2 * Copyright (c) 2009, 2010, 2011 Nicira Networks.
3 * Copyright (c) 2010 Jean Tourrilhes - HP-Labs.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
22 #include <sys/socket.h>
24 #include <netinet/in.h>
30 #include "byte-order.h"
32 #include "classifier.h"
36 #include "dynamic-string.h"
37 #include "fail-open.h"
43 #include "mac-learning.h"
44 #include "multipath.h"
50 #include "ofp-print.h"
52 #include "ofproto-sflow.h"
54 #include "openflow/nicira-ext.h"
55 #include "openflow/openflow.h"
56 #include "openvswitch/datapath-protocol.h"
60 #include "poll-loop.h"
65 #include "stream-ssl.h"
69 #include "unaligned.h"
72 #include "vlan-bitmap.h"
75 VLOG_DEFINE_THIS_MODULE(ofproto);
77 COVERAGE_DEFINE(facet_changed_rule);
78 COVERAGE_DEFINE(facet_revalidate);
79 COVERAGE_DEFINE(odp_overflow);
80 COVERAGE_DEFINE(ofproto_agg_request);
81 COVERAGE_DEFINE(ofproto_costly_flags);
82 COVERAGE_DEFINE(ofproto_ctlr_action);
83 COVERAGE_DEFINE(ofproto_del_rule);
84 COVERAGE_DEFINE(ofproto_error);
85 COVERAGE_DEFINE(ofproto_expiration);
86 COVERAGE_DEFINE(ofproto_expired);
87 COVERAGE_DEFINE(ofproto_flows_req);
88 COVERAGE_DEFINE(ofproto_flush);
89 COVERAGE_DEFINE(ofproto_invalidated);
90 COVERAGE_DEFINE(ofproto_no_packet_in);
91 COVERAGE_DEFINE(ofproto_ofp2odp);
92 COVERAGE_DEFINE(ofproto_packet_in);
93 COVERAGE_DEFINE(ofproto_packet_out);
94 COVERAGE_DEFINE(ofproto_queue_req);
95 COVERAGE_DEFINE(ofproto_recv_openflow);
96 COVERAGE_DEFINE(ofproto_reinit_ports);
97 COVERAGE_DEFINE(ofproto_unexpected_rule);
98 COVERAGE_DEFINE(ofproto_uninstallable);
99 COVERAGE_DEFINE(ofproto_update_port);
101 /* Maximum depth of flow table recursion (due to NXAST_RESUBMIT actions) in a
102 * flow translation. */
103 #define MAX_RESUBMIT_RECURSION 16
107 #define MAX_MIRRORS 32
108 typedef uint32_t mirror_mask_t;
109 #define MIRROR_MASK_C(X) UINT32_C(X)
110 BUILD_ASSERT_DECL(sizeof(mirror_mask_t) * CHAR_BIT >= MAX_MIRRORS);
112 struct ofproto *ofproto; /* Owning ofproto. */
113 size_t idx; /* In ofproto's "mirrors" array. */
114 void *aux; /* Key supplied by ofproto's client. */
115 char *name; /* Identifier for log messages. */
117 /* Selection criteria. */
118 struct hmapx srcs; /* Contains "struct ofbundle *"s. */
119 struct hmapx dsts; /* Contains "struct ofbundle *"s. */
120 unsigned long *vlans; /* Bitmap of chosen VLANs, NULL selects all. */
122 /* Output (mutually exclusive). */
123 struct ofbundle *out; /* Output port or NULL. */
124 int out_vlan; /* Output VLAN or -1. */
127 static void ofproto_mirror_destroy(struct ofmirror *);
129 /* A group of one or more OpenFlow ports. */
130 #define OFBUNDLE_FLOOD ((struct ofbundle *) 1)
132 struct ofproto *ofproto; /* Owning ofproto. */
133 struct hmap_node hmap_node; /* In struct ofproto's "bundles" hmap. */
134 void *aux; /* Key supplied by ofproto's client. */
135 char *name; /* Identifier for log messages. */
138 struct list ports; /* Contains "struct ofport"s. */
139 int vlan; /* -1=trunk port, else a 12-bit VLAN ID. */
140 unsigned long *trunks; /* Bitmap of trunked VLANs, if 'vlan' == -1.
141 * NULL if all VLANs are trunked. */
142 struct lacp *lacp; /* LACP if LACP is enabled, otherwise NULL. */
143 struct bond *bond; /* Bonding setup if more than one port,
147 bool floodable; /* True if no port has OFPPC_NO_FLOOD set. */
149 /* Port mirroring info. */
150 mirror_mask_t src_mirrors; /* Mirrors triggered when packet received. */
151 mirror_mask_t dst_mirrors; /* Mirrors triggered when packet sent. */
152 mirror_mask_t mirror_out; /* Mirrors that output to this bundle. */
155 /* An OpenFlow port. */
157 struct ofproto *ofproto; /* Owning ofproto. */
158 struct hmap_node hmap_node; /* In struct ofproto's "ports" hmap. */
159 struct netdev *netdev;
160 struct ofp_phy_port opp;
164 struct ofbundle *bundle; /* Bundle that contains this port, if any. */
165 struct list bundle_node; /* In struct ofbundle's "ports" list. */
166 struct cfm *cfm; /* Connectivity Fault Management, if any. */
167 tag_type tag; /* Tag associated with this port. */
170 static void ofport_free(struct ofport *);
171 static void ofport_run(struct ofport *);
172 static void ofport_wait(struct ofport *);
174 struct action_xlate_ctx {
175 /* action_xlate_ctx_init() initializes these members. */
178 struct ofproto *ofproto;
180 /* Flow to which the OpenFlow actions apply. xlate_actions() will modify
181 * this flow when actions change header fields. */
184 /* The packet corresponding to 'flow', or a null pointer if we are
185 * revalidating without a packet to refer to. */
186 const struct ofpbuf *packet;
188 /* If nonnull, called just before executing a resubmit action.
190 * This is normally null so the client has to set it manually after
191 * calling action_xlate_ctx_init(). */
192 void (*resubmit_hook)(struct action_xlate_ctx *, struct rule *);
194 /* If true, the speciality of 'flow' should be checked before executing
195 * its actions. If special_cb returns false on 'flow' rendered
196 * uninstallable and no actions will be executed. */
199 /* xlate_actions() initializes and uses these members. The client might want
200 * to look at them after it returns. */
202 struct ofpbuf *odp_actions; /* Datapath actions. */
203 tag_type tags; /* Tags associated with OFPP_NORMAL actions. */
204 bool may_set_up_flow; /* True ordinarily; false if the actions must
205 * be reassessed for every packet. */
206 uint16_t nf_output_iface; /* Output interface index for NetFlow. */
208 /* xlate_actions() initializes and uses these members, but the client has no
209 * reason to look at them. */
211 int recurse; /* Recursion level, via xlate_table_action. */
212 int last_pop_priority; /* Offset in 'odp_actions' just past most
213 * recent ODP_ACTION_ATTR_SET_PRIORITY. */
216 static void action_xlate_ctx_init(struct action_xlate_ctx *,
217 struct ofproto *, const struct flow *,
218 const struct ofpbuf *);
219 static struct ofpbuf *xlate_actions(struct action_xlate_ctx *,
220 const union ofp_action *in, size_t n_in);
222 /* An OpenFlow flow. */
224 long long int used; /* Time last used; time created if not used. */
225 long long int created; /* Creation time. */
229 * - Do include packets and bytes from facets that have been deleted or
230 * whose own statistics have been folded into the rule.
232 * - Do include packets and bytes sent "by hand" that were accounted to
233 * the rule without any facet being involved (this is a rare corner
234 * case in rule_execute()).
236 * - Do not include packet or bytes that can be obtained from any facet's
237 * packet_count or byte_count member or that can be obtained from the
238 * datapath by, e.g., dpif_flow_get() for any facet.
240 uint64_t packet_count; /* Number of packets received. */
241 uint64_t byte_count; /* Number of bytes received. */
243 ovs_be64 flow_cookie; /* Controller-issued identifier. */
245 struct cls_rule cr; /* In owning ofproto's classifier. */
246 uint16_t idle_timeout; /* In seconds from time of last use. */
247 uint16_t hard_timeout; /* In seconds from time of creation. */
248 bool send_flow_removed; /* Send a flow removed message? */
249 int n_actions; /* Number of elements in actions[]. */
250 union ofp_action *actions; /* OpenFlow actions. */
251 struct list facets; /* List of "struct facet"s. */
254 static struct rule *rule_from_cls_rule(const struct cls_rule *);
255 static bool rule_is_hidden(const struct rule *);
257 static struct rule *rule_create(const struct cls_rule *,
258 const union ofp_action *, size_t n_actions,
259 uint16_t idle_timeout, uint16_t hard_timeout,
260 ovs_be64 flow_cookie, bool send_flow_removed);
261 static void rule_destroy(struct ofproto *, struct rule *);
262 static void rule_free(struct rule *);
264 static struct rule *rule_lookup(struct ofproto *, const struct flow *);
265 static void rule_insert(struct ofproto *, struct rule *);
266 static void rule_remove(struct ofproto *, struct rule *);
268 static void rule_send_removed(struct ofproto *, struct rule *, uint8_t reason);
269 static void rule_get_stats(const struct rule *, uint64_t *packets,
272 /* An exact-match instantiation of an OpenFlow flow. */
274 long long int used; /* Time last used; time created if not used. */
278 * - Do include packets and bytes sent "by hand", e.g. with
281 * - Do include packets and bytes that were obtained from the datapath
282 * when a flow was deleted (e.g. dpif_flow_del()) or when its
283 * statistics were reset (e.g. dpif_flow_put() with
284 * DPIF_FP_ZERO_STATS).
286 * - Do not include any packets or bytes that can currently be obtained
287 * from the datapath by, e.g., dpif_flow_get().
289 uint64_t packet_count; /* Number of packets received. */
290 uint64_t byte_count; /* Number of bytes received. */
292 uint64_t dp_packet_count; /* Last known packet count in the datapath. */
293 uint64_t dp_byte_count; /* Last known byte count in the datapath. */
295 uint64_t rs_packet_count; /* Packets pushed to resubmit children. */
296 uint64_t rs_byte_count; /* Bytes pushed to resubmit children. */
297 long long int rs_used; /* Used time pushed to resubmit children. */
299 /* Number of bytes passed to account_cb. This may include bytes that can
300 * currently obtained from the datapath (thus, it can be greater than
302 uint64_t accounted_bytes;
304 struct hmap_node hmap_node; /* In owning ofproto's 'facets' hmap. */
305 struct list list_node; /* In owning rule's 'facets' list. */
306 struct rule *rule; /* Owning rule. */
307 struct flow flow; /* Exact-match flow. */
308 bool installed; /* Installed in datapath? */
309 bool may_install; /* True ordinarily; false if actions must
310 * be reassessed for every packet. */
311 size_t actions_len; /* Number of bytes in actions[]. */
312 struct nlattr *actions; /* Datapath actions. */
313 tag_type tags; /* Tags. */
314 struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */
317 static struct facet *facet_create(struct ofproto *, struct rule *,
319 const struct ofpbuf *packet);
320 static void facet_remove(struct ofproto *, struct facet *);
321 static void facet_free(struct facet *);
323 static struct facet *facet_lookup_valid(struct ofproto *, const struct flow *);
324 static bool facet_revalidate(struct ofproto *, struct facet *);
326 static void facet_install(struct ofproto *, struct facet *, bool zero_stats);
327 static void facet_uninstall(struct ofproto *, struct facet *);
328 static void facet_flush_stats(struct ofproto *, struct facet *);
330 static void facet_make_actions(struct ofproto *, struct facet *,
331 const struct ofpbuf *packet);
332 static void facet_update_stats(struct ofproto *, struct facet *,
333 const struct dpif_flow_stats *);
334 static void facet_push_stats(struct ofproto *, struct facet *);
336 static void send_packet_in(struct ofproto *, struct dpif_upcall *,
337 const struct flow *, bool clone);
340 char *name; /* Datapath name. */
341 struct hmap_node hmap_node; /* In global 'all_ofprotos' hmap. */
344 uint64_t datapath_id; /* Datapath ID. */
345 uint64_t fallback_dpid; /* Datapath ID if no better choice found. */
346 char *mfr_desc; /* Manufacturer. */
347 char *hw_desc; /* Hardware. */
348 char *sw_desc; /* Software version. */
349 char *serial_desc; /* Serial number. */
350 char *dp_desc; /* Datapath description. */
354 struct netdev_monitor *netdev_monitor;
355 struct hmap ports; /* Contains "struct ofport"s. */
356 struct shash port_by_name;
360 struct netflow *netflow;
361 struct ofproto_sflow *sflow;
362 struct hmap bundles; /* Contains "struct ofbundle"s. */
363 struct mac_learning *ml;
364 struct ofmirror *mirrors[MAX_MIRRORS];
365 bool has_bonded_bundles;
368 struct classifier cls;
369 struct timer next_expiration;
373 bool need_revalidate;
374 struct tag_set revalidate_set;
376 /* OpenFlow connections. */
377 struct connmgr *connmgr;
380 /* Map from dpif name to struct ofproto, for use by unixctl commands. */
381 static struct hmap all_ofprotos = HMAP_INITIALIZER(&all_ofprotos);
383 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
385 static uint64_t pick_datapath_id(const struct ofproto *);
386 static uint64_t pick_fallback_dpid(void);
388 static void ofproto_flush_flows__(struct ofproto *);
389 static int ofproto_expire(struct ofproto *);
390 static void flow_push_stats(struct ofproto *, const struct rule *,
391 struct flow *, uint64_t packets, uint64_t bytes,
394 static void handle_upcall(struct ofproto *, struct dpif_upcall *);
396 static void handle_openflow(struct ofconn *, struct ofpbuf *);
398 static struct ofport *get_port(const struct ofproto *, uint16_t odp_port);
399 static void update_port(struct ofproto *, const char *devname);
400 static int init_ports(struct ofproto *);
401 static void reinit_ports(struct ofproto *);
403 static void update_learning_table(struct ofproto *,
404 const struct flow *, int vlan,
406 static bool is_admissible(struct ofproto *, const struct flow *,
407 bool have_packet, tag_type *, int *vlanp,
408 struct ofbundle **in_bundlep);
410 static void ofproto_unixctl_init(void);
412 /* Clears 'types' and enumerates all registered ofproto types into it. The
413 * caller must first initialize the sset. */
415 ofproto_enumerate_types(struct sset *types)
417 dp_enumerate_types(types);
420 /* Returns the fully spelled out name for the given ofproto 'type'.
422 * Normalized type string can be compared with strcmp(). Unnormalized type
423 * string might be the same even if they have different spellings. */
425 ofproto_normalize_type(const char *type)
427 return dpif_normalize_type(type);
430 /* Clears 'names' and enumerates the names of all known created ofprotos with
431 * the given 'type'. The caller must first initialize the sset. Returns 0 if
432 * successful, otherwise a positive errno value.
434 * Some kinds of datapaths might not be practically enumerable. This is not
435 * considered an error. */
437 ofproto_enumerate_names(const char *type, struct sset *names)
439 return dp_enumerate_names(type, names);
443 ofproto_create(const char *datapath, const char *datapath_type,
444 struct ofproto **ofprotop)
446 char local_name[IF_NAMESIZE];
454 ofproto_unixctl_init();
456 /* Connect to datapath and start listening for messages. */
457 error = dpif_create_and_open(datapath, datapath_type, &dpif);
459 VLOG_ERR("failed to open datapath %s: %s", datapath, strerror(error));
462 error = dpif_recv_set_mask(dpif,
463 ((1u << DPIF_UC_MISS) |
464 (1u << DPIF_UC_ACTION) |
465 (1u << DPIF_UC_SAMPLE)));
467 VLOG_ERR("failed to listen on datapath %s: %s",
468 datapath, strerror(error));
472 dpif_flow_flush(dpif);
473 dpif_recv_purge(dpif);
475 error = dpif_port_get_name(dpif, ODPP_LOCAL,
476 local_name, sizeof local_name);
478 VLOG_ERR("%s: cannot get name of datapath local port (%s)",
479 datapath, strerror(error));
483 /* Initialize settings. */
484 p = xzalloc(sizeof *p);
485 p->name = xstrdup(dpif_name(dpif));
486 hmap_insert(&all_ofprotos, &p->hmap_node, hash_string(p->name, 0));
487 p->fallback_dpid = pick_fallback_dpid();
488 p->datapath_id = p->fallback_dpid;
489 p->mfr_desc = xstrdup(DEFAULT_MFR_DESC);
490 p->hw_desc = xstrdup(DEFAULT_HW_DESC);
491 p->sw_desc = xstrdup(DEFAULT_SW_DESC);
492 p->serial_desc = xstrdup(DEFAULT_SERIAL_DESC);
493 p->dp_desc = xstrdup(DEFAULT_DP_DESC);
495 /* Initialize datapath. */
497 p->netdev_monitor = netdev_monitor_create();
498 hmap_init(&p->ports);
499 shash_init(&p->port_by_name);
500 p->max_ports = dpif_get_max_ports(dpif);
502 /* Initialize bridging. */
505 hmap_init(&p->bundles);
506 p->ml = mac_learning_create();
507 for (i = 0; i < MAX_MIRRORS; i++) {
508 p->mirrors[i] = NULL;
510 p->has_bonded_bundles = false;
512 /* Initialize flow table. */
513 classifier_init(&p->cls);
514 timer_set_duration(&p->next_expiration, 1000);
516 /* Initialize facet table. */
517 hmap_init(&p->facets);
518 p->need_revalidate = false;
519 tag_set_init(&p->revalidate_set);
521 /* Pick final datapath ID. */
522 p->datapath_id = pick_datapath_id(p);
523 VLOG_INFO("using datapath ID %016"PRIx64, p->datapath_id);
525 /* Initialize OpenFlow connections. */
526 p->connmgr = connmgr_create(p, datapath, local_name);
535 ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id)
537 uint64_t old_dpid = p->datapath_id;
538 p->datapath_id = datapath_id ? datapath_id : pick_datapath_id(p);
539 if (p->datapath_id != old_dpid) {
540 VLOG_INFO("datapath ID changed to %016"PRIx64, p->datapath_id);
542 /* Force all active connections to reconnect, since there is no way to
543 * notify a controller that the datapath ID has changed. */
544 ofproto_reconnect_controllers(p);
549 ofproto_set_controllers(struct ofproto *p,
550 const struct ofproto_controller *controllers,
551 size_t n_controllers)
553 connmgr_set_controllers(p->connmgr, controllers, n_controllers);
557 ofproto_set_fail_mode(struct ofproto *p, enum ofproto_fail_mode fail_mode)
559 connmgr_set_fail_mode(p->connmgr, fail_mode);
562 /* Drops the connections between 'ofproto' and all of its controllers, forcing
563 * them to reconnect. */
565 ofproto_reconnect_controllers(struct ofproto *ofproto)
567 connmgr_reconnect(ofproto->connmgr);
570 /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'ofproto''s
571 * in-band control should guarantee access, in the same way that in-band
572 * control guarantees access to OpenFlow controllers. */
574 ofproto_set_extra_in_band_remotes(struct ofproto *ofproto,
575 const struct sockaddr_in *extras, size_t n)
577 connmgr_set_extra_in_band_remotes(ofproto->connmgr, extras, n);
580 /* Sets the OpenFlow queue used by flows set up by in-band control on
581 * 'ofproto' to 'queue_id'. If 'queue_id' is negative, then in-band control
582 * flows will use the default queue. */
584 ofproto_set_in_band_queue(struct ofproto *ofproto, int queue_id)
586 connmgr_set_in_band_queue(ofproto->connmgr, queue_id);
590 ofproto_set_desc(struct ofproto *p,
591 const char *mfr_desc, const char *hw_desc,
592 const char *sw_desc, const char *serial_desc,
595 struct ofp_desc_stats *ods;
598 if (strlen(mfr_desc) >= sizeof ods->mfr_desc) {
599 VLOG_WARN("truncating mfr_desc, must be less than %zu characters",
600 sizeof ods->mfr_desc);
603 p->mfr_desc = xstrdup(mfr_desc);
606 if (strlen(hw_desc) >= sizeof ods->hw_desc) {
607 VLOG_WARN("truncating hw_desc, must be less than %zu characters",
608 sizeof ods->hw_desc);
611 p->hw_desc = xstrdup(hw_desc);
614 if (strlen(sw_desc) >= sizeof ods->sw_desc) {
615 VLOG_WARN("truncating sw_desc, must be less than %zu characters",
616 sizeof ods->sw_desc);
619 p->sw_desc = xstrdup(sw_desc);
622 if (strlen(serial_desc) >= sizeof ods->serial_num) {
623 VLOG_WARN("truncating serial_desc, must be less than %zu "
625 sizeof ods->serial_num);
627 free(p->serial_desc);
628 p->serial_desc = xstrdup(serial_desc);
631 if (strlen(dp_desc) >= sizeof ods->dp_desc) {
632 VLOG_WARN("truncating dp_desc, must be less than %zu characters",
633 sizeof ods->dp_desc);
636 p->dp_desc = xstrdup(dp_desc);
641 ofproto_set_snoops(struct ofproto *ofproto, const struct sset *snoops)
643 return connmgr_set_snoops(ofproto->connmgr, snoops);
647 ofproto_set_netflow(struct ofproto *ofproto,
648 const struct netflow_options *nf_options)
650 if (nf_options && !sset_is_empty(&nf_options->collectors)) {
651 if (!ofproto->netflow) {
652 ofproto->netflow = netflow_create();
654 return netflow_set_options(ofproto->netflow, nf_options);
656 netflow_destroy(ofproto->netflow);
657 ofproto->netflow = NULL;
663 ofproto_set_sflow(struct ofproto *ofproto,
664 const struct ofproto_sflow_options *oso)
666 struct ofproto_sflow *os = ofproto->sflow;
669 struct ofport *ofport;
671 os = ofproto->sflow = ofproto_sflow_create(ofproto->dpif);
672 HMAP_FOR_EACH (ofport, hmap_node, &ofproto->ports) {
673 ofproto_sflow_add_port(os, ofport->odp_port,
674 netdev_get_name(ofport->netdev));
677 ofproto_sflow_set_options(os, oso);
679 ofproto_sflow_destroy(os);
680 ofproto->sflow = NULL;
684 /* Connectivity Fault Management configuration. */
686 /* Clears the CFM configuration from 'ofp_port' on 'ofproto'. */
688 ofproto_port_clear_cfm(struct ofproto *ofproto, uint16_t ofp_port)
690 struct ofport *ofport = get_port(ofproto, ofp_port_to_odp_port(ofp_port));
691 if (ofport && ofport->cfm){
692 cfm_destroy(ofport->cfm);
697 /* Configures connectivity fault management on 'ofp_port' in 'ofproto'. Takes
698 * basic configuration from the configuration members in 'cfm', and the set of
699 * remote maintenance points from the 'n_remote_mps' elements in 'remote_mps'.
700 * Ignores the statistics members of 'cfm'.
702 * This function has no effect if 'ofproto' does not have a port 'ofp_port'. */
704 ofproto_port_set_cfm(struct ofproto *ofproto, uint16_t ofp_port,
705 const struct cfm *cfm,
706 const uint16_t *remote_mps, size_t n_remote_mps)
708 struct ofport *ofport;
710 ofport = get_port(ofproto, ofp_port_to_odp_port(ofp_port));
712 VLOG_WARN("%s: cannot configure CFM on nonexistent port %"PRIu16,
713 ofproto->name, ofp_port);
718 ofport->cfm = cfm_create();
721 ofport->cfm->mpid = cfm->mpid;
722 ofport->cfm->interval = cfm->interval;
723 memcpy(ofport->cfm->maid, cfm->maid, CCM_MAID_LEN);
725 cfm_update_remote_mps(ofport->cfm, remote_mps, n_remote_mps);
727 if (!cfm_configure(ofport->cfm)) {
728 VLOG_WARN("%s: CFM configuration on port %"PRIu16" (%s) failed",
729 ofproto->name, ofp_port,
730 netdev_get_name(ofport->netdev));
731 cfm_destroy(ofport->cfm);
736 /* Returns the connectivity fault management object associated with 'ofp_port'
737 * within 'ofproto', or a null pointer if 'ofproto' does not have a port
738 * 'ofp_port' or if that port does not have CFM configured. The caller must
739 * not modify or destroy the returned object. */
741 ofproto_port_get_cfm(struct ofproto *ofproto, uint16_t ofp_port)
743 struct ofport *ofport = get_port(ofproto, ofp_port_to_odp_port(ofp_port));
744 return ofport ? ofport->cfm : NULL;
747 /* Checks the status of LACP negotiation for 'ofp_port' within ofproto.
748 * Returns 1 if LACP partner information for 'ofp_port' is up-to-date,
749 * 0 if LACP partner information is not current (generally indicating a
750 * connectivity problem), or -1 if LACP is not enabled on 'ofp_port'. */
752 ofproto_port_is_lacp_current(struct ofproto *ofproto, uint16_t ofp_port)
754 struct ofport *ofport = get_port(ofproto, ofp_port_to_odp_port(ofp_port));
755 return (ofport && ofport->bundle && ofport->bundle->lacp
756 ? lacp_slave_is_current(ofport->bundle->lacp, ofport)
762 /* Expires all MAC learning entries associated with 'port' and forces ofproto
763 * to revalidate every flow. */
765 ofproto_bundle_flush_macs(struct ofbundle *bundle)
767 struct ofproto *ofproto = bundle->ofproto;
768 struct mac_learning *ml = ofproto->ml;
769 struct mac_entry *mac, *next_mac;
771 ofproto->need_revalidate = true;
772 LIST_FOR_EACH_SAFE (mac, next_mac, lru_node, &ml->lrus) {
773 if (mac->port.p == bundle) {
774 mac_learning_expire(ml, mac);
779 static struct ofbundle *
780 ofproto_bundle_lookup(const struct ofproto *ofproto, void *aux)
782 struct ofbundle *bundle;
784 HMAP_FOR_EACH_IN_BUCKET (bundle, hmap_node, hash_pointer(aux, 0),
786 if (bundle->aux == aux) {
793 /* Looks up each of the 'n_auxes' pointers in 'auxes' as bundles and adds the
794 * ones that are found to 'bundles'. */
796 ofproto_bundle_lookup_multiple(struct ofproto *ofproto,
797 void **auxes, size_t n_auxes,
798 struct hmapx *bundles)
803 for (i = 0; i < n_auxes; i++) {
804 struct ofbundle *bundle = ofproto_bundle_lookup(ofproto, auxes[i]);
806 hmapx_add(bundles, bundle);
812 ofproto_bundle_del_port(struct ofport *port)
814 struct ofbundle *bundle = port->bundle;
816 list_remove(&port->bundle_node);
820 lacp_slave_unregister(bundle->lacp, port);
823 bond_slave_unregister(bundle->bond, port);
826 bundle->floodable = true;
827 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
828 if (port->opp.config & htonl(OFPPC_NO_FLOOD)) {
829 bundle->floodable = false;
835 ofproto_bundle_add_port(struct ofbundle *bundle, uint32_t ofp_port,
836 struct lacp_slave_settings *lacp)
840 port = get_port(bundle->ofproto, ofp_port_to_odp_port(ofp_port));
845 if (port->bundle != bundle) {
847 ofproto_bundle_del_port(port);
850 port->bundle = bundle;
851 list_push_back(&bundle->ports, &port->bundle_node);
852 if (port->opp.config & htonl(OFPPC_NO_FLOOD)) {
853 bundle->floodable = false;
858 lacp_slave_register(bundle->lacp, port, lacp);
865 ofproto_bundle_register(struct ofproto *ofproto, void *aux,
866 const struct ofproto_bundle_settings *s)
868 bool need_flush = false;
869 const unsigned long *trunks;
870 struct ofbundle *bundle;
875 assert(s->n_slaves == 1 || s->bond != NULL);
876 assert((s->lacp != NULL) == (s->lacp_slaves != NULL));
878 bundle = ofproto_bundle_lookup(ofproto, aux);
880 bundle = xmalloc(sizeof *bundle);
882 bundle->ofproto = ofproto;
883 hmap_insert(&ofproto->bundles, &bundle->hmap_node,
884 hash_pointer(aux, 0));
888 list_init(&bundle->ports);
890 bundle->trunks = NULL;
894 bundle->floodable = true;
896 bundle->src_mirrors = 0;
897 bundle->dst_mirrors = 0;
898 bundle->mirror_out = 0;
901 if (!bundle->name || strcmp(s->name, bundle->name)) {
903 bundle->name = xstrdup(s->name);
909 bundle->lacp = lacp_create();
911 lacp_configure(bundle->lacp, s->lacp);
913 lacp_destroy(bundle->lacp);
917 /* Update set of ports. */
919 for (i = 0; i < s->n_slaves; i++) {
920 if (!ofproto_bundle_add_port(bundle, s->slaves[i],
921 s->lacp ? &s->lacp_slaves[i] : NULL)) {
925 if (!ok || list_size(&bundle->ports) != s->n_slaves) {
926 struct ofport *next_port;
928 LIST_FOR_EACH_SAFE (port, next_port, bundle_node, &bundle->ports) {
929 for (i = 0; i < s->n_slaves; i++) {
930 if (s->slaves[i] == odp_port_to_ofp_port(port->odp_port)) {
935 ofproto_bundle_del_port(port);
939 assert(list_size(&bundle->ports) <= s->n_slaves);
941 if (list_is_empty(&bundle->ports)) {
942 ofproto_bundle_unregister(ofproto, aux);
947 if (s->vlan != bundle->vlan) {
948 bundle->vlan = s->vlan;
952 /* Get trunked VLANs. */
953 trunks = s->vlan == -1 ? NULL : s->trunks;
954 if (!vlan_bitmap_equal(trunks, bundle->trunks)) {
955 free(bundle->trunks);
956 bundle->trunks = vlan_bitmap_clone(trunks);
961 if (!list_is_short(&bundle->ports)) {
962 bundle->ofproto->has_bonded_bundles = true;
964 if (bond_reconfigure(bundle->bond, s->bond)) {
965 ofproto->need_revalidate = true;
968 bundle->bond = bond_create(s->bond);
971 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
972 uint16_t stable_id = (bundle->lacp
973 ? lacp_slave_get_port_id(bundle->lacp, port)
975 bond_slave_register(bundle->bond, port, stable_id, port->netdev);
978 bond_destroy(bundle->bond);
982 /* If we changed something that would affect MAC learning, un-learn
983 * everything on this port and force flow revalidation. */
985 ofproto_bundle_flush_macs(bundle);
990 ofproto_bundle_destroy(struct ofbundle *bundle)
992 struct ofproto *ofproto;
993 struct ofport *port, *next_port;
1000 ofproto = bundle->ofproto;
1001 for (i = 0; i < MAX_MIRRORS; i++) {
1002 struct ofmirror *m = ofproto->mirrors[i];
1004 if (m->out == bundle) {
1005 ofproto_mirror_destroy(m);
1006 } else if (hmapx_find_and_delete(&m->srcs, bundle)
1007 || hmapx_find_and_delete(&m->dsts, bundle)) {
1008 ofproto->need_revalidate = true;
1013 LIST_FOR_EACH_SAFE (port, next_port, bundle_node, &bundle->ports) {
1014 ofproto_bundle_del_port(port);
1017 ofproto_bundle_flush_macs(bundle);
1018 hmap_remove(&ofproto->bundles, &bundle->hmap_node);
1020 free(bundle->trunks);
1021 bond_destroy(bundle->bond);
1022 lacp_destroy(bundle->lacp);
1027 ofproto_bundle_unregister(struct ofproto *ofproto, void *aux)
1029 ofproto_bundle_destroy(ofproto_bundle_lookup(ofproto, aux));
1033 send_pdu_cb(void *port_, const struct lacp_pdu *pdu)
1035 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 10);
1036 struct ofport *port = port_;
1037 uint8_t ea[ETH_ADDR_LEN];
1040 error = netdev_get_etheraddr(port->netdev, ea);
1042 struct lacp_pdu *packet_pdu;
1043 struct ofpbuf packet;
1045 ofpbuf_init(&packet, 0);
1046 packet_pdu = eth_compose(&packet, eth_addr_lacp, ea, ETH_TYPE_LACP,
1047 sizeof *packet_pdu);
1049 error = netdev_send(port->netdev, &packet);
1051 VLOG_WARN_RL(&rl, "port %s: sending LACP PDU on iface %s failed "
1052 "(%s)", port->bundle->name,
1053 netdev_get_name(port->netdev), strerror(error));
1055 ofpbuf_uninit(&packet);
1057 VLOG_ERR_RL(&rl, "port %s: cannot obtain Ethernet address of iface "
1058 "%s (%s)", port->bundle->name,
1059 netdev_get_name(port->netdev), strerror(error));
1064 ofproto_bundle_send_learning_packets(struct ofbundle *bundle)
1066 struct ofproto *ofproto = bundle->ofproto;
1067 int error, n_packets, n_errors;
1068 struct mac_entry *e;
1070 error = n_packets = n_errors = 0;
1071 LIST_FOR_EACH (e, lru_node, &ofproto->ml->lrus) {
1072 if (e->port.p != bundle) {
1073 int ret = bond_send_learning_packet(bundle->bond, e->mac, e->vlan);
1083 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1084 VLOG_WARN_RL(&rl, "bond %s: %d errors sending %d gratuitous learning "
1085 "packets, last error was: %s",
1086 bundle->name, n_errors, n_packets, strerror(error));
1088 VLOG_DBG("bond %s: sent %d gratuitous learning packets",
1089 bundle->name, n_packets);
1094 ofproto_bundle_run(struct ofbundle *bundle)
1097 lacp_run(bundle->lacp, send_pdu_cb);
1100 struct ofport *port;
1102 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
1103 bool may_enable = lacp_slave_may_enable(bundle->lacp, port);
1104 bond_slave_set_lacp_may_enable(bundle->bond, port, may_enable);
1107 bond_run(bundle->bond, &bundle->ofproto->revalidate_set,
1108 lacp_negotiated(bundle->lacp));
1109 if (bond_should_send_learning_packets(bundle->bond)) {
1110 ofproto_bundle_send_learning_packets(bundle);
1116 ofproto_bundle_wait(struct ofbundle *bundle)
1119 lacp_wait(bundle->lacp);
1122 bond_wait(bundle->bond);
1127 ofproto_mirror_scan(struct ofproto *ofproto)
1131 for (idx = 0; idx < MAX_MIRRORS; idx++) {
1132 if (!ofproto->mirrors[idx]) {
1139 static struct ofmirror *
1140 ofproto_mirror_lookup(struct ofproto *ofproto, void *aux)
1144 for (i = 0; i < MAX_MIRRORS; i++) {
1145 struct ofmirror *mirror = ofproto->mirrors[i];
1146 if (mirror && mirror->aux == aux) {
1155 ofproto_mirror_register(struct ofproto *ofproto, void *aux,
1156 const struct ofproto_mirror_settings *s)
1158 mirror_mask_t mirror_bit;
1159 struct ofbundle *bundle;
1160 struct ofmirror *mirror;
1161 struct ofbundle *out;
1162 struct hmapx srcs; /* Contains "struct ofbundle *"s. */
1163 struct hmapx dsts; /* Contains "struct ofbundle *"s. */
1166 mirror = ofproto_mirror_lookup(ofproto, aux);
1170 idx = ofproto_mirror_scan(ofproto);
1172 VLOG_WARN("bridge %s: maximum of %d port mirrors reached, "
1174 ofproto->name, MAX_MIRRORS, s->name);
1178 mirror = ofproto->mirrors[idx] = xzalloc(sizeof *mirror);
1179 mirror->ofproto = ofproto;
1181 mirror->out_vlan = -1;
1182 mirror->name = NULL;
1185 if (!mirror->name || strcmp(s->name, mirror->name)) {
1187 mirror->name = xstrdup(s->name);
1190 /* Get the new configuration. */
1191 if (s->out_bundle) {
1192 out = ofproto_bundle_lookup(ofproto, s->out_bundle);
1194 ofproto_mirror_destroy(mirror);
1200 out_vlan = s->out_vlan;
1202 ofproto_bundle_lookup_multiple(ofproto, s->srcs, s->n_srcs, &srcs);
1203 ofproto_bundle_lookup_multiple(ofproto, s->dsts, s->n_dsts, &dsts);
1205 /* If the configuration has not changed, do nothing. */
1206 if (hmapx_equals(&srcs, &mirror->srcs)
1207 && hmapx_equals(&dsts, &mirror->dsts)
1208 && vlan_bitmap_equal(mirror->vlans, s->src_vlans)
1209 && mirror->out == out
1210 && mirror->out_vlan == out_vlan)
1212 hmapx_destroy(&srcs);
1213 hmapx_destroy(&dsts);
1217 hmapx_swap(&srcs, &mirror->srcs);
1218 hmapx_destroy(&srcs);
1220 hmapx_swap(&dsts, &mirror->dsts);
1221 hmapx_destroy(&dsts);
1223 free(mirror->vlans);
1224 mirror->vlans = vlan_bitmap_clone(s->src_vlans);
1227 mirror->out_vlan = out_vlan;
1229 /* Update bundles. */
1230 mirror_bit = MIRROR_MASK_C(1) << mirror->idx;
1231 HMAP_FOR_EACH (bundle, hmap_node, &mirror->ofproto->bundles) {
1232 if (hmapx_contains(&mirror->srcs, bundle)) {
1233 bundle->src_mirrors |= mirror_bit;
1235 bundle->src_mirrors &= ~mirror_bit;
1238 if (hmapx_contains(&mirror->dsts, bundle)) {
1239 bundle->dst_mirrors |= mirror_bit;
1241 bundle->dst_mirrors &= ~mirror_bit;
1244 if (mirror->out == bundle) {
1245 bundle->mirror_out |= mirror_bit;
1247 bundle->mirror_out &= ~mirror_bit;
1251 ofproto->need_revalidate = true;
1252 mac_learning_flush(ofproto->ml);
1256 ofproto_mirror_destroy(struct ofmirror *mirror)
1258 mirror_mask_t mirror_bit;
1259 struct ofbundle *bundle;
1260 struct ofproto *ofproto;
1266 ofproto = mirror->ofproto;
1267 ofproto->need_revalidate = true;
1268 mac_learning_flush(ofproto->ml);
1270 mirror_bit = MIRROR_MASK_C(1) << mirror->idx;
1271 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
1272 bundle->src_mirrors &= ~mirror_bit;
1273 bundle->dst_mirrors &= ~mirror_bit;
1274 bundle->mirror_out &= ~mirror_bit;
1277 hmapx_destroy(&mirror->srcs);
1278 hmapx_destroy(&mirror->dsts);
1279 free(mirror->vlans);
1281 ofproto->mirrors[mirror->idx] = NULL;
1287 ofproto_mirror_unregister(struct ofproto *ofproto, void *aux)
1289 ofproto_mirror_destroy(ofproto_mirror_lookup(ofproto, aux));
1293 ofproto_set_flood_vlans(struct ofproto *ofproto, unsigned long *flood_vlans)
1295 if (mac_learning_set_flood_vlans(ofproto->ml, flood_vlans)) {
1296 ofproto->need_revalidate = true;
1297 mac_learning_flush(ofproto->ml);
1302 ofproto_is_mirror_output_bundle(struct ofproto *ofproto, void *aux)
1304 struct ofbundle *bundle = ofproto_bundle_lookup(ofproto, aux);
1305 return bundle && bundle->mirror_out != 0;
1309 ofproto_has_snoops(const struct ofproto *ofproto)
1311 return connmgr_has_snoops(ofproto->connmgr);
1315 ofproto_get_snoops(const struct ofproto *ofproto, struct sset *snoops)
1317 connmgr_get_snoops(ofproto->connmgr, snoops);
1321 ofproto_destroy(struct ofproto *p)
1323 struct ofport *ofport, *next_ofport;
1330 hmap_remove(&all_ofprotos, &p->hmap_node);
1332 for (i = 0; i < MAX_MIRRORS; i++) {
1333 ofproto_mirror_destroy(p->mirrors[i]);
1335 ofproto_flush_flows__(p);
1336 connmgr_destroy(p->connmgr);
1337 classifier_destroy(&p->cls);
1338 hmap_destroy(&p->facets);
1340 dpif_close(p->dpif);
1342 netdev_monitor_destroy(p->netdev_monitor);
1343 HMAP_FOR_EACH_SAFE (ofport, next_ofport, hmap_node, &p->ports) {
1344 hmap_remove(&p->ports, &ofport->hmap_node);
1345 ofport_free(ofport);
1347 shash_destroy(&p->port_by_name);
1349 netflow_destroy(p->netflow);
1350 ofproto_sflow_destroy(p->sflow);
1355 free(p->serial_desc);
1358 hmap_destroy(&p->ports);
1364 /* Destroys the datapath with the respective 'name' and 'type'. With the Linux
1365 * kernel datapath, for example, this destroys the datapath in the kernel, and
1366 * with the netdev-based datapath, it tears down the data structures that
1367 * represent the datapath.
1369 * The datapath should not be currently open as an ofproto. */
1371 ofproto_delete(const char *name, const char *type)
1376 error = dpif_open(name, type, &dpif);
1378 error = dpif_delete(dpif);
1385 process_port_change(struct ofproto *ofproto, int error, char *devname)
1387 if (error == ENOBUFS) {
1388 reinit_ports(ofproto);
1389 } else if (!error) {
1390 update_port(ofproto, devname);
1396 ofproto_run(struct ofproto *p)
1398 struct ofbundle *bundle;
1399 struct ofport *ofport;
1406 for (i = 0; i < 50; i++) {
1407 struct dpif_upcall packet;
1409 error = dpif_recv(p->dpif, &packet);
1411 if (error == ENODEV) {
1412 /* Someone destroyed the datapath behind our back. The caller
1413 * better destroy us and give up, because we're just going to
1414 * spin from here on out. */
1415 static struct vlog_rate_limit rl2 = VLOG_RATE_LIMIT_INIT(1, 5);
1416 VLOG_ERR_RL(&rl2, "%s: datapath was destroyed externally",
1423 handle_upcall(p, &packet);
1426 while ((error = dpif_port_poll(p->dpif, &devname)) != EAGAIN) {
1427 process_port_change(p, error, devname);
1429 while ((error = netdev_monitor_poll(p->netdev_monitor,
1430 &devname)) != EAGAIN) {
1431 process_port_change(p, error, devname);
1434 HMAP_FOR_EACH (ofport, hmap_node, &p->ports) {
1438 HMAP_FOR_EACH (bundle, hmap_node, &p->bundles) {
1439 ofproto_bundle_run(bundle);
1442 connmgr_run(p->connmgr, handle_openflow);
1444 if (timer_expired(&p->next_expiration)) {
1445 int delay = ofproto_expire(p);
1446 timer_set_duration(&p->next_expiration, delay);
1447 COVERAGE_INC(ofproto_expiration);
1451 netflow_run(p->netflow);
1454 ofproto_sflow_run(p->sflow);
1457 /* Now revalidate if there's anything to do. */
1458 if (p->need_revalidate || !tag_set_is_empty(&p->revalidate_set)) {
1459 struct tag_set revalidate_set = p->revalidate_set;
1460 bool revalidate_all = p->need_revalidate;
1461 struct facet *facet, *next;
1463 /* Clear the revalidation flags. */
1464 tag_set_init(&p->revalidate_set);
1465 p->need_revalidate = false;
1467 HMAP_FOR_EACH_SAFE (facet, next, hmap_node, &p->facets) {
1469 || tag_set_intersects(&revalidate_set, facet->tags)) {
1470 facet_revalidate(p, facet);
1479 ofproto_wait(struct ofproto *p)
1481 struct ofbundle *bundle;
1482 struct ofport *ofport;
1485 HMAP_FOR_EACH (ofport, hmap_node, &p->ports) {
1486 ofport_wait(ofport);
1488 HMAP_FOR_EACH (bundle, hmap_node, &p->bundles) {
1489 ofproto_bundle_wait(bundle);
1491 dpif_recv_wait(p->dpif);
1492 dpif_port_poll_wait(p->dpif);
1493 netdev_monitor_poll_wait(p->netdev_monitor);
1495 ofproto_sflow_wait(p->sflow);
1497 if (!tag_set_is_empty(&p->revalidate_set)) {
1498 poll_immediate_wake();
1500 if (p->need_revalidate) {
1501 /* Shouldn't happen, but if it does just go around again. */
1502 VLOG_DBG_RL(&rl, "need revalidate in ofproto_wait_cb()");
1503 poll_immediate_wake();
1505 timer_wait(&p->next_expiration);
1507 connmgr_wait(p->connmgr);
1511 ofproto_is_alive(const struct ofproto *p)
1513 return connmgr_has_controllers(p->connmgr);
1517 ofproto_get_ofproto_controller_info(const struct ofproto *ofproto,
1520 connmgr_get_controller_info(ofproto->connmgr, info);
1524 ofproto_free_ofproto_controller_info(struct shash *info)
1526 struct shash_node *node;
1528 SHASH_FOR_EACH (node, info) {
1529 struct ofproto_controller_info *cinfo = node->data;
1530 while (cinfo->pairs.n) {
1531 free((char *) cinfo->pairs.values[--cinfo->pairs.n]);
1535 shash_destroy(info);
1538 /* Makes a deep copy of 'old' into 'port'. */
1540 ofproto_port_clone(struct ofproto_port *port, const struct ofproto_port *old)
1542 port->name = xstrdup(old->name);
1543 port->type = xstrdup(old->type);
1544 port->ofp_port = old->ofp_port;
1547 /* Frees memory allocated to members of 'ofproto_port'.
1549 * Do not call this function on an ofproto_port obtained from
1550 * ofproto_port_dump_next(): that function retains ownership of the data in the
1553 ofproto_port_destroy(struct ofproto_port *ofproto_port)
1555 free(ofproto_port->name);
1556 free(ofproto_port->type);
1559 /* Converts a dpif_port into an ofproto_port.
1561 * This only makes a shallow copy, so make sure that the dpif_port doesn't get
1562 * freed while the ofproto_port is still in use. You can choose to free the
1563 * ofproto_port instead of the dpif_port. */
1565 ofproto_port_from_dpif_port(struct ofproto_port *ofproto_port,
1566 struct dpif_port *dpif_port)
1568 ofproto_port->name = dpif_port->name;
1569 ofproto_port->type = dpif_port->type;
1570 ofproto_port->ofp_port = odp_port_to_ofp_port(dpif_port->port_no);
1573 /* Initializes 'dump' to begin dumping the ports in an ofproto.
1575 * This function provides no status indication. An error status for the entire
1576 * dump operation is provided when it is completed by calling
1577 * ofproto_port_dump_done().
1580 ofproto_port_dump_start(struct ofproto_port_dump *dump,
1581 const struct ofproto *ofproto)
1583 struct dpif_port_dump *dpif_dump;
1585 dump->state = dpif_dump = xmalloc(sizeof *dpif_dump);
1586 dpif_port_dump_start(dpif_dump, ofproto->dpif);
1589 /* Attempts to retrieve another port from 'dump', which must have been created
1590 * with ofproto_port_dump_start(). On success, stores a new ofproto_port into
1591 * 'port' and returns true. On failure, returns false.
1593 * Failure might indicate an actual error or merely that the last port has been
1594 * dumped. An error status for the entire dump operation is provided when it
1595 * is completed by calling ofproto_port_dump_done().
1597 * The ofproto owns the data stored in 'port'. It will remain valid until at
1598 * least the next time 'dump' is passed to ofproto_port_dump_next() or
1599 * ofproto_port_dump_done(). */
1601 ofproto_port_dump_next(struct ofproto_port_dump *dump,
1602 struct ofproto_port *port)
1604 struct dpif_port_dump *dpif_dump = dump->state;
1605 struct dpif_port dpif_port;
1608 ok = dpif_port_dump_next(dpif_dump, &dpif_port);
1610 ofproto_port_from_dpif_port(port, &dpif_port);
1615 /* Completes port table dump operation 'dump', which must have been created
1616 * with ofproto_port_dump_start(). Returns 0 if the dump operation was
1617 * error-free, otherwise a positive errno value describing the problem. */
1619 ofproto_port_dump_done(struct ofproto_port_dump *dump)
1621 struct dpif_port_dump *dpif_dump = dump->state;
1622 int error = dpif_port_dump_done(dpif_dump);
1627 /* Attempts to add 'netdev' as a port on 'ofproto'. If successful, returns 0
1628 * and sets '*ofp_portp' to the new port's OpenFlow port number (if 'ofp_portp'
1629 * is non-null). On failure, returns a positive errno value and sets
1630 * '*ofp_portp' to OFPP_NONE (if 'ofp_portp' is non-null). */
1632 ofproto_port_add(struct ofproto *ofproto, struct netdev *netdev,
1633 uint16_t *ofp_portp)
1638 error = dpif_port_add(ofproto->dpif, netdev, &odp_port);
1640 update_port(ofproto, netdev_get_name(netdev));
1643 *ofp_portp = error ? OFPP_NONE : odp_port_to_ofp_port(odp_port);
1648 /* Looks up a port named 'devname' in 'ofproto'. On success, returns 0 and
1649 * initializes '*port' appropriately; on failure, returns a positive errno
1652 * The caller owns the data in 'port' and must free it with
1653 * ofproto_port_destroy() when it is no longer needed. */
1655 ofproto_port_query_by_name(const struct ofproto *ofproto, const char *devname,
1656 struct ofproto_port *port)
1658 struct dpif_port dpif_port;
1661 error = dpif_port_query_by_name(ofproto->dpif, devname, &dpif_port);
1663 ofproto_port_from_dpif_port(port, &dpif_port);
1668 /* Deletes port number 'ofp_port' from the datapath for 'ofproto'.
1669 * Returns 0 if successful, otherwise a positive errno. */
1671 ofproto_port_del(struct ofproto *ofproto, uint16_t ofp_port)
1673 uint32_t odp_port = ofp_port_to_odp_port(ofp_port);
1674 struct ofport *ofport = get_port(ofproto, odp_port);
1675 const char *name = ofport ? netdev_get_name(ofport->netdev) : "<unknown>";
1678 error = dpif_port_del(ofproto->dpif, odp_port);
1679 if (!error && ofport) {
1680 /* 'name' is the netdev's name and update_port() is going to close the
1681 * netdev. Just in case update_port() refers to 'name' after it
1682 * destroys 'ofport', make a copy of it around the update_port()
1684 char *devname = xstrdup(name);
1685 update_port(ofproto, devname);
1691 /* Sends 'packet' out of port 'port_no' within 'p'. If 'vlan_tci' is zero the
1692 * packet will not have any 802.1Q hader; if it is nonzero, then the packet
1693 * will be sent with the VLAN TCI specified by 'vlan_tci & ~VLAN_CFI'.
1695 * Returns 0 if successful, otherwise a positive errno value. */
1697 ofproto_send_packet(struct ofproto *ofproto,
1698 uint32_t port_no, uint16_t vlan_tci,
1699 const struct ofpbuf *packet)
1701 struct ofpbuf odp_actions;
1704 ofpbuf_init(&odp_actions, 32);
1705 if (vlan_tci != 0) {
1706 nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_SET_DL_TCI,
1707 ntohs(vlan_tci & ~VLAN_CFI));
1709 nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_OUTPUT, port_no);
1710 error = dpif_execute(ofproto->dpif, odp_actions.data, odp_actions.size,
1712 ofpbuf_uninit(&odp_actions);
1715 VLOG_WARN_RL(&rl, "%s: failed to send packet on port %"PRIu32" (%s)",
1716 ofproto->name, port_no, strerror(error));
1721 /* Adds a flow to the OpenFlow flow table in 'p' that matches 'cls_rule' and
1722 * performs the 'n_actions' actions in 'actions'. The new flow will not
1725 * If cls_rule->priority is in the range of priorities supported by OpenFlow
1726 * (0...65535, inclusive) then the flow will be visible to OpenFlow
1727 * controllers; otherwise, it will be hidden.
1729 * The caller retains ownership of 'cls_rule' and 'actions'. */
1731 ofproto_add_flow(struct ofproto *p, const struct cls_rule *cls_rule,
1732 const union ofp_action *actions, size_t n_actions)
1735 rule = rule_create(cls_rule, actions, n_actions, 0, 0, 0, false);
1736 rule_insert(p, rule);
1740 ofproto_delete_flow(struct ofproto *ofproto, const struct cls_rule *target)
1744 rule = rule_from_cls_rule(classifier_find_rule_exactly(&ofproto->cls,
1747 rule_remove(ofproto, rule);
1752 ofproto_flush_flows__(struct ofproto *ofproto)
1754 struct facet *facet, *next_facet;
1755 struct rule *rule, *next_rule;
1756 struct cls_cursor cursor;
1758 COVERAGE_INC(ofproto_flush);
1760 HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) {
1761 /* Mark the facet as not installed so that facet_remove() doesn't
1762 * bother trying to uninstall it. There is no point in uninstalling it
1763 * individually since we are about to blow away all the facets with
1764 * dpif_flow_flush(). */
1765 facet->installed = false;
1766 facet->dp_packet_count = 0;
1767 facet->dp_byte_count = 0;
1768 facet_remove(ofproto, facet);
1771 cls_cursor_init(&cursor, &ofproto->cls, NULL);
1772 CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) {
1773 rule_remove(ofproto, rule);
1776 dpif_flow_flush(ofproto->dpif);
1780 ofproto_flush_flows(struct ofproto *ofproto)
1782 ofproto_flush_flows__(ofproto);
1783 connmgr_flushed(ofproto->connmgr);
1787 reinit_ports(struct ofproto *p)
1789 struct dpif_port_dump dump;
1790 struct sset devnames;
1791 struct ofport *ofport;
1792 struct dpif_port dpif_port;
1793 const char *devname;
1795 COVERAGE_INC(ofproto_reinit_ports);
1797 sset_init(&devnames);
1798 HMAP_FOR_EACH (ofport, hmap_node, &p->ports) {
1799 sset_add(&devnames, netdev_get_name(ofport->netdev));
1801 DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) {
1802 sset_add(&devnames, dpif_port.name);
1805 SSET_FOR_EACH (devname, &devnames) {
1806 update_port(p, devname);
1808 sset_destroy(&devnames);
1811 /* Opens and returns a netdev for 'dpif_port', or a null pointer if the netdev
1812 * cannot be opened. On success, also fills in 'opp'. */
1813 static struct netdev *
1814 ofport_open(const struct dpif_port *dpif_port, struct ofp_phy_port *opp)
1816 uint32_t curr, advertised, supported, peer;
1817 struct netdev_options netdev_options;
1818 enum netdev_flags flags;
1819 struct netdev *netdev;
1822 memset(&netdev_options, 0, sizeof netdev_options);
1823 netdev_options.name = dpif_port->name;
1824 netdev_options.type = dpif_port->type;
1825 netdev_options.ethertype = NETDEV_ETH_TYPE_NONE;
1827 error = netdev_open(&netdev_options, &netdev);
1829 VLOG_WARN_RL(&rl, "ignoring port %s (%"PRIu16") because netdev %s "
1830 "cannot be opened (%s)",
1831 dpif_port->name, dpif_port->port_no,
1832 dpif_port->name, strerror(error));
1836 netdev_get_flags(netdev, &flags);
1837 netdev_get_features(netdev, &curr, &advertised, &supported, &peer);
1839 opp->port_no = htons(odp_port_to_ofp_port(dpif_port->port_no));
1840 netdev_get_etheraddr(netdev, opp->hw_addr);
1841 ovs_strzcpy(opp->name, dpif_port->name, sizeof opp->name);
1842 opp->config = flags & NETDEV_UP ? 0 : htonl(OFPPC_PORT_DOWN);
1843 opp->state = netdev_get_carrier(netdev) ? 0 : htonl(OFPPS_LINK_DOWN);
1844 opp->curr = htonl(curr);
1845 opp->advertised = htonl(advertised);
1846 opp->supported = htonl(supported);
1847 opp->peer = htonl(peer);
1853 ofport_conflicts(const struct ofproto *p, const struct dpif_port *dpif_port)
1855 if (get_port(p, dpif_port->port_no)) {
1856 VLOG_WARN_RL(&rl, "ignoring duplicate port %"PRIu16" in datapath",
1857 dpif_port->port_no);
1859 } else if (shash_find(&p->port_by_name, dpif_port->name)) {
1860 VLOG_WARN_RL(&rl, "ignoring duplicate device %s in datapath",
1868 /* Returns true if most fields of 'a' and 'b' are equal. Differences in name,
1869 * port number, and 'config' bits other than OFPPC_PORT_DOWN are
1872 ofport_equal(const struct ofp_phy_port *a, const struct ofp_phy_port *b)
1874 BUILD_ASSERT_DECL(sizeof *a == 48); /* Detect ofp_phy_port changes. */
1875 return (!memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr)
1876 && a->state == b->state
1877 && !((a->config ^ b->config) & htonl(OFPPC_PORT_DOWN))
1878 && a->curr == b->curr
1879 && a->advertised == b->advertised
1880 && a->supported == b->supported
1881 && a->peer == b->peer);
1884 /* Adds an ofport to 'p' initialized based on the given 'netdev' and 'opp'.
1885 * The caller must ensure that 'p' does not have a conflicting ofport (that is,
1886 * one with the same name or port number). */
1888 ofport_install(struct ofproto *p,
1889 struct netdev *netdev, const struct ofp_phy_port *opp)
1891 const char *netdev_name = netdev_get_name(netdev);
1892 struct ofport *ofport;
1894 connmgr_send_port_status(p->connmgr, opp, OFPPR_ADD);
1896 /* Create ofport. */
1897 ofport = xmalloc(sizeof *ofport);
1898 ofport->ofproto = p;
1899 ofport->netdev = netdev;
1901 ofport->odp_port = ofp_port_to_odp_port(ntohs(opp->port_no));
1902 ofport->bundle = NULL;
1904 ofport->tag = tag_create_random();
1906 /* Add port to 'p'. */
1907 netdev_monitor_add(p->netdev_monitor, ofport->netdev);
1908 hmap_insert(&p->ports, &ofport->hmap_node, hash_int(ofport->odp_port, 0));
1909 shash_add(&p->port_by_name, netdev_name, ofport);
1911 ofproto_sflow_add_port(p->sflow, ofport->odp_port, netdev_name);
1915 /* Removes 'ofport' from 'p' and destroys it. */
1917 ofport_remove(struct ofport *ofport)
1919 connmgr_send_port_status(ofport->ofproto->connmgr, &ofport->opp,
1921 ofport_free(ofport);
1924 /* If 'ofproto' contains an ofport named 'name', removes it from 'ofproto' and
1927 ofport_remove_with_name(struct ofproto *ofproto, const char *name)
1929 struct ofport *port = shash_find_data(&ofproto->port_by_name, name);
1931 ofport_remove(port);
1935 /* Updates 'port' within 'ofproto' with the new 'netdev' and 'opp'.
1937 * Does not handle a name or port number change. The caller must implement
1938 * such a change as a delete followed by an add. */
1940 ofport_modified(struct ofport *port,
1941 struct netdev *netdev, struct ofp_phy_port *opp)
1943 struct ofproto *ofproto = port->ofproto;
1945 if (port->bundle && port->bundle->bond) {
1946 bond_slave_set_netdev(port->bundle->bond, port, netdev);
1949 memcpy(port->opp.hw_addr, opp->hw_addr, ETH_ADDR_LEN);
1950 port->opp.config = ((port->opp.config & ~htonl(OFPPC_PORT_DOWN))
1951 | (opp->config & htonl(OFPPC_PORT_DOWN)));
1952 port->opp.state = opp->state;
1953 port->opp.curr = opp->curr;
1954 port->opp.advertised = opp->advertised;
1955 port->opp.supported = opp->supported;
1956 port->opp.peer = opp->peer;
1958 netdev_monitor_remove(ofproto->netdev_monitor, port->netdev);
1959 netdev_monitor_add(ofproto->netdev_monitor, netdev);
1961 netdev_close(port->netdev);
1962 port->netdev = netdev;
1964 connmgr_send_port_status(ofproto->connmgr, &port->opp, OFPPR_MODIFY);
1968 ofport_run(struct ofport *ofport)
1971 cfm_run(ofport->cfm);
1973 if (cfm_should_send_ccm(ofport->cfm)) {
1974 struct ofpbuf packet;
1977 ofpbuf_init(&packet, 0);
1978 ccm = eth_compose(&packet, eth_addr_ccm, ofport->opp.hw_addr,
1979 ETH_TYPE_CFM, sizeof *ccm);
1980 cfm_compose_ccm(ofport->cfm, ccm);
1981 ofproto_send_packet(ofport->ofproto, ofport->odp_port, 0, &packet);
1982 ofpbuf_uninit(&packet);
1988 ofport_wait(struct ofport *ofport)
1991 cfm_wait(ofport->cfm);
1996 ofport_unregister(struct ofport *port)
1998 struct ofbundle *bundle = port->bundle;
2001 ofproto_bundle_del_port(port);
2002 if (list_is_empty(&bundle->ports)) {
2003 ofproto_bundle_destroy(bundle);
2004 } else if (list_is_short(&bundle->ports)) {
2005 bond_destroy(bundle->bond);
2006 bundle->bond = NULL;
2010 cfm_destroy(port->cfm);
2015 ofproto_port_unregister(struct ofproto *ofproto, uint16_t ofp_port)
2017 struct ofport *port = get_port(ofproto, ofp_port_to_odp_port(ofp_port));
2019 ofport_unregister(port);
2024 ofport_free(struct ofport *port)
2027 struct ofproto *ofproto = port->ofproto;
2028 const char *name = netdev_get_name(port->netdev);
2030 ofport_unregister(port);
2032 netdev_monitor_remove(ofproto->netdev_monitor, port->netdev);
2033 hmap_remove(&ofproto->ports, &port->hmap_node);
2034 shash_delete(&ofproto->port_by_name,
2035 shash_find(&ofproto->port_by_name, name));
2036 if (ofproto->sflow) {
2037 ofproto_sflow_del_port(ofproto->sflow, port->odp_port);
2040 netdev_close(port->netdev);
2045 static struct ofport *
2046 get_port(const struct ofproto *ofproto, uint16_t odp_port)
2048 struct ofport *port;
2050 HMAP_FOR_EACH_IN_BUCKET (port, hmap_node,
2051 hash_int(odp_port, 0), &ofproto->ports) {
2052 if (port->odp_port == odp_port) {
2060 update_port(struct ofproto *ofproto, const char *name)
2062 struct dpif_port dpif_port;
2063 struct ofp_phy_port opp;
2064 struct netdev *netdev;
2065 struct ofport *port;
2067 COVERAGE_INC(ofproto_update_port);
2069 /* Fetch 'name''s location and properties from the datapath. */
2070 netdev = (!dpif_port_query_by_name(ofproto->dpif, name, &dpif_port)
2071 ? ofport_open(&dpif_port, &opp)
2074 port = get_port(ofproto, dpif_port.port_no);
2075 if (port && !strcmp(netdev_get_name(port->netdev), name)) {
2076 /* 'name' hasn't changed location. Any properties changed? */
2077 if (!ofport_equal(&port->opp, &opp)) {
2078 ofport_modified(port, netdev, &opp);
2080 netdev_close(netdev);
2083 /* If 'port' is nonnull then its name differs from 'name' and thus
2084 * we should delete it. If we think there's a port named 'name'
2085 * then its port number must be wrong now so delete it too. */
2087 ofport_remove(port);
2089 ofport_remove_with_name(ofproto, name);
2090 ofport_install(ofproto, netdev, &opp);
2093 /* Any port named 'name' is gone now. */
2094 ofport_remove_with_name(ofproto, name);
2096 dpif_port_destroy(&dpif_port);
2100 init_ports(struct ofproto *p)
2102 struct dpif_port_dump dump;
2103 struct dpif_port dpif_port;
2105 DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) {
2106 if (!ofport_conflicts(p, &dpif_port)) {
2107 struct ofp_phy_port opp;
2108 struct netdev *netdev;
2110 netdev = ofport_open(&dpif_port, &opp);
2112 ofport_install(p, netdev, &opp);
2120 /* Returns true if 'rule' should be hidden from the controller.
2122 * Rules with priority higher than UINT16_MAX are set up by ofproto itself
2123 * (e.g. by in-band control) and are intentionally hidden from the
2126 rule_is_hidden(const struct rule *rule)
2128 return rule->cr.priority > UINT16_MAX;
2131 /* Creates and returns a new rule initialized as specified.
2133 * The caller is responsible for inserting the rule into the classifier (with
2134 * rule_insert()). */
2135 static struct rule *
2136 rule_create(const struct cls_rule *cls_rule,
2137 const union ofp_action *actions, size_t n_actions,
2138 uint16_t idle_timeout, uint16_t hard_timeout,
2139 ovs_be64 flow_cookie, bool send_flow_removed)
2141 struct rule *rule = xzalloc(sizeof *rule);
2142 rule->cr = *cls_rule;
2143 rule->idle_timeout = idle_timeout;
2144 rule->hard_timeout = hard_timeout;
2145 rule->flow_cookie = flow_cookie;
2146 rule->used = rule->created = time_msec();
2147 rule->send_flow_removed = send_flow_removed;
2148 list_init(&rule->facets);
2149 if (n_actions > 0) {
2150 rule->n_actions = n_actions;
2151 rule->actions = xmemdup(actions, n_actions * sizeof *actions);
2157 static struct rule *
2158 rule_from_cls_rule(const struct cls_rule *cls_rule)
2160 return cls_rule ? CONTAINER_OF(cls_rule, struct rule, cr) : NULL;
2164 rule_free(struct rule *rule)
2166 free(rule->actions);
2170 /* Destroys 'rule' and iterates through all of its facets and revalidates them,
2171 * destroying any that no longer has a rule (which is probably all of them).
2173 * The caller must have already removed 'rule' from the classifier. */
2175 rule_destroy(struct ofproto *ofproto, struct rule *rule)
2177 struct facet *facet, *next_facet;
2178 LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) {
2179 facet_revalidate(ofproto, facet);
2184 /* Returns true if 'rule' has an OpenFlow OFPAT_OUTPUT or OFPAT_ENQUEUE action
2185 * that outputs to 'out_port' (output to OFPP_FLOOD and OFPP_ALL doesn't
2188 rule_has_out_port(const struct rule *rule, ovs_be16 out_port)
2190 const union ofp_action *oa;
2191 struct actions_iterator i;
2193 if (out_port == htons(OFPP_NONE)) {
2196 for (oa = actions_first(&i, rule->actions, rule->n_actions); oa;
2197 oa = actions_next(&i)) {
2198 if (action_outputs_to_port(oa, out_port)) {
2205 /* Executes, within 'ofproto', the 'n_actions' actions in 'actions' on
2206 * 'packet', which arrived on 'in_port'.
2208 * Takes ownership of 'packet'. */
2210 execute_odp_actions(struct ofproto *ofproto, const struct flow *flow,
2211 const struct nlattr *odp_actions, size_t actions_len,
2212 struct ofpbuf *packet)
2214 if (actions_len == NLA_ALIGN(NLA_HDRLEN + sizeof(uint64_t))
2215 && odp_actions->nla_type == ODP_ACTION_ATTR_CONTROLLER) {
2216 /* As an optimization, avoid a round-trip from userspace to kernel to
2217 * userspace. This also avoids possibly filling up kernel packet
2218 * buffers along the way. */
2219 struct dpif_upcall upcall;
2221 upcall.type = DPIF_UC_ACTION;
2222 upcall.packet = packet;
2225 upcall.userdata = nl_attr_get_u64(odp_actions);
2226 upcall.sample_pool = 0;
2227 upcall.actions = NULL;
2228 upcall.actions_len = 0;
2230 send_packet_in(ofproto, &upcall, flow, false);
2236 error = dpif_execute(ofproto->dpif, odp_actions, actions_len, packet);
2237 ofpbuf_delete(packet);
2242 /* Executes the actions indicated by 'facet' on 'packet' and credits 'facet''s
2243 * statistics appropriately. 'packet' must have at least sizeof(struct
2244 * ofp_packet_in) bytes of headroom.
2246 * For correct results, 'packet' must actually be in 'facet''s flow; that is,
2247 * applying flow_extract() to 'packet' would yield the same flow as
2250 * 'facet' must have accurately composed ODP actions; that is, it must not be
2251 * in need of revalidation.
2253 * Takes ownership of 'packet'. */
2255 facet_execute(struct ofproto *ofproto, struct facet *facet,
2256 struct ofpbuf *packet)
2258 struct dpif_flow_stats stats;
2260 assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in));
2262 flow_extract_stats(&facet->flow, packet, &stats);
2263 stats.used = time_msec();
2264 if (execute_odp_actions(ofproto, &facet->flow,
2265 facet->actions, facet->actions_len, packet)) {
2266 facet_update_stats(ofproto, facet, &stats);
2270 /* Executes the actions indicated by 'rule' on 'packet' and credits 'rule''s
2271 * statistics (or the statistics for one of its facets) appropriately.
2272 * 'packet' must have at least sizeof(struct ofp_packet_in) bytes of headroom.
2274 * 'packet' doesn't necessarily have to match 'rule'. 'rule' will be credited
2275 * with statistics for 'packet' either way.
2277 * Takes ownership of 'packet'. */
2279 rule_execute(struct ofproto *ofproto, struct rule *rule, uint16_t in_port,
2280 struct ofpbuf *packet)
2282 struct action_xlate_ctx ctx;
2283 struct ofpbuf *odp_actions;
2284 struct facet *facet;
2288 assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in));
2290 flow_extract(packet, 0, in_port, &flow);
2292 /* First look for a related facet. If we find one, account it to that. */
2293 facet = facet_lookup_valid(ofproto, &flow);
2294 if (facet && facet->rule == rule) {
2295 facet_execute(ofproto, facet, packet);
2299 /* Otherwise, if 'rule' is in fact the correct rule for 'packet', then
2300 * create a new facet for it and use that. */
2301 if (rule_lookup(ofproto, &flow) == rule) {
2302 facet = facet_create(ofproto, rule, &flow, packet);
2303 facet_execute(ofproto, facet, packet);
2304 facet_install(ofproto, facet, true);
2308 /* We can't account anything to a facet. If we were to try, then that
2309 * facet would have a non-matching rule, busting our invariants. */
2310 action_xlate_ctx_init(&ctx, ofproto, &flow, packet);
2311 odp_actions = xlate_actions(&ctx, rule->actions, rule->n_actions);
2312 size = packet->size;
2313 if (execute_odp_actions(ofproto, &flow, odp_actions->data,
2314 odp_actions->size, packet)) {
2315 rule->used = time_msec();
2316 rule->packet_count++;
2317 rule->byte_count += size;
2318 flow_push_stats(ofproto, rule, &flow, 1, size, rule->used);
2320 ofpbuf_delete(odp_actions);
2323 /* Inserts 'rule' into 'p''s flow table. */
2325 rule_insert(struct ofproto *p, struct rule *rule)
2327 struct rule *displaced_rule;
2329 displaced_rule = rule_from_cls_rule(classifier_insert(&p->cls, &rule->cr));
2330 if (displaced_rule) {
2331 rule_destroy(p, displaced_rule);
2333 p->need_revalidate = true;
2336 /* Creates and returns a new facet within 'ofproto' owned by 'rule', given a
2337 * 'flow' and an example 'packet' within that flow.
2339 * The caller must already have determined that no facet with an identical
2340 * 'flow' exists in 'ofproto' and that 'flow' is the best match for 'rule' in
2341 * 'ofproto''s classifier table. */
2342 static struct facet *
2343 facet_create(struct ofproto *ofproto, struct rule *rule,
2344 const struct flow *flow, const struct ofpbuf *packet)
2346 struct facet *facet;
2348 facet = xzalloc(sizeof *facet);
2349 facet->used = time_msec();
2350 hmap_insert(&ofproto->facets, &facet->hmap_node, flow_hash(flow, 0));
2351 list_push_back(&rule->facets, &facet->list_node);
2353 facet->flow = *flow;
2354 netflow_flow_init(&facet->nf_flow);
2355 netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, facet->used);
2357 facet_make_actions(ofproto, facet, packet);
2363 facet_free(struct facet *facet)
2365 free(facet->actions);
2369 /* Remove 'rule' from 'ofproto' and free up the associated memory:
2371 * - Removes 'rule' from the classifier.
2373 * - If 'rule' has facets, revalidates them (and possibly uninstalls and
2374 * destroys them), via rule_destroy().
2377 rule_remove(struct ofproto *ofproto, struct rule *rule)
2379 COVERAGE_INC(ofproto_del_rule);
2380 ofproto->need_revalidate = true;
2381 classifier_remove(&ofproto->cls, &rule->cr);
2382 rule_destroy(ofproto, rule);
2385 /* Remove 'facet' from 'ofproto' and free up the associated memory:
2387 * - If 'facet' was installed in the datapath, uninstalls it and updates its
2388 * rule's statistics, via facet_uninstall().
2390 * - Removes 'facet' from its rule and from ofproto->facets.
2393 facet_remove(struct ofproto *ofproto, struct facet *facet)
2395 facet_uninstall(ofproto, facet);
2396 facet_flush_stats(ofproto, facet);
2397 hmap_remove(&ofproto->facets, &facet->hmap_node);
2398 list_remove(&facet->list_node);
2402 /* Composes the ODP actions for 'facet' based on its rule's actions. */
2404 facet_make_actions(struct ofproto *p, struct facet *facet,
2405 const struct ofpbuf *packet)
2407 const struct rule *rule = facet->rule;
2408 struct ofpbuf *odp_actions;
2409 struct action_xlate_ctx ctx;
2411 action_xlate_ctx_init(&ctx, p, &facet->flow, packet);
2412 odp_actions = xlate_actions(&ctx, rule->actions, rule->n_actions);
2413 facet->tags = ctx.tags;
2414 facet->may_install = ctx.may_set_up_flow;
2415 facet->nf_flow.output_iface = ctx.nf_output_iface;
2417 if (facet->actions_len != odp_actions->size
2418 || memcmp(facet->actions, odp_actions->data, odp_actions->size)) {
2419 free(facet->actions);
2420 facet->actions_len = odp_actions->size;
2421 facet->actions = xmemdup(odp_actions->data, odp_actions->size);
2424 ofpbuf_delete(odp_actions);
2428 facet_put__(struct ofproto *ofproto, struct facet *facet,
2429 const struct nlattr *actions, size_t actions_len,
2430 struct dpif_flow_stats *stats)
2432 struct odputil_keybuf keybuf;
2433 enum dpif_flow_put_flags flags;
2436 flags = DPIF_FP_CREATE | DPIF_FP_MODIFY;
2438 flags |= DPIF_FP_ZERO_STATS;
2439 facet->dp_packet_count = 0;
2440 facet->dp_byte_count = 0;
2443 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
2444 odp_flow_key_from_flow(&key, &facet->flow);
2446 return dpif_flow_put(ofproto->dpif, flags, key.data, key.size,
2447 actions, actions_len, stats);
2450 /* If 'facet' is installable, inserts or re-inserts it into 'p''s datapath. If
2451 * 'zero_stats' is true, clears any existing statistics from the datapath for
2454 facet_install(struct ofproto *p, struct facet *facet, bool zero_stats)
2456 struct dpif_flow_stats stats;
2458 if (facet->may_install
2459 && !facet_put__(p, facet, facet->actions, facet->actions_len,
2460 zero_stats ? &stats : NULL)) {
2461 facet->installed = true;
2466 facet_account(struct ofproto *ofproto,
2467 struct facet *facet, uint64_t extra_bytes)
2469 uint64_t total_bytes, n_bytes;
2470 struct ofbundle *in_bundle;
2471 const struct nlattr *a;
2476 total_bytes = facet->byte_count + extra_bytes;
2477 if (total_bytes <= facet->accounted_bytes) {
2480 n_bytes = total_bytes - facet->accounted_bytes;
2481 facet->accounted_bytes = total_bytes;
2483 /* Test that 'tags' is nonzero to ensure that only flows that include an
2484 * OFPP_NORMAL action are used for learning and bond slave rebalancing.
2485 * This works because OFPP_NORMAL always sets a nonzero tag value.
2487 * Feed information from the active flows back into the learning table to
2488 * ensure that table is always in sync with what is actually flowing
2489 * through the datapath. */
2491 || !is_admissible(ofproto, &facet->flow, false, &dummy,
2492 &vlan, &in_bundle)) {
2496 update_learning_table(ofproto, &facet->flow, vlan, in_bundle);
2498 if (!ofproto->has_bonded_bundles) {
2501 NL_ATTR_FOR_EACH_UNSAFE (a, left, facet->actions, facet->actions_len) {
2502 if (nl_attr_type(a) == ODP_ACTION_ATTR_OUTPUT) {
2503 struct ofport *port = get_port(ofproto, nl_attr_get_u32(a));
2504 if (port && port->bundle && port->bundle->bond) {
2505 bond_account(port->bundle->bond, &facet->flow, vlan, n_bytes);
2511 /* If 'rule' is installed in the datapath, uninstalls it. */
2513 facet_uninstall(struct ofproto *p, struct facet *facet)
2515 if (facet->installed) {
2516 struct odputil_keybuf keybuf;
2517 struct dpif_flow_stats stats;
2520 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
2521 odp_flow_key_from_flow(&key, &facet->flow);
2523 if (!dpif_flow_del(p->dpif, key.data, key.size, &stats)) {
2524 facet_update_stats(p, facet, &stats);
2526 facet->installed = false;
2527 facet->dp_packet_count = 0;
2528 facet->dp_byte_count = 0;
2530 assert(facet->dp_packet_count == 0);
2531 assert(facet->dp_byte_count == 0);
2535 /* Returns true if the only action for 'facet' is to send to the controller.
2536 * (We don't report NetFlow expiration messages for such facets because they
2537 * are just part of the control logic for the network, not real traffic). */
2539 facet_is_controller_flow(struct facet *facet)
2542 && facet->rule->n_actions == 1
2543 && action_outputs_to_port(&facet->rule->actions[0],
2544 htons(OFPP_CONTROLLER)));
2547 /* Folds all of 'facet''s statistics into its rule. Also updates the
2548 * accounting ofhook and emits a NetFlow expiration if appropriate. All of
2549 * 'facet''s statistics in the datapath should have been zeroed and folded into
2550 * its packet and byte counts before this function is called. */
2552 facet_flush_stats(struct ofproto *ofproto, struct facet *facet)
2554 assert(!facet->dp_byte_count);
2555 assert(!facet->dp_packet_count);
2557 facet_push_stats(ofproto, facet);
2558 facet_account(ofproto, facet, 0);
2560 if (ofproto->netflow && !facet_is_controller_flow(facet)) {
2561 struct ofexpired expired;
2562 expired.flow = facet->flow;
2563 expired.packet_count = facet->packet_count;
2564 expired.byte_count = facet->byte_count;
2565 expired.used = facet->used;
2566 netflow_expire(ofproto->netflow, &facet->nf_flow, &expired);
2569 facet->rule->packet_count += facet->packet_count;
2570 facet->rule->byte_count += facet->byte_count;
2572 /* Reset counters to prevent double counting if 'facet' ever gets
2574 facet->packet_count = 0;
2575 facet->byte_count = 0;
2576 facet->rs_packet_count = 0;
2577 facet->rs_byte_count = 0;
2578 facet->accounted_bytes = 0;
2580 netflow_flow_clear(&facet->nf_flow);
2583 /* Searches 'ofproto''s table of facets for one exactly equal to 'flow'.
2584 * Returns it if found, otherwise a null pointer.
2586 * The returned facet might need revalidation; use facet_lookup_valid()
2587 * instead if that is important. */
2588 static struct facet *
2589 facet_find(struct ofproto *ofproto, const struct flow *flow)
2591 struct facet *facet;
2593 HMAP_FOR_EACH_WITH_HASH (facet, hmap_node, flow_hash(flow, 0),
2595 if (flow_equal(flow, &facet->flow)) {
2603 /* Searches 'ofproto''s table of facets for one exactly equal to 'flow'.
2604 * Returns it if found, otherwise a null pointer.
2606 * The returned facet is guaranteed to be valid. */
2607 static struct facet *
2608 facet_lookup_valid(struct ofproto *ofproto, const struct flow *flow)
2610 struct facet *facet = facet_find(ofproto, flow);
2612 /* The facet we found might not be valid, since we could be in need of
2613 * revalidation. If it is not valid, don't return it. */
2615 && ofproto->need_revalidate
2616 && !facet_revalidate(ofproto, facet)) {
2617 COVERAGE_INC(ofproto_invalidated);
2624 /* Re-searches 'ofproto''s classifier for a rule matching 'facet':
2626 * - If the rule found is different from 'facet''s current rule, moves
2627 * 'facet' to the new rule and recompiles its actions.
2629 * - If the rule found is the same as 'facet''s current rule, leaves 'facet'
2630 * where it is and recompiles its actions anyway.
2632 * - If there is none, destroys 'facet'.
2634 * Returns true if 'facet' still exists, false if it has been destroyed. */
2636 facet_revalidate(struct ofproto *ofproto, struct facet *facet)
2638 struct action_xlate_ctx ctx;
2639 struct ofpbuf *odp_actions;
2640 struct rule *new_rule;
2641 bool actions_changed;
2643 COVERAGE_INC(facet_revalidate);
2645 /* Determine the new rule. */
2646 new_rule = rule_lookup(ofproto, &facet->flow);
2648 /* No new rule, so delete the facet. */
2649 facet_remove(ofproto, facet);
2653 /* Calculate new ODP actions.
2655 * We do not modify any 'facet' state yet, because we might need to, e.g.,
2656 * emit a NetFlow expiration and, if so, we need to have the old state
2657 * around to properly compose it. */
2658 action_xlate_ctx_init(&ctx, ofproto, &facet->flow, NULL);
2659 odp_actions = xlate_actions(&ctx, new_rule->actions, new_rule->n_actions);
2660 actions_changed = (facet->actions_len != odp_actions->size
2661 || memcmp(facet->actions, odp_actions->data,
2662 facet->actions_len));
2664 /* If the ODP actions changed or the installability changed, then we need
2665 * to talk to the datapath. */
2666 if (actions_changed || ctx.may_set_up_flow != facet->installed) {
2667 if (ctx.may_set_up_flow) {
2668 struct dpif_flow_stats stats;
2670 facet_put__(ofproto, facet,
2671 odp_actions->data, odp_actions->size, &stats);
2672 facet_update_stats(ofproto, facet, &stats);
2674 facet_uninstall(ofproto, facet);
2677 /* The datapath flow is gone or has zeroed stats, so push stats out of
2678 * 'facet' into 'rule'. */
2679 facet_flush_stats(ofproto, facet);
2682 /* Update 'facet' now that we've taken care of all the old state. */
2683 facet->tags = ctx.tags;
2684 facet->nf_flow.output_iface = ctx.nf_output_iface;
2685 facet->may_install = ctx.may_set_up_flow;
2686 if (actions_changed) {
2687 free(facet->actions);
2688 facet->actions_len = odp_actions->size;
2689 facet->actions = xmemdup(odp_actions->data, odp_actions->size);
2691 if (facet->rule != new_rule) {
2692 COVERAGE_INC(facet_changed_rule);
2693 list_remove(&facet->list_node);
2694 list_push_back(&new_rule->facets, &facet->list_node);
2695 facet->rule = new_rule;
2696 facet->used = new_rule->created;
2697 facet->rs_used = facet->used;
2700 ofpbuf_delete(odp_actions);
2705 /* Bridge packet processing functions. */
2708 struct ofport *port;
2713 struct dst builtin[32];
2715 size_t n, allocated;
2718 static void dst_set_init(struct dst_set *);
2719 static void dst_set_add(struct dst_set *, const struct dst *);
2720 static void dst_set_free(struct dst_set *);
2722 static struct ofport *ofbundle_get_a_port(const struct ofbundle *);
2725 set_dst(struct action_xlate_ctx *ctx, struct dst *dst,
2726 const struct ofbundle *in_bundle, const struct ofbundle *out_bundle)
2728 dst->vlan = (out_bundle->vlan >= 0 ? OFP_VLAN_NONE
2729 : in_bundle->vlan >= 0 ? in_bundle->vlan
2730 : ctx->flow.vlan_tci == 0 ? OFP_VLAN_NONE
2731 : vlan_tci_to_vid(ctx->flow.vlan_tci));
2733 dst->port = (!out_bundle->bond
2734 ? ofbundle_get_a_port(out_bundle)
2735 : bond_choose_output_slave(out_bundle->bond, &ctx->flow,
2736 dst->vlan, &ctx->tags));
2738 return dst->port != NULL;
2742 mirror_mask_ffs(mirror_mask_t mask)
2744 BUILD_ASSERT_DECL(sizeof(unsigned int) >= sizeof(mask));
2749 dst_set_init(struct dst_set *set)
2751 set->dsts = set->builtin;
2753 set->allocated = ARRAY_SIZE(set->builtin);
2757 dst_set_add(struct dst_set *set, const struct dst *dst)
2759 if (set->n >= set->allocated) {
2760 size_t new_allocated;
2761 struct dst *new_dsts;
2763 new_allocated = set->allocated * 2;
2764 new_dsts = xmalloc(new_allocated * sizeof *new_dsts);
2765 memcpy(new_dsts, set->dsts, set->n * sizeof *new_dsts);
2769 set->dsts = new_dsts;
2770 set->allocated = new_allocated;
2772 set->dsts[set->n++] = *dst;
2776 dst_set_free(struct dst_set *set)
2778 if (set->dsts != set->builtin) {
2784 dst_is_duplicate(const struct dst_set *set, const struct dst *test)
2787 for (i = 0; i < set->n; i++) {
2788 if (set->dsts[i].vlan == test->vlan
2789 && set->dsts[i].port == test->port) {
2797 ofbundle_trunks_vlan(const struct ofbundle *bundle, uint16_t vlan)
2799 return bundle->vlan < 0 && vlan_bitmap_contains(bundle->trunks, vlan);
2803 ofbundle_includes_vlan(const struct ofbundle *bundle, uint16_t vlan)
2805 return vlan == bundle->vlan || ofbundle_trunks_vlan(bundle, vlan);
2808 /* Returns an arbitrary interface within 'bundle'. */
2809 static struct ofport *
2810 ofbundle_get_a_port(const struct ofbundle *bundle)
2812 return CONTAINER_OF(list_front(&bundle->ports),
2813 struct ofport, bundle_node);
2817 compose_dsts(struct action_xlate_ctx *ctx, uint16_t vlan,
2818 const struct ofbundle *in_bundle,
2819 const struct ofbundle *out_bundle, struct dst_set *set)
2823 if (out_bundle == OFBUNDLE_FLOOD) {
2824 struct ofbundle *bundle;
2826 HMAP_FOR_EACH (bundle, hmap_node, &ctx->ofproto->bundles) {
2827 if (bundle != in_bundle
2828 && ofbundle_includes_vlan(bundle, vlan)
2829 && bundle->floodable
2830 && !bundle->mirror_out
2831 && set_dst(ctx, &dst, in_bundle, bundle)) {
2832 dst_set_add(set, &dst);
2835 ctx->nf_output_iface = NF_OUT_FLOOD;
2836 } else if (out_bundle && set_dst(ctx, &dst, in_bundle, out_bundle)) {
2837 dst_set_add(set, &dst);
2838 ctx->nf_output_iface = dst.port->odp_port;
2843 vlan_is_mirrored(const struct ofmirror *m, int vlan)
2845 return vlan_bitmap_contains(m->vlans, vlan);
2849 compose_mirror_dsts(struct action_xlate_ctx *ctx,
2850 uint16_t vlan, const struct ofbundle *in_bundle,
2851 struct dst_set *set)
2853 struct ofproto *ofproto = ctx->ofproto;
2854 mirror_mask_t mirrors;
2858 mirrors = in_bundle->src_mirrors;
2859 for (i = 0; i < set->n; i++) {
2860 mirrors |= set->dsts[i].port->bundle->dst_mirrors;
2867 flow_vlan = vlan_tci_to_vid(ctx->flow.vlan_tci);
2868 if (flow_vlan == 0) {
2869 flow_vlan = OFP_VLAN_NONE;
2873 struct ofmirror *m = ofproto->mirrors[mirror_mask_ffs(mirrors) - 1];
2874 if (vlan_is_mirrored(m, vlan)) {
2878 if (set_dst(ctx, &dst, in_bundle, m->out)
2879 && !dst_is_duplicate(set, &dst)) {
2880 dst_set_add(set, &dst);
2883 struct ofbundle *bundle;
2885 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
2886 if (ofbundle_includes_vlan(bundle, m->out_vlan)
2887 && set_dst(ctx, &dst, in_bundle, bundle))
2889 if (bundle->vlan < 0) {
2890 dst.vlan = m->out_vlan;
2892 if (dst_is_duplicate(set, &dst)) {
2896 /* Use the vlan tag on the original flow instead of
2897 * the one passed in the vlan parameter. This ensures
2898 * that we compare the vlan from before any implicit
2899 * tagging tags place. This is necessary because
2900 * dst->vlan is the final vlan, after removing implicit
2902 if (bundle == in_bundle && dst.vlan == flow_vlan) {
2903 /* Don't send out input port on same VLAN. */
2906 dst_set_add(set, &dst);
2911 mirrors &= mirrors - 1;
2916 compose_actions(struct action_xlate_ctx *ctx, uint16_t vlan,
2917 const struct ofbundle *in_bundle,
2918 const struct ofbundle *out_bundle)
2920 uint16_t initial_vlan, cur_vlan;
2921 const struct dst *dst;
2925 compose_dsts(ctx, vlan, in_bundle, out_bundle, &set);
2926 compose_mirror_dsts(ctx, vlan, in_bundle, &set);
2928 /* Output all the packets we can without having to change the VLAN. */
2929 initial_vlan = vlan_tci_to_vid(ctx->flow.vlan_tci);
2930 if (initial_vlan == 0) {
2931 initial_vlan = OFP_VLAN_NONE;
2933 for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) {
2934 if (dst->vlan != initial_vlan) {
2937 nl_msg_put_u32(ctx->odp_actions,
2938 ODP_ACTION_ATTR_OUTPUT, dst->port->odp_port);
2941 /* Then output the rest. */
2942 cur_vlan = initial_vlan;
2943 for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) {
2944 if (dst->vlan == initial_vlan) {
2947 if (dst->vlan != cur_vlan) {
2948 if (dst->vlan == OFP_VLAN_NONE) {
2949 nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_STRIP_VLAN);
2952 tci = htons(dst->vlan & VLAN_VID_MASK);
2953 tci |= ctx->flow.vlan_tci & htons(VLAN_PCP_MASK);
2954 nl_msg_put_be16(ctx->odp_actions,
2955 ODP_ACTION_ATTR_SET_DL_TCI, tci);
2957 cur_vlan = dst->vlan;
2959 nl_msg_put_u32(ctx->odp_actions,
2960 ODP_ACTION_ATTR_OUTPUT, dst->port->odp_port);
2966 /* Returns the effective vlan of a packet, taking into account both the
2967 * 802.1Q header and implicitly tagged ports. A value of 0 indicates that
2968 * the packet is untagged and -1 indicates it has an invalid header and
2969 * should be dropped. */
2971 flow_get_vlan(struct ofproto *ofproto, const struct flow *flow,
2972 struct ofbundle *in_bundle, bool have_packet)
2974 int vlan = vlan_tci_to_vid(flow->vlan_tci);
2975 if (in_bundle->vlan >= 0) {
2978 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2979 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
2980 "packet received on port %s configured with "
2981 "implicit VLAN %"PRIu16,
2982 ofproto->name, vlan,
2983 in_bundle->name, in_bundle->vlan);
2987 vlan = in_bundle->vlan;
2989 if (!ofbundle_includes_vlan(in_bundle, vlan)) {
2991 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2992 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
2993 "packet received on port %s not configured for "
2995 ofproto->name, vlan, in_bundle->name, vlan);
3004 /* A VM broadcasts a gratuitous ARP to indicate that it has resumed after
3005 * migration. Older Citrix-patched Linux DomU used gratuitous ARP replies to
3006 * indicate this; newer upstream kernels use gratuitous ARP requests. */
3008 is_gratuitous_arp(const struct flow *flow)
3010 return (flow->dl_type == htons(ETH_TYPE_ARP)
3011 && eth_addr_is_broadcast(flow->dl_dst)
3012 && (flow->nw_proto == ARP_OP_REPLY
3013 || (flow->nw_proto == ARP_OP_REQUEST
3014 && flow->nw_src == flow->nw_dst)));
3018 update_learning_table(struct ofproto *ofproto,
3019 const struct flow *flow, int vlan,
3020 struct ofbundle *in_bundle)
3022 struct mac_entry *mac;
3024 if (!mac_learning_may_learn(ofproto->ml, flow->dl_src, vlan)) {
3028 mac = mac_learning_insert(ofproto->ml, flow->dl_src, vlan);
3029 if (is_gratuitous_arp(flow)) {
3030 /* We don't want to learn from gratuitous ARP packets that are
3031 * reflected back over bond slaves so we lock the learning table. */
3032 if (!in_bundle->bond) {
3033 mac_entry_set_grat_arp_lock(mac);
3034 } else if (mac_entry_is_grat_arp_locked(mac)) {
3039 if (mac_entry_is_new(mac) || mac->port.p != in_bundle) {
3040 /* The log messages here could actually be useful in debugging,
3041 * so keep the rate limit relatively high. */
3042 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300);
3043 VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is "
3044 "on port %s in VLAN %d",
3045 ofproto->name, ETH_ADDR_ARGS(flow->dl_src),
3046 in_bundle->name, vlan);
3048 mac->port.p = in_bundle;
3049 tag_set_add(&ofproto->revalidate_set,
3050 mac_learning_changed(ofproto->ml, mac));
3054 /* Determines whether packets in 'flow' within 'br' should be forwarded or
3055 * dropped. Returns true if they may be forwarded, false if they should be
3058 * If 'have_packet' is true, it indicates that the caller is processing a
3059 * received packet. If 'have_packet' is false, then the caller is just
3060 * revalidating an existing flow because configuration has changed. Either
3061 * way, 'have_packet' only affects logging (there is no point in logging errors
3062 * during revalidation).
3064 * Sets '*in_portp' to the input port. This will be a null pointer if
3065 * flow->in_port does not designate a known input port (in which case
3066 * is_admissible() returns false).
3068 * When returning true, sets '*vlanp' to the effective VLAN of the input
3069 * packet, as returned by flow_get_vlan().
3071 * May also add tags to '*tags', although the current implementation only does
3072 * so in one special case.
3075 is_admissible(struct ofproto *ofproto, const struct flow *flow,
3077 tag_type *tags, int *vlanp, struct ofbundle **in_bundlep)
3079 struct ofport *in_port;
3080 struct ofbundle *in_bundle;
3083 /* Find the port and bundle for the received packet. */
3084 in_port = get_port(ofproto, flow->in_port);
3085 *in_bundlep = in_bundle = in_port->bundle;
3086 if (!in_port || !in_bundle) {
3087 /* No interface? Something fishy... */
3089 /* Odd. A few possible reasons here:
3091 * - We deleted a port but there are still a few packets queued up
3094 * - Someone externally added a port (e.g. "ovs-dpctl add-if") that
3095 * we don't know about.
3097 * - Packet arrived on the local port but the local port is not
3100 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3102 VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown "
3104 ofproto->name, flow->in_port);
3108 *vlanp = vlan = flow_get_vlan(ofproto, flow, in_bundle, have_packet);
3113 /* Drop frames for reserved multicast addresses. */
3114 if (eth_addr_is_reserved(flow->dl_dst)) {
3118 /* Drop frames on bundles reserved for mirroring. */
3119 if (in_bundle->mirror_out) {
3121 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3122 VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port "
3123 "%s, which is reserved exclusively for mirroring",
3124 ofproto->name, in_bundle->name);
3129 if (in_bundle->bond) {
3130 struct mac_entry *mac;
3132 switch (bond_check_admissibility(in_bundle->bond, in_port,
3133 flow->dl_dst, tags)) {
3140 case BV_DROP_IF_MOVED:
3141 mac = mac_learning_lookup(ofproto->ml, flow->dl_src, vlan, NULL);
3142 if (mac && mac->port.p != in_bundle &&
3143 (!is_gratuitous_arp(flow)
3144 || mac_entry_is_grat_arp_locked(mac))) {
3154 /* If the composed actions may be applied to any packet in the given 'flow',
3155 * returns true. Otherwise, the actions should only be applied to 'packet', or
3156 * not at all, if 'packet' was NULL. */
3158 xlate_normal(struct action_xlate_ctx *ctx)
3160 struct ofbundle *in_bundle;
3161 struct ofbundle *out_bundle;
3162 struct mac_entry *mac;
3165 /* Check whether we should drop packets in this flow. */
3166 if (!is_admissible(ctx->ofproto, &ctx->flow, ctx->packet != NULL,
3167 &ctx->tags, &vlan, &in_bundle)) {
3172 /* Learn source MAC (but don't try to learn from revalidation). */
3174 update_learning_table(ctx->ofproto, &ctx->flow, vlan, in_bundle);
3177 /* Determine output bundle. */
3178 mac = mac_learning_lookup(ctx->ofproto->ml, ctx->flow.dl_dst, vlan,
3181 out_bundle = mac->port.p;
3182 } else if (!ctx->packet && !eth_addr_is_multicast(ctx->flow.dl_dst)) {
3183 /* If we are revalidating but don't have a learning entry then eject
3184 * the flow. Installing a flow that floods packets opens up a window
3185 * of time where we could learn from a packet reflected on a bond and
3186 * blackhole packets before the learning table is updated to reflect
3187 * the correct port. */
3190 out_bundle = OFBUNDLE_FLOOD;
3193 /* Don't send packets out their input bundles. */
3194 if (in_bundle == out_bundle) {
3200 compose_actions(ctx, vlan, in_bundle, out_bundle);
3207 send_error_oh(const struct ofconn *ofconn, const struct ofp_header *oh,
3210 struct ofpbuf *buf = ofputil_encode_error_msg(error, oh);
3212 COVERAGE_INC(ofproto_error);
3213 ofconn_send_reply(ofconn, buf);
3218 handle_echo_request(struct ofconn *ofconn, const struct ofp_header *oh)
3220 ofconn_send_reply(ofconn, make_echo_reply(oh));
3225 handle_features_request(struct ofconn *ofconn, const struct ofp_header *oh)
3227 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
3228 struct ofp_switch_features *osf;
3230 struct ofport *port;
3232 osf = make_openflow_xid(sizeof *osf, OFPT_FEATURES_REPLY, oh->xid, &buf);
3233 osf->datapath_id = htonll(ofproto->datapath_id);
3234 osf->n_buffers = htonl(pktbuf_capacity());
3236 osf->capabilities = htonl(OFPC_FLOW_STATS | OFPC_TABLE_STATS |
3237 OFPC_PORT_STATS | OFPC_ARP_MATCH_IP);
3238 osf->actions = htonl((1u << OFPAT_OUTPUT) |
3239 (1u << OFPAT_SET_VLAN_VID) |
3240 (1u << OFPAT_SET_VLAN_PCP) |
3241 (1u << OFPAT_STRIP_VLAN) |
3242 (1u << OFPAT_SET_DL_SRC) |
3243 (1u << OFPAT_SET_DL_DST) |
3244 (1u << OFPAT_SET_NW_SRC) |
3245 (1u << OFPAT_SET_NW_DST) |
3246 (1u << OFPAT_SET_NW_TOS) |
3247 (1u << OFPAT_SET_TP_SRC) |
3248 (1u << OFPAT_SET_TP_DST) |
3249 (1u << OFPAT_ENQUEUE));
3251 HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) {
3252 ofpbuf_put(buf, &port->opp, sizeof port->opp);
3255 ofconn_send_reply(ofconn, buf);
3260 handle_get_config_request(struct ofconn *ofconn, const struct ofp_header *oh)
3262 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
3264 struct ofp_switch_config *osc;
3268 /* Figure out flags. */
3269 dpif_get_drop_frags(ofproto->dpif, &drop_frags);
3270 flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL;
3273 osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf);
3274 osc->flags = htons(flags);
3275 osc->miss_send_len = htons(ofconn_get_miss_send_len(ofconn));
3276 ofconn_send_reply(ofconn, buf);
3282 handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc)
3284 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
3285 uint16_t flags = ntohs(osc->flags);
3287 if (ofconn_get_type(ofconn) == OFCONN_PRIMARY
3288 && ofconn_get_role(ofconn) != NX_ROLE_SLAVE) {
3289 switch (flags & OFPC_FRAG_MASK) {
3290 case OFPC_FRAG_NORMAL:
3291 dpif_set_drop_frags(ofproto->dpif, false);
3293 case OFPC_FRAG_DROP:
3294 dpif_set_drop_frags(ofproto->dpif, true);
3297 VLOG_WARN_RL(&rl, "requested bad fragment mode (flags=%"PRIx16")",
3303 ofconn_set_miss_send_len(ofconn, ntohs(osc->miss_send_len));
3308 static void do_xlate_actions(const union ofp_action *in, size_t n_in,
3309 struct action_xlate_ctx *ctx);
3312 add_output_action(struct action_xlate_ctx *ctx, uint16_t port)
3314 const struct ofport *ofport = get_port(ctx->ofproto, port);
3317 if (ofport->opp.config & htonl(OFPPC_NO_FWD)) {
3318 /* Forwarding disabled on port. */
3323 * We don't have an ofport record for this port, but it doesn't hurt to
3324 * allow forwarding to it anyhow. Maybe such a port will appear later
3325 * and we're pre-populating the flow table.
3329 nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_OUTPUT, port);
3330 ctx->nf_output_iface = port;
3333 static struct rule *
3334 rule_lookup(struct ofproto *ofproto, const struct flow *flow)
3336 return rule_from_cls_rule(classifier_lookup(&ofproto->cls, flow));
3340 xlate_table_action(struct action_xlate_ctx *ctx, uint16_t in_port)
3342 if (ctx->recurse < MAX_RESUBMIT_RECURSION) {
3343 uint16_t old_in_port;
3346 /* Look up a flow with 'in_port' as the input port. Then restore the
3347 * original input port (otherwise OFPP_NORMAL and OFPP_IN_PORT will
3348 * have surprising behavior). */
3349 old_in_port = ctx->flow.in_port;
3350 ctx->flow.in_port = in_port;
3351 rule = rule_lookup(ctx->ofproto, &ctx->flow);
3352 ctx->flow.in_port = old_in_port;
3354 if (ctx->resubmit_hook) {
3355 ctx->resubmit_hook(ctx, rule);
3360 do_xlate_actions(rule->actions, rule->n_actions, ctx);
3364 static struct vlog_rate_limit recurse_rl = VLOG_RATE_LIMIT_INIT(1, 1);
3366 VLOG_ERR_RL(&recurse_rl, "NXAST_RESUBMIT recursed over %d times",
3367 MAX_RESUBMIT_RECURSION);
3372 flood_packets(struct ofproto *ofproto, uint16_t odp_in_port, ovs_be32 mask,
3373 uint16_t *nf_output_iface, struct ofpbuf *odp_actions)
3375 struct ofport *ofport;
3377 HMAP_FOR_EACH (ofport, hmap_node, &ofproto->ports) {
3378 uint16_t odp_port = ofport->odp_port;
3379 if (odp_port != odp_in_port && !(ofport->opp.config & mask)) {
3380 nl_msg_put_u32(odp_actions, ODP_ACTION_ATTR_OUTPUT, odp_port);
3383 *nf_output_iface = NF_OUT_FLOOD;
3387 xlate_output_action__(struct action_xlate_ctx *ctx,
3388 uint16_t port, uint16_t max_len)
3391 uint16_t prev_nf_output_iface = ctx->nf_output_iface;
3393 ctx->nf_output_iface = NF_OUT_DROP;
3397 add_output_action(ctx, ctx->flow.in_port);
3400 xlate_table_action(ctx, ctx->flow.in_port);
3406 flood_packets(ctx->ofproto, ctx->flow.in_port, htonl(OFPPC_NO_FLOOD),
3407 &ctx->nf_output_iface, ctx->odp_actions);
3410 flood_packets(ctx->ofproto, ctx->flow.in_port, htonl(0),
3411 &ctx->nf_output_iface, ctx->odp_actions);
3413 case OFPP_CONTROLLER:
3414 nl_msg_put_u64(ctx->odp_actions, ODP_ACTION_ATTR_CONTROLLER, max_len);
3417 add_output_action(ctx, ODPP_LOCAL);
3420 odp_port = ofp_port_to_odp_port(port);
3421 if (odp_port != ctx->flow.in_port) {
3422 add_output_action(ctx, odp_port);
3427 if (prev_nf_output_iface == NF_OUT_FLOOD) {
3428 ctx->nf_output_iface = NF_OUT_FLOOD;
3429 } else if (ctx->nf_output_iface == NF_OUT_DROP) {
3430 ctx->nf_output_iface = prev_nf_output_iface;
3431 } else if (prev_nf_output_iface != NF_OUT_DROP &&
3432 ctx->nf_output_iface != NF_OUT_FLOOD) {
3433 ctx->nf_output_iface = NF_OUT_MULTI;
3438 xlate_output_action(struct action_xlate_ctx *ctx,
3439 const struct ofp_action_output *oao)
3441 xlate_output_action__(ctx, ntohs(oao->port), ntohs(oao->max_len));
3444 /* If the final ODP action in 'ctx' is "pop priority", drop it, as an
3445 * optimization, because we're going to add another action that sets the
3446 * priority immediately after, or because there are no actions following the
3449 remove_pop_action(struct action_xlate_ctx *ctx)
3451 if (ctx->odp_actions->size == ctx->last_pop_priority) {
3452 ctx->odp_actions->size -= NLA_ALIGN(NLA_HDRLEN);
3453 ctx->last_pop_priority = -1;
3458 add_pop_action(struct action_xlate_ctx *ctx)
3460 if (ctx->odp_actions->size != ctx->last_pop_priority) {
3461 nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_POP_PRIORITY);
3462 ctx->last_pop_priority = ctx->odp_actions->size;
3467 xlate_enqueue_action(struct action_xlate_ctx *ctx,
3468 const struct ofp_action_enqueue *oae)
3470 uint16_t ofp_port, odp_port;
3474 error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(oae->queue_id),
3477 /* Fall back to ordinary output action. */
3478 xlate_output_action__(ctx, ntohs(oae->port), 0);
3482 /* Figure out ODP output port. */
3483 ofp_port = ntohs(oae->port);
3484 if (ofp_port != OFPP_IN_PORT) {
3485 odp_port = ofp_port_to_odp_port(ofp_port);
3487 odp_port = ctx->flow.in_port;
3490 /* Add ODP actions. */
3491 remove_pop_action(ctx);
3492 nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_SET_PRIORITY, priority);
3493 add_output_action(ctx, odp_port);
3494 add_pop_action(ctx);
3496 /* Update NetFlow output port. */
3497 if (ctx->nf_output_iface == NF_OUT_DROP) {
3498 ctx->nf_output_iface = odp_port;
3499 } else if (ctx->nf_output_iface != NF_OUT_FLOOD) {
3500 ctx->nf_output_iface = NF_OUT_MULTI;
3505 xlate_set_queue_action(struct action_xlate_ctx *ctx,
3506 const struct nx_action_set_queue *nasq)
3511 error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(nasq->queue_id),
3514 /* Couldn't translate queue to a priority, so ignore. A warning
3515 * has already been logged. */
3519 remove_pop_action(ctx);
3520 nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_SET_PRIORITY, priority);
3524 xlate_set_dl_tci(struct action_xlate_ctx *ctx)
3526 ovs_be16 tci = ctx->flow.vlan_tci;
3527 if (!(tci & htons(VLAN_CFI))) {
3528 nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_STRIP_VLAN);
3530 nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_TCI,
3531 tci & ~htons(VLAN_CFI));
3535 struct xlate_reg_state {
3541 save_reg_state(const struct action_xlate_ctx *ctx,
3542 struct xlate_reg_state *state)
3544 state->vlan_tci = ctx->flow.vlan_tci;
3545 state->tun_id = ctx->flow.tun_id;
3549 update_reg_state(struct action_xlate_ctx *ctx,
3550 const struct xlate_reg_state *state)
3552 if (ctx->flow.vlan_tci != state->vlan_tci) {
3553 xlate_set_dl_tci(ctx);
3555 if (ctx->flow.tun_id != state->tun_id) {
3556 nl_msg_put_be64(ctx->odp_actions,
3557 ODP_ACTION_ATTR_SET_TUNNEL, ctx->flow.tun_id);
3562 xlate_autopath(struct action_xlate_ctx *ctx,
3563 const struct nx_action_autopath *naa)
3565 uint16_t ofp_port = ntohl(naa->id);
3566 struct ofport *port;
3568 port = get_port(ctx->ofproto, ofp_port_to_odp_port(ofp_port));
3569 if (!port || !port->bundle) {
3570 ofp_port = OFPP_NONE;
3571 } else if (port->bundle->bond) {
3572 /* Autopath does not support VLAN hashing. */
3573 struct ofport *slave = bond_choose_output_slave(
3574 port->bundle->bond, &ctx->flow, OFP_VLAN_NONE, &ctx->tags);
3576 ofp_port = odp_port_to_ofp_port(slave->odp_port);
3579 autopath_execute(naa, &ctx->flow, ofp_port);
3583 xlate_nicira_action(struct action_xlate_ctx *ctx,
3584 const struct nx_action_header *nah)
3586 const struct nx_action_resubmit *nar;
3587 const struct nx_action_set_tunnel *nast;
3588 const struct nx_action_set_queue *nasq;
3589 const struct nx_action_multipath *nam;
3590 const struct nx_action_autopath *naa;
3591 enum nx_action_subtype subtype = ntohs(nah->subtype);
3592 struct xlate_reg_state state;
3595 assert(nah->vendor == htonl(NX_VENDOR_ID));
3597 case NXAST_RESUBMIT:
3598 nar = (const struct nx_action_resubmit *) nah;
3599 xlate_table_action(ctx, ofp_port_to_odp_port(ntohs(nar->in_port)));
3602 case NXAST_SET_TUNNEL:
3603 nast = (const struct nx_action_set_tunnel *) nah;
3604 tun_id = htonll(ntohl(nast->tun_id));
3605 nl_msg_put_be64(ctx->odp_actions, ODP_ACTION_ATTR_SET_TUNNEL, tun_id);
3606 ctx->flow.tun_id = tun_id;
3609 case NXAST_DROP_SPOOFED_ARP:
3610 if (ctx->flow.dl_type == htons(ETH_TYPE_ARP)) {
3611 nl_msg_put_flag(ctx->odp_actions,
3612 ODP_ACTION_ATTR_DROP_SPOOFED_ARP);
3616 case NXAST_SET_QUEUE:
3617 nasq = (const struct nx_action_set_queue *) nah;
3618 xlate_set_queue_action(ctx, nasq);
3621 case NXAST_POP_QUEUE:
3622 add_pop_action(ctx);
3625 case NXAST_REG_MOVE:
3626 save_reg_state(ctx, &state);
3627 nxm_execute_reg_move((const struct nx_action_reg_move *) nah,
3629 update_reg_state(ctx, &state);
3632 case NXAST_REG_LOAD:
3633 save_reg_state(ctx, &state);
3634 nxm_execute_reg_load((const struct nx_action_reg_load *) nah,
3636 update_reg_state(ctx, &state);
3640 /* Nothing to do. */
3643 case NXAST_SET_TUNNEL64:
3644 tun_id = ((const struct nx_action_set_tunnel64 *) nah)->tun_id;
3645 nl_msg_put_be64(ctx->odp_actions, ODP_ACTION_ATTR_SET_TUNNEL, tun_id);
3646 ctx->flow.tun_id = tun_id;
3649 case NXAST_MULTIPATH:
3650 nam = (const struct nx_action_multipath *) nah;
3651 multipath_execute(nam, &ctx->flow);
3654 case NXAST_AUTOPATH:
3655 naa = (const struct nx_action_autopath *) nah;
3656 xlate_autopath(ctx, naa);
3659 /* If you add a new action here that modifies flow data, don't forget to
3660 * update the flow key in ctx->flow at the same time. */
3662 case NXAST_SNAT__OBSOLETE:
3664 VLOG_DBG_RL(&rl, "unknown Nicira action type %d", (int) subtype);
3670 do_xlate_actions(const union ofp_action *in, size_t n_in,
3671 struct action_xlate_ctx *ctx)
3673 struct actions_iterator iter;
3674 const union ofp_action *ia;
3675 const struct ofport *port;
3677 port = get_port(ctx->ofproto, ctx->flow.in_port);
3678 if (port && port->opp.config & htonl(OFPPC_NO_RECV | OFPPC_NO_RECV_STP) &&
3679 port->opp.config & (eth_addr_equals(ctx->flow.dl_dst, eth_addr_stp)
3680 ? htonl(OFPPC_NO_RECV_STP)
3681 : htonl(OFPPC_NO_RECV))) {
3682 /* Drop this flow. */
3686 for (ia = actions_first(&iter, in, n_in); ia; ia = actions_next(&iter)) {
3687 enum ofp_action_type type = ntohs(ia->type);
3688 const struct ofp_action_dl_addr *oada;
3692 xlate_output_action(ctx, &ia->output);
3695 case OFPAT_SET_VLAN_VID:
3696 ctx->flow.vlan_tci &= ~htons(VLAN_VID_MASK);
3697 ctx->flow.vlan_tci |= ia->vlan_vid.vlan_vid | htons(VLAN_CFI);
3698 xlate_set_dl_tci(ctx);
3701 case OFPAT_SET_VLAN_PCP:
3702 ctx->flow.vlan_tci &= ~htons(VLAN_PCP_MASK);
3703 ctx->flow.vlan_tci |= htons(
3704 (ia->vlan_pcp.vlan_pcp << VLAN_PCP_SHIFT) | VLAN_CFI);
3705 xlate_set_dl_tci(ctx);
3708 case OFPAT_STRIP_VLAN:
3709 ctx->flow.vlan_tci = htons(0);
3710 xlate_set_dl_tci(ctx);
3713 case OFPAT_SET_DL_SRC:
3714 oada = ((struct ofp_action_dl_addr *) ia);
3715 nl_msg_put_unspec(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_SRC,
3716 oada->dl_addr, ETH_ADDR_LEN);
3717 memcpy(ctx->flow.dl_src, oada->dl_addr, ETH_ADDR_LEN);
3720 case OFPAT_SET_DL_DST:
3721 oada = ((struct ofp_action_dl_addr *) ia);
3722 nl_msg_put_unspec(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_DST,
3723 oada->dl_addr, ETH_ADDR_LEN);
3724 memcpy(ctx->flow.dl_dst, oada->dl_addr, ETH_ADDR_LEN);
3727 case OFPAT_SET_NW_SRC:
3728 nl_msg_put_be32(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_SRC,
3729 ia->nw_addr.nw_addr);
3730 ctx->flow.nw_src = ia->nw_addr.nw_addr;
3733 case OFPAT_SET_NW_DST:
3734 nl_msg_put_be32(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_DST,
3735 ia->nw_addr.nw_addr);
3736 ctx->flow.nw_dst = ia->nw_addr.nw_addr;
3739 case OFPAT_SET_NW_TOS:
3740 nl_msg_put_u8(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_TOS,
3742 ctx->flow.nw_tos = ia->nw_tos.nw_tos;
3745 case OFPAT_SET_TP_SRC:
3746 nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_TP_SRC,
3747 ia->tp_port.tp_port);
3748 ctx->flow.tp_src = ia->tp_port.tp_port;
3751 case OFPAT_SET_TP_DST:
3752 nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_TP_DST,
3753 ia->tp_port.tp_port);
3754 ctx->flow.tp_dst = ia->tp_port.tp_port;
3758 xlate_nicira_action(ctx, (const struct nx_action_header *) ia);
3762 xlate_enqueue_action(ctx, (const struct ofp_action_enqueue *) ia);
3766 VLOG_DBG_RL(&rl, "unknown action type %d", (int) type);
3773 action_xlate_ctx_init(struct action_xlate_ctx *ctx,
3774 struct ofproto *ofproto, const struct flow *flow,
3775 const struct ofpbuf *packet)
3777 ctx->ofproto = ofproto;
3779 ctx->packet = packet;
3780 ctx->resubmit_hook = NULL;
3781 ctx->check_special = true;
3785 ofproto_process_special(struct ofproto *ofproto, const struct flow *flow,
3786 const struct ofpbuf *packet)
3788 if (cfm_should_process_flow(flow)) {
3789 struct ofport *ofport = get_port(ofproto, flow->in_port);
3790 if (ofport && ofport->cfm) {
3791 cfm_process_heartbeat(ofport->cfm, packet);
3794 } else if (flow->dl_type == htons(ETH_TYPE_LACP)) {
3795 struct ofport *port = get_port(ofproto, flow->in_port);
3796 if (port && port->bundle && port->bundle->lacp) {
3797 const struct lacp_pdu *pdu = parse_lacp_packet(packet);
3799 lacp_process_pdu(port->bundle->lacp, port, pdu);
3807 static struct ofpbuf *
3808 xlate_actions(struct action_xlate_ctx *ctx,
3809 const union ofp_action *in, size_t n_in)
3811 COVERAGE_INC(ofproto_ofp2odp);
3813 ctx->odp_actions = ofpbuf_new(512);
3815 ctx->may_set_up_flow = true;
3816 ctx->nf_output_iface = NF_OUT_DROP;
3818 ctx->last_pop_priority = -1;
3820 if (ctx->check_special
3821 && ofproto_process_special(ctx->ofproto, &ctx->flow, ctx->packet)) {
3822 ctx->may_set_up_flow = false;
3824 do_xlate_actions(in, n_in, ctx);
3827 remove_pop_action(ctx);
3829 /* Check with in-band control to see if we're allowed to set up this
3831 if (!connmgr_may_set_up_flow(ctx->ofproto->connmgr, &ctx->flow,
3832 ctx->odp_actions->data,
3833 ctx->odp_actions->size)) {
3834 ctx->may_set_up_flow = false;
3837 return ctx->odp_actions;
3840 /* Checks whether 'ofconn' is a slave controller. If so, returns an OpenFlow
3841 * error message code (composed with ofp_mkerr()) for the caller to propagate
3842 * upward. Otherwise, returns 0.
3844 * The log message mentions 'msg_type'. */
3846 reject_slave_controller(struct ofconn *ofconn, const const char *msg_type)
3848 if (ofconn_get_type(ofconn) == OFCONN_PRIMARY
3849 && ofconn_get_role(ofconn) == NX_ROLE_SLAVE) {
3850 static struct vlog_rate_limit perm_rl = VLOG_RATE_LIMIT_INIT(1, 5);
3851 VLOG_WARN_RL(&perm_rl, "rejecting %s message from slave controller",
3854 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
3861 handle_packet_out(struct ofconn *ofconn, const struct ofp_header *oh)
3863 struct ofproto *p = ofconn_get_ofproto(ofconn);
3864 struct ofp_packet_out *opo;
3865 struct ofpbuf payload, *buffer;
3866 union ofp_action *ofp_actions;
3867 struct action_xlate_ctx ctx;
3868 struct ofpbuf *odp_actions;
3869 struct ofpbuf request;
3871 size_t n_ofp_actions;
3875 COVERAGE_INC(ofproto_packet_out);
3877 error = reject_slave_controller(ofconn, "OFPT_PACKET_OUT");
3882 /* Get ofp_packet_out. */
3883 ofpbuf_use_const(&request, oh, ntohs(oh->length));
3884 opo = ofpbuf_pull(&request, offsetof(struct ofp_packet_out, actions));
3887 error = ofputil_pull_actions(&request, ntohs(opo->actions_len),
3888 &ofp_actions, &n_ofp_actions);
3894 if (opo->buffer_id != htonl(UINT32_MAX)) {
3895 error = ofconn_pktbuf_retrieve(ofconn, ntohl(opo->buffer_id),
3897 if (error || !buffer) {
3906 /* Extract flow, check actions. */
3907 flow_extract(&payload, 0, ofp_port_to_odp_port(ntohs(opo->in_port)),
3909 error = validate_actions(ofp_actions, n_ofp_actions, &flow, p->max_ports);
3915 action_xlate_ctx_init(&ctx, p, &flow, &payload);
3916 odp_actions = xlate_actions(&ctx, ofp_actions, n_ofp_actions);
3917 dpif_execute(p->dpif, odp_actions->data, odp_actions->size, &payload);
3918 ofpbuf_delete(odp_actions);
3921 ofpbuf_delete(buffer);
3926 update_port_config(struct ofproto *p, struct ofport *port,
3927 ovs_be32 config, ovs_be32 mask)
3929 mask &= config ^ port->opp.config;
3930 if (mask & htonl(OFPPC_PORT_DOWN)) {
3931 if (config & htonl(OFPPC_PORT_DOWN)) {
3932 netdev_turn_flags_off(port->netdev, NETDEV_UP, true);
3934 netdev_turn_flags_on(port->netdev, NETDEV_UP, true);
3937 #define REVALIDATE_BITS (OFPPC_NO_RECV | OFPPC_NO_RECV_STP | \
3938 OFPPC_NO_FWD | OFPPC_NO_FLOOD)
3939 if (mask & htonl(REVALIDATE_BITS)) {
3940 COVERAGE_INC(ofproto_costly_flags);
3941 port->opp.config ^= mask & htonl(REVALIDATE_BITS);
3942 p->need_revalidate = true;
3944 #undef REVALIDATE_BITS
3945 if (mask & htonl(OFPPC_NO_PACKET_IN)) {
3946 port->opp.config ^= htonl(OFPPC_NO_PACKET_IN);
3951 handle_port_mod(struct ofconn *ofconn, const struct ofp_header *oh)
3953 struct ofproto *p = ofconn_get_ofproto(ofconn);
3954 const struct ofp_port_mod *opm = (const struct ofp_port_mod *) oh;
3955 struct ofport *port;
3958 error = reject_slave_controller(ofconn, "OFPT_PORT_MOD");
3963 port = get_port(p, ofp_port_to_odp_port(ntohs(opm->port_no)));
3965 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_PORT);
3966 } else if (memcmp(port->opp.hw_addr, opm->hw_addr, OFP_ETH_ALEN)) {
3967 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_HW_ADDR);
3969 update_port_config(p, port, opm->config, opm->mask);
3970 if (opm->advertise) {
3971 netdev_set_advertisements(port->netdev, ntohl(opm->advertise));
3977 static struct ofpbuf *
3978 make_ofp_stats_reply(ovs_be32 xid, ovs_be16 type, size_t body_len)
3980 struct ofp_stats_reply *osr;
3983 msg = ofpbuf_new(MIN(sizeof *osr + body_len, UINT16_MAX));
3984 osr = put_openflow_xid(sizeof *osr, OFPT_STATS_REPLY, xid, msg);
3986 osr->flags = htons(0);
3990 static struct ofpbuf *
3991 start_ofp_stats_reply(const struct ofp_header *request, size_t body_len)
3993 const struct ofp_stats_request *osr
3994 = (const struct ofp_stats_request *) request;
3995 return make_ofp_stats_reply(osr->header.xid, osr->type, body_len);
3999 append_ofp_stats_reply(size_t nbytes, struct ofconn *ofconn,
4000 struct ofpbuf **msgp)
4002 struct ofpbuf *msg = *msgp;
4003 assert(nbytes <= UINT16_MAX - sizeof(struct ofp_stats_reply));
4004 if (nbytes + msg->size > UINT16_MAX) {
4005 struct ofp_stats_reply *reply = msg->data;
4006 reply->flags = htons(OFPSF_REPLY_MORE);
4007 *msgp = make_ofp_stats_reply(reply->header.xid, reply->type, nbytes);
4008 ofconn_send_reply(ofconn, msg);
4010 return ofpbuf_put_uninit(*msgp, nbytes);
4013 static struct ofpbuf *
4014 make_nxstats_reply(ovs_be32 xid, ovs_be32 subtype, size_t body_len)
4016 struct nicira_stats_msg *nsm;
4019 msg = ofpbuf_new(MIN(sizeof *nsm + body_len, UINT16_MAX));
4020 nsm = put_openflow_xid(sizeof *nsm, OFPT_STATS_REPLY, xid, msg);
4021 nsm->type = htons(OFPST_VENDOR);
4022 nsm->flags = htons(0);
4023 nsm->vendor = htonl(NX_VENDOR_ID);
4024 nsm->subtype = subtype;
4028 static struct ofpbuf *
4029 start_nxstats_reply(const struct nicira_stats_msg *request, size_t body_len)
4031 return make_nxstats_reply(request->header.xid, request->subtype, body_len);
4035 append_nxstats_reply(size_t nbytes, struct ofconn *ofconn,
4036 struct ofpbuf **msgp)
4038 struct ofpbuf *msg = *msgp;
4039 assert(nbytes <= UINT16_MAX - sizeof(struct nicira_stats_msg));
4040 if (nbytes + msg->size > UINT16_MAX) {
4041 struct nicira_stats_msg *reply = msg->data;
4042 reply->flags = htons(OFPSF_REPLY_MORE);
4043 *msgp = make_nxstats_reply(reply->header.xid, reply->subtype, nbytes);
4044 ofconn_send_reply(ofconn, msg);
4046 ofpbuf_prealloc_tailroom(*msgp, nbytes);
4050 handle_desc_stats_request(struct ofconn *ofconn,
4051 const struct ofp_header *request)
4053 struct ofproto *p = ofconn_get_ofproto(ofconn);
4054 struct ofp_desc_stats *ods;
4057 msg = start_ofp_stats_reply(request, sizeof *ods);
4058 ods = append_ofp_stats_reply(sizeof *ods, ofconn, &msg);
4059 memset(ods, 0, sizeof *ods);
4060 ovs_strlcpy(ods->mfr_desc, p->mfr_desc, sizeof ods->mfr_desc);
4061 ovs_strlcpy(ods->hw_desc, p->hw_desc, sizeof ods->hw_desc);
4062 ovs_strlcpy(ods->sw_desc, p->sw_desc, sizeof ods->sw_desc);
4063 ovs_strlcpy(ods->serial_num, p->serial_desc, sizeof ods->serial_num);
4064 ovs_strlcpy(ods->dp_desc, p->dp_desc, sizeof ods->dp_desc);
4065 ofconn_send_reply(ofconn, msg);
4071 handle_table_stats_request(struct ofconn *ofconn,
4072 const struct ofp_header *request)
4074 struct ofproto *p = ofconn_get_ofproto(ofconn);
4075 struct ofp_table_stats *ots;
4078 msg = start_ofp_stats_reply(request, sizeof *ots * 2);
4080 /* Classifier table. */
4081 ots = append_ofp_stats_reply(sizeof *ots, ofconn, &msg);
4082 memset(ots, 0, sizeof *ots);
4083 strcpy(ots->name, "classifier");
4084 ots->wildcards = (ofconn_get_flow_format(ofconn) == NXFF_OPENFLOW10
4085 ? htonl(OFPFW_ALL) : htonl(OVSFW_ALL));
4086 ots->max_entries = htonl(1024 * 1024); /* An arbitrary big number. */
4087 ots->active_count = htonl(classifier_count(&p->cls));
4088 put_32aligned_be64(&ots->lookup_count, htonll(0)); /* XXX */
4089 put_32aligned_be64(&ots->matched_count, htonll(0)); /* XXX */
4091 ofconn_send_reply(ofconn, msg);
4096 append_port_stat(struct ofport *port, struct ofconn *ofconn,
4097 struct ofpbuf **msgp)
4099 struct netdev_stats stats;
4100 struct ofp_port_stats *ops;
4102 /* Intentionally ignore return value, since errors will set
4103 * 'stats' to all-1s, which is correct for OpenFlow, and
4104 * netdev_get_stats() will log errors. */
4105 netdev_get_stats(port->netdev, &stats);
4107 ops = append_ofp_stats_reply(sizeof *ops, ofconn, msgp);
4108 ops->port_no = port->opp.port_no;
4109 memset(ops->pad, 0, sizeof ops->pad);
4110 put_32aligned_be64(&ops->rx_packets, htonll(stats.rx_packets));
4111 put_32aligned_be64(&ops->tx_packets, htonll(stats.tx_packets));
4112 put_32aligned_be64(&ops->rx_bytes, htonll(stats.rx_bytes));
4113 put_32aligned_be64(&ops->tx_bytes, htonll(stats.tx_bytes));
4114 put_32aligned_be64(&ops->rx_dropped, htonll(stats.rx_dropped));
4115 put_32aligned_be64(&ops->tx_dropped, htonll(stats.tx_dropped));
4116 put_32aligned_be64(&ops->rx_errors, htonll(stats.rx_errors));
4117 put_32aligned_be64(&ops->tx_errors, htonll(stats.tx_errors));
4118 put_32aligned_be64(&ops->rx_frame_err, htonll(stats.rx_frame_errors));
4119 put_32aligned_be64(&ops->rx_over_err, htonll(stats.rx_over_errors));
4120 put_32aligned_be64(&ops->rx_crc_err, htonll(stats.rx_crc_errors));
4121 put_32aligned_be64(&ops->collisions, htonll(stats.collisions));
4125 handle_port_stats_request(struct ofconn *ofconn, const struct ofp_header *oh)
4127 struct ofproto *p = ofconn_get_ofproto(ofconn);
4128 const struct ofp_port_stats_request *psr = ofputil_stats_body(oh);
4129 struct ofp_port_stats *ops;
4131 struct ofport *port;
4133 msg = start_ofp_stats_reply(oh, sizeof *ops * 16);
4134 if (psr->port_no != htons(OFPP_NONE)) {
4135 port = get_port(p, ofp_port_to_odp_port(ntohs(psr->port_no)));
4137 append_port_stat(port, ofconn, &msg);
4140 HMAP_FOR_EACH (port, hmap_node, &p->ports) {
4141 append_port_stat(port, ofconn, &msg);
4145 ofconn_send_reply(ofconn, msg);
4150 calc_flow_duration__(long long int start, uint32_t *sec, uint32_t *nsec)
4152 long long int msecs = time_msec() - start;
4153 *sec = msecs / 1000;
4154 *nsec = (msecs % 1000) * (1000 * 1000);
4158 calc_flow_duration(long long int start, ovs_be32 *sec_be, ovs_be32 *nsec_be)
4162 calc_flow_duration__(start, &sec, &nsec);
4163 *sec_be = htonl(sec);
4164 *nsec_be = htonl(nsec);
4168 put_ofp_flow_stats(struct ofconn *ofconn, struct rule *rule,
4169 ovs_be16 out_port, struct ofpbuf **replyp)
4171 struct ofp_flow_stats *ofs;
4172 uint64_t packet_count, byte_count;
4174 size_t act_len, len;
4176 if (rule_is_hidden(rule) || !rule_has_out_port(rule, out_port)) {
4180 act_len = sizeof *rule->actions * rule->n_actions;
4181 len = offsetof(struct ofp_flow_stats, actions) + act_len;
4183 rule_get_stats(rule, &packet_count, &byte_count);
4185 ofs = append_ofp_stats_reply(len, ofconn, replyp);
4186 ofs->length = htons(len);
4189 ofputil_cls_rule_to_match(&rule->cr, ofconn_get_flow_format(ofconn),
4190 &ofs->match, rule->flow_cookie, &cookie);
4191 put_32aligned_be64(&ofs->cookie, cookie);
4192 calc_flow_duration(rule->created, &ofs->duration_sec, &ofs->duration_nsec);
4193 ofs->priority = htons(rule->cr.priority);
4194 ofs->idle_timeout = htons(rule->idle_timeout);
4195 ofs->hard_timeout = htons(rule->hard_timeout);
4196 memset(ofs->pad2, 0, sizeof ofs->pad2);
4197 put_32aligned_be64(&ofs->packet_count, htonll(packet_count));
4198 put_32aligned_be64(&ofs->byte_count, htonll(byte_count));
4199 if (rule->n_actions > 0) {
4200 memcpy(ofs->actions, rule->actions, act_len);
4205 is_valid_table(uint8_t table_id)
4207 if (table_id == 0 || table_id == 0xff) {
4210 /* It would probably be better to reply with an error but there doesn't
4211 * seem to be any appropriate value, so that might just be
4213 VLOG_WARN_RL(&rl, "controller asked for invalid table %"PRIu8,
4220 handle_flow_stats_request(struct ofconn *ofconn, const struct ofp_header *oh)
4222 const struct ofp_flow_stats_request *fsr = ofputil_stats_body(oh);
4223 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4224 struct ofpbuf *reply;
4226 COVERAGE_INC(ofproto_flows_req);
4227 reply = start_ofp_stats_reply(oh, 1024);
4228 if (is_valid_table(fsr->table_id)) {
4229 struct cls_cursor cursor;
4230 struct cls_rule target;
4233 ofputil_cls_rule_from_match(&fsr->match, 0, NXFF_OPENFLOW10, 0,
4235 cls_cursor_init(&cursor, &ofproto->cls, &target);
4236 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4237 put_ofp_flow_stats(ofconn, rule, fsr->out_port, &reply);
4240 ofconn_send_reply(ofconn, reply);
4246 put_nx_flow_stats(struct ofconn *ofconn, struct rule *rule,
4247 ovs_be16 out_port, struct ofpbuf **replyp)
4249 struct nx_flow_stats *nfs;
4250 uint64_t packet_count, byte_count;
4251 size_t act_len, start_len;
4252 struct ofpbuf *reply;
4254 if (rule_is_hidden(rule) || !rule_has_out_port(rule, out_port)) {
4258 rule_get_stats(rule, &packet_count, &byte_count);
4260 act_len = sizeof *rule->actions * rule->n_actions;
4262 append_nxstats_reply(sizeof *nfs + NXM_MAX_LEN + act_len, ofconn, replyp);
4263 start_len = (*replyp)->size;
4266 nfs = ofpbuf_put_uninit(reply, sizeof *nfs);
4269 calc_flow_duration(rule->created, &nfs->duration_sec, &nfs->duration_nsec);
4270 nfs->cookie = rule->flow_cookie;
4271 nfs->priority = htons(rule->cr.priority);
4272 nfs->idle_timeout = htons(rule->idle_timeout);
4273 nfs->hard_timeout = htons(rule->hard_timeout);
4274 nfs->match_len = htons(nx_put_match(reply, &rule->cr));
4275 memset(nfs->pad2, 0, sizeof nfs->pad2);
4276 nfs->packet_count = htonll(packet_count);
4277 nfs->byte_count = htonll(byte_count);
4278 if (rule->n_actions > 0) {
4279 ofpbuf_put(reply, rule->actions, act_len);
4281 nfs->length = htons(reply->size - start_len);
4285 handle_nxst_flow(struct ofconn *ofconn, const struct ofp_header *oh)
4287 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4288 struct nx_flow_stats_request *nfsr;
4289 struct cls_rule target;
4290 struct ofpbuf *reply;
4294 ofpbuf_use_const(&b, oh, ntohs(oh->length));
4296 /* Dissect the message. */
4297 nfsr = ofpbuf_pull(&b, sizeof *nfsr);
4298 error = nx_pull_match(&b, ntohs(nfsr->match_len), 0, &target);
4303 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
4306 COVERAGE_INC(ofproto_flows_req);
4307 reply = start_nxstats_reply(&nfsr->nsm, 1024);
4308 if (is_valid_table(nfsr->table_id)) {
4309 struct cls_cursor cursor;
4312 cls_cursor_init(&cursor, &ofproto->cls, &target);
4313 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4314 put_nx_flow_stats(ofconn, rule, nfsr->out_port, &reply);
4317 ofconn_send_reply(ofconn, reply);
4323 flow_stats_ds(struct rule *rule, struct ds *results)
4325 uint64_t packet_count, byte_count;
4326 size_t act_len = sizeof *rule->actions * rule->n_actions;
4328 rule_get_stats(rule, &packet_count, &byte_count);
4330 ds_put_format(results, "duration=%llds, ",
4331 (time_msec() - rule->created) / 1000);
4332 ds_put_format(results, "idle=%.3fs, ", (time_msec() - rule->used) / 1000.0);
4333 ds_put_format(results, "priority=%u, ", rule->cr.priority);
4334 ds_put_format(results, "n_packets=%"PRIu64", ", packet_count);
4335 ds_put_format(results, "n_bytes=%"PRIu64", ", byte_count);
4336 cls_rule_format(&rule->cr, results);
4337 ds_put_char(results, ',');
4339 ofp_print_actions(results, &rule->actions->header, act_len);
4341 ds_put_cstr(results, "drop");
4343 ds_put_cstr(results, "\n");
4346 /* Adds a pretty-printed description of all flows to 'results', including
4347 * hidden flows (e.g., set up by in-band control). */
4349 ofproto_get_all_flows(struct ofproto *p, struct ds *results)
4351 struct cls_cursor cursor;
4354 cls_cursor_init(&cursor, &p->cls, NULL);
4355 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4356 flow_stats_ds(rule, results);
4360 /* Obtains the NetFlow engine type and engine ID for 'ofproto' into
4361 * '*engine_type' and '*engine_id', respectively. */
4363 ofproto_get_netflow_ids(const struct ofproto *ofproto,
4364 uint8_t *engine_type, uint8_t *engine_id)
4366 dpif_get_netflow_ids(ofproto->dpif, engine_type, engine_id);
4370 query_aggregate_stats(struct ofproto *ofproto, struct cls_rule *target,
4371 ovs_be16 out_port, uint8_t table_id,
4372 struct ofp_aggregate_stats_reply *oasr)
4374 uint64_t total_packets = 0;
4375 uint64_t total_bytes = 0;
4378 COVERAGE_INC(ofproto_agg_request);
4380 if (is_valid_table(table_id)) {
4381 struct cls_cursor cursor;
4384 cls_cursor_init(&cursor, &ofproto->cls, target);
4385 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4386 if (!rule_is_hidden(rule) && rule_has_out_port(rule, out_port)) {
4387 uint64_t packet_count;
4388 uint64_t byte_count;
4390 rule_get_stats(rule, &packet_count, &byte_count);
4392 total_packets += packet_count;
4393 total_bytes += byte_count;
4399 oasr->flow_count = htonl(n_flows);
4400 put_32aligned_be64(&oasr->packet_count, htonll(total_packets));
4401 put_32aligned_be64(&oasr->byte_count, htonll(total_bytes));
4402 memset(oasr->pad, 0, sizeof oasr->pad);
4406 handle_aggregate_stats_request(struct ofconn *ofconn,
4407 const struct ofp_header *oh)
4409 const struct ofp_aggregate_stats_request *request = ofputil_stats_body(oh);
4410 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4411 struct ofp_aggregate_stats_reply *reply;
4412 struct cls_rule target;
4415 ofputil_cls_rule_from_match(&request->match, 0, NXFF_OPENFLOW10, 0,
4418 msg = start_ofp_stats_reply(oh, sizeof *reply);
4419 reply = append_ofp_stats_reply(sizeof *reply, ofconn, &msg);
4420 query_aggregate_stats(ofproto, &target, request->out_port,
4421 request->table_id, reply);
4422 ofconn_send_reply(ofconn, msg);
4427 handle_nxst_aggregate(struct ofconn *ofconn, const struct ofp_header *oh)
4429 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4430 struct nx_aggregate_stats_request *request;
4431 struct ofp_aggregate_stats_reply *reply;
4432 struct cls_rule target;
4437 ofpbuf_use_const(&b, oh, ntohs(oh->length));
4439 /* Dissect the message. */
4440 request = ofpbuf_pull(&b, sizeof *request);
4441 error = nx_pull_match(&b, ntohs(request->match_len), 0, &target);
4446 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
4450 COVERAGE_INC(ofproto_flows_req);
4451 buf = start_nxstats_reply(&request->nsm, sizeof *reply);
4452 reply = ofpbuf_put_uninit(buf, sizeof *reply);
4453 query_aggregate_stats(ofproto, &target, request->out_port,
4454 request->table_id, reply);
4455 ofconn_send_reply(ofconn, buf);
4460 struct queue_stats_cbdata {
4461 struct ofconn *ofconn;
4462 struct ofport *ofport;
4467 put_queue_stats(struct queue_stats_cbdata *cbdata, uint32_t queue_id,
4468 const struct netdev_queue_stats *stats)
4470 struct ofp_queue_stats *reply;
4472 reply = append_ofp_stats_reply(sizeof *reply, cbdata->ofconn, &cbdata->msg);
4473 reply->port_no = cbdata->ofport->opp.port_no;
4474 memset(reply->pad, 0, sizeof reply->pad);
4475 reply->queue_id = htonl(queue_id);
4476 put_32aligned_be64(&reply->tx_bytes, htonll(stats->tx_bytes));
4477 put_32aligned_be64(&reply->tx_packets, htonll(stats->tx_packets));
4478 put_32aligned_be64(&reply->tx_errors, htonll(stats->tx_errors));
4482 handle_queue_stats_dump_cb(uint32_t queue_id,
4483 struct netdev_queue_stats *stats,
4486 struct queue_stats_cbdata *cbdata = cbdata_;
4488 put_queue_stats(cbdata, queue_id, stats);
4492 handle_queue_stats_for_port(struct ofport *port, uint32_t queue_id,
4493 struct queue_stats_cbdata *cbdata)
4495 cbdata->ofport = port;
4496 if (queue_id == OFPQ_ALL) {
4497 netdev_dump_queue_stats(port->netdev,
4498 handle_queue_stats_dump_cb, cbdata);
4500 struct netdev_queue_stats stats;
4502 if (!netdev_get_queue_stats(port->netdev, queue_id, &stats)) {
4503 put_queue_stats(cbdata, queue_id, &stats);
4509 handle_queue_stats_request(struct ofconn *ofconn, const struct ofp_header *oh)
4511 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4512 const struct ofp_queue_stats_request *qsr;
4513 struct queue_stats_cbdata cbdata;
4514 struct ofport *port;
4515 unsigned int port_no;
4518 qsr = ofputil_stats_body(oh);
4520 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
4523 COVERAGE_INC(ofproto_queue_req);
4525 cbdata.ofconn = ofconn;
4526 cbdata.msg = start_ofp_stats_reply(oh, 128);
4528 port_no = ntohs(qsr->port_no);
4529 queue_id = ntohl(qsr->queue_id);
4530 if (port_no == OFPP_ALL) {
4531 HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) {
4532 handle_queue_stats_for_port(port, queue_id, &cbdata);
4534 } else if (port_no < ofproto->max_ports) {
4535 port = get_port(ofproto, ofp_port_to_odp_port(port_no));
4537 handle_queue_stats_for_port(port, queue_id, &cbdata);
4540 ofpbuf_delete(cbdata.msg);
4541 return ofp_mkerr(OFPET_QUEUE_OP_FAILED, OFPQOFC_BAD_PORT);
4543 ofconn_send_reply(ofconn, cbdata.msg);
4548 /* Updates 'facet''s used time. Caller is responsible for calling
4549 * facet_push_stats() to update the flows which 'facet' resubmits into. */
4551 facet_update_time(struct ofproto *ofproto, struct facet *facet,
4554 if (used > facet->used) {
4556 if (used > facet->rule->used) {
4557 facet->rule->used = used;
4559 netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, used);
4563 /* Folds the statistics from 'stats' into the counters in 'facet'.
4565 * Because of the meaning of a facet's counters, it only makes sense to do this
4566 * if 'stats' are not tracked in the datapath, that is, if 'stats' represents a
4567 * packet that was sent by hand or if it represents statistics that have been
4568 * cleared out of the datapath. */
4570 facet_update_stats(struct ofproto *ofproto, struct facet *facet,
4571 const struct dpif_flow_stats *stats)
4573 if (stats->n_packets || stats->used > facet->used) {
4574 facet_update_time(ofproto, facet, stats->used);
4575 facet->packet_count += stats->n_packets;
4576 facet->byte_count += stats->n_bytes;
4577 facet_push_stats(ofproto, facet);
4578 netflow_flow_update_flags(&facet->nf_flow, stats->tcp_flags);
4583 facet_push_stats(struct ofproto *ofproto, struct facet *facet)
4585 uint64_t rs_packets, rs_bytes;
4587 assert(facet->packet_count >= facet->rs_packet_count);
4588 assert(facet->byte_count >= facet->rs_byte_count);
4589 assert(facet->used >= facet->rs_used);
4591 rs_packets = facet->packet_count - facet->rs_packet_count;
4592 rs_bytes = facet->byte_count - facet->rs_byte_count;
4594 if (rs_packets || rs_bytes || facet->used > facet->rs_used) {
4595 facet->rs_packet_count = facet->packet_count;
4596 facet->rs_byte_count = facet->byte_count;
4597 facet->rs_used = facet->used;
4599 flow_push_stats(ofproto, facet->rule, &facet->flow,
4600 rs_packets, rs_bytes, facet->used);
4604 struct ofproto_push {
4605 struct action_xlate_ctx ctx;
4612 push_resubmit(struct action_xlate_ctx *ctx, struct rule *rule)
4614 struct ofproto_push *push = CONTAINER_OF(ctx, struct ofproto_push, ctx);
4617 rule->packet_count += push->packets;
4618 rule->byte_count += push->bytes;
4619 rule->used = MAX(push->used, rule->used);
4623 /* Pushes flow statistics to the rules which 'flow' resubmits into given
4624 * 'rule''s actions. */
4626 flow_push_stats(struct ofproto *ofproto, const struct rule *rule,
4627 struct flow *flow, uint64_t packets, uint64_t bytes,
4630 struct ofproto_push push;
4632 push.packets = packets;
4636 action_xlate_ctx_init(&push.ctx, ofproto, flow, NULL);
4637 push.ctx.resubmit_hook = push_resubmit;
4638 ofpbuf_delete(xlate_actions(&push.ctx, rule->actions, rule->n_actions));
4641 /* Implements OFPFC_ADD and the cases for OFPFC_MODIFY and OFPFC_MODIFY_STRICT
4642 * in which no matching flow already exists in the flow table.
4644 * Adds the flow specified by 'ofm', which is followed by 'n_actions'
4645 * ofp_actions, to the ofproto's flow table. Returns 0 on success or an
4646 * OpenFlow error code as encoded by ofp_mkerr() on failure.
4648 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
4651 add_flow(struct ofconn *ofconn, struct flow_mod *fm)
4653 struct ofproto *p = ofconn_get_ofproto(ofconn);
4654 struct ofpbuf *packet;
4659 if (fm->flags & OFPFF_CHECK_OVERLAP
4660 && classifier_rule_overlaps(&p->cls, &fm->cr)) {
4661 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_OVERLAP);
4665 if (fm->buffer_id != UINT32_MAX) {
4666 error = ofconn_pktbuf_retrieve(ofconn, fm->buffer_id,
4670 in_port = UINT16_MAX;
4673 rule = rule_create(&fm->cr, fm->actions, fm->n_actions,
4674 fm->idle_timeout, fm->hard_timeout, fm->cookie,
4675 fm->flags & OFPFF_SEND_FLOW_REM);
4676 rule_insert(p, rule);
4678 rule_execute(p, rule, in_port, packet);
4683 static struct rule *
4684 find_flow_strict(struct ofproto *p, const struct flow_mod *fm)
4686 return rule_from_cls_rule(classifier_find_rule_exactly(&p->cls, &fm->cr));
4690 send_buffered_packet(struct ofconn *ofconn,
4691 struct rule *rule, uint32_t buffer_id)
4693 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4694 struct ofpbuf *packet;
4698 if (buffer_id == UINT32_MAX) {
4702 error = ofconn_pktbuf_retrieve(ofconn, buffer_id, &packet, &in_port);
4707 rule_execute(ofproto, rule, in_port, packet);
4712 /* OFPFC_MODIFY and OFPFC_MODIFY_STRICT. */
4714 struct modify_flows_cbdata {
4715 struct ofproto *ofproto;
4716 const struct flow_mod *fm;
4720 static int modify_flow(struct ofproto *, const struct flow_mod *,
4723 /* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code as
4724 * encoded by ofp_mkerr() on failure.
4726 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
4729 modify_flows_loose(struct ofconn *ofconn, struct flow_mod *fm)
4731 struct ofproto *p = ofconn_get_ofproto(ofconn);
4732 struct rule *match = NULL;
4733 struct cls_cursor cursor;
4736 cls_cursor_init(&cursor, &p->cls, &fm->cr);
4737 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4738 if (!rule_is_hidden(rule)) {
4740 modify_flow(p, fm, rule);
4745 /* This credits the packet to whichever flow happened to match last.
4746 * That's weird. Maybe we should do a lookup for the flow that
4747 * actually matches the packet? Who knows. */
4748 send_buffered_packet(ofconn, match, fm->buffer_id);
4751 return add_flow(ofconn, fm);
4755 /* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error
4756 * code as encoded by ofp_mkerr() on failure.
4758 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
4761 modify_flow_strict(struct ofconn *ofconn, struct flow_mod *fm)
4763 struct ofproto *p = ofconn_get_ofproto(ofconn);
4764 struct rule *rule = find_flow_strict(p, fm);
4765 if (rule && !rule_is_hidden(rule)) {
4766 modify_flow(p, fm, rule);
4767 return send_buffered_packet(ofconn, rule, fm->buffer_id);
4769 return add_flow(ofconn, fm);
4773 /* Implements core of OFPFC_MODIFY and OFPFC_MODIFY_STRICT where 'rule' has
4774 * been identified as a flow in 'p''s flow table to be modified, by changing
4775 * the rule's actions to match those in 'ofm' (which is followed by 'n_actions'
4776 * ofp_action[] structures). */
4778 modify_flow(struct ofproto *p, const struct flow_mod *fm, struct rule *rule)
4780 size_t actions_len = fm->n_actions * sizeof *rule->actions;
4782 rule->flow_cookie = fm->cookie;
4784 /* If the actions are the same, do nothing. */
4785 if (fm->n_actions == rule->n_actions
4787 || !memcmp(fm->actions, rule->actions, actions_len))) {
4791 /* Replace actions. */
4792 free(rule->actions);
4793 rule->actions = fm->n_actions ? xmemdup(fm->actions, actions_len) : NULL;
4794 rule->n_actions = fm->n_actions;
4796 p->need_revalidate = true;
4801 /* OFPFC_DELETE implementation. */
4803 static void delete_flow(struct ofproto *, struct rule *, ovs_be16 out_port);
4805 /* Implements OFPFC_DELETE. */
4807 delete_flows_loose(struct ofproto *p, const struct flow_mod *fm)
4809 struct rule *rule, *next_rule;
4810 struct cls_cursor cursor;
4812 cls_cursor_init(&cursor, &p->cls, &fm->cr);
4813 CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) {
4814 delete_flow(p, rule, htons(fm->out_port));
4818 /* Implements OFPFC_DELETE_STRICT. */
4820 delete_flow_strict(struct ofproto *p, struct flow_mod *fm)
4822 struct rule *rule = find_flow_strict(p, fm);
4824 delete_flow(p, rule, htons(fm->out_port));
4828 /* Implements core of OFPFC_DELETE and OFPFC_DELETE_STRICT where 'rule' has
4829 * been identified as a flow to delete from 'p''s flow table, by deleting the
4830 * flow and sending out a OFPT_FLOW_REMOVED message to any interested
4833 * Will not delete 'rule' if it is hidden. Will delete 'rule' only if
4834 * 'out_port' is htons(OFPP_NONE) or if 'rule' actually outputs to the
4835 * specified 'out_port'. */
4837 delete_flow(struct ofproto *p, struct rule *rule, ovs_be16 out_port)
4839 if (rule_is_hidden(rule)) {
4843 if (out_port != htons(OFPP_NONE) && !rule_has_out_port(rule, out_port)) {
4847 rule_send_removed(p, rule, OFPRR_DELETE);
4848 rule_remove(p, rule);
4852 handle_flow_mod(struct ofconn *ofconn, const struct ofp_header *oh)
4854 struct ofproto *p = ofconn_get_ofproto(ofconn);
4858 error = reject_slave_controller(ofconn, "flow_mod");
4863 error = ofputil_decode_flow_mod(&fm, oh, ofconn_get_flow_format(ofconn));
4868 /* We do not support the emergency flow cache. It will hopefully get
4869 * dropped from OpenFlow in the near future. */
4870 if (fm.flags & OFPFF_EMERG) {
4871 /* There isn't a good fit for an error code, so just state that the
4872 * flow table is full. */
4873 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_ALL_TABLES_FULL);
4876 error = validate_actions(fm.actions, fm.n_actions,
4877 &fm.cr.flow, p->max_ports);
4882 switch (fm.command) {
4884 return add_flow(ofconn, &fm);
4887 return modify_flows_loose(ofconn, &fm);
4889 case OFPFC_MODIFY_STRICT:
4890 return modify_flow_strict(ofconn, &fm);
4893 delete_flows_loose(p, &fm);
4896 case OFPFC_DELETE_STRICT:
4897 delete_flow_strict(p, &fm);
4901 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_BAD_COMMAND);
4906 handle_tun_id_from_cookie(struct ofconn *ofconn, const struct ofp_header *oh)
4908 const struct nxt_tun_id_cookie *msg
4909 = (const struct nxt_tun_id_cookie *) oh;
4910 enum nx_flow_format flow_format;
4912 flow_format = msg->set ? NXFF_TUN_ID_FROM_COOKIE : NXFF_OPENFLOW10;
4913 ofconn_set_flow_format(ofconn, flow_format);
4919 handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh)
4921 struct nx_role_request *nrr = (struct nx_role_request *) oh;
4922 struct nx_role_request *reply;
4926 if (ofconn_get_type(ofconn) != OFCONN_PRIMARY) {
4927 VLOG_WARN_RL(&rl, "ignoring role request on service connection");
4928 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
4931 role = ntohl(nrr->role);
4932 if (role != NX_ROLE_OTHER && role != NX_ROLE_MASTER
4933 && role != NX_ROLE_SLAVE) {
4934 VLOG_WARN_RL(&rl, "received request for unknown role %"PRIu32, role);
4936 /* There's no good error code for this. */
4937 return ofp_mkerr(OFPET_BAD_REQUEST, -1);
4940 ofconn_set_role(ofconn, role);
4942 reply = make_nxmsg_xid(sizeof *reply, NXT_ROLE_REPLY, oh->xid, &buf);
4943 reply->role = htonl(role);
4944 ofconn_send_reply(ofconn, buf);
4950 handle_nxt_set_flow_format(struct ofconn *ofconn, const struct ofp_header *oh)
4952 const struct nxt_set_flow_format *msg
4953 = (const struct nxt_set_flow_format *) oh;
4956 format = ntohl(msg->format);
4957 if (format == NXFF_OPENFLOW10
4958 || format == NXFF_TUN_ID_FROM_COOKIE
4959 || format == NXFF_NXM) {
4960 ofconn_set_flow_format(ofconn, format);
4963 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
4968 handle_barrier_request(struct ofconn *ofconn, const struct ofp_header *oh)
4970 struct ofp_header *ob;
4973 /* Currently, everything executes synchronously, so we can just
4974 * immediately send the barrier reply. */
4975 ob = make_openflow_xid(sizeof *ob, OFPT_BARRIER_REPLY, oh->xid, &buf);
4976 ofconn_send_reply(ofconn, buf);
4981 handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg)
4983 const struct ofp_header *oh = msg->data;
4984 const struct ofputil_msg_type *type;
4987 error = ofputil_decode_msg_type(oh, &type);
4992 switch (ofputil_msg_type_code(type)) {
4993 /* OpenFlow requests. */
4994 case OFPUTIL_OFPT_ECHO_REQUEST:
4995 return handle_echo_request(ofconn, oh);
4997 case OFPUTIL_OFPT_FEATURES_REQUEST:
4998 return handle_features_request(ofconn, oh);
5000 case OFPUTIL_OFPT_GET_CONFIG_REQUEST:
5001 return handle_get_config_request(ofconn, oh);
5003 case OFPUTIL_OFPT_SET_CONFIG:
5004 return handle_set_config(ofconn, msg->data);
5006 case OFPUTIL_OFPT_PACKET_OUT:
5007 return handle_packet_out(ofconn, oh);
5009 case OFPUTIL_OFPT_PORT_MOD:
5010 return handle_port_mod(ofconn, oh);
5012 case OFPUTIL_OFPT_FLOW_MOD:
5013 return handle_flow_mod(ofconn, oh);
5015 case OFPUTIL_OFPT_BARRIER_REQUEST:
5016 return handle_barrier_request(ofconn, oh);
5018 /* OpenFlow replies. */
5019 case OFPUTIL_OFPT_ECHO_REPLY:
5022 /* Nicira extension requests. */
5023 case OFPUTIL_NXT_TUN_ID_FROM_COOKIE:
5024 return handle_tun_id_from_cookie(ofconn, oh);
5026 case OFPUTIL_NXT_ROLE_REQUEST:
5027 return handle_role_request(ofconn, oh);
5029 case OFPUTIL_NXT_SET_FLOW_FORMAT:
5030 return handle_nxt_set_flow_format(ofconn, oh);
5032 case OFPUTIL_NXT_FLOW_MOD:
5033 return handle_flow_mod(ofconn, oh);
5035 /* OpenFlow statistics requests. */
5036 case OFPUTIL_OFPST_DESC_REQUEST:
5037 return handle_desc_stats_request(ofconn, oh);
5039 case OFPUTIL_OFPST_FLOW_REQUEST:
5040 return handle_flow_stats_request(ofconn, oh);
5042 case OFPUTIL_OFPST_AGGREGATE_REQUEST:
5043 return handle_aggregate_stats_request(ofconn, oh);
5045 case OFPUTIL_OFPST_TABLE_REQUEST:
5046 return handle_table_stats_request(ofconn, oh);
5048 case OFPUTIL_OFPST_PORT_REQUEST:
5049 return handle_port_stats_request(ofconn, oh);
5051 case OFPUTIL_OFPST_QUEUE_REQUEST:
5052 return handle_queue_stats_request(ofconn, oh);
5054 /* Nicira extension statistics requests. */
5055 case OFPUTIL_NXST_FLOW_REQUEST:
5056 return handle_nxst_flow(ofconn, oh);
5058 case OFPUTIL_NXST_AGGREGATE_REQUEST:
5059 return handle_nxst_aggregate(ofconn, oh);
5061 case OFPUTIL_INVALID:
5062 case OFPUTIL_OFPT_HELLO:
5063 case OFPUTIL_OFPT_ERROR:
5064 case OFPUTIL_OFPT_FEATURES_REPLY:
5065 case OFPUTIL_OFPT_GET_CONFIG_REPLY:
5066 case OFPUTIL_OFPT_PACKET_IN:
5067 case OFPUTIL_OFPT_FLOW_REMOVED:
5068 case OFPUTIL_OFPT_PORT_STATUS:
5069 case OFPUTIL_OFPT_BARRIER_REPLY:
5070 case OFPUTIL_OFPT_QUEUE_GET_CONFIG_REQUEST:
5071 case OFPUTIL_OFPT_QUEUE_GET_CONFIG_REPLY:
5072 case OFPUTIL_OFPST_DESC_REPLY:
5073 case OFPUTIL_OFPST_FLOW_REPLY:
5074 case OFPUTIL_OFPST_QUEUE_REPLY:
5075 case OFPUTIL_OFPST_PORT_REPLY:
5076 case OFPUTIL_OFPST_TABLE_REPLY:
5077 case OFPUTIL_OFPST_AGGREGATE_REPLY:
5078 case OFPUTIL_NXT_ROLE_REPLY:
5079 case OFPUTIL_NXT_FLOW_REMOVED:
5080 case OFPUTIL_NXST_FLOW_REPLY:
5081 case OFPUTIL_NXST_AGGREGATE_REPLY:
5083 if (VLOG_IS_WARN_ENABLED()) {
5084 char *s = ofp_to_string(oh, ntohs(oh->length), 2);
5085 VLOG_DBG_RL(&rl, "OpenFlow message ignored: %s", s);
5088 if (oh->type == OFPT_STATS_REQUEST || oh->type == OFPT_STATS_REPLY) {
5089 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_STAT);
5091 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_TYPE);
5097 handle_openflow(struct ofconn *ofconn, struct ofpbuf *ofp_msg)
5099 int error = handle_openflow__(ofconn, ofp_msg);
5101 send_error_oh(ofconn, ofp_msg->data, error);
5103 COVERAGE_INC(ofproto_recv_openflow);
5107 handle_miss_upcall(struct ofproto *p, struct dpif_upcall *upcall)
5109 struct facet *facet;
5112 /* Obtain in_port and tun_id, at least. */
5113 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
5115 /* Set header pointers in 'flow'. */
5116 flow_extract(upcall->packet, flow.tun_id, flow.in_port, &flow);
5118 /* Handle 802.1ag and LACP. */
5119 if (ofproto_process_special(p, &flow, upcall->packet)) {
5120 ofpbuf_delete(upcall->packet);
5124 /* Check with in-band control to see if this packet should be sent
5125 * to the local port regardless of the flow table. */
5126 if (connmgr_msg_in_hook(p->connmgr, &flow, upcall->packet)) {
5127 ofproto_send_packet(p, ODPP_LOCAL, 0, upcall->packet);
5130 facet = facet_lookup_valid(p, &flow);
5132 struct rule *rule = rule_lookup(p, &flow);
5134 /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */
5135 struct ofport *port = get_port(p, flow.in_port);
5137 if (port->opp.config & htonl(OFPPC_NO_PACKET_IN)) {
5138 COVERAGE_INC(ofproto_no_packet_in);
5139 /* XXX install 'drop' flow entry */
5140 ofpbuf_delete(upcall->packet);
5144 VLOG_WARN_RL(&rl, "packet-in on unknown port %"PRIu16,
5148 COVERAGE_INC(ofproto_packet_in);
5149 send_packet_in(p, upcall, &flow, false);
5153 facet = facet_create(p, rule, &flow, upcall->packet);
5154 } else if (!facet->may_install) {
5155 /* The facet is not installable, that is, we need to process every
5156 * packet, so process the current packet's actions into 'facet'. */
5157 facet_make_actions(p, facet, upcall->packet);
5160 if (facet->rule->cr.priority == FAIL_OPEN_PRIORITY) {
5162 * Extra-special case for fail-open mode.
5164 * We are in fail-open mode and the packet matched the fail-open rule,
5165 * but we are connected to a controller too. We should send the packet
5166 * up to the controller in the hope that it will try to set up a flow
5167 * and thereby allow us to exit fail-open.
5169 * See the top-level comment in fail-open.c for more information.
5171 send_packet_in(p, upcall, &flow, true);
5174 facet_execute(p, facet, upcall->packet);
5175 facet_install(p, facet, false);
5179 handle_upcall(struct ofproto *p, struct dpif_upcall *upcall)
5183 switch (upcall->type) {
5184 case DPIF_UC_ACTION:
5185 COVERAGE_INC(ofproto_ctlr_action);
5186 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
5187 send_packet_in(p, upcall, &flow, false);
5190 case DPIF_UC_SAMPLE:
5192 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
5193 ofproto_sflow_received(p->sflow, upcall, &flow);
5195 ofpbuf_delete(upcall->packet);
5199 handle_miss_upcall(p, upcall);
5202 case DPIF_N_UC_TYPES:
5204 VLOG_WARN_RL(&rl, "upcall has unexpected type %"PRIu32, upcall->type);
5209 /* Flow expiration. */
5211 static int ofproto_dp_max_idle(const struct ofproto *);
5212 static void ofproto_update_stats(struct ofproto *);
5213 static void rule_expire(struct ofproto *, struct rule *);
5214 static void ofproto_expire_facets(struct ofproto *, int dp_max_idle);
5216 /* This function is called periodically by ofproto_run(). Its job is to
5217 * collect updates for the flows that have been installed into the datapath,
5218 * most importantly when they last were used, and then use that information to
5219 * expire flows that have not been used recently.
5221 * Returns the number of milliseconds after which it should be called again. */
5223 ofproto_expire(struct ofproto *ofproto)
5225 struct rule *rule, *next_rule;
5226 struct cls_cursor cursor;
5229 /* Update stats for each flow in the datapath. */
5230 ofproto_update_stats(ofproto);
5232 /* Expire facets that have been idle too long. */
5233 dp_max_idle = ofproto_dp_max_idle(ofproto);
5234 ofproto_expire_facets(ofproto, dp_max_idle);
5236 /* Expire OpenFlow flows whose idle_timeout or hard_timeout has passed. */
5237 cls_cursor_init(&cursor, &ofproto->cls, NULL);
5238 CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) {
5239 rule_expire(ofproto, rule);
5242 /* All outstanding data in existing flows has been accounted, so it's a
5243 * good time to do bond rebalancing. */
5244 if (ofproto->has_bonded_bundles) {
5245 struct ofbundle *bundle;
5247 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
5249 bond_rebalance(bundle->bond, &ofproto->revalidate_set);
5254 return MIN(dp_max_idle, 1000);
5257 /* Update 'packet_count', 'byte_count', and 'used' members of installed facets.
5259 * This function also pushes statistics updates to rules which each facet
5260 * resubmits into. Generally these statistics will be accurate. However, if a
5261 * facet changes the rule it resubmits into at some time in between
5262 * ofproto_update_stats() runs, it is possible that statistics accrued to the
5263 * old rule will be incorrectly attributed to the new rule. This could be
5264 * avoided by calling ofproto_update_stats() whenever rules are created or
5265 * deleted. However, the performance impact of making so many calls to the
5266 * datapath do not justify the benefit of having perfectly accurate statistics.
5269 ofproto_update_stats(struct ofproto *p)
5271 const struct dpif_flow_stats *stats;
5272 struct dpif_flow_dump dump;
5273 const struct nlattr *key;
5276 dpif_flow_dump_start(&dump, p->dpif);
5277 while (dpif_flow_dump_next(&dump, &key, &key_len, NULL, NULL, &stats)) {
5278 struct facet *facet;
5281 if (odp_flow_key_to_flow(key, key_len, &flow)) {
5285 odp_flow_key_format(key, key_len, &s);
5286 VLOG_WARN_RL(&rl, "failed to convert ODP flow key to flow: %s",
5292 facet = facet_find(p, &flow);
5294 if (facet && facet->installed) {
5296 if (stats->n_packets >= facet->dp_packet_count) {
5297 facet->packet_count += stats->n_packets - facet->dp_packet_count;
5299 VLOG_WARN_RL(&rl, "unexpected packet count from the datapath");
5302 if (stats->n_bytes >= facet->dp_byte_count) {
5303 facet->byte_count += stats->n_bytes - facet->dp_byte_count;
5305 VLOG_WARN_RL(&rl, "unexpected byte count from datapath");
5308 facet->dp_packet_count = stats->n_packets;
5309 facet->dp_byte_count = stats->n_bytes;
5311 facet_update_time(p, facet, stats->used);
5312 facet_account(p, facet, stats->n_bytes);
5313 facet_push_stats(p, facet);
5315 /* There's a flow in the datapath that we know nothing about.
5317 COVERAGE_INC(ofproto_unexpected_rule);
5318 dpif_flow_del(p->dpif, key, key_len, NULL);
5321 dpif_flow_dump_done(&dump);
5324 /* Calculates and returns the number of milliseconds of idle time after which
5325 * facets should expire from the datapath and we should fold their statistics
5326 * into their parent rules in userspace. */
5328 ofproto_dp_max_idle(const struct ofproto *ofproto)
5331 * Idle time histogram.
5333 * Most of the time a switch has a relatively small number of facets. When
5334 * this is the case we might as well keep statistics for all of them in
5335 * userspace and to cache them in the kernel datapath for performance as
5338 * As the number of facets increases, the memory required to maintain
5339 * statistics about them in userspace and in the kernel becomes
5340 * significant. However, with a large number of facets it is likely that
5341 * only a few of them are "heavy hitters" that consume a large amount of
5342 * bandwidth. At this point, only heavy hitters are worth caching in the
5343 * kernel and maintaining in userspaces; other facets we can discard.
5345 * The technique used to compute the idle time is to build a histogram with
5346 * N_BUCKETS buckets whose width is BUCKET_WIDTH msecs each. Each facet
5347 * that is installed in the kernel gets dropped in the appropriate bucket.
5348 * After the histogram has been built, we compute the cutoff so that only
5349 * the most-recently-used 1% of facets (but at least 1000 flows) are kept
5350 * cached. At least the most-recently-used bucket of facets is kept, so
5351 * actually an arbitrary number of facets can be kept in any given
5352 * expiration run (though the next run will delete most of those unless
5353 * they receive additional data).
5355 * This requires a second pass through the facets, in addition to the pass
5356 * made by ofproto_update_stats(), because the former function never looks
5357 * at uninstallable facets.
5359 enum { BUCKET_WIDTH = ROUND_UP(100, TIME_UPDATE_INTERVAL) };
5360 enum { N_BUCKETS = 5000 / BUCKET_WIDTH };
5361 int buckets[N_BUCKETS] = { 0 };
5362 struct facet *facet;
5367 total = hmap_count(&ofproto->facets);
5368 if (total <= 1000) {
5369 return N_BUCKETS * BUCKET_WIDTH;
5372 /* Build histogram. */
5374 HMAP_FOR_EACH (facet, hmap_node, &ofproto->facets) {
5375 long long int idle = now - facet->used;
5376 int bucket = (idle <= 0 ? 0
5377 : idle >= BUCKET_WIDTH * N_BUCKETS ? N_BUCKETS - 1
5378 : (unsigned int) idle / BUCKET_WIDTH);
5382 /* Find the first bucket whose flows should be expired. */
5383 for (bucket = 0; bucket < N_BUCKETS; bucket++) {
5384 if (buckets[bucket]) {
5387 subtotal += buckets[bucket++];
5388 } while (bucket < N_BUCKETS && subtotal < MAX(1000, total / 100));
5393 if (VLOG_IS_DBG_ENABLED()) {
5397 ds_put_cstr(&s, "keep");
5398 for (i = 0; i < N_BUCKETS; i++) {
5400 ds_put_cstr(&s, ", drop");
5403 ds_put_format(&s, " %d:%d", i * BUCKET_WIDTH, buckets[i]);
5406 VLOG_INFO("%s: %s (msec:count)", ofproto->name, ds_cstr(&s));
5410 return bucket * BUCKET_WIDTH;
5414 facet_active_timeout(struct ofproto *ofproto, struct facet *facet)
5416 if (ofproto->netflow && !facet_is_controller_flow(facet) &&
5417 netflow_active_timeout_expired(ofproto->netflow, &facet->nf_flow)) {
5418 struct ofexpired expired;
5420 if (facet->installed) {
5421 struct dpif_flow_stats stats;
5423 facet_put__(ofproto, facet, facet->actions, facet->actions_len,
5425 facet_update_stats(ofproto, facet, &stats);
5428 expired.flow = facet->flow;
5429 expired.packet_count = facet->packet_count;
5430 expired.byte_count = facet->byte_count;
5431 expired.used = facet->used;
5432 netflow_expire(ofproto->netflow, &facet->nf_flow, &expired);
5437 ofproto_expire_facets(struct ofproto *ofproto, int dp_max_idle)
5439 long long int cutoff = time_msec() - dp_max_idle;
5440 struct facet *facet, *next_facet;
5442 HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) {
5443 facet_active_timeout(ofproto, facet);
5444 if (facet->used < cutoff) {
5445 facet_remove(ofproto, facet);
5450 /* If 'rule' is an OpenFlow rule, that has expired according to OpenFlow rules,
5451 * then delete it entirely. */
5453 rule_expire(struct ofproto *ofproto, struct rule *rule)
5455 struct facet *facet, *next_facet;
5459 /* Has 'rule' expired? */
5461 if (rule->hard_timeout
5462 && now > rule->created + rule->hard_timeout * 1000) {
5463 reason = OFPRR_HARD_TIMEOUT;
5464 } else if (rule->idle_timeout && list_is_empty(&rule->facets)
5465 && now >rule->used + rule->idle_timeout * 1000) {
5466 reason = OFPRR_IDLE_TIMEOUT;
5471 COVERAGE_INC(ofproto_expired);
5473 /* Update stats. (This is a no-op if the rule expired due to an idle
5474 * timeout, because that only happens when the rule has no facets left.) */
5475 LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) {
5476 facet_remove(ofproto, facet);
5479 /* Get rid of the rule. */
5480 if (!rule_is_hidden(rule)) {
5481 rule_send_removed(ofproto, rule, reason);
5483 rule_remove(ofproto, rule);
5487 rule_send_removed(struct ofproto *p, struct rule *rule, uint8_t reason)
5489 struct ofputil_flow_removed fr;
5491 if (!rule->send_flow_removed) {
5496 fr.cookie = rule->flow_cookie;
5498 calc_flow_duration__(rule->created, &fr.duration_sec, &fr.duration_nsec);
5499 fr.idle_timeout = rule->idle_timeout;
5500 fr.packet_count = rule->packet_count;
5501 fr.byte_count = rule->byte_count;
5503 connmgr_send_flow_removed(p->connmgr, &fr);
5506 /* Obtains statistics for 'rule' and stores them in '*packets' and '*bytes'.
5507 * The returned statistics include statistics for all of 'rule''s facets. */
5509 rule_get_stats(const struct rule *rule, uint64_t *packets, uint64_t *bytes)
5512 struct facet *facet;
5514 /* Start from historical data for 'rule' itself that are no longer tracked
5515 * in facets. This counts, for example, facets that have expired. */
5516 p = rule->packet_count;
5517 b = rule->byte_count;
5519 /* Add any statistics that are tracked by facets. This includes
5520 * statistical data recently updated by ofproto_update_stats() as well as
5521 * stats for packets that were executed "by hand" via dpif_execute(). */
5522 LIST_FOR_EACH (facet, list_node, &rule->facets) {
5523 p += facet->packet_count;
5524 b += facet->byte_count;
5531 /* Given 'upcall', of type DPIF_UC_ACTION or DPIF_UC_MISS, sends an
5532 * OFPT_PACKET_IN message to each OpenFlow controller as necessary according to
5533 * their individual configurations.
5535 * If 'clone' is true, the caller retains ownership of 'upcall->packet'.
5536 * Otherwise, ownership is transferred to this function. */
5538 send_packet_in(struct ofproto *ofproto, struct dpif_upcall *upcall,
5539 const struct flow *flow, bool clone)
5541 struct ofputil_packet_in pin;
5543 pin.packet = upcall->packet;
5544 pin.in_port = odp_port_to_ofp_port(flow->in_port);
5545 pin.reason = upcall->type == DPIF_UC_MISS ? OFPR_NO_MATCH : OFPR_ACTION;
5546 pin.buffer_id = 0; /* not yet known */
5547 pin.send_len = upcall->userdata;
5548 connmgr_send_packet_in(ofproto->connmgr, upcall, flow,
5549 clone ? NULL : upcall->packet);
5553 pick_datapath_id(const struct ofproto *ofproto)
5555 const struct ofport *port;
5557 port = get_port(ofproto, ODPP_LOCAL);
5559 uint8_t ea[ETH_ADDR_LEN];
5562 error = netdev_get_etheraddr(port->netdev, ea);
5564 return eth_addr_to_uint64(ea);
5566 VLOG_WARN("could not get MAC address for %s (%s)",
5567 netdev_get_name(port->netdev), strerror(error));
5569 return ofproto->fallback_dpid;
5573 pick_fallback_dpid(void)
5575 uint8_t ea[ETH_ADDR_LEN];
5576 eth_addr_nicira_random(ea);
5577 return eth_addr_to_uint64(ea);
5580 static struct ofproto *
5581 ofproto_lookup(const char *name)
5583 struct ofproto *ofproto;
5585 HMAP_FOR_EACH_WITH_HASH (ofproto, hmap_node, hash_string(name, 0),
5587 if (!strcmp(ofproto->name, name)) {
5595 ofproto_unixctl_list(struct unixctl_conn *conn, const char *arg OVS_UNUSED,
5596 void *aux OVS_UNUSED)
5598 struct ofproto *ofproto;
5602 HMAP_FOR_EACH (ofproto, hmap_node, &all_ofprotos) {
5603 ds_put_format(&results, "%s\n", ofproto->name);
5605 unixctl_command_reply(conn, 200, ds_cstr(&results));
5606 ds_destroy(&results);
5609 struct ofproto_trace {
5610 struct action_xlate_ctx ctx;
5616 trace_format_rule(struct ds *result, int level, const struct rule *rule)
5618 ds_put_char_multiple(result, '\t', level);
5620 ds_put_cstr(result, "No match\n");
5624 ds_put_format(result, "Rule: cookie=%#"PRIx64" ",
5625 ntohll(rule->flow_cookie));
5626 cls_rule_format(&rule->cr, result);
5627 ds_put_char(result, '\n');
5629 ds_put_char_multiple(result, '\t', level);
5630 ds_put_cstr(result, "OpenFlow ");
5631 ofp_print_actions(result, (const struct ofp_action_header *) rule->actions,
5632 rule->n_actions * sizeof *rule->actions);
5633 ds_put_char(result, '\n');
5637 trace_format_flow(struct ds *result, int level, const char *title,
5638 struct ofproto_trace *trace)
5640 ds_put_char_multiple(result, '\t', level);
5641 ds_put_format(result, "%s: ", title);
5642 if (flow_equal(&trace->ctx.flow, &trace->flow)) {
5643 ds_put_cstr(result, "unchanged");
5645 flow_format(result, &trace->ctx.flow);
5646 trace->flow = trace->ctx.flow;
5648 ds_put_char(result, '\n');
5652 trace_resubmit(struct action_xlate_ctx *ctx, struct rule *rule)
5654 struct ofproto_trace *trace = CONTAINER_OF(ctx, struct ofproto_trace, ctx);
5655 struct ds *result = trace->result;
5657 ds_put_char(result, '\n');
5658 trace_format_flow(result, ctx->recurse + 1, "Resubmitted flow", trace);
5659 trace_format_rule(result, ctx->recurse + 1, rule);
5663 ofproto_unixctl_trace(struct unixctl_conn *conn, const char *args_,
5664 void *aux OVS_UNUSED)
5666 char *dpname, *in_port_s, *tun_id_s, *packet_s;
5667 char *args = xstrdup(args_);
5668 char *save_ptr = NULL;
5669 struct ofproto *ofproto;
5670 struct ofpbuf packet;
5678 ofpbuf_init(&packet, strlen(args) / 2);
5681 dpname = strtok_r(args, " ", &save_ptr);
5682 tun_id_s = strtok_r(NULL, " ", &save_ptr);
5683 in_port_s = strtok_r(NULL, " ", &save_ptr);
5684 packet_s = strtok_r(NULL, "", &save_ptr); /* Get entire rest of line. */
5685 if (!dpname || !in_port_s || !packet_s) {
5686 unixctl_command_reply(conn, 501, "Bad command syntax");
5690 ofproto = ofproto_lookup(dpname);
5692 unixctl_command_reply(conn, 501, "Unknown ofproto (use ofproto/list "
5697 tun_id = htonll(strtoull(tun_id_s, NULL, 0));
5698 in_port = ofp_port_to_odp_port(atoi(in_port_s));
5700 packet_s = ofpbuf_put_hex(&packet, packet_s, NULL);
5701 packet_s += strspn(packet_s, " ");
5702 if (*packet_s != '\0') {
5703 unixctl_command_reply(conn, 501, "Trailing garbage in command");
5706 if (packet.size < ETH_HEADER_LEN) {
5707 unixctl_command_reply(conn, 501, "Packet data too short for Ethernet");
5711 ds_put_cstr(&result, "Packet: ");
5712 s = ofp_packet_to_string(packet.data, packet.size, packet.size);
5713 ds_put_cstr(&result, s);
5716 flow_extract(&packet, tun_id, in_port, &flow);
5717 ds_put_cstr(&result, "Flow: ");
5718 flow_format(&result, &flow);
5719 ds_put_char(&result, '\n');
5721 rule = rule_lookup(ofproto, &flow);
5722 trace_format_rule(&result, 0, rule);
5724 struct ofproto_trace trace;
5725 struct ofpbuf *odp_actions;
5727 trace.result = &result;
5729 action_xlate_ctx_init(&trace.ctx, ofproto, &flow, &packet);
5730 trace.ctx.resubmit_hook = trace_resubmit;
5731 odp_actions = xlate_actions(&trace.ctx,
5732 rule->actions, rule->n_actions);
5734 ds_put_char(&result, '\n');
5735 trace_format_flow(&result, 0, "Final flow", &trace);
5736 ds_put_cstr(&result, "Datapath actions: ");
5737 format_odp_actions(&result, odp_actions->data, odp_actions->size);
5738 ofpbuf_delete(odp_actions);
5741 unixctl_command_reply(conn, 200, ds_cstr(&result));
5744 ds_destroy(&result);
5745 ofpbuf_uninit(&packet);
5750 ofproto_unixctl_fdb_show(struct unixctl_conn *conn,
5751 const char *args, void *aux OVS_UNUSED)
5753 struct ds ds = DS_EMPTY_INITIALIZER;
5754 const struct ofproto *ofproto;
5755 const struct mac_entry *e;
5757 ofproto = ofproto_lookup(args);
5759 unixctl_command_reply(conn, 501, "no such bridge");
5763 ds_put_cstr(&ds, " port VLAN MAC Age\n");
5764 LIST_FOR_EACH (e, lru_node, &ofproto->ml->lrus) {
5765 struct ofbundle *bundle = e->port.p;
5766 ds_put_format(&ds, "%5d %4d "ETH_ADDR_FMT" %3d\n",
5767 ofbundle_get_a_port(bundle)->odp_port,
5768 e->vlan, ETH_ADDR_ARGS(e->mac), mac_entry_age(e));
5770 unixctl_command_reply(conn, 200, ds_cstr(&ds));
5775 ofproto_unixctl_init(void)
5777 static bool registered;
5783 unixctl_command_register("ofproto/list", ofproto_unixctl_list, NULL);
5784 unixctl_command_register("ofproto/trace", ofproto_unixctl_trace, NULL);
5785 unixctl_command_register("fdb/show", ofproto_unixctl_fdb_show, NULL);