1 /* Copyright (c) 2008 The Board of Trustees of The Leland Stanford
4 * We are making the OpenFlow specification and associated documentation
5 * (Software) available for public use and benefit with the expectation
6 * that others will use, modify and enhance the Software and contribute
7 * those enhancements back to the community. However, since we would
8 * like to make the Software available for broadest use, with as few
9 * restrictions as possible permission is hereby granted, free of
10 * charge, to any person obtaining a copy of this Software to deal in
11 * the Software under the copyrights without restriction, including
12 * without limitation the rights to use, copy, modify, merge, publish,
13 * distribute, sublicense, and/or sell copies of the Software, and to
14 * permit persons to whom the Software is furnished to do so, subject to
15 * the following conditions:
17 * The above copyright notice and this permission notice shall be
18 * included in all copies or substantial portions of the Software.
20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
24 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
25 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
26 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
29 * The name and trademarks of copyright holder(s) may NOT be used in
30 * advertising or publicity pertaining to the Software or any
31 * derivatives without specific, written prior permission.
36 #include <arpa/inet.h>
41 #include "mac-learning.h"
44 #include "openflow/openflow.h"
46 #include "port-watcher.h"
53 #define THIS_MODULE VLM_in_band
57 const struct settings *s;
58 struct mac_learning *ml;
59 struct netdev *of_device;
60 struct rconn *controller;
64 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(60, 60);
67 queue_tx(struct rconn *rc, struct in_band_data *in_band, struct ofpbuf *b)
69 rconn_send_with_limit(rc, b, &in_band->n_queued, 10);
72 static const uint8_t *
73 get_controller_mac(struct in_band_data *in_band)
75 static uint32_t ip, last_nonzero_ip;
76 static uint8_t mac[ETH_ADDR_LEN], last_nonzero_mac[ETH_ADDR_LEN];
77 static time_t next_refresh = 0;
79 uint32_t last_ip = ip;
81 time_t now = time_now();
83 ip = rconn_get_ip(in_band->controller);
84 if (last_ip != ip || !next_refresh || now >= next_refresh) {
87 /* Look up MAC address. */
88 memset(mac, 0, sizeof mac);
89 if (ip && in_band->of_device) {
90 int retval = netdev_arp_lookup(in_band->of_device, ip, mac);
92 VLOG_DBG_RL(&rl, "cannot look up controller hw address "
93 "("IP_FMT"): %s", IP_ARGS(&ip), strerror(retval));
96 have_mac = !eth_addr_is_zero(mac);
98 /* Log changes in IP, MAC addresses. */
99 if (ip && ip != last_nonzero_ip) {
100 VLOG_DBG("controller IP address changed from "IP_FMT
101 " to "IP_FMT, IP_ARGS(&last_nonzero_ip), IP_ARGS(&ip));
102 last_nonzero_ip = ip;
104 if (have_mac && memcmp(last_nonzero_mac, mac, ETH_ADDR_LEN)) {
105 VLOG_DBG("controller MAC address changed from "ETH_ADDR_FMT" to "
107 ETH_ADDR_ARGS(last_nonzero_mac), ETH_ADDR_ARGS(mac));
108 memcpy(last_nonzero_mac, mac, ETH_ADDR_LEN);
111 /* Schedule next refresh.
113 * If we have an IP address but not a MAC address, then refresh
114 * quickly, since we probably will get a MAC address soon (via ARP).
115 * Otherwise, we can afford to wait a little while. */
116 next_refresh = now + (!ip || have_mac ? 10 : 1);
118 return !eth_addr_is_zero(mac) ? mac : NULL;
122 is_controller_mac(const uint8_t dl_addr[ETH_ADDR_LEN],
123 struct in_band_data *in_band)
125 const uint8_t *mac = get_controller_mac(in_band);
126 return mac && eth_addr_equals(mac, dl_addr);
130 in_band_learn_mac(struct in_band_data *in_band,
131 uint16_t in_port, const uint8_t src_mac[ETH_ADDR_LEN])
133 if (mac_learning_learn(in_band->ml, src_mac, in_port)) {
134 VLOG_DBG_RL(&rl, "learned that "ETH_ADDR_FMT" is on port %"PRIu16,
135 ETH_ADDR_ARGS(src_mac), in_port);
140 in_band_local_packet_cb(struct relay *r, void *in_band_)
142 struct in_band_data *in_band = in_band_;
143 struct rconn *rc = r->halves[HALF_LOCAL].rconn;
144 struct ofp_packet_in *opi;
145 struct eth_header *eth;
146 struct ofpbuf payload;
151 if (!get_ofp_packet_eth_header(r, &opi, ð) || !in_band->of_device) {
154 in_port = ntohs(opi->in_port);
155 get_ofp_packet_payload(opi, &payload);
156 flow_extract(&payload, in_port, &flow);
158 /* Deal with local stuff. */
159 if (in_port == OFPP_LOCAL) {
160 /* Sent by secure channel. */
161 out_port = mac_learning_lookup(in_band->ml, eth->eth_dst);
162 } else if (eth_addr_equals(eth->eth_dst,
163 netdev_get_etheraddr(in_band->of_device))) {
164 /* Sent to secure channel. */
165 out_port = OFPP_LOCAL;
166 in_band_learn_mac(in_band, in_port, eth->eth_src);
167 } else if (eth->eth_type == htons(ETH_TYPE_ARP)
168 && eth_addr_is_broadcast(eth->eth_dst)
169 && is_controller_mac(eth->eth_src, in_band)) {
170 /* ARP sent by controller. */
171 out_port = OFPP_FLOOD;
172 } else if ((is_controller_mac(eth->eth_dst, in_band)
173 || is_controller_mac(eth->eth_src, in_band))
174 && flow.dl_type == htons(ETH_TYPE_IP)
175 && flow.nw_proto == IP_TYPE_TCP
176 && (flow.tp_src == htons(OFP_TCP_PORT)
177 || flow.tp_src == htons(OFP_SSL_PORT)
178 || flow.tp_dst == htons(OFP_TCP_PORT)
179 || flow.tp_dst == htons(OFP_SSL_PORT))) {
180 /* Traffic to or from controller. Switch it by hand. */
181 in_band_learn_mac(in_band, in_port, eth->eth_src);
182 out_port = mac_learning_lookup(in_band->ml, eth->eth_dst);
184 const uint8_t *controller_mac;
185 controller_mac = get_controller_mac(in_band);
186 if (eth->eth_type == htons(ETH_TYPE_ARP)
187 && eth_addr_is_broadcast(eth->eth_dst)
188 && is_controller_mac(eth->eth_src, in_band)) {
189 /* ARP sent by controller. */
190 out_port = OFPP_FLOOD;
191 } else if (is_controller_mac(eth->eth_dst, in_band)
192 && in_port == mac_learning_lookup(in_band->ml,
194 /* Drop controller traffic that arrives on the controller port. */
201 if (in_port == out_port) {
202 /* The input and output port match. Set up a flow to drop packets. */
203 queue_tx(rc, in_band, make_add_flow(&flow, ntohl(opi->buffer_id),
204 in_band->s->max_idle, 0));
205 } else if (out_port != OFPP_FLOOD) {
206 /* The output port is known, so add a new flow. */
207 queue_tx(rc, in_band,
208 make_add_simple_flow(&flow, ntohl(opi->buffer_id),
209 out_port, in_band->s->max_idle));
211 /* If the switch didn't buffer the packet, we need to send a copy. */
212 if (ntohl(opi->buffer_id) == UINT32_MAX) {
213 queue_tx(rc, in_band,
214 make_unbuffered_packet_out(&payload, in_port, out_port));
217 /* We don't know that MAC. Send along the packet without setting up a
220 if (ntohl(opi->buffer_id) == UINT32_MAX) {
221 b = make_unbuffered_packet_out(&payload, in_port, out_port);
223 b = make_buffered_packet_out(ntohl(opi->buffer_id),
226 queue_tx(rc, in_band, b);
232 in_band_status_cb(struct status_reply *sr, void *in_band_)
234 struct in_band_data *in_band = in_band_;
235 struct in_addr local_ip;
236 uint32_t controller_ip;
237 const uint8_t *controller_mac;
239 if (in_band->of_device) {
240 const uint8_t *mac = netdev_get_etheraddr(in_band->of_device);
241 if (netdev_get_in4(in_band->of_device, &local_ip)) {
242 status_reply_put(sr, "local-ip="IP_FMT, IP_ARGS(&local_ip.s_addr));
244 status_reply_put(sr, "local-mac="ETH_ADDR_FMT, ETH_ADDR_ARGS(mac));
246 controller_ip = rconn_get_ip(in_band->controller);
248 status_reply_put(sr, "controller-ip="IP_FMT,
249 IP_ARGS(&controller_ip));
251 controller_mac = get_controller_mac(in_band);
252 if (controller_mac) {
253 status_reply_put(sr, "controller-mac="ETH_ADDR_FMT,
254 ETH_ADDR_ARGS(controller_mac));
260 get_ofp_packet_payload(struct ofp_packet_in *opi, struct ofpbuf *payload)
262 payload->data = opi->data;
263 payload->size = ntohs(opi->header.length) - offsetof(struct ofp_packet_in,
268 in_band_local_port_cb(const struct ofp_phy_port *port, void *in_band_)
270 struct in_band_data *in_band = in_band_;
272 char name[sizeof port->name + 1];
273 get_port_name(port, name, sizeof name);
275 if (!in_band->of_device
276 || strcmp(netdev_get_name(in_band->of_device), name))
279 netdev_close(in_band->of_device);
280 error = netdev_open(name, NETDEV_ETH_TYPE_NONE,
281 &in_band->of_device);
283 VLOG_ERR("failed to open in-band control network device "
284 "\"%s\": %s", name, strerror(errno));
288 netdev_close(in_band->of_device);
289 in_band->of_device = NULL;
293 static struct hook_class in_band_hook_class = {
294 in_band_local_packet_cb, /* local_packet_cb */
295 NULL, /* remote_packet_cb */
296 NULL, /* periodic_cb */
298 NULL, /* closing_cb */
302 in_band_start(struct secchan *secchan,
303 const struct settings *s, struct switch_status *ss,
304 struct port_watcher *pw, struct rconn *remote)
306 struct in_band_data *in_band;
308 in_band = xcalloc(1, sizeof *in_band);
310 in_band->ml = mac_learning_create();
311 in_band->of_device = NULL;
312 in_band->controller = remote;
313 switch_status_register_category(ss, "in-band", in_band_status_cb, in_band);
314 port_watcher_register_local_port_callback(pw, in_band_local_port_cb,
316 add_hook(secchan, &in_band_hook_class, in_band);