg, ofconn, ofconn->reply_counter);
2834 append_port_stat(struct ofport *port, uint16_t port_no, struct ofconn *ofconn,
2835 struct ofpbuf **msgp)
2837 struct netdev_stats stats;
2838 struct ofp_port_stats *ops;
2840 /* Intentionally ignore return value, since errors will set
2841 * 'stats' to all-1s, which is correct for OpenFlow, and
2842 * netdev_get_stats() will log errors. */
2843 netdev_get_stats(port->netdev, &stats);
2845 ops = append_stats_reply(sizeof *ops, ofconn, msgp);
2846 ops->port_no = htons(odp_port_to_ofp_port(port_no));
2847 memset(ops->pad, 0, sizeof ops->pad);
2848 ops->rx_packets = htonll(stats.rx_packets);
2849 ops->tx_packets = htonll(stats.tx_packets);
2850 ops->rx_bytes = htonll(stats.rx_bytes);
2851 ops->tx_bytes = htonll(stats.tx_bytes);
2852 ops->rx_dropped = htonll(stats.rx_dropped);
2853 ops->tx_dropped = htonll(stats.tx_dropped);
2854 ops->rx_errors = htonll(stats.rx_errors);
2855 ops->tx_errors = htonll(stats.tx_errors);
2856 ops->rx_frame_err = htonll(stats.rx_frame_errors);
2857 ops->rx_over_err = htonll(stats.rx_over_errors);
2858 ops->rx_crc_err = htonll(stats.rx_crc_errors);
2859 ops->collisions = htonll(stats.collisions);
2863 handle_port_stats_request(struct ofproto *p, struct ofconn *ofconn,
2864 struct ofp_stats_request *osr,
2867 struct ofp_port_stats_request *psr;
2868 struct ofp_port_stats *ops;
2870 struct ofport *port;
2871 unsigned int port_no;
2873 if (arg_size != sizeof *psr) {
2874 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
2876 psr = (struct ofp_port_stats_request *) osr->body;
2878 msg = start_stats_reply(osr, sizeof *ops * 16);
2879 if (psr->port_no != htons(OFPP_NONE)) {
2880 port = port_array_get(&p->ports,
2881 ofp_port_to_odp_port(ntohs(psr->port_no)));
2883 append_port_stat(port, ntohs(psr->port_no), ofconn, &msg);
2886 PORT_ARRAY_FOR_EACH (port, &p->ports, port_no) {
2887 append_port_stat(port, port_no, ofconn, &msg);
2891 queue_tx(msg, ofconn, ofconn->reply_counter);
2895 struct flow_stats_cbdata {
2896 struct ofproto *ofproto;
2897 struct ofconn *ofconn;
2902 /* Obtains statistic counters for 'rule' within 'p' and stores them into
2903 * '*packet_countp' and '*byte_countp'. If 'rule' is a wildcarded rule, the
2904 * returned statistic include statistics for all of 'rule''s subrules. */
2906 query_stats(struct ofproto *p, struct rule *rule,
2907 uint64_t *packet_countp, uint64_t *byte_countp)
2909 uint64_t packet_count, byte_count;
2910 struct rule *subrule;
2911 struct odp_flow *odp_flows;
2914 /* Start from historical data for 'rule' itself that are no longer tracked
2915 * by the datapath. This counts, for example, subrules that have
2917 packet_count = rule->packet_count;
2918 byte_count = rule->byte_count;
2920 /* Prepare to ask the datapath for statistics on 'rule', or if it is
2921 * wildcarded then on all of its subrules.
2923 * Also, add any statistics that are not tracked by the datapath for each
2924 * subrule. This includes, for example, statistics for packets that were
2925 * executed "by hand" by ofproto via dpif_execute() but must be accounted
2927 n_odp_flows = rule->cr.wc.wildcards ? list_size(&rule->list) : 1;
2928 odp_flows = xzalloc(n_odp_flows * sizeof *odp_flows);
2929 if (rule->cr.wc.wildcards) {
2931 LIST_FOR_EACH (subrule, struct rule, list, &rule->list) {
2932 odp_flows[i++].key = subrule->cr.flow;
2933 packet_count += subrule->packet_count;
2934 byte_count += subrule->byte_count;
2937 odp_flows[0].key = rule->cr.flow;
2940 /* Fetch up-to-date statistics from the datapath and add them in. */
2941 if (!dpif_flow_get_multiple(p->dpif, odp_flows, n_odp_flows)) {
2943 for (i = 0; i < n_odp_flows; i++) {
2944 struct odp_flow *odp_flow = &odp_flows[i];
2945 packet_count += odp_flow->stats.n_packets;
2946 byte_count += odp_flow->stats.n_bytes;
2951 /* Return the stats to the caller. */
2952 *packet_countp = packet_count;
2953 *byte_countp = byte_count;
2957 flow_stats_cb(struct cls_rule *rule_, void *cbdata_)
2959 struct rule *rule = rule_from_cls_rule(rule_);
2960 struct flow_stats_cbdata *cbdata = cbdata_;
2961 struct ofp_flow_stats *ofs;
2962 uint64_t packet_count, byte_count;
2963 size_t act_len, len;
2964 long long int tdiff = time_msec() - rule->created;
2965 uint32_t sec = tdiff / 1000;
2966 uint32_t msec = tdiff - (sec * 1000);
2968 if (rule_is_hidden(rule) || !rule_has_out_port(rule, cbdata->out_port)) {
2972 act_len = sizeof *rule->actions * rule->n_actions;
2973 len = offsetof(struct ofp_flow_stats, actions) + act_len;
2975 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
2977 ofs = append_stats_reply(len, cbdata->ofconn, &cbdata->msg);
2978 ofs->length = htons(len);
2979 ofs->table_id = rule->cr.wc.wildcards ? TABLEID_CLASSIFIER : TABLEID_HASH;
2981 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards,
2982 cbdata->ofproto->tun_id_from_cookie, &ofs->match);
2983 ofs->duration_sec = htonl(sec);
2984 ofs->duration_nsec = htonl(msec * 1000000);
2985 ofs->cookie = rule->flow_cookie;
2986 ofs->priority = htons(rule->cr.priority);
2987 ofs->idle_timeout = htons(rule->idle_timeout);
2988 ofs->hard_timeout = htons(rule->hard_timeout);
2989 memset(ofs->pad2, 0, sizeof ofs->pad2);
2990 ofs->packet_count = htonll(packet_count);
2991 ofs->byte_count = htonll(byte_count);
2992 memcpy(ofs->actions, rule->actions, act_len);
2996 table_id_to_include(uint8_t table_id)
2998 return (table_id == TABLEID_HASH ? CLS_INC_EXACT
2999 : table_id == TABLEID_CLASSIFIER ? CLS_INC_WILD
3000 : table_id == 0xff ? CLS_INC_ALL
3005 handle_flow_stats_request(struct ofproto *p, struct ofconn *ofconn,
3006 const struct ofp_stats_request *osr,
3009 struct ofp_flow_stats_request *fsr;
3010 struct flow_stats_cbdata cbdata;
3011 struct cls_rule target;
3013 if (arg_size != sizeof *fsr) {
3014 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3016 fsr = (struct ofp_flow_stats_request *) osr->body;
3018 COVERAGE_INC(ofproto_flows_req);
3020 cbdata.ofconn = ofconn;
3021 cbdata.out_port = fsr->out_port;
3022 cbdata.msg = start_stats_reply(osr, 1024);
3023 cls_rule_from_match(&fsr->match, 0, false, 0, &target);
3024 classifier_for_each_match(&p->cls, &target,
3025 table_id_to_include(fsr->table_id),
3026 flow_stats_cb, &cbdata);
3027 queue_tx(cbdata.msg, ofconn, ofconn->reply_counter);
3031 struct flow_stats_ds_cbdata {
3032 struct ofproto *ofproto;
3037 flow_stats_ds_cb(struct cls_rule *rule_, void *cbdata_)
3039 struct rule *rule = rule_from_cls_rule(rule_);
3040 struct flow_stats_ds_cbdata *cbdata = cbdata_;
3041 struct ds *results = cbdata->results;
3042 struct ofp_match match;
3043 uint64_t packet_count, byte_count;
3044 size_t act_len = sizeof *rule->actions * rule->n_actions;
3046 /* Don't report on subrules. */
3047 if (rule->super != NULL) {
3051 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
3052 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards,
3053 cbdata->ofproto->tun_id_from_cookie, &match);
3055 ds_put_format(results, "duration=%llds, ",
3056 (time_msec() - rule->created) / 1000);
3057 ds_put_format(results, "priority=%u, ", rule->cr.priority);
3058 ds_put_format(results, "n_packets=%"PRIu64", ", packet_count);
3059 ds_put_format(results, "n_bytes=%"PRIu64", ", byte_count);
3060 ofp_print_match(results, &match, true);
3061 ofp_print_actions(results, &rule->actions->header, act_len);
3062 ds_put_cstr(results, "\n");
3065 /* Adds a pretty-printed description of all flows to 'results', including
3066 * those marked hidden by secchan (e.g., by in-band control). */
3068 ofproto_get_all_flows(struct ofproto *p, struct ds *results)
3070 struct ofp_match match;
3071 struct cls_rule target;
3072 struct flow_stats_ds_cbdata cbdata;
3074 memset(&match, 0, sizeof match);
3075 match.wildcards = htonl(OVSFW_ALL);
3078 cbdata.results = results;
3080 cls_rule_from_match(&match, 0, false, 0, &target);
3081 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3082 flow_stats_ds_cb, &cbdata);
3085 struct aggregate_stats_cbdata {
3086 struct ofproto *ofproto;
3088 uint64_t packet_count;
3089 uint64_t byte_count;
3094 aggregate_stats_cb(struct cls_rule *rule_, void *cbdata_)
3096 struct rule *rule = rule_from_cls_rule(rule_);
3097 struct aggregate_stats_cbdata *cbdata = cbdata_;
3098 uint64_t packet_count, byte_count;
3100 if (rule_is_hidden(rule) || !rule_has_out_port(rule, cbdata->out_port)) {
3104 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
3106 cbdata->packet_count += packet_count;
3107 cbdata->byte_count += byte_count;
3112 handle_aggregate_stats_request(struct ofproto *p, struct ofconn *ofconn,
3113 const struct ofp_stats_request *osr,
3116 struct ofp_aggregate_stats_request *asr;
3117 struct ofp_aggregate_stats_reply *reply;
3118 struct aggregate_stats_cbdata cbdata;
3119 struct cls_rule target;
3122 if (arg_size != sizeof *asr) {
3123 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3125 asr = (struct ofp_aggregate_stats_request *) osr->body;
3127 COVERAGE_INC(ofproto_agg_request);
3129 cbdata.out_port = asr->out_port;
3130 cbdata.packet_count = 0;
3131 cbdata.byte_count = 0;
3133 cls_rule_from_match(&asr->match, 0, false, 0, &target);
3134 classifier_for_each_match(&p->cls, &target,
3135 table_id_to_include(asr->table_id),
3136 aggregate_stats_cb, &cbdata);
3138 msg = start_stats_reply(osr, sizeof *reply);
3139 reply = append_stats_reply(sizeof *reply, ofconn, &msg);
3140 reply->flow_count = htonl(cbdata.n_flows);
3141 reply->packet_count = htonll(cbdata.packet_count);
3142 reply->byte_count = htonll(cbdata.byte_count);
3143 queue_tx(msg, ofconn, ofconn->reply_counter);
3148 handle_stats_request(struct ofproto *p, struct ofconn *ofconn,
3149 struct ofp_header *oh)
3151 struct ofp_stats_request *osr;
3155 error = check_ofp_message_array(oh, OFPT_STATS_REQUEST, sizeof *osr,
3160 osr = (struct ofp_stats_request *) oh;
3162 switch (ntohs(osr->type)) {
3164 return handle_desc_stats_request(p, ofconn, osr);
3167 return handle_flow_stats_request(p, ofconn, osr, arg_size);
3169 case OFPST_AGGREGATE:
3170 return handle_aggregate_stats_request(p, ofconn, osr, arg_size);
3173 return handle_table_stats_request(p, ofconn, osr);
3176 return handle_port_stats_request(p, ofconn, osr, arg_size);
3179 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR);
3182 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_STAT);
3186 static long long int
3187 msec_from_nsec(uint64_t sec, uint32_t nsec)
3189 return !sec ? 0 : sec * 1000 + nsec / 1000000;
3193 update_time(struct ofproto *ofproto, struct rule *rule,
3194 const struct odp_flow_stats *stats)
3196 long long int used = msec_from_nsec(stats->used_sec, stats->used_nsec);
3197 if (used > rule->used) {
3199 if (rule->super && used > rule->super->used) {
3200 rule->super->used = used;
3202 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, used);
3207 update_stats(struct ofproto *ofproto, struct rule *rule,
3208 const struct odp_flow_stats *stats)
3210 if (stats->n_packets) {
3211 update_time(ofproto, rule, stats);
3212 rule->packet_count += stats->n_packets;
3213 rule->byte_count += stats->n_bytes;
3214 netflow_flow_update_flags(&rule->nf_flow, stats->ip_tos,
3219 /* Implements OFPFC_ADD and the cases for OFPFC_MODIFY and OFPFC_MODIFY_STRICT
3220 * in which no matching flow already exists in the flow table.
3222 * Adds the flow specified by 'ofm', which is followed by 'n_actions'
3223 * ofp_actions, to 'p''s flow table. Returns 0 on success or an OpenFlow error
3224 * code as encoded by ofp_mkerr() on failure.
3226 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3229 add_flow(struct ofproto *p, struct ofconn *ofconn,
3230 const struct ofp_flow_mod *ofm, size_t n_actions)
3232 struct ofpbuf *packet;
3237 if (ofm->flags & htons(OFPFF_CHECK_OVERLAP)) {
3241 flow_from_match(&ofm->match, p->tun_id_from_cookie, ofm->cookie,
3243 if (classifier_rule_overlaps(&p->cls, &flow, wildcards,
3244 ntohs(ofm->priority))) {
3245 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_OVERLAP);
3249 rule = rule_create(p, NULL, (const union ofp_action *) ofm->actions,
3250 n_actions, ntohs(ofm->idle_timeout),
3251 ntohs(ofm->hard_timeout), ofm->cookie,
3252 ofm->flags & htons(OFPFF_SEND_FLOW_REM));
3253 cls_rule_from_match(&ofm->match, ntohs(ofm->priority),
3254 p->tun_id_from_cookie, ofm->cookie, &rule->cr);
3257 if (ofm->buffer_id != htonl(UINT32_MAX)) {
3258 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(ofm->buffer_id),
3262 in_port = UINT16_MAX;
3265 rule_insert(p, rule, packet, in_port);
3266 ofpbuf_delete(packet);
3270 static struct rule *
3271 find_flow_strict(struct ofproto *p, const struct ofp_flow_mod *ofm)
3276 flow_from_match(&ofm->match, p->tun_id_from_cookie, ofm->cookie,
3278 return rule_from_cls_rule(classifier_find_rule_exactly(
3279 &p->cls, &flow, wildcards,
3280 ntohs(ofm->priority)));
3284 send_buffered_packet(struct ofproto *ofproto, struct ofconn *ofconn,
3285 struct rule *rule, const struct ofp_flow_mod *ofm)
3287 struct ofpbuf *packet;
3292 if (ofm->buffer_id == htonl(UINT32_MAX)) {
3296 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(ofm->buffer_id),
3302 flow_extract(packet, 0, in_port, &flow);
3303 rule_execute(ofproto, rule, packet, &flow);
3304 ofpbuf_delete(packet);
3309 /* OFPFC_MODIFY and OFPFC_MODIFY_STRICT. */
3311 struct modify_flows_cbdata {
3312 struct ofproto *ofproto;
3313 const struct ofp_flow_mod *ofm;
3318 static int modify_flow(struct ofproto *, const struct ofp_flow_mod *,
3319 size_t n_actions, struct rule *);
3320 static void modify_flows_cb(struct cls_rule *, void *cbdata_);
3322 /* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code as
3323 * encoded by ofp_mkerr() on failure.
3325 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3328 modify_flows_loose(struct ofproto *p, struct ofconn *ofconn,
3329 const struct ofp_flow_mod *ofm, size_t n_actions)
3331 struct modify_flows_cbdata cbdata;
3332 struct cls_rule target;
3336 cbdata.n_actions = n_actions;
3337 cbdata.match = NULL;
3339 cls_rule_from_match(&ofm->match, 0, p->tun_id_from_cookie, ofm->cookie,
3342 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3343 modify_flows_cb, &cbdata);
3345 /* This credits the packet to whichever flow happened to happened to
3346 * match last. That's weird. Maybe we should do a lookup for the
3347 * flow that actually matches the packet? Who knows. */
3348 send_buffered_packet(p, ofconn, cbdata.match, ofm);
3351 return add_flow(p, ofconn, ofm, n_actions);
3355 /* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error
3356 * code as encoded by ofp_mkerr() on failure.
3358 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3361 modify_flow_strict(struct ofproto *p, struct ofconn *ofconn,
3362 struct ofp_flow_mod *ofm, size_t n_actions)
3364 struct rule *rule = find_flow_strict(p, ofm);
3365 if (rule && !rule_is_hidden(rule)) {
3366 modify_flow(p, ofm, n_actions, rule);
3367 return send_buffered_packet(p, ofconn, rule, ofm);
3369 return add_flow(p, ofconn, ofm, n_actions);
3373 /* Callback for modify_flows_loose(). */
3375 modify_flows_cb(struct cls_rule *rule_, void *cbdata_)
3377 struct rule *rule = rule_from_cls_rule(rule_);
3378 struct modify_flows_cbdata *cbdata = cbdata_;
3380 if (!rule_is_hidden(rule)) {
3381 cbdata->match = rule;
3382 modify_flow(cbdata->ofproto, cbdata->ofm, cbdata->n_actions, rule);
3386 /* Implements core of OFPFC_MODIFY and OFPFC_MODIFY_STRICT where 'rule' has
3387 * been identified as a flow in 'p''s flow table to be modified, by changing
3388 * the rule's actions to match those in 'ofm' (which is followed by 'n_actions'
3389 * ofp_action[] structures). */
3391 modify_flow(struct ofproto *p, const struct ofp_flow_mod *ofm,
3392 size_t n_actions, struct rule *rule)
3394 size_t actions_len = n_actions * sizeof *rule->actions;
3396 rule->flow_cookie = ofm->cookie;
3398 /* If the actions are the same, do nothing. */
3399 if (n_actions == rule->n_actions
3400 && !memcmp(ofm->actions, rule->actions, actions_len))
3405 /* Replace actions. */
3406 free(rule->actions);
3407 rule->actions = xmemdup(ofm->actions, actions_len);
3408 rule->n_actions = n_actions;
3410 /* Make sure that the datapath gets updated properly. */
3411 if (rule->cr.wc.wildcards) {
3412 COVERAGE_INC(ofproto_mod_wc_flow);
3413 p->need_revalidate = true;
3415 rule_update_actions(p, rule);
3421 /* OFPFC_DELETE implementation. */
3423 struct delete_flows_cbdata {
3424 struct ofproto *ofproto;
3428 static void delete_flows_cb(struct cls_rule *, void *cbdata_);
3429 static void delete_flow(struct ofproto *, struct rule *, uint16_t out_port);
3431 /* Implements OFPFC_DELETE. */
3433 delete_flows_loose(struct ofproto *p, const struct ofp_flow_mod *ofm)
3435 struct delete_flows_cbdata cbdata;
3436 struct cls_rule target;
3439 cbdata.out_port = ofm->out_port;
3441 cls_rule_from_match(&ofm->match, 0, p->tun_id_from_cookie, ofm->cookie,
3444 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3445 delete_flows_cb, &cbdata);
3448 /* Implements OFPFC_DELETE_STRICT. */
3450 delete_flow_strict(struct ofproto *p, struct ofp_flow_mod *ofm)
3452 struct rule *rule = find_flow_strict(p, ofm);
3454 delete_flow(p, rule, ofm->out_port);
3458 /* Callback for delete_flows_loose(). */
3460 delete_flows_cb(struct cls_rule *rule_, void *cbdata_)
3462 struct rule *rule = rule_from_cls_rule(rule_);
3463 struct delete_flows_cbdata *cbdata = cbdata_;
3465 delete_flow(cbdata->ofproto, rule, cbdata->out_port);
3468 /* Implements core of OFPFC_DELETE and OFPFC_DELETE_STRICT where 'rule' has
3469 * been identified as a flow to delete from 'p''s flow table, by deleting the
3470 * flow and sending out a OFPT_FLOW_REMOVED message to any interested
3473 * Will not delete 'rule' if it is hidden. Will delete 'rule' only if
3474 * 'out_port' is htons(OFPP_NONE) or if 'rule' actually outputs to the
3475 * specified 'out_port'. */
3477 delete_flow(struct ofproto *p, struct rule *rule, uint16_t out_port)
3479 if (rule_is_hidden(rule)) {
3483 if (out_port != htons(OFPP_NONE) && !rule_has_out_port(rule, out_port)) {
3487 send_flow_removed(p, rule, time_msec(), OFPRR_DELETE);
3488 rule_remove(p, rule);
3492 handle_flow_mod(struct ofproto *p, struct ofconn *ofconn,
3493 struct ofp_flow_mod *ofm)
3498 error = reject_slave_controller(ofconn, &ofm->header);
3502 error = check_ofp_message_array(&ofm->header, OFPT_FLOW_MOD, sizeof *ofm,
3503 sizeof *ofm->actions, &n_actions);
3508 /* We do not support the emergency flow cache. It will hopefully
3509 * get dropped from OpenFlow in the near future. */
3510 if (ofm->flags & htons(OFPFF_EMERG)) {
3511 /* There isn't a good fit for an error code, so just state that the
3512 * flow table is full. */
3513 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_ALL_TABLES_FULL);
3516 normalize_match(&ofm->match);
3517 if (!ofm->match.wildcards) {
3518 ofm->priority = htons(UINT16_MAX);
3521 error = validate_actions((const union ofp_action *) ofm->actions,
3522 n_actions, p->max_ports);
3527 switch (ntohs(ofm->command)) {
3529 return add_flow(p, ofconn, ofm, n_actions);
3532 return modify_flows_loose(p, ofconn, ofm, n_actions);
3534 case OFPFC_MODIFY_STRICT:
3535 return modify_flow_strict(p, ofconn, ofm, n_actions);
3538 delete_flows_loose(p, ofm);
3541 case OFPFC_DELETE_STRICT:
3542 delete_flow_strict(p, ofm);
3546 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_BAD_COMMAND);
3551 handle_tun_id_from_cookie(struct ofproto *p, struct nxt_tun_id_cookie *msg)
3555 error = check_ofp_message(&msg->header, OFPT_VENDOR, sizeof *msg);
3560 p->tun_id_from_cookie = !!msg->set;
3565 handle_role_request(struct ofproto *ofproto,
3566 struct ofconn *ofconn, struct nicira_header *msg)
3568 struct nx_role_request *nrr;
3569 struct nx_role_request *reply;
3573 if (ntohs(msg->header.length) != sizeof *nrr) {
3574 VLOG_WARN_RL(&rl, "received role request of length %u (expected %zu)",
3575 ntohs(msg->header.length), sizeof *nrr);
3576 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3578 nrr = (struct nx_role_request *) msg;
3580 if (ofconn->type != OFCONN_CONTROLLER) {
3581 VLOG_WARN_RL(&rl, "ignoring role request on non-controller "
3583 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
3586 role = ntohl(nrr->role);
3587 if (role != NX_ROLE_OTHER && role != NX_ROLE_MASTER
3588 && role != NX_ROLE_SLAVE) {
3589 VLOG_WARN_RL(&rl, "received request for unknown role %"PRIu32, role);
3591 /* There's no good error code for this. */
3592 return ofp_mkerr(OFPET_BAD_REQUEST, -1);
3595 if (role == NX_ROLE_MASTER) {
3596 struct ofconn *other;
3598 HMAP_FOR_EACH (other, struct ofconn, hmap_node,
3599 &ofproto->controllers) {
3600 if (other->role == NX_ROLE_MASTER) {
3601 other->role = NX_ROLE_SLAVE;
3605 ofconn->role = role;
3607 reply = make_openflow_xid(sizeof *reply, OFPT_VENDOR, msg->header.xid,
3609 reply->nxh.vendor = htonl(NX_VENDOR_ID);
3610 reply->nxh.subtype = htonl(NXT_ROLE_REPLY);
3611 reply->role = htonl(role);
3612 queue_tx(buf, ofconn, ofconn->reply_counter);
3618 handle_vendor(struct ofproto *p, struct ofconn *ofconn, void *msg)
3620 struct ofp_vendor_header *ovh = msg;
3621 struct nicira_header *nh;
3623 if (ntohs(ovh->header.length) < sizeof(struct ofp_vendor_header)) {
3624 VLOG_WARN_RL(&rl, "received vendor message of length %u "
3625 "(expected at least %zu)",
3626 ntohs(ovh->header.length), sizeof(struct ofp_vendor_header));
3627 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3629 if (ovh->vendor != htonl(NX_VENDOR_ID)) {
3630 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR);
3632 if (ntohs(ovh->header.length) < sizeof(struct nicira_header)) {
3633 VLOG_WARN_RL(&rl, "received Nicira vendor message of length %u "
3634 "(expected at least %zu)",
3635 ntohs(ovh->header.length), sizeof(struct nicira_header));
3636 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3640 switch (ntohl(nh->subtype)) {
3641 case NXT_STATUS_REQUEST:
3642 return switch_status_handle_request(p->switch_status, ofconn->rconn,
3645 case NXT_TUN_ID_FROM_COOKIE:
3646 return handle_tun_id_from_cookie(p, msg);
3648 case NXT_ROLE_REQUEST:
3649 return handle_role_request(p, ofconn, msg);
3652 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_SUBTYPE);
3656 handle_barrier_request(struct ofconn *ofconn, struct ofp_header *oh)
3658 struct ofp_header *ob;
3661 /* Currently, everything executes synchronously, so we can just
3662 * immediately send the barrier reply. */
3663 ob = make_openflow_xid(sizeof *ob, OFPT_BARRIER_REPLY, oh->xid, &buf);
3664 queue_tx(buf, ofconn, ofconn->reply_counter);
3669 handle_openflow(struct ofconn *ofconn, struct ofproto *p,
3670 struct ofpbuf *ofp_msg)
3672 struct ofp_header *oh = ofp_msg->data;
3675 COVERAGE_INC(ofproto_recv_openflow);
3677 case OFPT_ECHO_REQUEST:
3678 error = handle_echo_request(ofconn, oh);
3681 case OFPT_ECHO_REPLY:
3685 case OFPT_FEATURES_REQUEST:
3686 error = handle_features_request(p, ofconn, oh);
3689 case OFPT_GET_CONFIG_REQUEST:
3690 error = handle_get_config_request(p, ofconn, oh);
3693 case OFPT_SET_CONFIG:
3694 error = handle_set_config(p, ofconn, ofp_msg->data);
3697 case OFPT_PACKET_OUT:
3698 error = handle_packet_out(p, ofconn, ofp_msg->data);
3702 error = handle_port_mod(p, ofconn, oh);
3706 error = handle_flow_mod(p, ofconn, ofp_msg->data);
3709 case OFPT_STATS_REQUEST:
3710 error = handle_stats_request(p, ofconn, oh);
3714 error = handle_vendor(p, ofconn, ofp_msg->data);
3717 case OFPT_BARRIER_REQUEST:
3718 error = handle_barrier_request(ofconn, oh);
3722 if (VLOG_IS_WARN_ENABLED()) {
3723 char *s = ofp_to_string(oh, ntohs(oh->length), 2);
3724 VLOG_DBG_RL(&rl, "OpenFlow message ignored: %s", s);
3727 error = ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_TYPE);
3732 send_error_oh(ofconn, ofp_msg->data, error);
3737 handle_odp_miss_msg(struct ofproto *p, struct ofpbuf *packet)
3739 struct odp_msg *msg = packet->data;
3741 struct ofpbuf payload;
3744 payload.data = msg + 1;
3745 payload.size = msg->length - sizeof *msg;
3746 flow_extract(&payload, msg->arg, msg->port, &flow);
3748 /* Check with in-band control to see if this packet should be sent
3749 * to the local port regardless of the flow table. */
3750 if (in_band_msg_in_hook(p->in_band, &flow, &payload)) {
3751 union odp_action action;
3753 memset(&action, 0, sizeof(action));
3754 action.output.type = ODPAT_OUTPUT;
3755 action.output.port = ODPP_LOCAL;
3756 dpif_execute(p->dpif, flow.in_port, &action, 1, &payload);
3759 rule = lookup_valid_rule(p, &flow);
3761 /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */
3762 struct ofport *port = port_array_get(&p->ports, msg->port);
3764 if (port->opp.config & OFPPC_NO_PACKET_IN) {
3765 COVERAGE_INC(ofproto_no_packet_in);
3766 /* XXX install 'drop' flow entry */
3767 ofpbuf_delete(packet);
3771 VLOG_WARN_RL(&rl, "packet-in on unknown port %"PRIu16, msg->port);
3774 COVERAGE_INC(ofproto_packet_in);
3775 send_packet_in(p, packet);
3779 if (rule->cr.wc.wildcards) {
3780 rule = rule_create_subrule(p, rule, &flow);
3781 rule_make_actions(p, rule, packet);
3783 if (!rule->may_install) {
3784 /* The rule is not installable, that is, we need to process every
3785 * packet, so process the current packet and set its actions into
3787 rule_make_actions(p, rule, packet);
3789 /* XXX revalidate rule if it needs it */
3793 rule_execute(p, rule, &payload, &flow);
3794 rule_reinstall(p, rule);
3796 if (rule->super && rule->super->cr.priority == FAIL_OPEN_PRIORITY) {
3798 * Extra-special case for fail-open mode.
3800 * We are in fail-open mode and the packet matched the fail-open rule,
3801 * but we are connected to a controller too. We should send the packet
3802 * up to the controller in the hope that it will try to set up a flow
3803 * and thereby allow us to exit fail-open.
3805 * See the top-level comment in fail-open.c for more information.
3807 send_packet_in(p, packet);
3809 ofpbuf_delete(packet);
3814 handle_odp_msg(struct ofproto *p, struct ofpbuf *packet)
3816 struct odp_msg *msg = packet->data;
3818 switch (msg->type) {
3819 case _ODPL_ACTION_NR:
3820 COVERAGE_INC(ofproto_ctlr_action);
3821 send_packet_in(p, packet);
3824 case _ODPL_SFLOW_NR:
3826 ofproto_sflow_received(p->sflow, msg);
3828 ofpbuf_delete(packet);
3832 handle_odp_miss_msg(p, packet);
3836 VLOG_WARN_RL(&rl, "received ODP message of unexpected type %"PRIu32,
3843 revalidate_cb(struct cls_rule *sub_, void *cbdata_)
3845 struct rule *sub = rule_from_cls_rule(sub_);
3846 struct revalidate_cbdata *cbdata = cbdata_;
3848 if (cbdata->revalidate_all
3849 || (cbdata->revalidate_subrules && sub->super)
3850 || (tag_set_intersects(&cbdata->revalidate_set, sub->tags))) {
3851 revalidate_rule(cbdata->ofproto, sub);
3856 revalidate_rule(struct ofproto *p, struct rule *rule)
3858 const flow_t *flow = &rule->cr.flow;
3860 COVERAGE_INC(ofproto_revalidate_rule);
3863 super = rule_from_cls_rule(classifier_lookup_wild(&p->cls, flow));
3865 rule_remove(p, rule);
3867 } else if (super != rule->super) {
3868 COVERAGE_INC(ofproto_revalidate_moved);
3869 list_remove(&rule->list);
3870 list_push_back(&super->list, &rule->list);
3871 rule->super = super;
3872 rule->hard_timeout = super->hard_timeout;
3873 rule->idle_timeout = super->idle_timeout;
3874 rule->created = super->created;
3879 rule_update_actions(p, rule);
3883 static struct ofpbuf *
3884 compose_flow_removed(struct ofproto *p, const struct rule *rule,
3885 long long int now, uint8_t reason)
3887 struct ofp_flow_removed *ofr;
3889 long long int tdiff = now - rule->created;
3890 uint32_t sec = tdiff / 1000;
3891 uint32_t msec = tdiff - (sec * 1000);
3893 ofr = make_openflow(sizeof *ofr, OFPT_FLOW_REMOVED, &buf);
3894 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards, p->tun_id_from_cookie,
3896 ofr->cookie = rule->flow_cookie;
3897 ofr->priority = htons(rule->cr.priority);
3898 ofr->reason = reason;
3899 ofr->duration_sec = htonl(sec);
3900 ofr->duration_nsec = htonl(msec * 1000000);
3901 ofr->idle_timeout = htons(rule->idle_timeout);
3902 ofr->packet_count = htonll(rule->packet_count);
3903 ofr->byte_count = htonll(rule->byte_count);
3909 uninstall_idle_flow(struct ofproto *ofproto, struct rule *rule)
3911 assert(rule->installed);
3912 assert(!rule->cr.wc.wildcards);
3915 rule_remove(ofproto, rule);
3917 rule_uninstall(ofproto, rule);
3922 send_flow_removed(struct ofproto *p, struct rule *rule,
3923 long long int now, uint8_t reason)
3925 struct ofconn *ofconn;
3926 struct ofconn *prev;
3927 struct ofpbuf *buf = NULL;
3929 /* We limit the maximum number of queued flow expirations it by accounting
3930 * them under the counter for replies. That works because preventing
3931 * OpenFlow requests from being processed also prevents new flows from
3932 * being added (and expiring). (It also prevents processing OpenFlow
3933 * requests that would not add new flows, so it is imperfect.) */
3936 LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
3937 if (rule->send_flow_removed && rconn_is_connected(ofconn->rconn)
3938 && ofconn_receives_async_msgs(ofconn)) {
3940 queue_tx(ofpbuf_clone(buf), prev, prev->reply_counter);
3942 buf = compose_flow_removed(p, rule, now, reason);
3948 queue_tx(buf, prev, prev->reply_counter);
3954 expire_rule(struct cls_rule *cls_rule, void *p_)
3956 struct ofproto *p = p_;
3957 struct rule *rule = rule_from_cls_rule(cls_rule);
3958 long long int hard_expire, idle_expire, expire, now;
3960 hard_expire = (rule->hard_timeout
3961 ? rule->created + rule->hard_timeout * 1000
3963 idle_expire = (rule->idle_timeout
3964 && (rule->super || list_is_empty(&rule->list))
3965 ? rule->used + rule->idle_timeout * 1000
3967 expire = MIN(hard_expire, idle_expire);
3971 if (rule->installed && now >= rule->used + 5000) {
3972 uninstall_idle_flow(p, rule);
3973 } else if (!rule->cr.wc.wildcards) {
3974 active_timeout(p, rule);
3980 COVERAGE_INC(ofproto_expired);
3982 /* Update stats. This code will be a no-op if the rule expired
3983 * due to an idle timeout. */
3984 if (rule->cr.wc.wildcards) {
3985 struct rule *subrule, *next;
3986 LIST_FOR_EACH_SAFE (subrule, next, struct rule, list, &rule->list) {
3987 rule_remove(p, subrule);
3990 rule_uninstall(p, rule);
3993 if (!rule_is_hidden(rule)) {
3994 send_flow_removed(p, rule, now,
3996 ? OFPRR_HARD_TIMEOUT : OFPRR_IDLE_TIMEOUT));
3998 rule_remove(p, rule);
4002 active_timeout(struct ofproto *ofproto, struct rule *rule)
4004 if (ofproto->netflow && !is_controller_rule(rule) &&
4005 netflow_active_timeout_expired(ofproto->netflow, &rule->nf_flow)) {
4006 struct ofexpired expired;
4007 struct odp_flow odp_flow;
4009 /* Get updated flow stats. */
4010 memset(&odp_flow, 0, sizeof odp_flow);
4011 if (rule->installed) {
4012 odp_flow.key = rule->cr.flow;
4013 odp_flow.flags = ODPFF_ZERO_TCP_FLAGS;
4014 dpif_flow_get(ofproto->dpif, &odp_flow);
4016 if (odp_flow.stats.n_packets) {
4017 update_time(ofproto, rule, &odp_flow.stats);
4018 netflow_flow_update_flags(&rule->nf_flow, odp_flow.stats.ip_tos,
4019 odp_flow.stats.tcp_flags);
4023 expired.flow = rule->cr.flow;
4024 expired.packet_count = rule->packet_count +
4025 odp_flow.stats.n_packets;
4026 expired.byte_count = rule->byte_count + odp_flow.stats.n_bytes;
4027 expired.used = rule->used;
4029 netflow_expire(ofproto->netflow, &rule->nf_flow, &expired);
4031 /* Schedule us to send the accumulated records once we have
4032 * collected all of them. */
4033 poll_immediate_wake();
4038 update_used(struct ofproto *p)
4040 struct odp_flow *flows;
4045 error = dpif_flow_list_all(p->dpif, &flows, &n_flows);
4050 for (i = 0; i < n_flows; i++) {
4051 struct odp_flow *f = &flows[i];
4054 rule = rule_from_cls_rule(
4055 classifier_find_rule_exactly(&p->cls, &f->key, 0, UINT16_MAX));
4056 if (!rule || !rule->installed) {
4057 COVERAGE_INC(ofproto_unexpected_rule);
4058 dpif_flow_del(p->dpif, f);
4062 update_time(p, rule, &f->stats);
4063 rule_account(p, rule, f->stats.n_bytes);
4068 /* pinsched callback for sending 'packet' on 'ofconn'. */
4070 do_send_packet_in(struct ofpbuf *packet, void *ofconn_)
4072 struct ofconn *ofconn = ofconn_;
4074 rconn_send_with_limit(ofconn->rconn, packet,
4075 ofconn->packet_in_counter, 100);
4078 /* Takes 'packet', which has been converted with do_convert_to_packet_in(), and
4079 * finalizes its content for sending on 'ofconn', and passes it to 'ofconn''s
4080 * packet scheduler for sending.
4082 * 'max_len' specifies the maximum number of bytes of the packet to send on
4083 * 'ofconn' (INT_MAX specifies no limit).
4085 * If 'clone' is true, the caller retains ownership of 'packet'. Otherwise,
4086 * ownership is transferred to this function. */
4088 schedule_packet_in(struct ofconn *ofconn, struct ofpbuf *packet, int max_len,
4091 struct ofproto *ofproto = ofconn->ofproto;
4092 struct ofp_packet_in *opi = packet->data;
4093 uint16_t in_port = ofp_port_to_odp_port(ntohs(opi->in_port));
4094 int send_len, trim_size;
4098 if (opi->reason == OFPR_ACTION) {
4099 buffer_id = UINT32_MAX;
4100 } else if (ofproto->fail_open && fail_open_is_active(ofproto->fail_open)) {
4101 buffer_id = pktbuf_get_null();
4102 } else if (!ofconn->pktbuf) {
4103 buffer_id = UINT32_MAX;
4105 struct ofpbuf payload;
4106 payload.data = opi->data;
4107 payload.size = packet->size - offsetof(struct ofp_packet_in, data);
4108 buffer_id = pktbuf_save(ofconn->pktbuf, &payload, in_port);
4111 /* Figure out how much of the packet to send. */
4112 send_len = ntohs(opi->total_len);
4113 if (buffer_id != UINT32_MAX) {
4114 send_len = MIN(send_len, ofconn->miss_send_len);
4116 send_len = MIN(send_len, max_len);
4118 /* Adjust packet length and clone if necessary. */
4119 trim_size = offsetof(struct ofp_packet_in, data) + send_len;
4121 packet = ofpbuf_clone_data(packet->data, trim_size);
4124 packet->size = trim_size;
4127 /* Update packet headers. */
4128 opi->buffer_id = htonl(buffer_id);
4129 update_openflow_length(packet);
4131 /* Hand over to packet scheduler. It might immediately call into
4132 * do_send_packet_in() or it might buffer it for a while (until a later
4133 * call to pinsched_run()). */
4134 pinsched_send(ofconn->schedulers[opi->reason], in_port,
4135 packet, do_send_packet_in, ofconn);
4138 /* Replace struct odp_msg header in 'packet' by equivalent struct
4139 * ofp_packet_in. The odp_msg must have sufficient headroom to do so (e.g. as
4140 * returned by dpif_recv()).
4142 * The conversion is not complete: the caller still needs to trim any unneeded
4143 * payload off the end of the buffer, set the length in the OpenFlow header,
4144 * and set buffer_id. Those require us to know the controller settings and so
4145 * must be done on a per-controller basis.
4147 * Returns the maximum number of bytes of the packet that should be sent to
4148 * the controller (INT_MAX if no limit). */
4150 do_convert_to_packet_in(struct ofpbuf *packet)
4152 struct odp_msg *msg = packet->data;
4153 struct ofp_packet_in *opi;
4159 /* Extract relevant header fields */
4160 if (msg->type == _ODPL_ACTION_NR) {
4161 reason = OFPR_ACTION;
4164 reason = OFPR_NO_MATCH;
4167 total_len = msg->length - sizeof *msg;
4168 in_port = odp_port_to_ofp_port(msg->port);
4170 /* Repurpose packet buffer by overwriting header. */
4171 ofpbuf_pull(packet, sizeof(struct odp_msg));
4172 opi = ofpbuf_push_zeros(packet, offsetof(struct ofp_packet_in, data));
4173 opi->header.version = OFP_VERSION;
4174 opi->header.type = OFPT_PACKET_IN;
4175 opi->total_len = htons(total_len);
4176 opi->in_port = htons(in_port);
4177 opi->reason = reason;
4182 /* Given 'packet' containing an odp_msg of type _ODPL_ACTION_NR or
4183 * _ODPL_MISS_NR, sends an OFPT_PACKET_IN message to each OpenFlow controller
4184 * as necessary according to their individual configurations.
4186 * 'packet' must have sufficient headroom to convert it into a struct
4187 * ofp_packet_in (e.g. as returned by dpif_recv()).
4189 * Takes ownership of 'packet'. */
4191 send_packet_in(struct ofproto *ofproto, struct ofpbuf *packet)
4193 struct ofconn *ofconn, *prev;
4196 max_len = do_convert_to_packet_in(packet);
4199 LIST_FOR_EACH (ofconn, struct ofconn, node, &ofproto->all_conns) {
4200 if (ofconn_receives_async_msgs(ofconn)) {
4202 schedule_packet_in(prev, packet, max_len, true);
4208 schedule_packet_in(prev, packet, max_len, false);
4210 ofpbuf_delete(packet);
4215 pick_datapath_id(const struct ofproto *ofproto)
4217 const struct ofport *port;
4219 port = port_array_get(&ofproto->ports, ODPP_LOCAL);
4221 uint8_t ea[ETH_ADDR_LEN];
4224 error = netdev_get_etheraddr(port->netdev, ea);
4226 return eth_addr_to_uint64(ea);
4228 VLOG_WARN("could not get MAC address for %s (%s)",
4229 netdev_get_name(port->netdev), strerror(error));
4231 return ofproto->fallback_dpid;
4235 pick_fallback_dpid(void)
4237 uint8_t ea[ETH_ADDR_LEN];
4238 eth_addr_nicira_random(ea);
4239 return eth_addr_to_uint64(ea);
4243 default_normal_ofhook_cb(const flow_t *flow, const struct ofpbuf *packet,
4244 struct odp_actions *actions, tag_type *tags,
4245 uint16_t *nf_output_iface, void *ofproto_)
4247 struct ofproto *ofproto = ofproto_;
4250 /* Drop frames for reserved multicast addresses. */
4251 if (eth_addr_is_reserved(flow->dl_dst)) {
4255 /* Learn source MAC (but don't try to learn from revalidation). */
4256 if (packet != NULL) {
4257 tag_type rev_tag = mac_learning_learn(ofproto->ml, flow->dl_src,
4259 GRAT_ARP_LOCK_NONE);
4261 /* The log messages here could actually be useful in debugging,
4262 * so keep the rate limit relatively high. */
4263 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300);
4264 VLOG_DBG_RL(&rl, "learned that "ETH_ADDR_FMT" is on port %"PRIu16,
4265 ETH_ADDR_ARGS(flow->dl_src), flow->in_port);
4266 ofproto_revalidate(ofproto, rev_tag);
4270 /* Determine output port. */
4271 out_port = mac_learning_lookup_tag(ofproto->ml, flow->dl_dst, 0, tags,
4274 add_output_group_action(actions, DP_GROUP_FLOOD, nf_output_iface);
4275 } else if (out_port != flow->in_port) {
4276 odp_actions_add(actions, ODPAT_OUTPUT)->output.port = out_port;
4277 *nf_output_iface = out_port;
4285 static const struct ofhooks default_ofhooks = {
4287 default_normal_ofhook_cb,
git://git.onelab.eu / sliver-openvswitch.git / blob