2 * Copyright (c) 2009, 2010 Nicira Networks.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
22 #include <netinet/in.h>
25 #include "classifier.h"
27 #include "discovery.h"
29 #include "dynamic-string.h"
30 #include "fail-open.h"
32 #include "mac-learning.h"
36 #include "ofp-print.h"
37 #include "ofproto-sflow.h"
39 #include "openflow/nicira-ext.h"
40 #include "openflow/openflow.h"
41 #include "openvswitch/datapath-protocol.h"
45 #include "poll-loop.h"
46 #include "port-array.h"
51 #include "stream-ssl.h"
59 #define THIS_MODULE VLM_ofproto
62 #include "sflow_api.h"
66 TABLEID_CLASSIFIER = 1
70 struct netdev *netdev;
71 struct ofp_phy_port opp; /* In host byte order. */
74 static void ofport_free(struct ofport *);
75 static void hton_ofp_phy_port(struct ofp_phy_port *);
77 static int xlate_actions(const union ofp_action *in, size_t n_in,
78 const flow_t *flow, struct ofproto *ofproto,
79 const struct ofpbuf *packet,
80 struct odp_actions *out, tag_type *tags,
81 bool *may_set_up_flow, uint16_t *nf_output_iface);
86 uint64_t flow_cookie; /* Controller-issued identifier.
87 (Kept in network-byte order.) */
88 uint16_t idle_timeout; /* In seconds from time of last use. */
89 uint16_t hard_timeout; /* In seconds from time of creation. */
90 bool send_flow_removed; /* Send a flow removed message? */
91 long long int used; /* Last-used time (0 if never used). */
92 long long int created; /* Creation time. */
93 uint64_t packet_count; /* Number of packets received. */
94 uint64_t byte_count; /* Number of bytes received. */
95 uint64_t accounted_bytes; /* Number of bytes passed to account_cb. */
96 tag_type tags; /* Tags (set only by hooks). */
97 struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */
99 /* If 'super' is non-NULL, this rule is a subrule, that is, it is an
100 * exact-match rule (having cr.wc.wildcards of 0) generated from the
101 * wildcard rule 'super'. In this case, 'list' is an element of the
104 * If 'super' is NULL, this rule is a super-rule, and 'list' is the head of
105 * a list of subrules. A super-rule with no wildcards (where
106 * cr.wc.wildcards is 0) will never have any subrules. */
112 * 'n_actions' is the number of elements in the 'actions' array. A single
113 * action may take up more more than one element's worth of space.
115 * A subrule has no actions (it uses the super-rule's actions). */
117 union ofp_action *actions;
121 * A super-rule with wildcard fields never has ODP actions (since the
122 * datapath only supports exact-match flows). */
123 bool installed; /* Installed in datapath? */
124 bool may_install; /* True ordinarily; false if actions must
125 * be reassessed for every packet. */
127 union odp_action *odp_actions;
131 rule_is_hidden(const struct rule *rule)
133 /* Subrules are merely an implementation detail, so hide them from the
135 if (rule->super != NULL) {
139 /* Rules with priority higher than UINT16_MAX are set up by ofproto itself
140 * (e.g. by in-band control) and are intentionally hidden from the
142 if (rule->cr.priority > UINT16_MAX) {
149 static struct rule *rule_create(struct ofproto *, struct rule *super,
150 const union ofp_action *, size_t n_actions,
151 uint16_t idle_timeout, uint16_t hard_timeout,
152 uint64_t flow_cookie, bool send_flow_removed);
153 static void rule_free(struct rule *);
154 static void rule_destroy(struct ofproto *, struct rule *);
155 static struct rule *rule_from_cls_rule(const struct cls_rule *);
156 static void rule_insert(struct ofproto *, struct rule *,
157 struct ofpbuf *packet, uint16_t in_port);
158 static void rule_remove(struct ofproto *, struct rule *);
159 static bool rule_make_actions(struct ofproto *, struct rule *,
160 const struct ofpbuf *packet);
161 static void rule_install(struct ofproto *, struct rule *,
162 struct rule *displaced_rule);
163 static void rule_uninstall(struct ofproto *, struct rule *);
164 static void rule_post_uninstall(struct ofproto *, struct rule *);
165 static void send_flow_removed(struct ofproto *p, struct rule *rule,
166 long long int now, uint8_t reason);
168 /* ofproto supports two kinds of OpenFlow connections:
170 * - "Controller connections": Connections to ordinary OpenFlow controllers.
171 * ofproto maintains persistent connections to these controllers and by
172 * default sends them asynchronous messages such as packet-ins.
174 * - "Transient connections", e.g. from ovs-ofctl. When these connections
175 * drop, it is the other side's responsibility to reconnect them if
176 * necessary. ofproto does not send them asynchronous messages by default.
179 OFCONN_CONTROLLER, /* An OpenFlow controller. */
180 OFCONN_TRANSIENT /* A transient connection. */
183 /* An OpenFlow connection. */
185 struct ofproto *ofproto; /* The ofproto that owns this connection. */
186 struct list node; /* In struct ofproto's "all_conns" list. */
187 struct rconn *rconn; /* OpenFlow connection. */
188 enum ofconn_type type; /* Type. */
190 /* OFPT_PACKET_IN related data. */
191 struct rconn_packet_counter *packet_in_counter; /* # queued on 'rconn'. */
192 struct pinsched *schedulers[2]; /* Indexed by reason code; see below. */
193 struct pktbuf *pktbuf; /* OpenFlow packet buffers. */
194 int miss_send_len; /* Bytes to send of buffered packets. */
196 /* Number of OpenFlow messages queued on 'rconn' as replies to OpenFlow
197 * requests, and the maximum number before we stop reading OpenFlow
199 #define OFCONN_REPLY_MAX 100
200 struct rconn_packet_counter *reply_counter;
202 /* type == OFCONN_CONTROLLER only. */
203 enum nx_role role; /* Role. */
204 struct hmap_node hmap_node; /* In struct ofproto's "controllers" map. */
205 struct discovery *discovery; /* Controller discovery object, if enabled. */
206 struct status_category *ss; /* Switch status category. */
207 enum ofproto_band band; /* In-band or out-of-band? */
210 /* We use OFPR_NO_MATCH and OFPR_ACTION as indexes into struct ofconn's
211 * "schedulers" array. Their values are 0 and 1, and their meanings and values
212 * coincide with _ODPL_MISS_NR and _ODPL_ACTION_NR, so this is convenient. In
213 * case anything ever changes, check their values here. */
214 #define N_SCHEDULERS 2
215 BUILD_ASSERT_DECL(OFPR_NO_MATCH == 0);
216 BUILD_ASSERT_DECL(OFPR_NO_MATCH == _ODPL_MISS_NR);
217 BUILD_ASSERT_DECL(OFPR_ACTION == 1);
218 BUILD_ASSERT_DECL(OFPR_ACTION == _ODPL_ACTION_NR);
220 static struct ofconn *ofconn_create(struct ofproto *, struct rconn *,
222 static void ofconn_destroy(struct ofconn *);
223 static void ofconn_run(struct ofconn *, struct ofproto *);
224 static void ofconn_wait(struct ofconn *);
225 static void queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn,
226 struct rconn_packet_counter *counter);
228 static void send_packet_in(struct ofproto *, struct ofpbuf *odp_msg);
229 static void do_send_packet_in(struct ofpbuf *odp_msg, void *ofconn);
233 uint64_t datapath_id; /* Datapath ID. */
234 uint64_t fallback_dpid; /* Datapath ID if no better choice found. */
235 char *mfr_desc; /* Manufacturer. */
236 char *hw_desc; /* Hardware. */
237 char *sw_desc; /* Software version. */
238 char *serial_desc; /* Serial number. */
239 char *dp_desc; /* Datapath description. */
243 struct netdev_monitor *netdev_monitor;
244 struct port_array ports; /* Index is ODP port nr; ofport->opp.port_no is
246 struct shash port_by_name;
250 struct switch_status *switch_status;
251 struct fail_open *fail_open;
252 struct netflow *netflow;
253 struct ofproto_sflow *sflow;
255 /* In-band control. */
256 struct in_band *in_band;
257 long long int next_in_band_update;
258 struct sockaddr_in *extra_in_band_remotes;
259 size_t n_extra_remotes;
262 struct classifier cls;
263 bool need_revalidate;
264 long long int next_expiration;
265 struct tag_set revalidate_set;
266 bool tun_id_from_cookie;
268 /* OpenFlow connections. */
269 struct hmap controllers; /* Controller "struct ofconn"s. */
270 struct list all_conns; /* Contains "struct ofconn"s. */
271 struct pvconn **listeners;
273 struct pvconn **snoops;
276 /* Hooks for ovs-vswitchd. */
277 const struct ofhooks *ofhooks;
280 /* Used by default ofhooks. */
281 struct mac_learning *ml;
284 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
286 static const struct ofhooks default_ofhooks;
288 static uint64_t pick_datapath_id(const struct ofproto *);
289 static uint64_t pick_fallback_dpid(void);
291 static void update_used(struct ofproto *);
292 static void update_stats(struct ofproto *, struct rule *,
293 const struct odp_flow_stats *);
294 static void expire_rule(struct cls_rule *, void *ofproto);
295 static void active_timeout(struct ofproto *ofproto, struct rule *rule);
296 static bool revalidate_rule(struct ofproto *p, struct rule *rule);
297 static void revalidate_cb(struct cls_rule *rule_, void *p_);
299 static void handle_odp_msg(struct ofproto *, struct ofpbuf *);
301 static void handle_openflow(struct ofconn *, struct ofproto *,
304 static void refresh_port_groups(struct ofproto *);
306 static void update_port(struct ofproto *, const char *devname);
307 static int init_ports(struct ofproto *);
308 static void reinit_ports(struct ofproto *);
311 ofproto_create(const char *datapath, const char *datapath_type,
312 const struct ofhooks *ofhooks, void *aux,
313 struct ofproto **ofprotop)
315 struct odp_stats stats;
322 /* Connect to datapath and start listening for messages. */
323 error = dpif_open(datapath, datapath_type, &dpif);
325 VLOG_ERR("failed to open datapath %s: %s", datapath, strerror(error));
328 error = dpif_get_dp_stats(dpif, &stats);
330 VLOG_ERR("failed to obtain stats for datapath %s: %s",
331 datapath, strerror(error));
335 error = dpif_recv_set_mask(dpif, ODPL_MISS | ODPL_ACTION | ODPL_SFLOW);
337 VLOG_ERR("failed to listen on datapath %s: %s",
338 datapath, strerror(error));
342 dpif_flow_flush(dpif);
343 dpif_recv_purge(dpif);
345 /* Initialize settings. */
346 p = xzalloc(sizeof *p);
347 p->fallback_dpid = pick_fallback_dpid();
348 p->datapath_id = p->fallback_dpid;
349 p->mfr_desc = xstrdup(DEFAULT_MFR_DESC);
350 p->hw_desc = xstrdup(DEFAULT_HW_DESC);
351 p->sw_desc = xstrdup(DEFAULT_SW_DESC);
352 p->serial_desc = xstrdup(DEFAULT_SERIAL_DESC);
353 p->dp_desc = xstrdup(DEFAULT_DP_DESC);
355 /* Initialize datapath. */
357 p->netdev_monitor = netdev_monitor_create();
358 port_array_init(&p->ports);
359 shash_init(&p->port_by_name);
360 p->max_ports = stats.max_ports;
362 /* Initialize submodules. */
363 p->switch_status = switch_status_create(p);
369 /* Initialize flow table. */
370 classifier_init(&p->cls);
371 p->need_revalidate = false;
372 p->next_expiration = time_msec() + 1000;
373 tag_set_init(&p->revalidate_set);
375 /* Initialize OpenFlow connections. */
376 list_init(&p->all_conns);
377 hmap_init(&p->controllers);
383 /* Initialize hooks. */
385 p->ofhooks = ofhooks;
389 p->ofhooks = &default_ofhooks;
391 p->ml = mac_learning_create();
394 /* Pick final datapath ID. */
395 p->datapath_id = pick_datapath_id(p);
396 VLOG_INFO("using datapath ID %016"PRIx64, p->datapath_id);
403 ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id)
405 uint64_t old_dpid = p->datapath_id;
406 p->datapath_id = datapath_id ? datapath_id : pick_datapath_id(p);
407 if (p->datapath_id != old_dpid) {
408 struct ofconn *ofconn;
410 VLOG_INFO("datapath ID changed to %016"PRIx64, p->datapath_id);
412 /* Force all active connections to reconnect, since there is no way to
413 * notify a controller that the datapath ID has changed. */
414 LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
415 rconn_reconnect(ofconn->rconn);
421 is_discovery_controller(const struct ofproto_controller *c)
423 return !strcmp(c->target, "discover");
427 is_in_band_controller(const struct ofproto_controller *c)
429 return is_discovery_controller(c) || c->band == OFPROTO_IN_BAND;
432 /* Creates a new controller in 'ofproto'. Some of the settings are initially
433 * drawn from 'c', but update_controller() needs to be called later to finish
434 * the new ofconn's configuration. */
436 add_controller(struct ofproto *ofproto, const struct ofproto_controller *c)
438 struct discovery *discovery;
439 struct ofconn *ofconn;
441 if (is_discovery_controller(c)) {
442 int error = discovery_create(c->accept_re, c->update_resolv_conf,
443 ofproto->dpif, ofproto->switch_status,
452 ofconn = ofconn_create(ofproto, rconn_create(5, 8), OFCONN_CONTROLLER);
453 ofconn->pktbuf = pktbuf_create();
454 ofconn->miss_send_len = OFP_DEFAULT_MISS_SEND_LEN;
456 ofconn->discovery = discovery;
458 rconn_connect(ofconn->rconn, c->target);
460 hmap_insert(&ofproto->controllers, &ofconn->hmap_node,
461 hash_string(c->target, 0));
464 /* Reconfigures 'ofconn' to match 'c'. This function cannot update an ofconn's
465 * target or turn discovery on or off (these are done by creating new ofconns
466 * and deleting old ones), but it can update the rest of an ofconn's
469 update_controller(struct ofconn *ofconn, const struct ofproto_controller *c)
471 struct ofproto *ofproto = ofconn->ofproto;
475 ofconn->band = (is_in_band_controller(c)
476 ? OFPROTO_IN_BAND : OFPROTO_OUT_OF_BAND);
478 rconn_set_max_backoff(ofconn->rconn, c->max_backoff);
480 probe_interval = c->probe_interval ? MAX(c->probe_interval, 5) : 0;
481 rconn_set_probe_interval(ofconn->rconn, probe_interval);
483 if (ofconn->discovery) {
484 discovery_set_update_resolv_conf(ofconn->discovery,
485 c->update_resolv_conf);
486 discovery_set_accept_controller_re(ofconn->discovery, c->accept_re);
489 for (i = 0; i < N_SCHEDULERS; i++) {
490 struct pinsched **s = &ofconn->schedulers[i];
492 if (c->rate_limit > 0) {
494 *s = pinsched_create(c->rate_limit, c->burst_limit,
495 ofproto->switch_status);
497 pinsched_set_limits(*s, c->rate_limit, c->burst_limit);
500 pinsched_destroy(*s);
507 ofconn_get_target(const struct ofconn *ofconn)
509 return ofconn->discovery ? "discover" : rconn_get_name(ofconn->rconn);
512 static struct ofconn *
513 find_controller_by_target(struct ofproto *ofproto, const char *target)
515 struct ofconn *ofconn;
517 HMAP_FOR_EACH_WITH_HASH (ofconn, struct ofconn, hmap_node,
518 hash_string(target, 0), &ofproto->controllers) {
519 if (!strcmp(ofconn_get_target(ofconn), target)) {
527 update_in_band_remotes(struct ofproto *ofproto)
529 const struct ofconn *ofconn;
530 struct sockaddr_in *addrs;
531 size_t max_addrs, n_addrs;
535 /* Allocate enough memory for as many remotes as we could possibly have. */
536 max_addrs = ofproto->n_extra_remotes + hmap_count(&ofproto->controllers);
537 addrs = xmalloc(max_addrs * sizeof *addrs);
540 /* Add all the remotes. */
542 HMAP_FOR_EACH (ofconn, struct ofconn, hmap_node, &ofproto->controllers) {
543 struct sockaddr_in *sin = &addrs[n_addrs];
545 sin->sin_addr.s_addr = rconn_get_remote_ip(ofconn->rconn);
546 if (sin->sin_addr.s_addr) {
547 sin->sin_port = rconn_get_remote_port(ofconn->rconn);
550 if (ofconn->discovery) {
554 for (i = 0; i < ofproto->n_extra_remotes; i++) {
555 addrs[n_addrs++] = ofproto->extra_in_band_remotes[i];
558 /* Create or update or destroy in-band.
560 * Ordinarily we only enable in-band if there's at least one remote
561 * address, but discovery needs the in-band rules for DHCP to be installed
562 * even before we know any remote addresses. */
563 if (n_addrs || discovery) {
564 if (!ofproto->in_band) {
565 in_band_create(ofproto, ofproto->dpif, ofproto->switch_status,
568 in_band_set_remotes(ofproto->in_band, addrs, n_addrs);
569 ofproto->next_in_band_update = time_msec() + 1000;
571 in_band_destroy(ofproto->in_band);
572 ofproto->in_band = NULL;
580 ofproto_set_controllers(struct ofproto *p,
581 const struct ofproto_controller *controllers,
582 size_t n_controllers)
584 struct shash new_controllers;
585 enum ofproto_fail_mode fail_mode;
586 struct ofconn *ofconn, *next;
590 shash_init(&new_controllers);
591 for (i = 0; i < n_controllers; i++) {
592 const struct ofproto_controller *c = &controllers[i];
594 shash_add_once(&new_controllers, c->target, &controllers[i]);
595 if (!find_controller_by_target(p, c->target)) {
596 add_controller(p, c);
600 fail_mode = OFPROTO_FAIL_STANDALONE;
602 HMAP_FOR_EACH_SAFE (ofconn, next, struct ofconn, hmap_node,
604 struct ofproto_controller *c;
606 c = shash_find_data(&new_controllers, ofconn_get_target(ofconn));
608 ofconn_destroy(ofconn);
610 update_controller(ofconn, c);
614 if (c->fail == OFPROTO_FAIL_SECURE) {
615 fail_mode = OFPROTO_FAIL_SECURE;
619 shash_destroy(&new_controllers);
621 update_in_band_remotes(p);
623 if (!hmap_is_empty(&p->controllers)
624 && fail_mode == OFPROTO_FAIL_STANDALONE) {
625 struct rconn **rconns;
629 p->fail_open = fail_open_create(p, p->switch_status);
633 rconns = xmalloc(hmap_count(&p->controllers) * sizeof *rconns);
634 HMAP_FOR_EACH (ofconn, struct ofconn, hmap_node, &p->controllers) {
635 rconns[n++] = ofconn->rconn;
638 fail_open_set_controllers(p->fail_open, rconns, n);
639 /* p->fail_open takes ownership of 'rconns'. */
641 fail_open_destroy(p->fail_open);
645 if (!hmap_is_empty(&p->controllers) && !ss_exists) {
646 ofconn = CONTAINER_OF(hmap_first(&p->controllers),
647 struct ofconn, hmap_node);
648 ofconn->ss = switch_status_register(p->switch_status, "remote",
649 rconn_status_cb, ofconn->rconn);
654 any_extras_changed(const struct ofproto *ofproto,
655 const struct sockaddr_in *extras, size_t n)
659 if (n != ofproto->n_extra_remotes) {
663 for (i = 0; i < n; i++) {
664 const struct sockaddr_in *old = &ofproto->extra_in_band_remotes[i];
665 const struct sockaddr_in *new = &extras[i];
667 if (old->sin_addr.s_addr != new->sin_addr.s_addr ||
668 old->sin_port != new->sin_port) {
676 /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'ofproto''s
677 * in-band control should guarantee access, in the same way that in-band
678 * control guarantees access to OpenFlow controllers. */
680 ofproto_set_extra_in_band_remotes(struct ofproto *ofproto,
681 const struct sockaddr_in *extras, size_t n)
683 if (!any_extras_changed(ofproto, extras, n)) {
687 free(ofproto->extra_in_band_remotes);
688 ofproto->n_extra_remotes = n;
689 ofproto->extra_in_band_remotes = xmemdup(extras, n * sizeof *extras);
691 update_in_band_remotes(ofproto);
695 ofproto_set_desc(struct ofproto *p,
696 const char *mfr_desc, const char *hw_desc,
697 const char *sw_desc, const char *serial_desc,
700 struct ofp_desc_stats *ods;
703 if (strlen(mfr_desc) >= sizeof ods->mfr_desc) {
704 VLOG_WARN("truncating mfr_desc, must be less than %zu characters",
705 sizeof ods->mfr_desc);
708 p->mfr_desc = xstrdup(mfr_desc);
711 if (strlen(hw_desc) >= sizeof ods->hw_desc) {
712 VLOG_WARN("truncating hw_desc, must be less than %zu characters",
713 sizeof ods->hw_desc);
716 p->hw_desc = xstrdup(hw_desc);
719 if (strlen(sw_desc) >= sizeof ods->sw_desc) {
720 VLOG_WARN("truncating sw_desc, must be less than %zu characters",
721 sizeof ods->sw_desc);
724 p->sw_desc = xstrdup(sw_desc);
727 if (strlen(serial_desc) >= sizeof ods->serial_num) {
728 VLOG_WARN("truncating serial_desc, must be less than %zu "
730 sizeof ods->serial_num);
732 free(p->serial_desc);
733 p->serial_desc = xstrdup(serial_desc);
736 if (strlen(dp_desc) >= sizeof ods->dp_desc) {
737 VLOG_WARN("truncating dp_desc, must be less than %zu characters",
738 sizeof ods->dp_desc);
741 p->dp_desc = xstrdup(dp_desc);
746 set_pvconns(struct pvconn ***pvconnsp, size_t *n_pvconnsp,
747 const struct svec *svec)
749 struct pvconn **pvconns = *pvconnsp;
750 size_t n_pvconns = *n_pvconnsp;
754 for (i = 0; i < n_pvconns; i++) {
755 pvconn_close(pvconns[i]);
759 pvconns = xmalloc(svec->n * sizeof *pvconns);
761 for (i = 0; i < svec->n; i++) {
762 const char *name = svec->names[i];
763 struct pvconn *pvconn;
766 error = pvconn_open(name, &pvconn);
768 pvconns[n_pvconns++] = pvconn;
770 VLOG_ERR("failed to listen on %s: %s", name, strerror(error));
778 *n_pvconnsp = n_pvconns;
784 ofproto_set_listeners(struct ofproto *ofproto, const struct svec *listeners)
786 return set_pvconns(&ofproto->listeners, &ofproto->n_listeners, listeners);
790 ofproto_set_snoops(struct ofproto *ofproto, const struct svec *snoops)
792 return set_pvconns(&ofproto->snoops, &ofproto->n_snoops, snoops);
796 ofproto_set_netflow(struct ofproto *ofproto,
797 const struct netflow_options *nf_options)
799 if (nf_options && nf_options->collectors.n) {
800 if (!ofproto->netflow) {
801 ofproto->netflow = netflow_create();
803 return netflow_set_options(ofproto->netflow, nf_options);
805 netflow_destroy(ofproto->netflow);
806 ofproto->netflow = NULL;
812 ofproto_set_sflow(struct ofproto *ofproto,
813 const struct ofproto_sflow_options *oso)
815 struct ofproto_sflow *os = ofproto->sflow;
818 struct ofport *ofport;
819 unsigned int odp_port;
821 os = ofproto->sflow = ofproto_sflow_create(ofproto->dpif);
822 refresh_port_groups(ofproto);
823 PORT_ARRAY_FOR_EACH (ofport, &ofproto->ports, odp_port) {
824 ofproto_sflow_add_port(os, odp_port,
825 netdev_get_name(ofport->netdev));
828 ofproto_sflow_set_options(os, oso);
830 ofproto_sflow_destroy(os);
831 ofproto->sflow = NULL;
836 ofproto_set_stp(struct ofproto *ofproto OVS_UNUSED, bool enable_stp)
840 VLOG_WARN("STP is not yet implemented");
848 ofproto_get_datapath_id(const struct ofproto *ofproto)
850 return ofproto->datapath_id;
854 ofproto_has_controller(const struct ofproto *ofproto)
856 return !hmap_is_empty(&ofproto->controllers);
860 ofproto_get_listeners(const struct ofproto *ofproto, struct svec *listeners)
864 for (i = 0; i < ofproto->n_listeners; i++) {
865 svec_add(listeners, pvconn_get_name(ofproto->listeners[i]));
870 ofproto_get_snoops(const struct ofproto *ofproto, struct svec *snoops)
874 for (i = 0; i < ofproto->n_snoops; i++) {
875 svec_add(snoops, pvconn_get_name(ofproto->snoops[i]));
880 ofproto_destroy(struct ofproto *p)
882 struct ofconn *ofconn, *next_ofconn;
883 struct ofport *ofport;
884 unsigned int port_no;
891 /* Destroy fail-open and in-band early, since they touch the classifier. */
892 fail_open_destroy(p->fail_open);
895 in_band_destroy(p->in_band);
897 free(p->extra_in_band_remotes);
899 ofproto_flush_flows(p);
900 classifier_destroy(&p->cls);
902 LIST_FOR_EACH_SAFE (ofconn, next_ofconn, struct ofconn, node,
904 ofconn_destroy(ofconn);
906 hmap_destroy(&p->controllers);
909 netdev_monitor_destroy(p->netdev_monitor);
910 PORT_ARRAY_FOR_EACH (ofport, &p->ports, port_no) {
913 shash_destroy(&p->port_by_name);
915 switch_status_destroy(p->switch_status);
916 netflow_destroy(p->netflow);
917 ofproto_sflow_destroy(p->sflow);
919 for (i = 0; i < p->n_listeners; i++) {
920 pvconn_close(p->listeners[i]);
924 for (i = 0; i < p->n_snoops; i++) {
925 pvconn_close(p->snoops[i]);
929 mac_learning_destroy(p->ml);
934 free(p->serial_desc);
937 port_array_destroy(&p->ports);
943 ofproto_run(struct ofproto *p)
945 int error = ofproto_run1(p);
947 error = ofproto_run2(p, false);
953 process_port_change(struct ofproto *ofproto, int error, char *devname)
955 if (error == ENOBUFS) {
956 reinit_ports(ofproto);
958 update_port(ofproto, devname);
963 /* One of ofproto's "snoop" pvconns has accepted a new connection on 'vconn'.
964 * Connects this vconn to a controller. */
966 add_snooper(struct ofproto *ofproto, struct vconn *vconn)
968 struct ofconn *ofconn;
970 /* Arbitrarily pick the first controller in the list for monitoring. We
971 * could do something smarter or more flexible later, if it ever proves
973 LIST_FOR_EACH (ofconn, struct ofconn, node, &ofproto->all_conns) {
974 if (ofconn->type == OFCONN_CONTROLLER) {
975 rconn_add_monitor(ofconn->rconn, vconn);
980 VLOG_INFO_RL(&rl, "no controller connection to monitor");
985 ofproto_run1(struct ofproto *p)
987 struct ofconn *ofconn, *next_ofconn;
992 if (shash_is_empty(&p->port_by_name)) {
996 for (i = 0; i < 50; i++) {
1000 error = dpif_recv(p->dpif, &buf);
1002 if (error == ENODEV) {
1003 /* Someone destroyed the datapath behind our back. The caller
1004 * better destroy us and give up, because we're just going to
1005 * spin from here on out. */
1006 static struct vlog_rate_limit rl2 = VLOG_RATE_LIMIT_INIT(1, 5);
1007 VLOG_ERR_RL(&rl2, "%s: datapath was destroyed externally",
1008 dpif_name(p->dpif));
1014 handle_odp_msg(p, buf);
1017 while ((error = dpif_port_poll(p->dpif, &devname)) != EAGAIN) {
1018 process_port_change(p, error, devname);
1020 while ((error = netdev_monitor_poll(p->netdev_monitor,
1021 &devname)) != EAGAIN) {
1022 process_port_change(p, error, devname);
1026 if (time_msec() >= p->next_in_band_update) {
1027 update_in_band_remotes(p);
1029 in_band_run(p->in_band);
1032 LIST_FOR_EACH_SAFE (ofconn, next_ofconn, struct ofconn, node,
1034 ofconn_run(ofconn, p);
1037 /* Fail-open maintenance. Do this after processing the ofconns since
1038 * fail-open checks the status of the controller rconn. */
1040 fail_open_run(p->fail_open);
1043 for (i = 0; i < p->n_listeners; i++) {
1044 struct vconn *vconn;
1047 retval = pvconn_accept(p->listeners[i], OFP_VERSION, &vconn);
1049 ofconn_create(p, rconn_new_from_vconn("passive", vconn),
1051 } else if (retval != EAGAIN) {
1052 VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval));
1056 for (i = 0; i < p->n_snoops; i++) {
1057 struct vconn *vconn;
1060 retval = pvconn_accept(p->snoops[i], OFP_VERSION, &vconn);
1062 add_snooper(p, vconn);
1063 } else if (retval != EAGAIN) {
1064 VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval));
1068 if (time_msec() >= p->next_expiration) {
1069 COVERAGE_INC(ofproto_expiration);
1070 p->next_expiration = time_msec() + 1000;
1073 classifier_for_each(&p->cls, CLS_INC_ALL, expire_rule, p);
1075 /* Let the hook know that we're at a stable point: all outstanding data
1076 * in existing flows has been accounted to the account_cb. Thus, the
1077 * hook can now reasonably do operations that depend on having accurate
1078 * flow volume accounting (currently, that's just bond rebalancing). */
1079 if (p->ofhooks->account_checkpoint_cb) {
1080 p->ofhooks->account_checkpoint_cb(p->aux);
1085 netflow_run(p->netflow);
1088 ofproto_sflow_run(p->sflow);
1094 struct revalidate_cbdata {
1095 struct ofproto *ofproto;
1096 bool revalidate_all; /* Revalidate all exact-match rules? */
1097 bool revalidate_subrules; /* Revalidate all exact-match subrules? */
1098 struct tag_set revalidate_set; /* Set of tags to revalidate. */
1102 ofproto_run2(struct ofproto *p, bool revalidate_all)
1104 if (p->need_revalidate || revalidate_all
1105 || !tag_set_is_empty(&p->revalidate_set)) {
1106 struct revalidate_cbdata cbdata;
1108 cbdata.revalidate_all = revalidate_all;
1109 cbdata.revalidate_subrules = p->need_revalidate;
1110 cbdata.revalidate_set = p->revalidate_set;
1111 tag_set_init(&p->revalidate_set);
1112 COVERAGE_INC(ofproto_revalidate);
1113 classifier_for_each(&p->cls, CLS_INC_EXACT, revalidate_cb, &cbdata);
1114 p->need_revalidate = false;
1121 ofproto_wait(struct ofproto *p)
1123 struct ofconn *ofconn;
1126 dpif_recv_wait(p->dpif);
1127 dpif_port_poll_wait(p->dpif);
1128 netdev_monitor_poll_wait(p->netdev_monitor);
1129 LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
1130 ofconn_wait(ofconn);
1133 poll_timer_wait(p->next_in_band_update - time_msec());
1134 in_band_wait(p->in_band);
1137 fail_open_wait(p->fail_open);
1140 ofproto_sflow_wait(p->sflow);
1142 if (!tag_set_is_empty(&p->revalidate_set)) {
1143 poll_immediate_wake();
1145 if (p->need_revalidate) {
1146 /* Shouldn't happen, but if it does just go around again. */
1147 VLOG_DBG_RL(&rl, "need revalidate in ofproto_wait_cb()");
1148 poll_immediate_wake();
1149 } else if (p->next_expiration != LLONG_MAX) {
1150 poll_timer_wait(p->next_expiration - time_msec());
1152 for (i = 0; i < p->n_listeners; i++) {
1153 pvconn_wait(p->listeners[i]);
1155 for (i = 0; i < p->n_snoops; i++) {
1156 pvconn_wait(p->snoops[i]);
1161 ofproto_revalidate(struct ofproto *ofproto, tag_type tag)
1163 tag_set_add(&ofproto->revalidate_set, tag);
1167 ofproto_get_revalidate_set(struct ofproto *ofproto)
1169 return &ofproto->revalidate_set;
1173 ofproto_is_alive(const struct ofproto *p)
1175 return !hmap_is_empty(&p->controllers);
1179 ofproto_send_packet(struct ofproto *p, const flow_t *flow,
1180 const union ofp_action *actions, size_t n_actions,
1181 const struct ofpbuf *packet)
1183 struct odp_actions odp_actions;
1186 error = xlate_actions(actions, n_actions, flow, p, packet, &odp_actions,
1192 /* XXX Should we translate the dpif_execute() errno value into an OpenFlow
1194 dpif_execute(p->dpif, flow->in_port, odp_actions.actions,
1195 odp_actions.n_actions, packet);
1200 ofproto_add_flow(struct ofproto *p,
1201 const flow_t *flow, uint32_t wildcards, unsigned int priority,
1202 const union ofp_action *actions, size_t n_actions,
1206 rule = rule_create(p, NULL, actions, n_actions,
1207 idle_timeout >= 0 ? idle_timeout : 5 /* XXX */,
1209 cls_rule_from_flow(flow, wildcards, priority, &rule->cr);
1210 rule_insert(p, rule, NULL, 0);
1214 ofproto_delete_flow(struct ofproto *ofproto, const flow_t *flow,
1215 uint32_t wildcards, unsigned int priority)
1219 rule = rule_from_cls_rule(classifier_find_rule_exactly(&ofproto->cls,
1223 rule_remove(ofproto, rule);
1228 destroy_rule(struct cls_rule *rule_, void *ofproto_)
1230 struct rule *rule = rule_from_cls_rule(rule_);
1231 struct ofproto *ofproto = ofproto_;
1233 /* Mark the flow as not installed, even though it might really be
1234 * installed, so that rule_remove() doesn't bother trying to uninstall it.
1235 * There is no point in uninstalling it individually since we are about to
1236 * blow away all the flows with dpif_flow_flush(). */
1237 rule->installed = false;
1239 rule_remove(ofproto, rule);
1243 ofproto_flush_flows(struct ofproto *ofproto)
1245 COVERAGE_INC(ofproto_flush);
1246 classifier_for_each(&ofproto->cls, CLS_INC_ALL, destroy_rule, ofproto);
1247 dpif_flow_flush(ofproto->dpif);
1248 if (ofproto->in_band) {
1249 in_band_flushed(ofproto->in_band);
1251 if (ofproto->fail_open) {
1252 fail_open_flushed(ofproto->fail_open);
1257 reinit_ports(struct ofproto *p)
1259 struct svec devnames;
1260 struct ofport *ofport;
1261 unsigned int port_no;
1262 struct odp_port *odp_ports;
1266 svec_init(&devnames);
1267 PORT_ARRAY_FOR_EACH (ofport, &p->ports, port_no) {
1268 svec_add (&devnames, (char *) ofport->opp.name);
1270 dpif_port_list(p->dpif, &odp_ports, &n_odp_ports);
1271 for (i = 0; i < n_odp_ports; i++) {
1272 svec_add (&devnames, odp_ports[i].devname);
1276 svec_sort_unique(&devnames);
1277 for (i = 0; i < devnames.n; i++) {
1278 update_port(p, devnames.names[i]);
1280 svec_destroy(&devnames);
1284 refresh_port_group(struct ofproto *p, unsigned int group)
1288 struct ofport *port;
1289 unsigned int port_no;
1291 assert(group == DP_GROUP_ALL || group == DP_GROUP_FLOOD);
1293 ports = xmalloc(port_array_count(&p->ports) * sizeof *ports);
1295 PORT_ARRAY_FOR_EACH (port, &p->ports, port_no) {
1296 if (group == DP_GROUP_ALL || !(port->opp.config & OFPPC_NO_FLOOD)) {
1297 ports[n_ports++] = port_no;
1300 dpif_port_group_set(p->dpif, group, ports, n_ports);
1307 refresh_port_groups(struct ofproto *p)
1309 size_t n_flood = refresh_port_group(p, DP_GROUP_FLOOD);
1310 size_t n_all = refresh_port_group(p, DP_GROUP_ALL);
1312 ofproto_sflow_set_group_sizes(p->sflow, n_flood, n_all);
1316 static struct ofport *
1317 make_ofport(const struct odp_port *odp_port)
1319 struct netdev_options netdev_options;
1320 enum netdev_flags flags;
1321 struct ofport *ofport;
1322 struct netdev *netdev;
1326 memset(&netdev_options, 0, sizeof netdev_options);
1327 netdev_options.name = odp_port->devname;
1328 netdev_options.ethertype = NETDEV_ETH_TYPE_NONE;
1329 netdev_options.may_open = true;
1331 error = netdev_open(&netdev_options, &netdev);
1333 VLOG_WARN_RL(&rl, "ignoring port %s (%"PRIu16") because netdev %s "
1334 "cannot be opened (%s)",
1335 odp_port->devname, odp_port->port,
1336 odp_port->devname, strerror(error));
1340 ofport = xmalloc(sizeof *ofport);
1341 ofport->netdev = netdev;
1342 ofport->opp.port_no = odp_port_to_ofp_port(odp_port->port);
1343 netdev_get_etheraddr(netdev, ofport->opp.hw_addr);
1344 memcpy(ofport->opp.name, odp_port->devname,
1345 MIN(sizeof ofport->opp.name, sizeof odp_port->devname));
1346 ofport->opp.name[sizeof ofport->opp.name - 1] = '\0';
1348 netdev_get_flags(netdev, &flags);
1349 ofport->opp.config = flags & NETDEV_UP ? 0 : OFPPC_PORT_DOWN;
1351 netdev_get_carrier(netdev, &carrier);
1352 ofport->opp.state = carrier ? 0 : OFPPS_LINK_DOWN;
1354 netdev_get_features(netdev,
1355 &ofport->opp.curr, &ofport->opp.advertised,
1356 &ofport->opp.supported, &ofport->opp.peer);
1361 ofport_conflicts(const struct ofproto *p, const struct odp_port *odp_port)
1363 if (port_array_get(&p->ports, odp_port->port)) {
1364 VLOG_WARN_RL(&rl, "ignoring duplicate port %"PRIu16" in datapath",
1367 } else if (shash_find(&p->port_by_name, odp_port->devname)) {
1368 VLOG_WARN_RL(&rl, "ignoring duplicate device %s in datapath",
1377 ofport_equal(const struct ofport *a_, const struct ofport *b_)
1379 const struct ofp_phy_port *a = &a_->opp;
1380 const struct ofp_phy_port *b = &b_->opp;
1382 BUILD_ASSERT_DECL(sizeof *a == 48); /* Detect ofp_phy_port changes. */
1383 return (a->port_no == b->port_no
1384 && !memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr)
1385 && !strcmp((char *) a->name, (char *) b->name)
1386 && a->state == b->state
1387 && a->config == b->config
1388 && a->curr == b->curr
1389 && a->advertised == b->advertised
1390 && a->supported == b->supported
1391 && a->peer == b->peer);
1395 send_port_status(struct ofproto *p, const struct ofport *ofport,
1398 /* XXX Should limit the number of queued port status change messages. */
1399 struct ofconn *ofconn;
1400 LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
1401 struct ofp_port_status *ops;
1404 if (ofconn->role == NX_ROLE_SLAVE) {
1408 ops = make_openflow_xid(sizeof *ops, OFPT_PORT_STATUS, 0, &b);
1409 ops->reason = reason;
1410 ops->desc = ofport->opp;
1411 hton_ofp_phy_port(&ops->desc);
1412 queue_tx(b, ofconn, NULL);
1414 if (p->ofhooks->port_changed_cb) {
1415 p->ofhooks->port_changed_cb(reason, &ofport->opp, p->aux);
1420 ofport_install(struct ofproto *p, struct ofport *ofport)
1422 uint16_t odp_port = ofp_port_to_odp_port(ofport->opp.port_no);
1423 const char *netdev_name = (const char *) ofport->opp.name;
1425 netdev_monitor_add(p->netdev_monitor, ofport->netdev);
1426 port_array_set(&p->ports, odp_port, ofport);
1427 shash_add(&p->port_by_name, netdev_name, ofport);
1429 ofproto_sflow_add_port(p->sflow, odp_port, netdev_name);
1434 ofport_remove(struct ofproto *p, struct ofport *ofport)
1436 uint16_t odp_port = ofp_port_to_odp_port(ofport->opp.port_no);
1438 netdev_monitor_remove(p->netdev_monitor, ofport->netdev);
1439 port_array_set(&p->ports, odp_port, NULL);
1440 shash_delete(&p->port_by_name,
1441 shash_find(&p->port_by_name, (char *) ofport->opp.name));
1443 ofproto_sflow_del_port(p->sflow, odp_port);
1448 ofport_free(struct ofport *ofport)
1451 netdev_close(ofport->netdev);
1457 update_port(struct ofproto *p, const char *devname)
1459 struct odp_port odp_port;
1460 struct ofport *old_ofport;
1461 struct ofport *new_ofport;
1464 COVERAGE_INC(ofproto_update_port);
1466 /* Query the datapath for port information. */
1467 error = dpif_port_query_by_name(p->dpif, devname, &odp_port);
1469 /* Find the old ofport. */
1470 old_ofport = shash_find_data(&p->port_by_name, devname);
1473 /* There's no port named 'devname' but there might be a port with
1474 * the same port number. This could happen if a port is deleted
1475 * and then a new one added in its place very quickly, or if a port
1476 * is renamed. In the former case we want to send an OFPPR_DELETE
1477 * and an OFPPR_ADD, and in the latter case we want to send a
1478 * single OFPPR_MODIFY. We can distinguish the cases by comparing
1479 * the old port's ifindex against the new port, or perhaps less
1480 * reliably but more portably by comparing the old port's MAC
1481 * against the new port's MAC. However, this code isn't that smart
1482 * and always sends an OFPPR_MODIFY (XXX). */
1483 old_ofport = port_array_get(&p->ports, odp_port.port);
1485 } else if (error != ENOENT && error != ENODEV) {
1486 VLOG_WARN_RL(&rl, "dpif_port_query_by_name returned unexpected error "
1487 "%s", strerror(error));
1491 /* Create a new ofport. */
1492 new_ofport = !error ? make_ofport(&odp_port) : NULL;
1494 /* Eliminate a few pathological cases. */
1495 if (!old_ofport && !new_ofport) {
1497 } else if (old_ofport && new_ofport) {
1498 /* Most of the 'config' bits are OpenFlow soft state, but
1499 * OFPPC_PORT_DOWN is maintained the kernel. So transfer the OpenFlow
1500 * bits from old_ofport. (make_ofport() only sets OFPPC_PORT_DOWN and
1501 * leaves the other bits 0.) */
1502 new_ofport->opp.config |= old_ofport->opp.config & ~OFPPC_PORT_DOWN;
1504 if (ofport_equal(old_ofport, new_ofport)) {
1505 /* False alarm--no change. */
1506 ofport_free(new_ofport);
1511 /* Now deal with the normal cases. */
1513 ofport_remove(p, old_ofport);
1516 ofport_install(p, new_ofport);
1518 send_port_status(p, new_ofport ? new_ofport : old_ofport,
1519 (!old_ofport ? OFPPR_ADD
1520 : !new_ofport ? OFPPR_DELETE
1522 ofport_free(old_ofport);
1524 /* Update port groups. */
1525 refresh_port_groups(p);
1529 init_ports(struct ofproto *p)
1531 struct odp_port *ports;
1536 error = dpif_port_list(p->dpif, &ports, &n_ports);
1541 for (i = 0; i < n_ports; i++) {
1542 const struct odp_port *odp_port = &ports[i];
1543 if (!ofport_conflicts(p, odp_port)) {
1544 struct ofport *ofport = make_ofport(odp_port);
1546 ofport_install(p, ofport);
1551 refresh_port_groups(p);
1555 static struct ofconn *
1556 ofconn_create(struct ofproto *p, struct rconn *rconn, enum ofconn_type type)
1558 struct ofconn *ofconn = xzalloc(sizeof *ofconn);
1559 ofconn->ofproto = p;
1560 list_push_back(&p->all_conns, &ofconn->node);
1561 ofconn->rconn = rconn;
1562 ofconn->type = type;
1563 ofconn->role = NX_ROLE_OTHER;
1564 ofconn->packet_in_counter = rconn_packet_counter_create ();
1565 ofconn->pktbuf = NULL;
1566 ofconn->miss_send_len = 0;
1567 ofconn->reply_counter = rconn_packet_counter_create ();
1572 ofconn_destroy(struct ofconn *ofconn)
1574 if (ofconn->type == OFCONN_CONTROLLER) {
1575 hmap_remove(&ofconn->ofproto->controllers, &ofconn->hmap_node);
1577 discovery_destroy(ofconn->discovery);
1579 list_remove(&ofconn->node);
1580 switch_status_unregister(ofconn->ss);
1581 rconn_destroy(ofconn->rconn);
1582 rconn_packet_counter_destroy(ofconn->packet_in_counter);
1583 rconn_packet_counter_destroy(ofconn->reply_counter);
1584 pktbuf_destroy(ofconn->pktbuf);
1589 ofconn_run(struct ofconn *ofconn, struct ofproto *p)
1594 if (ofconn->discovery) {
1595 char *controller_name;
1596 if (rconn_is_connectivity_questionable(ofconn->rconn)) {
1597 discovery_question_connectivity(ofconn->discovery);
1599 if (discovery_run(ofconn->discovery, &controller_name)) {
1600 if (controller_name) {
1601 rconn_connect(ofconn->rconn, controller_name);
1603 rconn_disconnect(ofconn->rconn);
1608 for (i = 0; i < N_SCHEDULERS; i++) {
1609 pinsched_run(ofconn->schedulers[i], do_send_packet_in, ofconn);
1612 rconn_run(ofconn->rconn);
1614 if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) {
1615 /* Limit the number of iterations to prevent other tasks from
1617 for (iteration = 0; iteration < 50; iteration++) {
1618 struct ofpbuf *of_msg = rconn_recv(ofconn->rconn);
1623 fail_open_maybe_recover(p->fail_open);
1625 handle_openflow(ofconn, p, of_msg);
1626 ofpbuf_delete(of_msg);
1630 if (!ofconn->discovery && !rconn_is_alive(ofconn->rconn)) {
1631 ofconn_destroy(ofconn);
1636 ofconn_wait(struct ofconn *ofconn)
1640 if (ofconn->discovery) {
1641 discovery_wait(ofconn->discovery);
1643 for (i = 0; i < N_SCHEDULERS; i++) {
1644 pinsched_wait(ofconn->schedulers[i]);
1646 rconn_run_wait(ofconn->rconn);
1647 if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) {
1648 rconn_recv_wait(ofconn->rconn);
1650 COVERAGE_INC(ofproto_ofconn_stuck);
1654 /* Caller is responsible for initializing the 'cr' member of the returned
1656 static struct rule *
1657 rule_create(struct ofproto *ofproto, struct rule *super,
1658 const union ofp_action *actions, size_t n_actions,
1659 uint16_t idle_timeout, uint16_t hard_timeout,
1660 uint64_t flow_cookie, bool send_flow_removed)
1662 struct rule *rule = xzalloc(sizeof *rule);
1663 rule->idle_timeout = idle_timeout;
1664 rule->hard_timeout = hard_timeout;
1665 rule->flow_cookie = flow_cookie;
1666 rule->used = rule->created = time_msec();
1667 rule->send_flow_removed = send_flow_removed;
1668 rule->super = super;
1670 list_push_back(&super->list, &rule->list);
1672 list_init(&rule->list);
1674 rule->n_actions = n_actions;
1675 rule->actions = xmemdup(actions, n_actions * sizeof *actions);
1676 netflow_flow_clear(&rule->nf_flow);
1677 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, rule->created);
1682 static struct rule *
1683 rule_from_cls_rule(const struct cls_rule *cls_rule)
1685 return cls_rule ? CONTAINER_OF(cls_rule, struct rule, cr) : NULL;
1689 rule_free(struct rule *rule)
1691 free(rule->actions);
1692 free(rule->odp_actions);
1696 /* Destroys 'rule'. If 'rule' is a subrule, also removes it from its
1697 * super-rule's list of subrules. If 'rule' is a super-rule, also iterates
1698 * through all of its subrules and revalidates them, destroying any that no
1699 * longer has a super-rule (which is probably all of them).
1701 * Before calling this function, the caller must make have removed 'rule' from
1702 * the classifier. If 'rule' is an exact-match rule, the caller is also
1703 * responsible for ensuring that it has been uninstalled from the datapath. */
1705 rule_destroy(struct ofproto *ofproto, struct rule *rule)
1708 struct rule *subrule, *next;
1709 LIST_FOR_EACH_SAFE (subrule, next, struct rule, list, &rule->list) {
1710 revalidate_rule(ofproto, subrule);
1713 list_remove(&rule->list);
1719 rule_has_out_port(const struct rule *rule, uint16_t out_port)
1721 const union ofp_action *oa;
1722 struct actions_iterator i;
1724 if (out_port == htons(OFPP_NONE)) {
1727 for (oa = actions_first(&i, rule->actions, rule->n_actions); oa;
1728 oa = actions_next(&i)) {
1729 if (oa->type == htons(OFPAT_OUTPUT) && oa->output.port == out_port) {
1736 /* Executes the actions indicated by 'rule' on 'packet', which is in flow
1737 * 'flow' and is considered to have arrived on ODP port 'in_port'.
1739 * The flow that 'packet' actually contains does not need to actually match
1740 * 'rule'; the actions in 'rule' will be applied to it either way. Likewise,
1741 * the packet and byte counters for 'rule' will be credited for the packet sent
1742 * out whether or not the packet actually matches 'rule'.
1744 * If 'rule' is an exact-match rule and 'flow' actually equals the rule's flow,
1745 * the caller must already have accurately composed ODP actions for it given
1746 * 'packet' using rule_make_actions(). If 'rule' is a wildcard rule, or if
1747 * 'rule' is an exact-match rule but 'flow' is not the rule's flow, then this
1748 * function will compose a set of ODP actions based on 'rule''s OpenFlow
1749 * actions and apply them to 'packet'. */
1751 rule_execute(struct ofproto *ofproto, struct rule *rule,
1752 struct ofpbuf *packet, const flow_t *flow)
1754 const union odp_action *actions;
1756 struct odp_actions a;
1758 /* Grab or compose the ODP actions.
1760 * The special case for an exact-match 'rule' where 'flow' is not the
1761 * rule's flow is important to avoid, e.g., sending a packet out its input
1762 * port simply because the ODP actions were composed for the wrong
1764 if (rule->cr.wc.wildcards || !flow_equal(flow, &rule->cr.flow)) {
1765 struct rule *super = rule->super ? rule->super : rule;
1766 if (xlate_actions(super->actions, super->n_actions, flow, ofproto,
1767 packet, &a, NULL, 0, NULL)) {
1770 actions = a.actions;
1771 n_actions = a.n_actions;
1773 actions = rule->odp_actions;
1774 n_actions = rule->n_odp_actions;
1777 /* Execute the ODP actions. */
1778 if (!dpif_execute(ofproto->dpif, flow->in_port,
1779 actions, n_actions, packet)) {
1780 struct odp_flow_stats stats;
1781 flow_extract_stats(flow, packet, &stats);
1782 update_stats(ofproto, rule, &stats);
1783 rule->used = time_msec();
1784 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, rule->used);
1789 rule_insert(struct ofproto *p, struct rule *rule, struct ofpbuf *packet,
1792 struct rule *displaced_rule;
1794 /* Insert the rule in the classifier. */
1795 displaced_rule = rule_from_cls_rule(classifier_insert(&p->cls, &rule->cr));
1796 if (!rule->cr.wc.wildcards) {
1797 rule_make_actions(p, rule, packet);
1800 /* Send the packet and credit it to the rule. */
1803 flow_extract(packet, 0, in_port, &flow);
1804 rule_execute(p, rule, packet, &flow);
1807 /* Install the rule in the datapath only after sending the packet, to
1808 * avoid packet reordering. */
1809 if (rule->cr.wc.wildcards) {
1810 COVERAGE_INC(ofproto_add_wc_flow);
1811 p->need_revalidate = true;
1813 rule_install(p, rule, displaced_rule);
1816 /* Free the rule that was displaced, if any. */
1817 if (displaced_rule) {
1818 rule_destroy(p, displaced_rule);
1822 static struct rule *
1823 rule_create_subrule(struct ofproto *ofproto, struct rule *rule,
1826 struct rule *subrule = rule_create(ofproto, rule, NULL, 0,
1827 rule->idle_timeout, rule->hard_timeout,
1829 COVERAGE_INC(ofproto_subrule_create);
1830 cls_rule_from_flow(flow, 0, (rule->cr.priority <= UINT16_MAX ? UINT16_MAX
1831 : rule->cr.priority), &subrule->cr);
1832 classifier_insert_exact(&ofproto->cls, &subrule->cr);
1838 rule_remove(struct ofproto *ofproto, struct rule *rule)
1840 if (rule->cr.wc.wildcards) {
1841 COVERAGE_INC(ofproto_del_wc_flow);
1842 ofproto->need_revalidate = true;
1844 rule_uninstall(ofproto, rule);
1846 classifier_remove(&ofproto->cls, &rule->cr);
1847 rule_destroy(ofproto, rule);
1850 /* Returns true if the actions changed, false otherwise. */
1852 rule_make_actions(struct ofproto *p, struct rule *rule,
1853 const struct ofpbuf *packet)
1855 const struct rule *super;
1856 struct odp_actions a;
1859 assert(!rule->cr.wc.wildcards);
1861 super = rule->super ? rule->super : rule;
1863 xlate_actions(super->actions, super->n_actions, &rule->cr.flow, p,
1864 packet, &a, &rule->tags, &rule->may_install,
1865 &rule->nf_flow.output_iface);
1867 actions_len = a.n_actions * sizeof *a.actions;
1868 if (rule->n_odp_actions != a.n_actions
1869 || memcmp(rule->odp_actions, a.actions, actions_len)) {
1870 COVERAGE_INC(ofproto_odp_unchanged);
1871 free(rule->odp_actions);
1872 rule->n_odp_actions = a.n_actions;
1873 rule->odp_actions = xmemdup(a.actions, actions_len);
1881 do_put_flow(struct ofproto *ofproto, struct rule *rule, int flags,
1882 struct odp_flow_put *put)
1884 memset(&put->flow.stats, 0, sizeof put->flow.stats);
1885 put->flow.key = rule->cr.flow;
1886 put->flow.actions = rule->odp_actions;
1887 put->flow.n_actions = rule->n_odp_actions;
1888 put->flow.flags = 0;
1890 return dpif_flow_put(ofproto->dpif, put);
1894 rule_install(struct ofproto *p, struct rule *rule, struct rule *displaced_rule)
1896 assert(!rule->cr.wc.wildcards);
1898 if (rule->may_install) {
1899 struct odp_flow_put put;
1900 if (!do_put_flow(p, rule,
1901 ODPPF_CREATE | ODPPF_MODIFY | ODPPF_ZERO_STATS,
1903 rule->installed = true;
1904 if (displaced_rule) {
1905 update_stats(p, displaced_rule, &put.flow.stats);
1906 rule_post_uninstall(p, displaced_rule);
1909 } else if (displaced_rule) {
1910 rule_uninstall(p, displaced_rule);
1915 rule_reinstall(struct ofproto *ofproto, struct rule *rule)
1917 if (rule->installed) {
1918 struct odp_flow_put put;
1919 COVERAGE_INC(ofproto_dp_missed);
1920 do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY, &put);
1922 rule_install(ofproto, rule, NULL);
1927 rule_update_actions(struct ofproto *ofproto, struct rule *rule)
1929 bool actions_changed;
1930 uint16_t new_out_iface, old_out_iface;
1932 old_out_iface = rule->nf_flow.output_iface;
1933 actions_changed = rule_make_actions(ofproto, rule, NULL);
1935 if (rule->may_install) {
1936 if (rule->installed) {
1937 if (actions_changed) {
1938 struct odp_flow_put put;
1939 do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY
1940 | ODPPF_ZERO_STATS, &put);
1941 update_stats(ofproto, rule, &put.flow.stats);
1943 /* Temporarily set the old output iface so that NetFlow
1944 * messages have the correct output interface for the old
1946 new_out_iface = rule->nf_flow.output_iface;
1947 rule->nf_flow.output_iface = old_out_iface;
1948 rule_post_uninstall(ofproto, rule);
1949 rule->nf_flow.output_iface = new_out_iface;
1952 rule_install(ofproto, rule, NULL);
1955 rule_uninstall(ofproto, rule);
1960 rule_account(struct ofproto *ofproto, struct rule *rule, uint64_t extra_bytes)
1962 uint64_t total_bytes = rule->byte_count + extra_bytes;
1964 if (ofproto->ofhooks->account_flow_cb
1965 && total_bytes > rule->accounted_bytes)
1967 ofproto->ofhooks->account_flow_cb(
1968 &rule->cr.flow, rule->odp_actions, rule->n_odp_actions,
1969 total_bytes - rule->accounted_bytes, ofproto->aux);
1970 rule->accounted_bytes = total_bytes;
1975 rule_uninstall(struct ofproto *p, struct rule *rule)
1977 assert(!rule->cr.wc.wildcards);
1978 if (rule->installed) {
1979 struct odp_flow odp_flow;
1981 odp_flow.key = rule->cr.flow;
1982 odp_flow.actions = NULL;
1983 odp_flow.n_actions = 0;
1985 if (!dpif_flow_del(p->dpif, &odp_flow)) {
1986 update_stats(p, rule, &odp_flow.stats);
1988 rule->installed = false;
1990 rule_post_uninstall(p, rule);
1995 is_controller_rule(struct rule *rule)
1997 /* If the only action is send to the controller then don't report
1998 * NetFlow expiration messages since it is just part of the control
1999 * logic for the network and not real traffic. */
2001 if (rule && rule->super) {
2002 struct rule *super = rule->super;
2004 return super->n_actions == 1 &&
2005 super->actions[0].type == htons(OFPAT_OUTPUT) &&
2006 super->actions[0].output.port == htons(OFPP_CONTROLLER);
2013 rule_post_uninstall(struct ofproto *ofproto, struct rule *rule)
2015 struct rule *super = rule->super;
2017 rule_account(ofproto, rule, 0);
2019 if (ofproto->netflow && !is_controller_rule(rule)) {
2020 struct ofexpired expired;
2021 expired.flow = rule->cr.flow;
2022 expired.packet_count = rule->packet_count;
2023 expired.byte_count = rule->byte_count;
2024 expired.used = rule->used;
2025 netflow_expire(ofproto->netflow, &rule->nf_flow, &expired);
2028 super->packet_count += rule->packet_count;
2029 super->byte_count += rule->byte_count;
2031 /* Reset counters to prevent double counting if the rule ever gets
2033 rule->packet_count = 0;
2034 rule->byte_count = 0;
2035 rule->accounted_bytes = 0;
2037 netflow_flow_clear(&rule->nf_flow);
2042 queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn,
2043 struct rconn_packet_counter *counter)
2045 update_openflow_length(msg);
2046 if (rconn_send(ofconn->rconn, msg, counter)) {
2052 send_error(const struct ofconn *ofconn, const struct ofp_header *oh,
2053 int error, const void *data, size_t len)
2056 struct ofp_error_msg *oem;
2058 if (!(error >> 16)) {
2059 VLOG_WARN_RL(&rl, "not sending bad error code %d to controller",
2064 COVERAGE_INC(ofproto_error);
2065 oem = make_openflow_xid(len + sizeof *oem, OFPT_ERROR,
2066 oh ? oh->xid : 0, &buf);
2067 oem->type = htons((unsigned int) error >> 16);
2068 oem->code = htons(error & 0xffff);
2069 memcpy(oem->data, data, len);
2070 queue_tx(buf, ofconn, ofconn->reply_counter);
2074 send_error_oh(const struct ofconn *ofconn, const struct ofp_header *oh,
2077 size_t oh_length = ntohs(oh->length);
2078 send_error(ofconn, oh, error, oh, MIN(oh_length, 64));
2082 hton_ofp_phy_port(struct ofp_phy_port *opp)
2084 opp->port_no = htons(opp->port_no);
2085 opp->config = htonl(opp->config);
2086 opp->state = htonl(opp->state);
2087 opp->curr = htonl(opp->curr);
2088 opp->advertised = htonl(opp->advertised);
2089 opp->supported = htonl(opp->supported);
2090 opp->peer = htonl(opp->peer);
2094 handle_echo_request(struct ofconn *ofconn, struct ofp_header *oh)
2096 struct ofp_header *rq = oh;
2097 queue_tx(make_echo_reply(rq), ofconn, ofconn->reply_counter);
2102 handle_features_request(struct ofproto *p, struct ofconn *ofconn,
2103 struct ofp_header *oh)
2105 struct ofp_switch_features *osf;
2107 unsigned int port_no;
2108 struct ofport *port;
2110 osf = make_openflow_xid(sizeof *osf, OFPT_FEATURES_REPLY, oh->xid, &buf);
2111 osf->datapath_id = htonll(p->datapath_id);
2112 osf->n_buffers = htonl(pktbuf_capacity());
2114 osf->capabilities = htonl(OFPC_FLOW_STATS | OFPC_TABLE_STATS |
2115 OFPC_PORT_STATS | OFPC_ARP_MATCH_IP);
2116 osf->actions = htonl((1u << OFPAT_OUTPUT) |
2117 (1u << OFPAT_SET_VLAN_VID) |
2118 (1u << OFPAT_SET_VLAN_PCP) |
2119 (1u << OFPAT_STRIP_VLAN) |
2120 (1u << OFPAT_SET_DL_SRC) |
2121 (1u << OFPAT_SET_DL_DST) |
2122 (1u << OFPAT_SET_NW_SRC) |
2123 (1u << OFPAT_SET_NW_DST) |
2124 (1u << OFPAT_SET_NW_TOS) |
2125 (1u << OFPAT_SET_TP_SRC) |
2126 (1u << OFPAT_SET_TP_DST));
2128 PORT_ARRAY_FOR_EACH (port, &p->ports, port_no) {
2129 hton_ofp_phy_port(ofpbuf_put(buf, &port->opp, sizeof port->opp));
2132 queue_tx(buf, ofconn, ofconn->reply_counter);
2137 handle_get_config_request(struct ofproto *p, struct ofconn *ofconn,
2138 struct ofp_header *oh)
2141 struct ofp_switch_config *osc;
2145 /* Figure out flags. */
2146 dpif_get_drop_frags(p->dpif, &drop_frags);
2147 flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL;
2150 osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf);
2151 osc->flags = htons(flags);
2152 osc->miss_send_len = htons(ofconn->miss_send_len);
2153 queue_tx(buf, ofconn, ofconn->reply_counter);
2159 handle_set_config(struct ofproto *p, struct ofconn *ofconn,
2160 struct ofp_switch_config *osc)
2165 error = check_ofp_message(&osc->header, OFPT_SET_CONFIG, sizeof *osc);
2169 flags = ntohs(osc->flags);
2171 if (ofconn->type == OFCONN_CONTROLLER && ofconn->role != NX_ROLE_SLAVE) {
2172 switch (flags & OFPC_FRAG_MASK) {
2173 case OFPC_FRAG_NORMAL:
2174 dpif_set_drop_frags(p->dpif, false);
2176 case OFPC_FRAG_DROP:
2177 dpif_set_drop_frags(p->dpif, true);
2180 VLOG_WARN_RL(&rl, "requested bad fragment mode (flags=%"PRIx16")",
2186 ofconn->miss_send_len = ntohs(osc->miss_send_len);
2192 add_output_group_action(struct odp_actions *actions, uint16_t group,
2193 uint16_t *nf_output_iface)
2195 odp_actions_add(actions, ODPAT_OUTPUT_GROUP)->output_group.group = group;
2197 if (group == DP_GROUP_ALL || group == DP_GROUP_FLOOD) {
2198 *nf_output_iface = NF_OUT_FLOOD;
2203 add_controller_action(struct odp_actions *actions,
2204 const struct ofp_action_output *oao)
2206 union odp_action *a = odp_actions_add(actions, ODPAT_CONTROLLER);
2207 a->controller.arg = oao->max_len ? ntohs(oao->max_len) : UINT32_MAX;
2210 struct action_xlate_ctx {
2212 flow_t flow; /* Flow to which these actions correspond. */
2213 int recurse; /* Recursion level, via xlate_table_action. */
2214 struct ofproto *ofproto;
2215 const struct ofpbuf *packet; /* The packet corresponding to 'flow', or a
2216 * null pointer if we are revalidating
2217 * without a packet to refer to. */
2220 struct odp_actions *out; /* Datapath actions. */
2221 tag_type *tags; /* Tags associated with OFPP_NORMAL actions. */
2222 bool may_set_up_flow; /* True ordinarily; false if the actions must
2223 * be reassessed for every packet. */
2224 uint16_t nf_output_iface; /* Output interface index for NetFlow. */
2227 static void do_xlate_actions(const union ofp_action *in, size_t n_in,
2228 struct action_xlate_ctx *ctx);
2231 add_output_action(struct action_xlate_ctx *ctx, uint16_t port)
2233 const struct ofport *ofport = port_array_get(&ctx->ofproto->ports, port);
2236 if (ofport->opp.config & OFPPC_NO_FWD) {
2237 /* Forwarding disabled on port. */
2242 * We don't have an ofport record for this port, but it doesn't hurt to
2243 * allow forwarding to it anyhow. Maybe such a port will appear later
2244 * and we're pre-populating the flow table.
2248 odp_actions_add(ctx->out, ODPAT_OUTPUT)->output.port = port;
2249 ctx->nf_output_iface = port;
2252 static struct rule *
2253 lookup_valid_rule(struct ofproto *ofproto, const flow_t *flow)
2256 rule = rule_from_cls_rule(classifier_lookup(&ofproto->cls, flow));
2258 /* The rule we found might not be valid, since we could be in need of
2259 * revalidation. If it is not valid, don't return it. */
2262 && ofproto->need_revalidate
2263 && !revalidate_rule(ofproto, rule)) {
2264 COVERAGE_INC(ofproto_invalidated);
2272 xlate_table_action(struct action_xlate_ctx *ctx, uint16_t in_port)
2274 if (!ctx->recurse) {
2275 uint16_t old_in_port;
2278 /* Look up a flow with 'in_port' as the input port. Then restore the
2279 * original input port (otherwise OFPP_NORMAL and OFPP_IN_PORT will
2280 * have surprising behavior). */
2281 old_in_port = ctx->flow.in_port;
2282 ctx->flow.in_port = in_port;
2283 rule = lookup_valid_rule(ctx->ofproto, &ctx->flow);
2284 ctx->flow.in_port = old_in_port;
2292 do_xlate_actions(rule->actions, rule->n_actions, ctx);
2299 xlate_output_action(struct action_xlate_ctx *ctx,
2300 const struct ofp_action_output *oao)
2303 uint16_t prev_nf_output_iface = ctx->nf_output_iface;
2305 ctx->nf_output_iface = NF_OUT_DROP;
2307 switch (ntohs(oao->port)) {
2309 add_output_action(ctx, ctx->flow.in_port);
2312 xlate_table_action(ctx, ctx->flow.in_port);
2315 if (!ctx->ofproto->ofhooks->normal_cb(&ctx->flow, ctx->packet,
2316 ctx->out, ctx->tags,
2317 &ctx->nf_output_iface,
2318 ctx->ofproto->aux)) {
2319 COVERAGE_INC(ofproto_uninstallable);
2320 ctx->may_set_up_flow = false;
2324 add_output_group_action(ctx->out, DP_GROUP_FLOOD,
2325 &ctx->nf_output_iface);
2328 add_output_group_action(ctx->out, DP_GROUP_ALL, &ctx->nf_output_iface);
2330 case OFPP_CONTROLLER:
2331 add_controller_action(ctx->out, oao);
2334 add_output_action(ctx, ODPP_LOCAL);
2337 odp_port = ofp_port_to_odp_port(ntohs(oao->port));
2338 if (odp_port != ctx->flow.in_port) {
2339 add_output_action(ctx, odp_port);
2344 if (prev_nf_output_iface == NF_OUT_FLOOD) {
2345 ctx->nf_output_iface = NF_OUT_FLOOD;
2346 } else if (ctx->nf_output_iface == NF_OUT_DROP) {
2347 ctx->nf_output_iface = prev_nf_output_iface;
2348 } else if (prev_nf_output_iface != NF_OUT_DROP &&
2349 ctx->nf_output_iface != NF_OUT_FLOOD) {
2350 ctx->nf_output_iface = NF_OUT_MULTI;
2355 xlate_nicira_action(struct action_xlate_ctx *ctx,
2356 const struct nx_action_header *nah)
2358 const struct nx_action_resubmit *nar;
2359 const struct nx_action_set_tunnel *nast;
2360 union odp_action *oa;
2361 int subtype = ntohs(nah->subtype);
2363 assert(nah->vendor == htonl(NX_VENDOR_ID));
2365 case NXAST_RESUBMIT:
2366 nar = (const struct nx_action_resubmit *) nah;
2367 xlate_table_action(ctx, ofp_port_to_odp_port(ntohs(nar->in_port)));
2370 case NXAST_SET_TUNNEL:
2371 nast = (const struct nx_action_set_tunnel *) nah;
2372 oa = odp_actions_add(ctx->out, ODPAT_SET_TUNNEL);
2373 ctx->flow.tun_id = oa->tunnel.tun_id = nast->tun_id;
2376 /* If you add a new action here that modifies flow data, don't forget to
2377 * update the flow key in ctx->flow in the same key. */
2380 VLOG_DBG_RL(&rl, "unknown Nicira action type %"PRIu16, subtype);
2386 do_xlate_actions(const union ofp_action *in, size_t n_in,
2387 struct action_xlate_ctx *ctx)
2389 struct actions_iterator iter;
2390 const union ofp_action *ia;
2391 const struct ofport *port;
2393 port = port_array_get(&ctx->ofproto->ports, ctx->flow.in_port);
2394 if (port && port->opp.config & (OFPPC_NO_RECV | OFPPC_NO_RECV_STP) &&
2395 port->opp.config & (eth_addr_equals(ctx->flow.dl_dst, stp_eth_addr)
2396 ? OFPPC_NO_RECV_STP : OFPPC_NO_RECV)) {
2397 /* Drop this flow. */
2401 for (ia = actions_first(&iter, in, n_in); ia; ia = actions_next(&iter)) {
2402 uint16_t type = ntohs(ia->type);
2403 union odp_action *oa;
2407 xlate_output_action(ctx, &ia->output);
2410 case OFPAT_SET_VLAN_VID:
2411 oa = odp_actions_add(ctx->out, ODPAT_SET_VLAN_VID);
2412 ctx->flow.dl_vlan = oa->vlan_vid.vlan_vid = ia->vlan_vid.vlan_vid;
2415 case OFPAT_SET_VLAN_PCP:
2416 oa = odp_actions_add(ctx->out, ODPAT_SET_VLAN_PCP);
2417 ctx->flow.dl_vlan_pcp = oa->vlan_pcp.vlan_pcp = ia->vlan_pcp.vlan_pcp;
2420 case OFPAT_STRIP_VLAN:
2421 odp_actions_add(ctx->out, ODPAT_STRIP_VLAN);
2422 ctx->flow.dl_vlan = OFP_VLAN_NONE;
2423 ctx->flow.dl_vlan_pcp = 0;
2426 case OFPAT_SET_DL_SRC:
2427 oa = odp_actions_add(ctx->out, ODPAT_SET_DL_SRC);
2428 memcpy(oa->dl_addr.dl_addr,
2429 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2430 memcpy(ctx->flow.dl_src,
2431 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2434 case OFPAT_SET_DL_DST:
2435 oa = odp_actions_add(ctx->out, ODPAT_SET_DL_DST);
2436 memcpy(oa->dl_addr.dl_addr,
2437 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2438 memcpy(ctx->flow.dl_dst,
2439 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2442 case OFPAT_SET_NW_SRC:
2443 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_SRC);
2444 ctx->flow.nw_src = oa->nw_addr.nw_addr = ia->nw_addr.nw_addr;
2447 case OFPAT_SET_NW_DST:
2448 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_DST);
2449 ctx->flow.nw_dst = oa->nw_addr.nw_addr = ia->nw_addr.nw_addr;
2452 case OFPAT_SET_NW_TOS:
2453 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_TOS);
2454 ctx->flow.nw_tos = oa->nw_tos.nw_tos = ia->nw_tos.nw_tos;
2457 case OFPAT_SET_TP_SRC:
2458 oa = odp_actions_add(ctx->out, ODPAT_SET_TP_SRC);
2459 ctx->flow.tp_src = oa->tp_port.tp_port = ia->tp_port.tp_port;
2462 case OFPAT_SET_TP_DST:
2463 oa = odp_actions_add(ctx->out, ODPAT_SET_TP_DST);
2464 ctx->flow.tp_dst = oa->tp_port.tp_port = ia->tp_port.tp_port;
2468 xlate_nicira_action(ctx, (const struct nx_action_header *) ia);
2472 VLOG_DBG_RL(&rl, "unknown action type %"PRIu16, type);
2479 xlate_actions(const union ofp_action *in, size_t n_in,
2480 const flow_t *flow, struct ofproto *ofproto,
2481 const struct ofpbuf *packet,
2482 struct odp_actions *out, tag_type *tags, bool *may_set_up_flow,
2483 uint16_t *nf_output_iface)
2485 tag_type no_tags = 0;
2486 struct action_xlate_ctx ctx;
2487 COVERAGE_INC(ofproto_ofp2odp);
2488 odp_actions_init(out);
2491 ctx.ofproto = ofproto;
2492 ctx.packet = packet;
2494 ctx.tags = tags ? tags : &no_tags;
2495 ctx.may_set_up_flow = true;
2496 ctx.nf_output_iface = NF_OUT_DROP;
2497 do_xlate_actions(in, n_in, &ctx);
2499 /* Check with in-band control to see if we're allowed to set up this
2501 if (!in_band_rule_check(ofproto->in_band, flow, out)) {
2502 ctx.may_set_up_flow = false;
2505 if (may_set_up_flow) {
2506 *may_set_up_flow = ctx.may_set_up_flow;
2508 if (nf_output_iface) {
2509 *nf_output_iface = ctx.nf_output_iface;
2511 if (odp_actions_overflow(out)) {
2512 odp_actions_init(out);
2513 return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_TOO_MANY);
2518 /* Checks whether 'ofconn' is a slave controller. If so, returns an OpenFlow
2519 * error message code (composed with ofp_mkerr()) for the caller to propagate
2520 * upward. Otherwise, returns 0.
2522 * 'oh' is used to make log messages more informative. */
2524 reject_slave_controller(struct ofconn *ofconn, const struct ofp_header *oh)
2526 if (ofconn->type == OFCONN_CONTROLLER && ofconn->role == NX_ROLE_SLAVE) {
2527 static struct vlog_rate_limit perm_rl = VLOG_RATE_LIMIT_INIT(1, 5);
2530 type_name = ofp_message_type_to_string(oh->type);
2531 VLOG_WARN_RL(&perm_rl, "rejecting %s message from slave controller",
2535 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
2542 handle_packet_out(struct ofproto *p, struct ofconn *ofconn,
2543 struct ofp_header *oh)
2545 struct ofp_packet_out *opo;
2546 struct ofpbuf payload, *buffer;
2547 struct odp_actions actions;
2553 error = reject_slave_controller(ofconn, oh);
2558 error = check_ofp_packet_out(oh, &payload, &n_actions, p->max_ports);
2562 opo = (struct ofp_packet_out *) oh;
2564 COVERAGE_INC(ofproto_packet_out);
2565 if (opo->buffer_id != htonl(UINT32_MAX)) {
2566 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(opo->buffer_id),
2568 if (error || !buffer) {
2576 flow_extract(&payload, 0, ofp_port_to_odp_port(ntohs(opo->in_port)), &flow);
2577 error = xlate_actions((const union ofp_action *) opo->actions, n_actions,
2578 &flow, p, &payload, &actions, NULL, NULL, NULL);
2583 dpif_execute(p->dpif, flow.in_port, actions.actions, actions.n_actions,
2585 ofpbuf_delete(buffer);
2591 update_port_config(struct ofproto *p, struct ofport *port,
2592 uint32_t config, uint32_t mask)
2594 mask &= config ^ port->opp.config;
2595 if (mask & OFPPC_PORT_DOWN) {
2596 if (config & OFPPC_PORT_DOWN) {
2597 netdev_turn_flags_off(port->netdev, NETDEV_UP, true);
2599 netdev_turn_flags_on(port->netdev, NETDEV_UP, true);
2602 #define REVALIDATE_BITS (OFPPC_NO_RECV | OFPPC_NO_RECV_STP | OFPPC_NO_FWD)
2603 if (mask & REVALIDATE_BITS) {
2604 COVERAGE_INC(ofproto_costly_flags);
2605 port->opp.config ^= mask & REVALIDATE_BITS;
2606 p->need_revalidate = true;
2608 #undef REVALIDATE_BITS
2609 if (mask & OFPPC_NO_FLOOD) {
2610 port->opp.config ^= OFPPC_NO_FLOOD;
2611 refresh_port_groups(p);
2613 if (mask & OFPPC_NO_PACKET_IN) {
2614 port->opp.config ^= OFPPC_NO_PACKET_IN;
2619 handle_port_mod(struct ofproto *p, struct ofconn *ofconn,
2620 struct ofp_header *oh)
2622 const struct ofp_port_mod *opm;
2623 struct ofport *port;
2626 error = reject_slave_controller(ofconn, oh);
2630 error = check_ofp_message(oh, OFPT_PORT_MOD, sizeof *opm);
2634 opm = (struct ofp_port_mod *) oh;
2636 port = port_array_get(&p->ports,
2637 ofp_port_to_odp_port(ntohs(opm->port_no)));
2639 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_PORT);
2640 } else if (memcmp(port->opp.hw_addr, opm->hw_addr, OFP_ETH_ALEN)) {
2641 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_HW_ADDR);
2643 update_port_config(p, port, ntohl(opm->config), ntohl(opm->mask));
2644 if (opm->advertise) {
2645 netdev_set_advertisements(port->netdev, ntohl(opm->advertise));
2651 static struct ofpbuf *
2652 make_stats_reply(uint32_t xid, uint16_t type, size_t body_len)
2654 struct ofp_stats_reply *osr;
2657 msg = ofpbuf_new(MIN(sizeof *osr + body_len, UINT16_MAX));
2658 osr = put_openflow_xid(sizeof *osr, OFPT_STATS_REPLY, xid, msg);
2660 osr->flags = htons(0);
2664 static struct ofpbuf *
2665 start_stats_reply(const struct ofp_stats_request *request, size_t body_len)
2667 return make_stats_reply(request->header.xid, request->type, body_len);
2671 append_stats_reply(size_t nbytes, struct ofconn *ofconn, struct ofpbuf **msgp)
2673 struct ofpbuf *msg = *msgp;
2674 assert(nbytes <= UINT16_MAX - sizeof(struct ofp_stats_reply));
2675 if (nbytes + msg->size > UINT16_MAX) {
2676 struct ofp_stats_reply *reply = msg->data;
2677 reply->flags = htons(OFPSF_REPLY_MORE);
2678 *msgp = make_stats_reply(reply->header.xid, reply->type, nbytes);
2679 queue_tx(msg, ofconn, ofconn->reply_counter);
2681 return ofpbuf_put_uninit(*msgp, nbytes);
2685 handle_desc_stats_request(struct ofproto *p, struct ofconn *ofconn,
2686 struct ofp_stats_request *request)
2688 struct ofp_desc_stats *ods;
2691 msg = start_stats_reply(request, sizeof *ods);
2692 ods = append_stats_reply(sizeof *ods, ofconn, &msg);
2693 memset(ods, 0, sizeof *ods);
2694 ovs_strlcpy(ods->mfr_desc, p->mfr_desc, sizeof ods->mfr_desc);
2695 ovs_strlcpy(ods->hw_desc, p->hw_desc, sizeof ods->hw_desc);
2696 ovs_strlcpy(ods->sw_desc, p->sw_desc, sizeof ods->sw_desc);
2697 ovs_strlcpy(ods->serial_num, p->serial_desc, sizeof ods->serial_num);
2698 ovs_strlcpy(ods->dp_desc, p->dp_desc, sizeof ods->dp_desc);
2699 queue_tx(msg, ofconn, ofconn->reply_counter);
2705 count_subrules(struct cls_rule *cls_rule, void *n_subrules_)
2707 struct rule *rule = rule_from_cls_rule(cls_rule);
2708 int *n_subrules = n_subrules_;
2716 handle_table_stats_request(struct ofproto *p, struct ofconn *ofconn,
2717 struct ofp_stats_request *request)
2719 struct ofp_table_stats *ots;
2721 struct odp_stats dpstats;
2722 int n_exact, n_subrules, n_wild;
2724 msg = start_stats_reply(request, sizeof *ots * 2);
2726 /* Count rules of various kinds. */
2728 classifier_for_each(&p->cls, CLS_INC_EXACT, count_subrules, &n_subrules);
2729 n_exact = classifier_count_exact(&p->cls) - n_subrules;
2730 n_wild = classifier_count(&p->cls) - classifier_count_exact(&p->cls);
2733 dpif_get_dp_stats(p->dpif, &dpstats);
2734 ots = append_stats_reply(sizeof *ots, ofconn, &msg);
2735 memset(ots, 0, sizeof *ots);
2736 ots->table_id = TABLEID_HASH;
2737 strcpy(ots->name, "hash");
2738 ots->wildcards = htonl(0);
2739 ots->max_entries = htonl(dpstats.max_capacity);
2740 ots->active_count = htonl(n_exact);
2741 ots->lookup_count = htonll(dpstats.n_frags + dpstats.n_hit +
2743 ots->matched_count = htonll(dpstats.n_hit); /* XXX */
2745 /* Classifier table. */
2746 ots = append_stats_reply(sizeof *ots, ofconn, &msg);
2747 memset(ots, 0, sizeof *ots);
2748 ots->table_id = TABLEID_CLASSIFIER;
2749 strcpy(ots->name, "classifier");
2750 ots->wildcards = p->tun_id_from_cookie ? htonl(OVSFW_ALL)
2752 ots->max_entries = htonl(65536);
2753 ots->active_count = htonl(n_wild);
2754 ots->lookup_count = htonll(0); /* XXX */
2755 ots->matched_count = htonll(0); /* XXX */
2757 queue_tx(msg, ofconn, ofconn->reply_counter);
2762 append_port_stat(struct ofport *port, uint16_t port_no, struct ofconn *ofconn,
2765 struct netdev_stats stats;
2766 struct ofp_port_stats *ops;
2768 /* Intentionally ignore return value, since errors will set
2769 * 'stats' to all-1s, which is correct for OpenFlow, and
2770 * netdev_get_stats() will log errors. */
2771 netdev_get_stats(port->netdev, &stats);
2773 ops = append_stats_reply(sizeof *ops, ofconn, &msg);
2774 ops->port_no = htons(odp_port_to_ofp_port(port_no));
2775 memset(ops->pad, 0, sizeof ops->pad);
2776 ops->rx_packets = htonll(stats.rx_packets);
2777 ops->tx_packets = htonll(stats.tx_packets);
2778 ops->rx_bytes = htonll(stats.rx_bytes);
2779 ops->tx_bytes = htonll(stats.tx_bytes);
2780 ops->rx_dropped = htonll(stats.rx_dropped);
2781 ops->tx_dropped = htonll(stats.tx_dropped);
2782 ops->rx_errors = htonll(stats.rx_errors);
2783 ops->tx_errors = htonll(stats.tx_errors);
2784 ops->rx_frame_err = htonll(stats.rx_frame_errors);
2785 ops->rx_over_err = htonll(stats.rx_over_errors);
2786 ops->rx_crc_err = htonll(stats.rx_crc_errors);
2787 ops->collisions = htonll(stats.collisions);
2791 handle_port_stats_request(struct ofproto *p, struct ofconn *ofconn,
2792 struct ofp_stats_request *osr,
2795 struct ofp_port_stats_request *psr;
2796 struct ofp_port_stats *ops;
2798 struct ofport *port;
2799 unsigned int port_no;
2801 if (arg_size != sizeof *psr) {
2802 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
2804 psr = (struct ofp_port_stats_request *) osr->body;
2806 msg = start_stats_reply(osr, sizeof *ops * 16);
2807 if (psr->port_no != htons(OFPP_NONE)) {
2808 port = port_array_get(&p->ports,
2809 ofp_port_to_odp_port(ntohs(psr->port_no)));
2811 append_port_stat(port, ntohs(psr->port_no), ofconn, msg);
2814 PORT_ARRAY_FOR_EACH (port, &p->ports, port_no) {
2815 append_port_stat(port, port_no, ofconn, msg);
2819 queue_tx(msg, ofconn, ofconn->reply_counter);
2823 struct flow_stats_cbdata {
2824 struct ofproto *ofproto;
2825 struct ofconn *ofconn;
2830 /* Obtains statistic counters for 'rule' within 'p' and stores them into
2831 * '*packet_countp' and '*byte_countp'. If 'rule' is a wildcarded rule, the
2832 * returned statistic include statistics for all of 'rule''s subrules. */
2834 query_stats(struct ofproto *p, struct rule *rule,
2835 uint64_t *packet_countp, uint64_t *byte_countp)
2837 uint64_t packet_count, byte_count;
2838 struct rule *subrule;
2839 struct odp_flow *odp_flows;
2842 /* Start from historical data for 'rule' itself that are no longer tracked
2843 * by the datapath. This counts, for example, subrules that have
2845 packet_count = rule->packet_count;
2846 byte_count = rule->byte_count;
2848 /* Prepare to ask the datapath for statistics on 'rule', or if it is
2849 * wildcarded then on all of its subrules.
2851 * Also, add any statistics that are not tracked by the datapath for each
2852 * subrule. This includes, for example, statistics for packets that were
2853 * executed "by hand" by ofproto via dpif_execute() but must be accounted
2855 n_odp_flows = rule->cr.wc.wildcards ? list_size(&rule->list) : 1;
2856 odp_flows = xzalloc(n_odp_flows * sizeof *odp_flows);
2857 if (rule->cr.wc.wildcards) {
2859 LIST_FOR_EACH (subrule, struct rule, list, &rule->list) {
2860 odp_flows[i++].key = subrule->cr.flow;
2861 packet_count += subrule->packet_count;
2862 byte_count += subrule->byte_count;
2865 odp_flows[0].key = rule->cr.flow;
2868 /* Fetch up-to-date statistics from the datapath and add them in. */
2869 if (!dpif_flow_get_multiple(p->dpif, odp_flows, n_odp_flows)) {
2871 for (i = 0; i < n_odp_flows; i++) {
2872 struct odp_flow *odp_flow = &odp_flows[i];
2873 packet_count += odp_flow->stats.n_packets;
2874 byte_count += odp_flow->stats.n_bytes;
2879 /* Return the stats to the caller. */
2880 *packet_countp = packet_count;
2881 *byte_countp = byte_count;
2885 flow_stats_cb(struct cls_rule *rule_, void *cbdata_)
2887 struct rule *rule = rule_from_cls_rule(rule_);
2888 struct flow_stats_cbdata *cbdata = cbdata_;
2889 struct ofp_flow_stats *ofs;
2890 uint64_t packet_count, byte_count;
2891 size_t act_len, len;
2892 long long int tdiff = time_msec() - rule->created;
2893 uint32_t sec = tdiff / 1000;
2894 uint32_t msec = tdiff - (sec * 1000);
2896 if (rule_is_hidden(rule) || !rule_has_out_port(rule, cbdata->out_port)) {
2900 act_len = sizeof *rule->actions * rule->n_actions;
2901 len = offsetof(struct ofp_flow_stats, actions) + act_len;
2903 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
2905 ofs = append_stats_reply(len, cbdata->ofconn, &cbdata->msg);
2906 ofs->length = htons(len);
2907 ofs->table_id = rule->cr.wc.wildcards ? TABLEID_CLASSIFIER : TABLEID_HASH;
2909 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards,
2910 cbdata->ofproto->tun_id_from_cookie, &ofs->match);
2911 ofs->duration_sec = htonl(sec);
2912 ofs->duration_nsec = htonl(msec * 1000000);
2913 ofs->cookie = rule->flow_cookie;
2914 ofs->priority = htons(rule->cr.priority);
2915 ofs->idle_timeout = htons(rule->idle_timeout);
2916 ofs->hard_timeout = htons(rule->hard_timeout);
2917 memset(ofs->pad2, 0, sizeof ofs->pad2);
2918 ofs->packet_count = htonll(packet_count);
2919 ofs->byte_count = htonll(byte_count);
2920 memcpy(ofs->actions, rule->actions, act_len);
2924 table_id_to_include(uint8_t table_id)
2926 return (table_id == TABLEID_HASH ? CLS_INC_EXACT
2927 : table_id == TABLEID_CLASSIFIER ? CLS_INC_WILD
2928 : table_id == 0xff ? CLS_INC_ALL
2933 handle_flow_stats_request(struct ofproto *p, struct ofconn *ofconn,
2934 const struct ofp_stats_request *osr,
2937 struct ofp_flow_stats_request *fsr;
2938 struct flow_stats_cbdata cbdata;
2939 struct cls_rule target;
2941 if (arg_size != sizeof *fsr) {
2942 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
2944 fsr = (struct ofp_flow_stats_request *) osr->body;
2946 COVERAGE_INC(ofproto_flows_req);
2948 cbdata.ofconn = ofconn;
2949 cbdata.out_port = fsr->out_port;
2950 cbdata.msg = start_stats_reply(osr, 1024);
2951 cls_rule_from_match(&fsr->match, 0, false, 0, &target);
2952 classifier_for_each_match(&p->cls, &target,
2953 table_id_to_include(fsr->table_id),
2954 flow_stats_cb, &cbdata);
2955 queue_tx(cbdata.msg, ofconn, ofconn->reply_counter);
2959 struct flow_stats_ds_cbdata {
2960 struct ofproto *ofproto;
2965 flow_stats_ds_cb(struct cls_rule *rule_, void *cbdata_)
2967 struct rule *rule = rule_from_cls_rule(rule_);
2968 struct flow_stats_ds_cbdata *cbdata = cbdata_;
2969 struct ds *results = cbdata->results;
2970 struct ofp_match match;
2971 uint64_t packet_count, byte_count;
2972 size_t act_len = sizeof *rule->actions * rule->n_actions;
2974 /* Don't report on subrules. */
2975 if (rule->super != NULL) {
2979 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
2980 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards,
2981 cbdata->ofproto->tun_id_from_cookie, &match);
2983 ds_put_format(results, "duration=%llds, ",
2984 (time_msec() - rule->created) / 1000);
2985 ds_put_format(results, "priority=%u, ", rule->cr.priority);
2986 ds_put_format(results, "n_packets=%"PRIu64", ", packet_count);
2987 ds_put_format(results, "n_bytes=%"PRIu64", ", byte_count);
2988 ofp_print_match(results, &match, true);
2989 ofp_print_actions(results, &rule->actions->header, act_len);
2990 ds_put_cstr(results, "\n");
2993 /* Adds a pretty-printed description of all flows to 'results', including
2994 * those marked hidden by secchan (e.g., by in-band control). */
2996 ofproto_get_all_flows(struct ofproto *p, struct ds *results)
2998 struct ofp_match match;
2999 struct cls_rule target;
3000 struct flow_stats_ds_cbdata cbdata;
3002 memset(&match, 0, sizeof match);
3003 match.wildcards = htonl(OVSFW_ALL);
3006 cbdata.results = results;
3008 cls_rule_from_match(&match, 0, false, 0, &target);
3009 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3010 flow_stats_ds_cb, &cbdata);
3013 struct aggregate_stats_cbdata {
3014 struct ofproto *ofproto;
3016 uint64_t packet_count;
3017 uint64_t byte_count;
3022 aggregate_stats_cb(struct cls_rule *rule_, void *cbdata_)
3024 struct rule *rule = rule_from_cls_rule(rule_);
3025 struct aggregate_stats_cbdata *cbdata = cbdata_;
3026 uint64_t packet_count, byte_count;
3028 if (rule_is_hidden(rule) || !rule_has_out_port(rule, cbdata->out_port)) {
3032 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
3034 cbdata->packet_count += packet_count;
3035 cbdata->byte_count += byte_count;
3040 handle_aggregate_stats_request(struct ofproto *p, struct ofconn *ofconn,
3041 const struct ofp_stats_request *osr,
3044 struct ofp_aggregate_stats_request *asr;
3045 struct ofp_aggregate_stats_reply *reply;
3046 struct aggregate_stats_cbdata cbdata;
3047 struct cls_rule target;
3050 if (arg_size != sizeof *asr) {
3051 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3053 asr = (struct ofp_aggregate_stats_request *) osr->body;
3055 COVERAGE_INC(ofproto_agg_request);
3057 cbdata.out_port = asr->out_port;
3058 cbdata.packet_count = 0;
3059 cbdata.byte_count = 0;
3061 cls_rule_from_match(&asr->match, 0, false, 0, &target);
3062 classifier_for_each_match(&p->cls, &target,
3063 table_id_to_include(asr->table_id),
3064 aggregate_stats_cb, &cbdata);
3066 msg = start_stats_reply(osr, sizeof *reply);
3067 reply = append_stats_reply(sizeof *reply, ofconn, &msg);
3068 reply->flow_count = htonl(cbdata.n_flows);
3069 reply->packet_count = htonll(cbdata.packet_count);
3070 reply->byte_count = htonll(cbdata.byte_count);
3071 queue_tx(msg, ofconn, ofconn->reply_counter);
3076 handle_stats_request(struct ofproto *p, struct ofconn *ofconn,
3077 struct ofp_header *oh)
3079 struct ofp_stats_request *osr;
3083 error = check_ofp_message_array(oh, OFPT_STATS_REQUEST, sizeof *osr,
3088 osr = (struct ofp_stats_request *) oh;
3090 switch (ntohs(osr->type)) {
3092 return handle_desc_stats_request(p, ofconn, osr);
3095 return handle_flow_stats_request(p, ofconn, osr, arg_size);
3097 case OFPST_AGGREGATE:
3098 return handle_aggregate_stats_request(p, ofconn, osr, arg_size);
3101 return handle_table_stats_request(p, ofconn, osr);
3104 return handle_port_stats_request(p, ofconn, osr, arg_size);
3107 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR);
3110 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_STAT);
3114 static long long int
3115 msec_from_nsec(uint64_t sec, uint32_t nsec)
3117 return !sec ? 0 : sec * 1000 + nsec / 1000000;
3121 update_time(struct ofproto *ofproto, struct rule *rule,
3122 const struct odp_flow_stats *stats)
3124 long long int used = msec_from_nsec(stats->used_sec, stats->used_nsec);
3125 if (used > rule->used) {
3127 if (rule->super && used > rule->super->used) {
3128 rule->super->used = used;
3130 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, used);
3135 update_stats(struct ofproto *ofproto, struct rule *rule,
3136 const struct odp_flow_stats *stats)
3138 if (stats->n_packets) {
3139 update_time(ofproto, rule, stats);
3140 rule->packet_count += stats->n_packets;
3141 rule->byte_count += stats->n_bytes;
3142 netflow_flow_update_flags(&rule->nf_flow, stats->ip_tos,
3147 /* Implements OFPFC_ADD and the cases for OFPFC_MODIFY and OFPFC_MODIFY_STRICT
3148 * in which no matching flow already exists in the flow table.
3150 * Adds the flow specified by 'ofm', which is followed by 'n_actions'
3151 * ofp_actions, to 'p''s flow table. Returns 0 on success or an OpenFlow error
3152 * code as encoded by ofp_mkerr() on failure.
3154 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3157 add_flow(struct ofproto *p, struct ofconn *ofconn,
3158 const struct ofp_flow_mod *ofm, size_t n_actions)
3160 struct ofpbuf *packet;
3165 if (ofm->flags & htons(OFPFF_CHECK_OVERLAP)) {
3169 flow_from_match(&ofm->match, p->tun_id_from_cookie, ofm->cookie,
3171 if (classifier_rule_overlaps(&p->cls, &flow, wildcards,
3172 ntohs(ofm->priority))) {
3173 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_OVERLAP);
3177 rule = rule_create(p, NULL, (const union ofp_action *) ofm->actions,
3178 n_actions, ntohs(ofm->idle_timeout),
3179 ntohs(ofm->hard_timeout), ofm->cookie,
3180 ofm->flags & htons(OFPFF_SEND_FLOW_REM));
3181 cls_rule_from_match(&ofm->match, ntohs(ofm->priority),
3182 p->tun_id_from_cookie, ofm->cookie, &rule->cr);
3185 if (ofm->buffer_id != htonl(UINT32_MAX)) {
3186 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(ofm->buffer_id),
3190 in_port = UINT16_MAX;
3193 rule_insert(p, rule, packet, in_port);
3194 ofpbuf_delete(packet);
3198 static struct rule *
3199 find_flow_strict(struct ofproto *p, const struct ofp_flow_mod *ofm)
3204 flow_from_match(&ofm->match, p->tun_id_from_cookie, ofm->cookie,
3206 return rule_from_cls_rule(classifier_find_rule_exactly(
3207 &p->cls, &flow, wildcards,
3208 ntohs(ofm->priority)));
3212 send_buffered_packet(struct ofproto *ofproto, struct ofconn *ofconn,
3213 struct rule *rule, const struct ofp_flow_mod *ofm)
3215 struct ofpbuf *packet;
3220 if (ofm->buffer_id == htonl(UINT32_MAX)) {
3224 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(ofm->buffer_id),
3230 flow_extract(packet, 0, in_port, &flow);
3231 rule_execute(ofproto, rule, packet, &flow);
3232 ofpbuf_delete(packet);
3237 /* OFPFC_MODIFY and OFPFC_MODIFY_STRICT. */
3239 struct modify_flows_cbdata {
3240 struct ofproto *ofproto;
3241 const struct ofp_flow_mod *ofm;
3246 static int modify_flow(struct ofproto *, const struct ofp_flow_mod *,
3247 size_t n_actions, struct rule *);
3248 static void modify_flows_cb(struct cls_rule *, void *cbdata_);
3250 /* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code as
3251 * encoded by ofp_mkerr() on failure.
3253 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3256 modify_flows_loose(struct ofproto *p, struct ofconn *ofconn,
3257 const struct ofp_flow_mod *ofm, size_t n_actions)
3259 struct modify_flows_cbdata cbdata;
3260 struct cls_rule target;
3264 cbdata.n_actions = n_actions;
3265 cbdata.match = NULL;
3267 cls_rule_from_match(&ofm->match, 0, p->tun_id_from_cookie, ofm->cookie,
3270 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3271 modify_flows_cb, &cbdata);
3273 /* This credits the packet to whichever flow happened to happened to
3274 * match last. That's weird. Maybe we should do a lookup for the
3275 * flow that actually matches the packet? Who knows. */
3276 send_buffered_packet(p, ofconn, cbdata.match, ofm);
3279 return add_flow(p, ofconn, ofm, n_actions);
3283 /* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error
3284 * code as encoded by ofp_mkerr() on failure.
3286 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3289 modify_flow_strict(struct ofproto *p, struct ofconn *ofconn,
3290 struct ofp_flow_mod *ofm, size_t n_actions)
3292 struct rule *rule = find_flow_strict(p, ofm);
3293 if (rule && !rule_is_hidden(rule)) {
3294 modify_flow(p, ofm, n_actions, rule);
3295 return send_buffered_packet(p, ofconn, rule, ofm);
3297 return add_flow(p, ofconn, ofm, n_actions);
3301 /* Callback for modify_flows_loose(). */
3303 modify_flows_cb(struct cls_rule *rule_, void *cbdata_)
3305 struct rule *rule = rule_from_cls_rule(rule_);
3306 struct modify_flows_cbdata *cbdata = cbdata_;
3308 if (!rule_is_hidden(rule)) {
3309 cbdata->match = rule;
3310 modify_flow(cbdata->ofproto, cbdata->ofm, cbdata->n_actions, rule);
3314 /* Implements core of OFPFC_MODIFY and OFPFC_MODIFY_STRICT where 'rule' has
3315 * been identified as a flow in 'p''s flow table to be modified, by changing
3316 * the rule's actions to match those in 'ofm' (which is followed by 'n_actions'
3317 * ofp_action[] structures). */
3319 modify_flow(struct ofproto *p, const struct ofp_flow_mod *ofm,
3320 size_t n_actions, struct rule *rule)
3322 size_t actions_len = n_actions * sizeof *rule->actions;
3324 rule->flow_cookie = ofm->cookie;
3326 /* If the actions are the same, do nothing. */
3327 if (n_actions == rule->n_actions
3328 && !memcmp(ofm->actions, rule->actions, actions_len))
3333 /* Replace actions. */
3334 free(rule->actions);
3335 rule->actions = xmemdup(ofm->actions, actions_len);
3336 rule->n_actions = n_actions;
3338 /* Make sure that the datapath gets updated properly. */
3339 if (rule->cr.wc.wildcards) {
3340 COVERAGE_INC(ofproto_mod_wc_flow);
3341 p->need_revalidate = true;
3343 rule_update_actions(p, rule);
3349 /* OFPFC_DELETE implementation. */
3351 struct delete_flows_cbdata {
3352 struct ofproto *ofproto;
3356 static void delete_flows_cb(struct cls_rule *, void *cbdata_);
3357 static void delete_flow(struct ofproto *, struct rule *, uint16_t out_port);
3359 /* Implements OFPFC_DELETE. */
3361 delete_flows_loose(struct ofproto *p, const struct ofp_flow_mod *ofm)
3363 struct delete_flows_cbdata cbdata;
3364 struct cls_rule target;
3367 cbdata.out_port = ofm->out_port;
3369 cls_rule_from_match(&ofm->match, 0, p->tun_id_from_cookie, ofm->cookie,
3372 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3373 delete_flows_cb, &cbdata);
3376 /* Implements OFPFC_DELETE_STRICT. */
3378 delete_flow_strict(struct ofproto *p, struct ofp_flow_mod *ofm)
3380 struct rule *rule = find_flow_strict(p, ofm);
3382 delete_flow(p, rule, ofm->out_port);
3386 /* Callback for delete_flows_loose(). */
3388 delete_flows_cb(struct cls_rule *rule_, void *cbdata_)
3390 struct rule *rule = rule_from_cls_rule(rule_);
3391 struct delete_flows_cbdata *cbdata = cbdata_;
3393 delete_flow(cbdata->ofproto, rule, cbdata->out_port);
3396 /* Implements core of OFPFC_DELETE and OFPFC_DELETE_STRICT where 'rule' has
3397 * been identified as a flow to delete from 'p''s flow table, by deleting the
3398 * flow and sending out a OFPT_FLOW_REMOVED message to any interested
3401 * Will not delete 'rule' if it is hidden. Will delete 'rule' only if
3402 * 'out_port' is htons(OFPP_NONE) or if 'rule' actually outputs to the
3403 * specified 'out_port'. */
3405 delete_flow(struct ofproto *p, struct rule *rule, uint16_t out_port)
3407 if (rule_is_hidden(rule)) {
3411 if (out_port != htons(OFPP_NONE) && !rule_has_out_port(rule, out_port)) {
3415 send_flow_removed(p, rule, time_msec(), OFPRR_DELETE);
3416 rule_remove(p, rule);
3420 handle_flow_mod(struct ofproto *p, struct ofconn *ofconn,
3421 struct ofp_flow_mod *ofm)
3426 error = reject_slave_controller(ofconn, &ofm->header);
3430 error = check_ofp_message_array(&ofm->header, OFPT_FLOW_MOD, sizeof *ofm,
3431 sizeof *ofm->actions, &n_actions);
3436 /* We do not support the emergency flow cache. It will hopefully
3437 * get dropped from OpenFlow in the near future. */
3438 if (ofm->flags & htons(OFPFF_EMERG)) {
3439 /* There isn't a good fit for an error code, so just state that the
3440 * flow table is full. */
3441 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_ALL_TABLES_FULL);
3444 normalize_match(&ofm->match);
3445 if (!ofm->match.wildcards) {
3446 ofm->priority = htons(UINT16_MAX);
3449 error = validate_actions((const union ofp_action *) ofm->actions,
3450 n_actions, p->max_ports);
3455 switch (ntohs(ofm->command)) {
3457 return add_flow(p, ofconn, ofm, n_actions);
3460 return modify_flows_loose(p, ofconn, ofm, n_actions);
3462 case OFPFC_MODIFY_STRICT:
3463 return modify_flow_strict(p, ofconn, ofm, n_actions);
3466 delete_flows_loose(p, ofm);
3469 case OFPFC_DELETE_STRICT:
3470 delete_flow_strict(p, ofm);
3474 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_BAD_COMMAND);
3479 handle_tun_id_from_cookie(struct ofproto *p, struct nxt_tun_id_cookie *msg)
3483 error = check_ofp_message(&msg->header, OFPT_VENDOR, sizeof *msg);
3488 p->tun_id_from_cookie = !!msg->set;
3493 handle_role_request(struct ofproto *ofproto,
3494 struct ofconn *ofconn, struct nicira_header *msg)
3496 struct nx_role_request *nrr;
3497 struct nx_role_request *reply;
3501 if (ntohs(msg->header.length) != sizeof *nrr) {
3502 VLOG_WARN_RL(&rl, "received role request of length %zu (expected %zu)",
3503 ntohs(msg->header.length), sizeof *nrr);
3504 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3506 nrr = (struct nx_role_request *) msg;
3508 if (ofconn->type != OFCONN_CONTROLLER) {
3509 VLOG_WARN_RL(&rl, "ignoring role request on non-controller "
3511 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
3514 role = ntohl(nrr->role);
3515 if (role != NX_ROLE_OTHER && role != NX_ROLE_MASTER
3516 && role != NX_ROLE_SLAVE) {
3517 VLOG_WARN_RL(&rl, "received request for unknown role %"PRIu32, role);
3519 /* There's no good error code for this. */
3520 return ofp_mkerr(OFPET_BAD_REQUEST, -1);
3523 if (role == NX_ROLE_MASTER) {
3524 struct ofconn *other;
3526 HMAP_FOR_EACH (other, struct ofconn, hmap_node,
3527 &ofproto->controllers) {
3528 if (other->role == NX_ROLE_MASTER) {
3529 other->role = NX_ROLE_SLAVE;
3533 ofconn->role = role;
3535 reply = make_openflow_xid(sizeof *reply, OFPT_VENDOR, msg->header.xid,
3537 reply->nxh.vendor = htonl(NX_VENDOR_ID);
3538 reply->nxh.subtype = htonl(NXT_ROLE_REPLY);
3539 reply->role = htonl(role);
3540 queue_tx(buf, ofconn, ofconn->reply_counter);
3546 handle_vendor(struct ofproto *p, struct ofconn *ofconn, void *msg)
3548 struct ofp_vendor_header *ovh = msg;
3549 struct nicira_header *nh;
3551 if (ntohs(ovh->header.length) < sizeof(struct ofp_vendor_header)) {
3552 VLOG_WARN_RL(&rl, "received vendor message of length %zu "
3553 "(expected at least %zu)",
3554 ntohs(ovh->header.length), sizeof(struct ofp_vendor_header));
3555 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3557 if (ovh->vendor != htonl(NX_VENDOR_ID)) {
3558 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR);
3560 if (ntohs(ovh->header.length) < sizeof(struct nicira_header)) {
3561 VLOG_WARN_RL(&rl, "received Nicira vendor message of length %zu "
3562 "(expected at least %zu)",
3563 ntohs(ovh->header.length), sizeof(struct nicira_header));
3564 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3568 switch (ntohl(nh->subtype)) {
3569 case NXT_STATUS_REQUEST:
3570 return switch_status_handle_request(p->switch_status, ofconn->rconn,
3573 case NXT_TUN_ID_FROM_COOKIE:
3574 return handle_tun_id_from_cookie(p, msg);
3576 case NXT_ROLE_REQUEST:
3577 return handle_role_request(p, ofconn, msg);
3580 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_SUBTYPE);
3584 handle_barrier_request(struct ofconn *ofconn, struct ofp_header *oh)
3586 struct ofp_header *ob;
3589 /* Currently, everything executes synchronously, so we can just
3590 * immediately send the barrier reply. */
3591 ob = make_openflow_xid(sizeof *ob, OFPT_BARRIER_REPLY, oh->xid, &buf);
3592 queue_tx(buf, ofconn, ofconn->reply_counter);
3597 handle_openflow(struct ofconn *ofconn, struct ofproto *p,
3598 struct ofpbuf *ofp_msg)
3600 struct ofp_header *oh = ofp_msg->data;
3603 COVERAGE_INC(ofproto_recv_openflow);
3605 case OFPT_ECHO_REQUEST:
3606 error = handle_echo_request(ofconn, oh);
3609 case OFPT_ECHO_REPLY:
3613 case OFPT_FEATURES_REQUEST:
3614 error = handle_features_request(p, ofconn, oh);
3617 case OFPT_GET_CONFIG_REQUEST:
3618 error = handle_get_config_request(p, ofconn, oh);
3621 case OFPT_SET_CONFIG:
3622 error = handle_set_config(p, ofconn, ofp_msg->data);
3625 case OFPT_PACKET_OUT:
3626 error = handle_packet_out(p, ofconn, ofp_msg->data);
3630 error = handle_port_mod(p, ofconn, oh);
3634 error = handle_flow_mod(p, ofconn, ofp_msg->data);
3637 case OFPT_STATS_REQUEST:
3638 error = handle_stats_request(p, ofconn, oh);
3642 error = handle_vendor(p, ofconn, ofp_msg->data);
3645 case OFPT_BARRIER_REQUEST:
3646 error = handle_barrier_request(ofconn, oh);
3650 if (VLOG_IS_WARN_ENABLED()) {
3651 char *s = ofp_to_string(oh, ntohs(oh->length), 2);
3652 VLOG_DBG_RL(&rl, "OpenFlow message ignored: %s", s);
3655 error = ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_TYPE);
3660 send_error_oh(ofconn, ofp_msg->data, error);
3665 handle_odp_miss_msg(struct ofproto *p, struct ofpbuf *packet)
3667 struct odp_msg *msg = packet->data;
3669 struct ofpbuf payload;
3672 payload.data = msg + 1;
3673 payload.size = msg->length - sizeof *msg;
3674 flow_extract(&payload, msg->arg, msg->port, &flow);
3676 /* Check with in-band control to see if this packet should be sent
3677 * to the local port regardless of the flow table. */
3678 if (in_band_msg_in_hook(p->in_band, &flow, &payload)) {
3679 union odp_action action;
3681 memset(&action, 0, sizeof(action));
3682 action.output.type = ODPAT_OUTPUT;
3683 action.output.port = ODPP_LOCAL;
3684 dpif_execute(p->dpif, flow.in_port, &action, 1, &payload);
3687 rule = lookup_valid_rule(p, &flow);
3689 /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */
3690 struct ofport *port = port_array_get(&p->ports, msg->port);
3692 if (port->opp.config & OFPPC_NO_PACKET_IN) {
3693 COVERAGE_INC(ofproto_no_packet_in);
3694 /* XXX install 'drop' flow entry */
3695 ofpbuf_delete(packet);
3699 VLOG_WARN_RL(&rl, "packet-in on unknown port %"PRIu16, msg->port);
3702 COVERAGE_INC(ofproto_packet_in);
3703 send_packet_in(p, packet);
3707 if (rule->cr.wc.wildcards) {
3708 rule = rule_create_subrule(p, rule, &flow);
3709 rule_make_actions(p, rule, packet);
3711 if (!rule->may_install) {
3712 /* The rule is not installable, that is, we need to process every
3713 * packet, so process the current packet and set its actions into
3715 rule_make_actions(p, rule, packet);
3717 /* XXX revalidate rule if it needs it */
3721 rule_execute(p, rule, &payload, &flow);
3722 rule_reinstall(p, rule);
3724 if (rule->super && rule->super->cr.priority == FAIL_OPEN_PRIORITY) {
3726 * Extra-special case for fail-open mode.
3728 * We are in fail-open mode and the packet matched the fail-open rule,
3729 * but we are connected to a controller too. We should send the packet
3730 * up to the controller in the hope that it will try to set up a flow
3731 * and thereby allow us to exit fail-open.
3733 * See the top-level comment in fail-open.c for more information.
3735 send_packet_in(p, packet);
3737 ofpbuf_delete(packet);
3742 handle_odp_msg(struct ofproto *p, struct ofpbuf *packet)
3744 struct odp_msg *msg = packet->data;
3746 switch (msg->type) {
3747 case _ODPL_ACTION_NR:
3748 COVERAGE_INC(ofproto_ctlr_action);
3749 send_packet_in(p, packet);
3752 case _ODPL_SFLOW_NR:
3754 ofproto_sflow_received(p->sflow, msg);
3756 ofpbuf_delete(packet);
3760 handle_odp_miss_msg(p, packet);
3764 VLOG_WARN_RL(&rl, "received ODP message of unexpected type %"PRIu32,
3771 revalidate_cb(struct cls_rule *sub_, void *cbdata_)
3773 struct rule *sub = rule_from_cls_rule(sub_);
3774 struct revalidate_cbdata *cbdata = cbdata_;
3776 if (cbdata->revalidate_all
3777 || (cbdata->revalidate_subrules && sub->super)
3778 || (tag_set_intersects(&cbdata->revalidate_set, sub->tags))) {
3779 revalidate_rule(cbdata->ofproto, sub);
3784 revalidate_rule(struct ofproto *p, struct rule *rule)
3786 const flow_t *flow = &rule->cr.flow;
3788 COVERAGE_INC(ofproto_revalidate_rule);
3791 super = rule_from_cls_rule(classifier_lookup_wild(&p->cls, flow));
3793 rule_remove(p, rule);
3795 } else if (super != rule->super) {
3796 COVERAGE_INC(ofproto_revalidate_moved);
3797 list_remove(&rule->list);
3798 list_push_back(&super->list, &rule->list);
3799 rule->super = super;
3800 rule->hard_timeout = super->hard_timeout;
3801 rule->idle_timeout = super->idle_timeout;
3802 rule->created = super->created;
3807 rule_update_actions(p, rule);
3811 static struct ofpbuf *
3812 compose_flow_removed(struct ofproto *p, const struct rule *rule,
3813 long long int now, uint8_t reason)
3815 struct ofp_flow_removed *ofr;
3817 long long int tdiff = now - rule->created;
3818 uint32_t sec = tdiff / 1000;
3819 uint32_t msec = tdiff - (sec * 1000);
3821 ofr = make_openflow(sizeof *ofr, OFPT_FLOW_REMOVED, &buf);
3822 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards, p->tun_id_from_cookie,
3824 ofr->cookie = rule->flow_cookie;
3825 ofr->priority = htons(rule->cr.priority);
3826 ofr->reason = reason;
3827 ofr->duration_sec = htonl(sec);
3828 ofr->duration_nsec = htonl(msec * 1000000);
3829 ofr->idle_timeout = htons(rule->idle_timeout);
3830 ofr->packet_count = htonll(rule->packet_count);
3831 ofr->byte_count = htonll(rule->byte_count);
3837 uninstall_idle_flow(struct ofproto *ofproto, struct rule *rule)
3839 assert(rule->installed);
3840 assert(!rule->cr.wc.wildcards);
3843 rule_remove(ofproto, rule);
3845 rule_uninstall(ofproto, rule);
3850 send_flow_removed(struct ofproto *p, struct rule *rule,
3851 long long int now, uint8_t reason)
3853 struct ofconn *ofconn;
3854 struct ofconn *prev;
3855 struct ofpbuf *buf = NULL;
3857 /* We limit the maximum number of queued flow expirations it by accounting
3858 * them under the counter for replies. That works because preventing
3859 * OpenFlow requests from being processed also prevents new flows from
3860 * being added (and expiring). (It also prevents processing OpenFlow
3861 * requests that would not add new flows, so it is imperfect.) */
3864 LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
3865 if (rule->send_flow_removed && rconn_is_connected(ofconn->rconn)
3866 && ofconn->role != NX_ROLE_SLAVE) {
3868 queue_tx(ofpbuf_clone(buf), prev, prev->reply_counter);
3870 buf = compose_flow_removed(p, rule, now, reason);
3876 queue_tx(buf, prev, prev->reply_counter);
3882 expire_rule(struct cls_rule *cls_rule, void *p_)
3884 struct ofproto *p = p_;
3885 struct rule *rule = rule_from_cls_rule(cls_rule);
3886 long long int hard_expire, idle_expire, expire, now;
3888 hard_expire = (rule->hard_timeout
3889 ? rule->created + rule->hard_timeout * 1000
3891 idle_expire = (rule->idle_timeout
3892 && (rule->super || list_is_empty(&rule->list))
3893 ? rule->used + rule->idle_timeout * 1000
3895 expire = MIN(hard_expire, idle_expire);
3899 if (rule->installed && now >= rule->used + 5000) {
3900 uninstall_idle_flow(p, rule);
3901 } else if (!rule->cr.wc.wildcards) {
3902 active_timeout(p, rule);
3908 COVERAGE_INC(ofproto_expired);
3910 /* Update stats. This code will be a no-op if the rule expired
3911 * due to an idle timeout. */
3912 if (rule->cr.wc.wildcards) {
3913 struct rule *subrule, *next;
3914 LIST_FOR_EACH_SAFE (subrule, next, struct rule, list, &rule->list) {
3915 rule_remove(p, subrule);
3918 rule_uninstall(p, rule);
3921 if (!rule_is_hidden(rule)) {
3922 send_flow_removed(p, rule, now,
3924 ? OFPRR_HARD_TIMEOUT : OFPRR_IDLE_TIMEOUT));
3926 rule_remove(p, rule);
3930 active_timeout(struct ofproto *ofproto, struct rule *rule)
3932 if (ofproto->netflow && !is_controller_rule(rule) &&
3933 netflow_active_timeout_expired(ofproto->netflow, &rule->nf_flow)) {
3934 struct ofexpired expired;
3935 struct odp_flow odp_flow;
3937 /* Get updated flow stats. */
3938 memset(&odp_flow, 0, sizeof odp_flow);
3939 if (rule->installed) {
3940 odp_flow.key = rule->cr.flow;
3941 odp_flow.flags = ODPFF_ZERO_TCP_FLAGS;
3942 dpif_flow_get(ofproto->dpif, &odp_flow);
3944 if (odp_flow.stats.n_packets) {
3945 update_time(ofproto, rule, &odp_flow.stats);
3946 netflow_flow_update_flags(&rule->nf_flow, odp_flow.stats.ip_tos,
3947 odp_flow.stats.tcp_flags);
3951 expired.flow = rule->cr.flow;
3952 expired.packet_count = rule->packet_count +
3953 odp_flow.stats.n_packets;
3954 expired.byte_count = rule->byte_count + odp_flow.stats.n_bytes;
3955 expired.used = rule->used;
3957 netflow_expire(ofproto->netflow, &rule->nf_flow, &expired);
3959 /* Schedule us to send the accumulated records once we have
3960 * collected all of them. */
3961 poll_immediate_wake();
3966 update_used(struct ofproto *p)
3968 struct odp_flow *flows;
3973 error = dpif_flow_list_all(p->dpif, &flows, &n_flows);
3978 for (i = 0; i < n_flows; i++) {
3979 struct odp_flow *f = &flows[i];
3982 rule = rule_from_cls_rule(
3983 classifier_find_rule_exactly(&p->cls, &f->key, 0, UINT16_MAX));
3984 if (!rule || !rule->installed) {
3985 COVERAGE_INC(ofproto_unexpected_rule);
3986 dpif_flow_del(p->dpif, f);
3990 update_time(p, rule, &f->stats);
3991 rule_account(p, rule, f->stats.n_bytes);
3997 do_send_packet_in(struct ofpbuf *packet, void *ofconn_)
3999 struct ofconn *ofconn = ofconn_;
4000 struct ofproto *ofproto = ofconn->ofproto;
4001 struct odp_msg *msg = packet->data;
4002 struct ofpbuf payload;
4007 /* Extract packet payload from 'msg'. */
4008 payload.data = msg + 1;
4009 payload.size = msg->length - sizeof *msg;
4011 /* Construct packet-in message. */
4013 if (msg->type == _ODPL_ACTION_NR) {
4014 buffer_id = UINT32_MAX;
4016 if (ofproto->fail_open && fail_open_is_active(ofproto->fail_open)) {
4017 buffer_id = pktbuf_get_null();
4019 buffer_id = pktbuf_save(ofconn->pktbuf, &payload, msg->port);
4021 if (buffer_id != UINT32_MAX) {
4022 send_len = ofconn->miss_send_len;
4025 opi = make_packet_in(buffer_id, odp_port_to_ofp_port(msg->port),
4026 msg->type, &payload, send_len);
4029 rconn_send_with_limit(ofconn->rconn, opi, ofconn->packet_in_counter, 100);
4031 ofpbuf_delete(packet);
4035 send_packet_in(struct ofproto *ofproto, struct ofpbuf *packet)
4037 struct odp_msg *msg = packet->data;
4038 struct ofconn *ofconn, *prev;
4040 assert(msg->type == _ODPL_MISS_NR || msg->type == _ODPL_ACTION_NR);
4043 LIST_FOR_EACH (ofconn, struct ofconn, node, &ofproto->all_conns) {
4044 if (ofconn->role != NX_ROLE_SLAVE) {
4046 pinsched_send(prev->schedulers[msg->type], msg->port,
4047 ofpbuf_clone(packet), do_send_packet_in, prev);
4053 pinsched_send(prev->schedulers[msg->type], msg->port,
4054 packet, do_send_packet_in, prev);
4056 ofpbuf_delete(packet);
4061 pick_datapath_id(const struct ofproto *ofproto)
4063 const struct ofport *port;
4065 port = port_array_get(&ofproto->ports, ODPP_LOCAL);
4067 uint8_t ea[ETH_ADDR_LEN];
4070 error = netdev_get_etheraddr(port->netdev, ea);
4072 return eth_addr_to_uint64(ea);
4074 VLOG_WARN("could not get MAC address for %s (%s)",
4075 netdev_get_name(port->netdev), strerror(error));
4077 return ofproto->fallback_dpid;
4081 pick_fallback_dpid(void)
4083 uint8_t ea[ETH_ADDR_LEN];
4084 eth_addr_nicira_random(ea);
4085 return eth_addr_to_uint64(ea);
4089 default_normal_ofhook_cb(const flow_t *flow, const struct ofpbuf *packet,
4090 struct odp_actions *actions, tag_type *tags,
4091 uint16_t *nf_output_iface, void *ofproto_)
4093 struct ofproto *ofproto = ofproto_;
4096 /* Drop frames for reserved multicast addresses. */
4097 if (eth_addr_is_reserved(flow->dl_dst)) {
4101 /* Learn source MAC (but don't try to learn from revalidation). */
4102 if (packet != NULL) {
4103 tag_type rev_tag = mac_learning_learn(ofproto->ml, flow->dl_src,
4106 /* The log messages here could actually be useful in debugging,
4107 * so keep the rate limit relatively high. */
4108 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300);
4109 VLOG_DBG_RL(&rl, "learned that "ETH_ADDR_FMT" is on port %"PRIu16,
4110 ETH_ADDR_ARGS(flow->dl_src), flow->in_port);
4111 ofproto_revalidate(ofproto, rev_tag);
4115 /* Determine output port. */
4116 out_port = mac_learning_lookup_tag(ofproto->ml, flow->dl_dst, 0, tags);
4118 add_output_group_action(actions, DP_GROUP_FLOOD, nf_output_iface);
4119 } else if (out_port != flow->in_port) {
4120 odp_actions_add(actions, ODPAT_OUTPUT)->output.port = out_port;
4121 *nf_output_iface = out_port;
4129 static const struct ofhooks default_ofhooks = {
4131 default_normal_ofhook_cb,
git://git.onelab.eu / sliver-openvswitch.git / blob