1 /* Copyright (c) 2008, 2009, 2010, 2011 Nicira Networks
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
18 #include "byte-order.h"
21 #include <arpa/inet.h>
24 #include <sys/socket.h>
26 #include <openflow/openflow.h>
31 #include <sys/socket.h>
32 #include <sys/types.h>
36 #include "classifier.h"
41 #include "dynamic-string.h"
48 #include "mac-learning.h"
52 #include "ofp-print.h"
54 #include "ofproto/netflow.h"
55 #include "ofproto/ofproto.h"
56 #include "ovsdb-data.h"
58 #include "poll-loop.h"
62 #include "socket-util.h"
63 #include "stream-ssl.h"
65 #include "system-stats.h"
70 #include "vswitchd/vswitch-idl.h"
71 #include "xenserver.h"
73 #include "sflow_api.h"
75 VLOG_DEFINE_THIS_MODULE(bridge);
77 COVERAGE_DEFINE(bridge_flush);
78 COVERAGE_DEFINE(bridge_process_flow);
79 COVERAGE_DEFINE(bridge_process_cfm);
80 COVERAGE_DEFINE(bridge_process_lacp);
81 COVERAGE_DEFINE(bridge_reconfigure);
82 COVERAGE_DEFINE(bridge_lacp_update);
90 struct dst builtin[32];
95 static void dst_set_init(struct dst_set *);
96 static void dst_set_add(struct dst_set *, const struct dst *);
97 static void dst_set_free(struct dst_set *);
100 /* These members are always valid. */
101 struct port *port; /* Containing port. */
102 size_t port_ifidx; /* Index within containing port. */
103 char *name; /* Host network device name. */
104 tag_type tag; /* Tag associated with this interface. */
105 long long delay_expires; /* Time after which 'enabled' may change. */
107 /* These members are valid only after bridge_reconfigure() causes them to
109 struct hmap_node dp_ifidx_node; /* In struct bridge's "ifaces" hmap. */
110 int dp_ifidx; /* Index within kernel datapath. */
111 struct netdev *netdev; /* Network device. */
112 bool enabled; /* May be chosen for flows? */
113 bool up; /* Is the interface up? */
114 const char *type; /* Usually same as cfg->type. */
115 struct cfm *cfm; /* Connectivity Fault Management */
116 const struct ovsrec_interface *cfg;
118 /* LACP information. */
119 uint16_t lacp_priority; /* LACP port priority. */
122 #define BOND_MASK 0xff
124 int iface_idx; /* Index of assigned iface, or -1 if none. */
125 uint64_t tx_bytes; /* Count of bytes recently transmitted. */
126 tag_type iface_tag; /* Tag associated with iface_idx. */
130 BM_TCP, /* Transport Layer Load Balance. */
131 BM_SLB, /* Source Load Balance. */
132 BM_AB /* Active Backup. */
135 #define MAX_MIRRORS 32
136 typedef uint32_t mirror_mask_t;
137 #define MIRROR_MASK_C(X) UINT32_C(X)
138 BUILD_ASSERT_DECL(sizeof(mirror_mask_t) * CHAR_BIT >= MAX_MIRRORS);
140 struct bridge *bridge;
143 struct uuid uuid; /* UUID of this "mirror" record in database. */
145 /* Selection criteria. */
146 struct shash src_ports; /* Name is port name; data is always NULL. */
147 struct shash dst_ports; /* Name is port name; data is always NULL. */
152 struct port *out_port;
156 #define FLOOD_PORT ((struct port *) 1) /* The 'flood' output port. */
158 struct bridge *bridge;
160 int vlan; /* -1=trunk port, else a 12-bit VLAN ID. */
161 unsigned long *trunks; /* Bitmap of trunked VLANs, if 'vlan' == -1.
162 * NULL if all VLANs are trunked. */
163 const struct ovsrec_port *cfg;
167 struct netdev_monitor *monitor; /* Tracks carrier. NULL if miimon. */
168 long long int miimon_interval; /* Miimon status refresh interval. */
169 long long int miimon_next_update; /* Time of next miimon update. */
171 /* An ordinary bridge port has 1 interface.
172 * A bridge port for bonding has at least 2 interfaces. */
173 struct iface **ifaces;
174 size_t n_ifaces, allocated_ifaces;
177 enum bond_mode bond_mode; /* Type of the bond. BM_SLB is the default. */
178 int active_iface; /* Ifidx on which bcasts accepted, or -1. */
179 tag_type active_iface_tag; /* Tag for bcast flows. */
180 tag_type no_ifaces_tag; /* Tag for flows when all ifaces disabled. */
181 int updelay, downdelay; /* Delay before iface goes up/down, in ms. */
182 bool bond_fake_iface; /* Fake a bond interface for legacy compat? */
183 long long int bond_next_fake_iface_update; /* Time of next update. */
185 /* LACP information. */
186 struct lacp *lacp; /* LACP object. NULL if LACP is disabled. */
187 bool lacp_active; /* True if LACP is active */
188 uint16_t lacp_priority; /* LACP system priority. */
190 /* SLB specific bonding info. */
191 struct bond_entry *bond_hash; /* An array of (BOND_MASK + 1) elements. */
192 int bond_rebalance_interval; /* Interval between rebalances, in ms. */
193 long long int bond_next_rebalance; /* Next rebalancing time. */
195 /* Port mirroring info. */
196 mirror_mask_t src_mirrors; /* Mirrors triggered when packet received. */
197 mirror_mask_t dst_mirrors; /* Mirrors triggered when packet sent. */
198 bool is_mirror_output_port; /* Does port mirroring send frames here? */
202 struct list node; /* Node in global list of bridges. */
203 char *name; /* User-specified arbitrary name. */
204 struct mac_learning *ml; /* MAC learning table. */
205 uint8_t ea[ETH_ADDR_LEN]; /* Bridge Ethernet Address. */
206 uint8_t default_ea[ETH_ADDR_LEN]; /* Default MAC. */
207 const struct ovsrec_bridge *cfg;
209 /* OpenFlow switch processing. */
210 struct ofproto *ofproto; /* OpenFlow switch. */
212 /* Kernel datapath information. */
213 struct dpif *dpif; /* Datapath. */
214 struct hmap ifaces; /* Contains "struct iface"s. */
218 size_t n_ports, allocated_ports;
219 struct shash iface_by_name; /* "struct iface"s indexed by name. */
220 struct shash port_by_name; /* "struct port"s indexed by name. */
223 bool has_bonded_ports;
228 /* Port mirroring. */
229 struct mirror *mirrors[MAX_MIRRORS];
232 /* List of all bridges. */
233 static struct list all_bridges = LIST_INITIALIZER(&all_bridges);
235 /* OVSDB IDL used to obtain configuration. */
236 static struct ovsdb_idl *idl;
238 /* Each time this timer expires, the bridge fetches systems and interface
239 * statistics and pushes them into the database. */
240 #define STATS_INTERVAL (5 * 1000) /* In milliseconds. */
241 static long long int stats_timer = LLONG_MIN;
243 static struct bridge *bridge_create(const struct ovsrec_bridge *br_cfg);
244 static void bridge_destroy(struct bridge *);
245 static struct bridge *bridge_lookup(const char *name);
246 static unixctl_cb_func bridge_unixctl_dump_flows;
247 static unixctl_cb_func bridge_unixctl_reconnect;
248 static int bridge_run_one(struct bridge *);
249 static size_t bridge_get_controllers(const struct bridge *br,
250 struct ovsrec_controller ***controllersp);
251 static void bridge_reconfigure_one(struct bridge *);
252 static void bridge_reconfigure_remotes(struct bridge *,
253 const struct sockaddr_in *managers,
255 static void bridge_get_all_ifaces(const struct bridge *, struct shash *ifaces);
256 static void bridge_fetch_dp_ifaces(struct bridge *);
257 static void bridge_flush(struct bridge *);
258 static void bridge_pick_local_hw_addr(struct bridge *,
259 uint8_t ea[ETH_ADDR_LEN],
260 struct iface **hw_addr_iface);
261 static uint64_t bridge_pick_datapath_id(struct bridge *,
262 const uint8_t bridge_ea[ETH_ADDR_LEN],
263 struct iface *hw_addr_iface);
264 static struct iface *bridge_get_local_iface(struct bridge *);
265 static uint64_t dpid_from_hash(const void *, size_t nbytes);
267 static unixctl_cb_func bridge_unixctl_fdb_show;
268 static unixctl_cb_func qos_unixctl_show;
270 static void bond_init(void);
271 static void bond_run(struct port *);
272 static void bond_wait(struct port *);
273 static void bond_rebalance_port(struct port *);
274 static void bond_send_learning_packets(struct port *);
275 static void bond_enable_slave(struct iface *iface, bool enable);
277 static void port_run(struct port *);
278 static void port_wait(struct port *);
279 static struct port *port_create(struct bridge *, const char *name);
280 static void port_reconfigure(struct port *, const struct ovsrec_port *);
281 static void port_del_ifaces(struct port *, const struct ovsrec_port *);
282 static void port_destroy(struct port *);
283 static struct port *port_lookup(const struct bridge *, const char *name);
284 static struct iface *port_lookup_iface(const struct port *, const char *name);
285 static struct port *port_from_dp_ifidx(const struct bridge *,
287 static void port_update_bonding(struct port *);
288 static void port_update_lacp(struct port *);
290 static void mirror_create(struct bridge *, struct ovsrec_mirror *);
291 static void mirror_destroy(struct mirror *);
292 static void mirror_reconfigure(struct bridge *);
293 static void mirror_reconfigure_one(struct mirror *, struct ovsrec_mirror *);
294 static bool vlan_is_mirrored(const struct mirror *, int vlan);
296 static struct iface *iface_create(struct port *port,
297 const struct ovsrec_interface *if_cfg);
298 static void iface_destroy(struct iface *);
299 static struct iface *iface_lookup(const struct bridge *, const char *name);
300 static struct iface *iface_find(const char *name);
301 static struct iface *iface_from_dp_ifidx(const struct bridge *,
303 static void iface_set_mac(struct iface *);
304 static void iface_set_ofport(const struct ovsrec_interface *, int64_t ofport);
305 static void iface_update_qos(struct iface *, const struct ovsrec_qos *);
306 static void iface_update_cfm(struct iface *);
307 static void iface_refresh_cfm_stats(struct iface *iface);
308 static void iface_send_packet(struct iface *, struct ofpbuf *packet);
309 static void iface_update_carrier(struct iface *, bool carrier);
311 static void shash_from_ovs_idl_map(char **keys, char **values, size_t n,
313 static void shash_to_ovs_idl_map(struct shash *,
314 char ***keys, char ***values, size_t *n);
317 /* Hooks into ofproto processing. */
318 static struct ofhooks bridge_ofhooks;
320 /* Public functions. */
322 /* Initializes the bridge module, configuring it to obtain its configuration
323 * from an OVSDB server accessed over 'remote', which should be a string in a
324 * form acceptable to ovsdb_idl_create(). */
326 bridge_init(const char *remote)
328 /* Create connection to database. */
329 idl = ovsdb_idl_create(remote, &ovsrec_idl_class, true);
331 ovsdb_idl_omit_alert(idl, &ovsrec_open_vswitch_col_cur_cfg);
332 ovsdb_idl_omit_alert(idl, &ovsrec_open_vswitch_col_statistics);
333 ovsdb_idl_omit(idl, &ovsrec_open_vswitch_col_external_ids);
335 ovsdb_idl_omit(idl, &ovsrec_bridge_col_external_ids);
337 ovsdb_idl_omit(idl, &ovsrec_port_col_external_ids);
338 ovsdb_idl_omit(idl, &ovsrec_port_col_fake_bridge);
340 ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_ofport);
341 ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_statistics);
342 ovsdb_idl_omit(idl, &ovsrec_interface_col_external_ids);
344 /* Register unixctl commands. */
345 unixctl_command_register("fdb/show", bridge_unixctl_fdb_show, NULL);
346 unixctl_command_register("qos/show", qos_unixctl_show, NULL);
347 unixctl_command_register("bridge/dump-flows", bridge_unixctl_dump_flows,
349 unixctl_command_register("bridge/reconnect", bridge_unixctl_reconnect,
358 struct bridge *br, *next_br;
360 LIST_FOR_EACH_SAFE (br, next_br, node, &all_bridges) {
363 ovsdb_idl_destroy(idl);
366 /* Performs configuration that is only necessary once at ovs-vswitchd startup,
367 * but for which the ovs-vswitchd configuration 'cfg' is required. */
369 bridge_configure_once(const struct ovsrec_open_vswitch *cfg)
371 static bool already_configured_once;
372 struct svec bridge_names;
373 struct svec dpif_names, dpif_types;
376 /* Only do this once per ovs-vswitchd run. */
377 if (already_configured_once) {
380 already_configured_once = true;
382 stats_timer = time_msec() + STATS_INTERVAL;
384 /* Get all the configured bridges' names from 'cfg' into 'bridge_names'. */
385 svec_init(&bridge_names);
386 for (i = 0; i < cfg->n_bridges; i++) {
387 svec_add(&bridge_names, cfg->bridges[i]->name);
389 svec_sort(&bridge_names);
391 /* Iterate over all system dpifs and delete any of them that do not appear
393 svec_init(&dpif_names);
394 svec_init(&dpif_types);
395 dp_enumerate_types(&dpif_types);
396 for (i = 0; i < dpif_types.n; i++) {
399 dp_enumerate_names(dpif_types.names[i], &dpif_names);
401 /* Delete each dpif whose name is not in 'bridge_names'. */
402 for (j = 0; j < dpif_names.n; j++) {
403 if (!svec_contains(&bridge_names, dpif_names.names[j])) {
407 retval = dpif_open(dpif_names.names[j], dpif_types.names[i],
416 svec_destroy(&bridge_names);
417 svec_destroy(&dpif_names);
418 svec_destroy(&dpif_types);
421 /* Callback for iterate_and_prune_ifaces(). */
423 check_iface(struct bridge *br, struct iface *iface, void *aux OVS_UNUSED)
425 if (!iface->netdev) {
426 /* We already reported a related error, don't bother duplicating it. */
430 if (iface->dp_ifidx < 0) {
431 VLOG_ERR("%s interface not in %s, dropping",
432 iface->name, dpif_name(br->dpif));
436 VLOG_DBG("%s has interface %s on port %d", dpif_name(br->dpif),
437 iface->name, iface->dp_ifidx);
441 /* Callback for iterate_and_prune_ifaces(). */
443 set_iface_properties(struct bridge *br OVS_UNUSED, struct iface *iface,
444 void *aux OVS_UNUSED)
446 /* Set policing attributes. */
447 netdev_set_policing(iface->netdev,
448 iface->cfg->ingress_policing_rate,
449 iface->cfg->ingress_policing_burst);
451 /* Set MAC address of internal interfaces other than the local
453 if (iface->dp_ifidx != ODPP_LOCAL && !strcmp(iface->type, "internal")) {
454 iface_set_mac(iface);
460 /* Calls 'cb' for each interfaces in 'br', passing along the 'aux' argument.
461 * Deletes from 'br' all the interfaces for which 'cb' returns false, and then
462 * deletes from 'br' any ports that no longer have any interfaces. */
464 iterate_and_prune_ifaces(struct bridge *br,
465 bool (*cb)(struct bridge *, struct iface *,
471 for (i = 0; i < br->n_ports; ) {
472 struct port *port = br->ports[i];
473 for (j = 0; j < port->n_ifaces; ) {
474 struct iface *iface = port->ifaces[j];
475 if (cb(br, iface, aux)) {
478 iface_set_ofport(iface->cfg, -1);
479 iface_destroy(iface);
483 if (port->n_ifaces) {
486 VLOG_WARN("%s port has no interfaces, dropping", port->name);
492 /* Looks at the list of managers in 'ovs_cfg' and extracts their remote IP
493 * addresses and ports into '*managersp' and '*n_managersp'. The caller is
494 * responsible for freeing '*managersp' (with free()).
496 * You may be asking yourself "why does ovs-vswitchd care?", because
497 * ovsdb-server is responsible for connecting to the managers, and ovs-vswitchd
498 * should not be and in fact is not directly involved in that. But
499 * ovs-vswitchd needs to make sure that ovsdb-server can reach the managers, so
500 * it has to tell in-band control where the managers are to enable that.
501 * (Thus, only managers connected in-band are collected.)
504 collect_in_band_managers(const struct ovsrec_open_vswitch *ovs_cfg,
505 struct sockaddr_in **managersp, size_t *n_managersp)
507 struct sockaddr_in *managers = NULL;
508 size_t n_managers = 0;
509 struct shash targets;
512 /* Collect all of the potential targets from the "targets" columns of the
513 * rows pointed to by "manager_options", excluding any that are
515 shash_init(&targets);
516 for (i = 0; i < ovs_cfg->n_manager_options; i++) {
517 struct ovsrec_manager *m = ovs_cfg->manager_options[i];
519 if (m->connection_mode && !strcmp(m->connection_mode, "out-of-band")) {
520 shash_find_and_delete(&targets, m->target);
522 shash_add_once(&targets, m->target, NULL);
526 /* Now extract the targets' IP addresses. */
527 if (!shash_is_empty(&targets)) {
528 struct shash_node *node;
530 managers = xmalloc(shash_count(&targets) * sizeof *managers);
531 SHASH_FOR_EACH (node, &targets) {
532 const char *target = node->name;
533 struct sockaddr_in *sin = &managers[n_managers];
535 if ((!strncmp(target, "tcp:", 4)
536 && inet_parse_active(target + 4, JSONRPC_TCP_PORT, sin)) ||
537 (!strncmp(target, "ssl:", 4)
538 && inet_parse_active(target + 4, JSONRPC_SSL_PORT, sin))) {
543 shash_destroy(&targets);
545 *managersp = managers;
546 *n_managersp = n_managers;
550 bridge_reconfigure(const struct ovsrec_open_vswitch *ovs_cfg)
552 struct shash old_br, new_br;
553 struct shash_node *node;
554 struct bridge *br, *next;
555 struct sockaddr_in *managers;
558 int sflow_bridge_number;
560 COVERAGE_INC(bridge_reconfigure);
562 collect_in_band_managers(ovs_cfg, &managers, &n_managers);
564 /* Collect old and new bridges. */
567 LIST_FOR_EACH (br, node, &all_bridges) {
568 shash_add(&old_br, br->name, br);
570 for (i = 0; i < ovs_cfg->n_bridges; i++) {
571 const struct ovsrec_bridge *br_cfg = ovs_cfg->bridges[i];
572 if (!shash_add_once(&new_br, br_cfg->name, br_cfg)) {
573 VLOG_WARN("more than one bridge named %s", br_cfg->name);
577 /* Get rid of deleted bridges and add new bridges. */
578 LIST_FOR_EACH_SAFE (br, next, node, &all_bridges) {
579 struct ovsrec_bridge *br_cfg = shash_find_data(&new_br, br->name);
586 SHASH_FOR_EACH (node, &new_br) {
587 const char *br_name = node->name;
588 const struct ovsrec_bridge *br_cfg = node->data;
589 br = shash_find_data(&old_br, br_name);
591 /* If the bridge datapath type has changed, we need to tear it
592 * down and recreate. */
593 if (strcmp(br->cfg->datapath_type, br_cfg->datapath_type)) {
595 bridge_create(br_cfg);
598 bridge_create(br_cfg);
601 shash_destroy(&old_br);
602 shash_destroy(&new_br);
604 /* Reconfigure all bridges. */
605 LIST_FOR_EACH (br, node, &all_bridges) {
606 bridge_reconfigure_one(br);
609 /* Add and delete ports on all datapaths.
611 * The kernel will reject any attempt to add a given port to a datapath if
612 * that port already belongs to a different datapath, so we must do all
613 * port deletions before any port additions. */
614 LIST_FOR_EACH (br, node, &all_bridges) {
615 struct dpif_port_dump dump;
616 struct shash want_ifaces;
617 struct dpif_port dpif_port;
619 bridge_get_all_ifaces(br, &want_ifaces);
620 DPIF_PORT_FOR_EACH (&dpif_port, &dump, br->dpif) {
621 if (!shash_find(&want_ifaces, dpif_port.name)
622 && strcmp(dpif_port.name, br->name)) {
623 int retval = dpif_port_del(br->dpif, dpif_port.port_no);
625 VLOG_WARN("failed to remove %s interface from %s: %s",
626 dpif_port.name, dpif_name(br->dpif),
631 shash_destroy(&want_ifaces);
633 LIST_FOR_EACH (br, node, &all_bridges) {
634 struct shash cur_ifaces, want_ifaces;
635 struct dpif_port_dump dump;
636 struct dpif_port dpif_port;
638 /* Get the set of interfaces currently in this datapath. */
639 shash_init(&cur_ifaces);
640 DPIF_PORT_FOR_EACH (&dpif_port, &dump, br->dpif) {
641 struct dpif_port *port_info = xmalloc(sizeof *port_info);
642 dpif_port_clone(port_info, &dpif_port);
643 shash_add(&cur_ifaces, dpif_port.name, port_info);
646 /* Get the set of interfaces we want on this datapath. */
647 bridge_get_all_ifaces(br, &want_ifaces);
649 hmap_clear(&br->ifaces);
650 SHASH_FOR_EACH (node, &want_ifaces) {
651 const char *if_name = node->name;
652 struct iface *iface = node->data;
653 struct dpif_port *dpif_port;
657 type = iface ? iface->type : "internal";
658 dpif_port = shash_find_data(&cur_ifaces, if_name);
660 /* If we have a port or a netdev already, and it's not the type we
661 * want, then delete the port (if any) and close the netdev (if
663 if ((dpif_port && strcmp(dpif_port->type, type))
664 || (iface && iface->netdev
665 && strcmp(type, netdev_get_type(iface->netdev)))) {
667 error = ofproto_port_del(br->ofproto, dpif_port->port_no);
674 netdev_close(iface->netdev);
675 iface->netdev = NULL;
679 /* If the port doesn't exist or we don't have the netdev open,
680 * we need to do more work. */
681 if (!dpif_port || (iface && !iface->netdev)) {
682 struct netdev_options options;
683 struct netdev *netdev;
686 /* First open the network device. */
687 options.name = if_name;
689 options.args = &args;
690 options.ethertype = NETDEV_ETH_TYPE_NONE;
694 shash_from_ovs_idl_map(iface->cfg->key_options,
695 iface->cfg->value_options,
696 iface->cfg->n_options, &args);
698 error = netdev_open(&options, &netdev);
699 shash_destroy(&args);
702 VLOG_WARN("could not open network device %s (%s)",
703 if_name, strerror(error));
707 /* Then add the port if we haven't already. */
709 error = dpif_port_add(br->dpif, netdev, NULL);
711 netdev_close(netdev);
712 if (error == EFBIG) {
713 VLOG_ERR("ran out of valid port numbers on %s",
714 dpif_name(br->dpif));
717 VLOG_WARN("failed to add %s interface to %s: %s",
718 if_name, dpif_name(br->dpif),
725 /* Update 'iface'. */
727 iface->netdev = netdev;
728 iface->enabled = netdev_get_carrier(iface->netdev);
729 iface->up = iface->enabled;
731 } else if (iface && iface->netdev) {
735 shash_from_ovs_idl_map(iface->cfg->key_options,
736 iface->cfg->value_options,
737 iface->cfg->n_options, &args);
738 netdev_set_config(iface->netdev, &args);
739 shash_destroy(&args);
742 shash_destroy(&want_ifaces);
744 SHASH_FOR_EACH (node, &cur_ifaces) {
745 struct dpif_port *port_info = node->data;
746 dpif_port_destroy(port_info);
749 shash_destroy(&cur_ifaces);
751 sflow_bridge_number = 0;
752 LIST_FOR_EACH (br, node, &all_bridges) {
755 struct iface *local_iface;
756 struct iface *hw_addr_iface;
759 bridge_fetch_dp_ifaces(br);
761 iterate_and_prune_ifaces(br, check_iface, NULL);
763 /* Pick local port hardware address, datapath ID. */
764 bridge_pick_local_hw_addr(br, ea, &hw_addr_iface);
765 local_iface = bridge_get_local_iface(br);
767 int error = netdev_set_etheraddr(local_iface->netdev, ea);
769 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
770 VLOG_ERR_RL(&rl, "bridge %s: failed to set bridge "
771 "Ethernet address: %s",
772 br->name, strerror(error));
775 memcpy(br->ea, ea, ETH_ADDR_LEN);
777 dpid = bridge_pick_datapath_id(br, ea, hw_addr_iface);
778 ofproto_set_datapath_id(br->ofproto, dpid);
780 dpid_string = xasprintf("%016"PRIx64, dpid);
781 ovsrec_bridge_set_datapath_id(br->cfg, dpid_string);
784 /* Set NetFlow configuration on this bridge. */
785 if (br->cfg->netflow) {
786 struct ovsrec_netflow *nf_cfg = br->cfg->netflow;
787 struct netflow_options opts;
789 memset(&opts, 0, sizeof opts);
791 dpif_get_netflow_ids(br->dpif, &opts.engine_type, &opts.engine_id);
792 if (nf_cfg->engine_type) {
793 opts.engine_type = *nf_cfg->engine_type;
795 if (nf_cfg->engine_id) {
796 opts.engine_id = *nf_cfg->engine_id;
799 opts.active_timeout = nf_cfg->active_timeout;
800 if (!opts.active_timeout) {
801 opts.active_timeout = -1;
802 } else if (opts.active_timeout < 0) {
803 VLOG_WARN("bridge %s: active timeout interval set to negative "
804 "value, using default instead (%d seconds)", br->name,
805 NF_ACTIVE_TIMEOUT_DEFAULT);
806 opts.active_timeout = -1;
809 opts.add_id_to_iface = nf_cfg->add_id_to_interface;
810 if (opts.add_id_to_iface) {
811 if (opts.engine_id > 0x7f) {
812 VLOG_WARN("bridge %s: netflow port mangling may conflict "
813 "with another vswitch, choose an engine id less "
814 "than 128", br->name);
816 if (br->n_ports > 508) {
817 VLOG_WARN("bridge %s: netflow port mangling will conflict "
818 "with another port when more than 508 ports are "
823 opts.collectors.n = nf_cfg->n_targets;
824 opts.collectors.names = nf_cfg->targets;
825 if (ofproto_set_netflow(br->ofproto, &opts)) {
826 VLOG_ERR("bridge %s: problem setting netflow collectors",
830 ofproto_set_netflow(br->ofproto, NULL);
833 /* Set sFlow configuration on this bridge. */
834 if (br->cfg->sflow) {
835 const struct ovsrec_sflow *sflow_cfg = br->cfg->sflow;
836 struct ovsrec_controller **controllers;
837 struct ofproto_sflow_options oso;
838 size_t n_controllers;
840 memset(&oso, 0, sizeof oso);
842 oso.targets.n = sflow_cfg->n_targets;
843 oso.targets.names = sflow_cfg->targets;
845 oso.sampling_rate = SFL_DEFAULT_SAMPLING_RATE;
846 if (sflow_cfg->sampling) {
847 oso.sampling_rate = *sflow_cfg->sampling;
850 oso.polling_interval = SFL_DEFAULT_POLLING_INTERVAL;
851 if (sflow_cfg->polling) {
852 oso.polling_interval = *sflow_cfg->polling;
855 oso.header_len = SFL_DEFAULT_HEADER_SIZE;
856 if (sflow_cfg->header) {
857 oso.header_len = *sflow_cfg->header;
860 oso.sub_id = sflow_bridge_number++;
861 oso.agent_device = sflow_cfg->agent;
863 oso.control_ip = NULL;
864 n_controllers = bridge_get_controllers(br, &controllers);
865 for (i = 0; i < n_controllers; i++) {
866 if (controllers[i]->local_ip) {
867 oso.control_ip = controllers[i]->local_ip;
871 ofproto_set_sflow(br->ofproto, &oso);
873 /* Do not destroy oso.targets because it is owned by sflow_cfg. */
875 ofproto_set_sflow(br->ofproto, NULL);
878 /* Update the controller and related settings. It would be more
879 * straightforward to call this from bridge_reconfigure_one(), but we
880 * can't do it there for two reasons. First, and most importantly, at
881 * that point we don't know the dp_ifidx of any interfaces that have
882 * been added to the bridge (because we haven't actually added them to
883 * the datapath). Second, at that point we haven't set the datapath ID
884 * yet; when a controller is configured, resetting the datapath ID will
885 * immediately disconnect from the controller, so it's better to set
886 * the datapath ID before the controller. */
887 bridge_reconfigure_remotes(br, managers, n_managers);
889 LIST_FOR_EACH (br, node, &all_bridges) {
890 for (i = 0; i < br->n_ports; i++) {
891 struct port *port = br->ports[i];
895 for (j = 0; j < port->n_ifaces; j++) {
896 netdev_monitor_add(port->monitor, port->ifaces[j]->netdev);
899 port->miimon_next_update = 0;
902 port_update_lacp(port);
903 port_update_bonding(port);
905 for (j = 0; j < port->n_ifaces; j++) {
906 iface_update_qos(port->ifaces[j], port->cfg->qos);
910 LIST_FOR_EACH (br, node, &all_bridges) {
911 iterate_and_prune_ifaces(br, set_iface_properties, NULL);
914 LIST_FOR_EACH (br, node, &all_bridges) {
916 HMAP_FOR_EACH (iface, dp_ifidx_node, &br->ifaces) {
917 iface_update_cfm(iface);
923 /* ovs-vswitchd has completed initialization, so allow the process that
924 * forked us to exit successfully. */
925 daemonize_complete();
929 get_ovsrec_key_value(const struct ovsdb_idl_row *row,
930 const struct ovsdb_idl_column *column,
933 const struct ovsdb_datum *datum;
934 union ovsdb_atom atom;
937 datum = ovsdb_idl_get(row, column, OVSDB_TYPE_STRING, OVSDB_TYPE_STRING);
938 atom.string = (char *) key;
939 idx = ovsdb_datum_find_key(datum, &atom, OVSDB_TYPE_STRING);
940 return idx == UINT_MAX ? NULL : datum->values[idx].string;
944 bridge_get_other_config(const struct ovsrec_bridge *br_cfg, const char *key)
946 return get_ovsrec_key_value(&br_cfg->header_,
947 &ovsrec_bridge_col_other_config, key);
951 bridge_pick_local_hw_addr(struct bridge *br, uint8_t ea[ETH_ADDR_LEN],
952 struct iface **hw_addr_iface)
958 *hw_addr_iface = NULL;
960 /* Did the user request a particular MAC? */
961 hwaddr = bridge_get_other_config(br->cfg, "hwaddr");
962 if (hwaddr && eth_addr_from_string(hwaddr, ea)) {
963 if (eth_addr_is_multicast(ea)) {
964 VLOG_ERR("bridge %s: cannot set MAC address to multicast "
965 "address "ETH_ADDR_FMT, br->name, ETH_ADDR_ARGS(ea));
966 } else if (eth_addr_is_zero(ea)) {
967 VLOG_ERR("bridge %s: cannot set MAC address to zero", br->name);
973 /* Otherwise choose the minimum non-local MAC address among all of the
975 memset(ea, 0xff, ETH_ADDR_LEN);
976 for (i = 0; i < br->n_ports; i++) {
977 struct port *port = br->ports[i];
978 uint8_t iface_ea[ETH_ADDR_LEN];
981 /* Mirror output ports don't participate. */
982 if (port->is_mirror_output_port) {
986 /* Choose the MAC address to represent the port. */
987 if (port->cfg->mac && eth_addr_from_string(port->cfg->mac, iface_ea)) {
988 /* Find the interface with this Ethernet address (if any) so that
989 * we can provide the correct devname to the caller. */
991 for (j = 0; j < port->n_ifaces; j++) {
992 struct iface *candidate = port->ifaces[j];
993 uint8_t candidate_ea[ETH_ADDR_LEN];
994 if (!netdev_get_etheraddr(candidate->netdev, candidate_ea)
995 && eth_addr_equals(iface_ea, candidate_ea)) {
1000 /* Choose the interface whose MAC address will represent the port.
1001 * The Linux kernel bonding code always chooses the MAC address of
1002 * the first slave added to a bond, and the Fedora networking
1003 * scripts always add slaves to a bond in alphabetical order, so
1004 * for compatibility we choose the interface with the name that is
1005 * first in alphabetical order. */
1006 iface = port->ifaces[0];
1007 for (j = 1; j < port->n_ifaces; j++) {
1008 struct iface *candidate = port->ifaces[j];
1009 if (strcmp(candidate->name, iface->name) < 0) {
1014 /* The local port doesn't count (since we're trying to choose its
1015 * MAC address anyway). */
1016 if (iface->dp_ifidx == ODPP_LOCAL) {
1021 error = netdev_get_etheraddr(iface->netdev, iface_ea);
1023 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1024 VLOG_ERR_RL(&rl, "failed to obtain Ethernet address of %s: %s",
1025 iface->name, strerror(error));
1030 /* Compare against our current choice. */
1031 if (!eth_addr_is_multicast(iface_ea) &&
1032 !eth_addr_is_local(iface_ea) &&
1033 !eth_addr_is_reserved(iface_ea) &&
1034 !eth_addr_is_zero(iface_ea) &&
1035 eth_addr_compare_3way(iface_ea, ea) < 0)
1037 memcpy(ea, iface_ea, ETH_ADDR_LEN);
1038 *hw_addr_iface = iface;
1041 if (eth_addr_is_multicast(ea)) {
1042 memcpy(ea, br->default_ea, ETH_ADDR_LEN);
1043 *hw_addr_iface = NULL;
1044 VLOG_WARN("bridge %s: using default bridge Ethernet "
1045 "address "ETH_ADDR_FMT, br->name, ETH_ADDR_ARGS(ea));
1047 VLOG_DBG("bridge %s: using bridge Ethernet address "ETH_ADDR_FMT,
1048 br->name, ETH_ADDR_ARGS(ea));
1052 /* Choose and returns the datapath ID for bridge 'br' given that the bridge
1053 * Ethernet address is 'bridge_ea'. If 'bridge_ea' is the Ethernet address of
1054 * an interface on 'br', then that interface must be passed in as
1055 * 'hw_addr_iface'; if 'bridge_ea' was derived some other way, then
1056 * 'hw_addr_iface' must be passed in as a null pointer. */
1058 bridge_pick_datapath_id(struct bridge *br,
1059 const uint8_t bridge_ea[ETH_ADDR_LEN],
1060 struct iface *hw_addr_iface)
1063 * The procedure for choosing a bridge MAC address will, in the most
1064 * ordinary case, also choose a unique MAC that we can use as a datapath
1065 * ID. In some special cases, though, multiple bridges will end up with
1066 * the same MAC address. This is OK for the bridges, but it will confuse
1067 * the OpenFlow controller, because each datapath needs a unique datapath
1070 * Datapath IDs must be unique. It is also very desirable that they be
1071 * stable from one run to the next, so that policy set on a datapath
1074 const char *datapath_id;
1077 datapath_id = bridge_get_other_config(br->cfg, "datapath-id");
1078 if (datapath_id && dpid_from_string(datapath_id, &dpid)) {
1082 if (hw_addr_iface) {
1084 if (!netdev_get_vlan_vid(hw_addr_iface->netdev, &vlan)) {
1086 * A bridge whose MAC address is taken from a VLAN network device
1087 * (that is, a network device created with vconfig(8) or similar
1088 * tool) will have the same MAC address as a bridge on the VLAN
1089 * device's physical network device.
1091 * Handle this case by hashing the physical network device MAC
1092 * along with the VLAN identifier.
1094 uint8_t buf[ETH_ADDR_LEN + 2];
1095 memcpy(buf, bridge_ea, ETH_ADDR_LEN);
1096 buf[ETH_ADDR_LEN] = vlan >> 8;
1097 buf[ETH_ADDR_LEN + 1] = vlan;
1098 return dpid_from_hash(buf, sizeof buf);
1101 * Assume that this bridge's MAC address is unique, since it
1102 * doesn't fit any of the cases we handle specially.
1107 * A purely internal bridge, that is, one that has no non-virtual
1108 * network devices on it at all, is more difficult because it has no
1109 * natural unique identifier at all.
1111 * When the host is a XenServer, we handle this case by hashing the
1112 * host's UUID with the name of the bridge. Names of bridges are
1113 * persistent across XenServer reboots, although they can be reused if
1114 * an internal network is destroyed and then a new one is later
1115 * created, so this is fairly effective.
1117 * When the host is not a XenServer, we punt by using a random MAC
1118 * address on each run.
1120 const char *host_uuid = xenserver_get_host_uuid();
1122 char *combined = xasprintf("%s,%s", host_uuid, br->name);
1123 dpid = dpid_from_hash(combined, strlen(combined));
1129 return eth_addr_to_uint64(bridge_ea);
1133 dpid_from_hash(const void *data, size_t n)
1135 uint8_t hash[SHA1_DIGEST_SIZE];
1137 BUILD_ASSERT_DECL(sizeof hash >= ETH_ADDR_LEN);
1138 sha1_bytes(data, n, hash);
1139 eth_addr_mark_random(hash);
1140 return eth_addr_to_uint64(hash);
1144 iface_refresh_status(struct iface *iface)
1148 enum netdev_flags flags;
1157 if (!netdev_get_status(iface->netdev, &sh)) {
1159 char **keys, **values;
1161 shash_to_ovs_idl_map(&sh, &keys, &values, &n);
1162 ovsrec_interface_set_status(iface->cfg, keys, values, n);
1167 ovsrec_interface_set_status(iface->cfg, NULL, NULL, 0);
1170 shash_destroy_free_data(&sh);
1172 error = netdev_get_flags(iface->netdev, &flags);
1174 ovsrec_interface_set_admin_state(iface->cfg, flags & NETDEV_UP ? "up" : "down");
1177 ovsrec_interface_set_admin_state(iface->cfg, NULL);
1180 error = netdev_get_features(iface->netdev, ¤t, NULL, NULL, NULL);
1182 ovsrec_interface_set_duplex(iface->cfg,
1183 netdev_features_is_full_duplex(current)
1185 /* warning: uint64_t -> int64_t conversion */
1186 bps = netdev_features_to_bps(current);
1187 ovsrec_interface_set_link_speed(iface->cfg, &bps, 1);
1190 ovsrec_interface_set_duplex(iface->cfg, NULL);
1191 ovsrec_interface_set_link_speed(iface->cfg, NULL, 0);
1195 ovsrec_interface_set_link_state(iface->cfg,
1196 netdev_get_carrier(iface->netdev)
1199 error = netdev_get_mtu(iface->netdev, &mtu);
1200 if (!error && mtu != INT_MAX) {
1202 ovsrec_interface_set_mtu(iface->cfg, &mtu_64, 1);
1205 ovsrec_interface_set_mtu(iface->cfg, NULL, 0);
1210 iface_refresh_cfm_stats(struct iface *iface)
1214 const struct ovsrec_monitor *mon;
1216 mon = iface->cfg->monitor;
1223 for (i = 0; i < mon->n_remote_mps; i++) {
1224 const struct ovsrec_maintenance_point *mp;
1225 const struct remote_mp *rmp;
1227 mp = mon->remote_mps[i];
1228 rmp = cfm_get_remote_mp(cfm, mp->mpid);
1230 ovsrec_maintenance_point_set_fault(mp, &rmp->fault, 1);
1233 if (hmap_is_empty(&cfm->x_remote_mps)) {
1234 ovsrec_monitor_set_unexpected_remote_mpids(mon, NULL, 0);
1237 struct remote_mp *rmp;
1238 int64_t *x_remote_mps;
1240 length = hmap_count(&cfm->x_remote_mps);
1241 x_remote_mps = xzalloc(length * sizeof *x_remote_mps);
1244 HMAP_FOR_EACH (rmp, node, &cfm->x_remote_mps) {
1245 x_remote_mps[i++] = rmp->mpid;
1248 ovsrec_monitor_set_unexpected_remote_mpids(mon, x_remote_mps, length);
1252 if (hmap_is_empty(&cfm->x_remote_maids)) {
1253 ovsrec_monitor_set_unexpected_remote_maids(mon, NULL, 0);
1256 char **x_remote_maids;
1257 struct remote_maid *rmaid;
1259 length = hmap_count(&cfm->x_remote_maids);
1260 x_remote_maids = xzalloc(length * sizeof *x_remote_maids);
1263 HMAP_FOR_EACH (rmaid, node, &cfm->x_remote_maids) {
1266 x_remote_maids[i] = xzalloc(CCM_MAID_LEN * 2 + 1);
1268 for (j = 0; j < CCM_MAID_LEN; j++) {
1269 snprintf(&x_remote_maids[i][j * 2], 3, "%02hhx",
1274 ovsrec_monitor_set_unexpected_remote_maids(mon, x_remote_maids, length);
1276 for (i = 0; i < length; i++) {
1277 free(x_remote_maids[i]);
1279 free(x_remote_maids);
1282 ovsrec_monitor_set_fault(mon, &cfm->fault, 1);
1286 iface_refresh_stats(struct iface *iface)
1292 static const struct iface_stat iface_stats[] = {
1293 { "rx_packets", offsetof(struct netdev_stats, rx_packets) },
1294 { "tx_packets", offsetof(struct netdev_stats, tx_packets) },
1295 { "rx_bytes", offsetof(struct netdev_stats, rx_bytes) },
1296 { "tx_bytes", offsetof(struct netdev_stats, tx_bytes) },
1297 { "rx_dropped", offsetof(struct netdev_stats, rx_dropped) },
1298 { "tx_dropped", offsetof(struct netdev_stats, tx_dropped) },
1299 { "rx_errors", offsetof(struct netdev_stats, rx_errors) },
1300 { "tx_errors", offsetof(struct netdev_stats, tx_errors) },
1301 { "rx_frame_err", offsetof(struct netdev_stats, rx_frame_errors) },
1302 { "rx_over_err", offsetof(struct netdev_stats, rx_over_errors) },
1303 { "rx_crc_err", offsetof(struct netdev_stats, rx_crc_errors) },
1304 { "collisions", offsetof(struct netdev_stats, collisions) },
1306 enum { N_STATS = ARRAY_SIZE(iface_stats) };
1307 const struct iface_stat *s;
1309 char *keys[N_STATS];
1310 int64_t values[N_STATS];
1313 struct netdev_stats stats;
1315 /* Intentionally ignore return value, since errors will set 'stats' to
1316 * all-1s, and we will deal with that correctly below. */
1317 netdev_get_stats(iface->netdev, &stats);
1320 for (s = iface_stats; s < &iface_stats[N_STATS]; s++) {
1321 uint64_t value = *(uint64_t *) (((char *) &stats) + s->offset);
1322 if (value != UINT64_MAX) {
1329 ovsrec_interface_set_statistics(iface->cfg, keys, values, n);
1333 refresh_system_stats(const struct ovsrec_open_vswitch *cfg)
1335 struct ovsdb_datum datum;
1339 get_system_stats(&stats);
1341 ovsdb_datum_from_shash(&datum, &stats);
1342 ovsdb_idl_txn_write(&cfg->header_, &ovsrec_open_vswitch_col_statistics,
1346 static inline const char *
1347 nx_role_to_str(enum nx_role role)
1352 case NX_ROLE_MASTER:
1357 return "*** INVALID ROLE ***";
1362 bridge_refresh_controller_status(const struct bridge *br)
1365 const struct ovsrec_controller *cfg;
1367 ofproto_get_ofproto_controller_info(br->ofproto, &info);
1369 OVSREC_CONTROLLER_FOR_EACH(cfg, idl) {
1370 struct ofproto_controller_info *cinfo =
1371 shash_find_data(&info, cfg->target);
1374 ovsrec_controller_set_is_connected(cfg, cinfo->is_connected);
1375 ovsrec_controller_set_role(cfg, nx_role_to_str(cinfo->role));
1376 ovsrec_controller_set_status(cfg, (char **) cinfo->pairs.keys,
1377 (char **) cinfo->pairs.values,
1380 ovsrec_controller_set_is_connected(cfg, false);
1381 ovsrec_controller_set_role(cfg, NULL);
1382 ovsrec_controller_set_status(cfg, NULL, NULL, 0);
1386 ofproto_free_ofproto_controller_info(&info);
1392 const struct ovsrec_open_vswitch *cfg;
1394 bool datapath_destroyed;
1395 bool database_changed;
1398 /* Let each bridge do the work that it needs to do. */
1399 datapath_destroyed = false;
1400 LIST_FOR_EACH (br, node, &all_bridges) {
1401 int error = bridge_run_one(br);
1403 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1404 VLOG_ERR_RL(&rl, "bridge %s: datapath was destroyed externally, "
1405 "forcing reconfiguration", br->name);
1406 datapath_destroyed = true;
1410 /* (Re)configure if necessary. */
1411 database_changed = ovsdb_idl_run(idl);
1412 cfg = ovsrec_open_vswitch_first(idl);
1414 /* Re-configure SSL. We do this on every trip through the main loop,
1415 * instead of just when the database changes, because the contents of the
1416 * key and certificate files can change without the database changing.
1418 * We do this before bridge_reconfigure() because that function might
1419 * initiate SSL connections and thus requires SSL to be configured. */
1420 if (cfg && cfg->ssl) {
1421 const struct ovsrec_ssl *ssl = cfg->ssl;
1423 stream_ssl_set_key_and_cert(ssl->private_key, ssl->certificate);
1424 stream_ssl_set_ca_cert_file(ssl->ca_cert, ssl->bootstrap_ca_cert);
1427 if (database_changed || datapath_destroyed) {
1429 struct ovsdb_idl_txn *txn = ovsdb_idl_txn_create(idl);
1431 bridge_configure_once(cfg);
1432 bridge_reconfigure(cfg);
1434 ovsrec_open_vswitch_set_cur_cfg(cfg, cfg->next_cfg);
1435 ovsdb_idl_txn_commit(txn);
1436 ovsdb_idl_txn_destroy(txn); /* XXX */
1438 /* We still need to reconfigure to avoid dangling pointers to
1439 * now-destroyed ovsrec structures inside bridge data. */
1440 static const struct ovsrec_open_vswitch null_cfg;
1442 bridge_reconfigure(&null_cfg);
1446 /* Refresh system and interface stats if necessary. */
1447 if (time_msec() >= stats_timer) {
1449 struct ovsdb_idl_txn *txn;
1451 txn = ovsdb_idl_txn_create(idl);
1452 LIST_FOR_EACH (br, node, &all_bridges) {
1455 for (i = 0; i < br->n_ports; i++) {
1456 struct port *port = br->ports[i];
1459 for (j = 0; j < port->n_ifaces; j++) {
1460 struct iface *iface = port->ifaces[j];
1461 iface_refresh_stats(iface);
1462 iface_refresh_cfm_stats(iface);
1463 iface_refresh_status(iface);
1466 bridge_refresh_controller_status(br);
1468 refresh_system_stats(cfg);
1469 ovsdb_idl_txn_commit(txn);
1470 ovsdb_idl_txn_destroy(txn); /* XXX */
1473 stats_timer = time_msec() + STATS_INTERVAL;
1482 LIST_FOR_EACH (br, node, &all_bridges) {
1485 ofproto_wait(br->ofproto);
1486 if (ofproto_has_primary_controller(br->ofproto)) {
1490 mac_learning_wait(br->ml);
1492 for (i = 0; i < br->n_ports; i++) {
1493 port_wait(br->ports[i]);
1496 ovsdb_idl_wait(idl);
1497 poll_timer_wait_until(stats_timer);
1500 /* Forces 'br' to revalidate all of its flows. This is appropriate when 'br''s
1501 * configuration changes. */
1503 bridge_flush(struct bridge *br)
1505 COVERAGE_INC(bridge_flush);
1507 mac_learning_flush(br->ml);
1510 /* Returns the 'br' interface for the ODPP_LOCAL port, or null if 'br' has no
1511 * such interface. */
1512 static struct iface *
1513 bridge_get_local_iface(struct bridge *br)
1517 for (i = 0; i < br->n_ports; i++) {
1518 struct port *port = br->ports[i];
1519 for (j = 0; j < port->n_ifaces; j++) {
1520 struct iface *iface = port->ifaces[j];
1521 if (iface->dp_ifidx == ODPP_LOCAL) {
1530 /* Bridge unixctl user interface functions. */
1532 bridge_unixctl_fdb_show(struct unixctl_conn *conn,
1533 const char *args, void *aux OVS_UNUSED)
1535 struct ds ds = DS_EMPTY_INITIALIZER;
1536 const struct bridge *br;
1537 const struct mac_entry *e;
1539 br = bridge_lookup(args);
1541 unixctl_command_reply(conn, 501, "no such bridge");
1545 ds_put_cstr(&ds, " port VLAN MAC Age\n");
1546 LIST_FOR_EACH (e, lru_node, &br->ml->lrus) {
1547 if (e->port < 0 || e->port >= br->n_ports) {
1550 ds_put_format(&ds, "%5d %4d "ETH_ADDR_FMT" %3d\n",
1551 br->ports[e->port]->ifaces[0]->dp_ifidx,
1552 e->vlan, ETH_ADDR_ARGS(e->mac), mac_entry_age(e));
1554 unixctl_command_reply(conn, 200, ds_cstr(&ds));
1558 /* QoS unixctl user interface functions. */
1560 struct qos_unixctl_show_cbdata {
1562 struct iface *iface;
1566 qos_unixctl_show_cb(unsigned int queue_id,
1567 const struct shash *details,
1570 struct qos_unixctl_show_cbdata *data = aux;
1571 struct ds *ds = data->ds;
1572 struct iface *iface = data->iface;
1573 struct netdev_queue_stats stats;
1574 struct shash_node *node;
1577 ds_put_cstr(ds, "\n");
1579 ds_put_format(ds, "Queue %u:\n", queue_id);
1581 ds_put_cstr(ds, "Default:\n");
1584 SHASH_FOR_EACH (node, details) {
1585 ds_put_format(ds, "\t%s: %s\n", node->name, (char *)node->data);
1588 error = netdev_get_queue_stats(iface->netdev, queue_id, &stats);
1590 if (stats.tx_packets != UINT64_MAX) {
1591 ds_put_format(ds, "\ttx_packets: %"PRIu64"\n", stats.tx_packets);
1594 if (stats.tx_bytes != UINT64_MAX) {
1595 ds_put_format(ds, "\ttx_bytes: %"PRIu64"\n", stats.tx_bytes);
1598 if (stats.tx_errors != UINT64_MAX) {
1599 ds_put_format(ds, "\ttx_errors: %"PRIu64"\n", stats.tx_errors);
1602 ds_put_format(ds, "\tFailed to get statistics for queue %u: %s",
1603 queue_id, strerror(error));
1608 qos_unixctl_show(struct unixctl_conn *conn,
1609 const char *args, void *aux OVS_UNUSED)
1611 struct ds ds = DS_EMPTY_INITIALIZER;
1612 struct shash sh = SHASH_INITIALIZER(&sh);
1613 struct iface *iface;
1615 struct shash_node *node;
1616 struct qos_unixctl_show_cbdata data;
1619 iface = iface_find(args);
1621 unixctl_command_reply(conn, 501, "no such interface");
1625 netdev_get_qos(iface->netdev, &type, &sh);
1627 if (*type != '\0') {
1628 ds_put_format(&ds, "QoS: %s %s\n", iface->name, type);
1630 SHASH_FOR_EACH (node, &sh) {
1631 ds_put_format(&ds, "%s: %s\n", node->name, (char *)node->data);
1636 error = netdev_dump_queues(iface->netdev, qos_unixctl_show_cb, &data);
1639 ds_put_format(&ds, "failed to dump queues: %s", strerror(error));
1641 unixctl_command_reply(conn, 200, ds_cstr(&ds));
1643 ds_put_format(&ds, "QoS not configured on %s\n", iface->name);
1644 unixctl_command_reply(conn, 501, ds_cstr(&ds));
1647 shash_destroy_free_data(&sh);
1651 /* Bridge reconfiguration functions. */
1652 static struct bridge *
1653 bridge_create(const struct ovsrec_bridge *br_cfg)
1658 assert(!bridge_lookup(br_cfg->name));
1659 br = xzalloc(sizeof *br);
1661 error = dpif_create_and_open(br_cfg->name, br_cfg->datapath_type,
1667 dpif_flow_flush(br->dpif);
1669 error = ofproto_create(br_cfg->name, br_cfg->datapath_type, &bridge_ofhooks,
1672 VLOG_ERR("failed to create switch %s: %s", br_cfg->name,
1674 dpif_delete(br->dpif);
1675 dpif_close(br->dpif);
1680 br->name = xstrdup(br_cfg->name);
1682 br->ml = mac_learning_create();
1683 eth_addr_nicira_random(br->default_ea);
1685 hmap_init(&br->ifaces);
1687 shash_init(&br->port_by_name);
1688 shash_init(&br->iface_by_name);
1692 list_push_back(&all_bridges, &br->node);
1694 VLOG_INFO("created bridge %s on %s", br->name, dpif_name(br->dpif));
1700 bridge_destroy(struct bridge *br)
1705 while (br->n_ports > 0) {
1706 port_destroy(br->ports[br->n_ports - 1]);
1708 list_remove(&br->node);
1709 error = dpif_delete(br->dpif);
1710 if (error && error != ENOENT) {
1711 VLOG_ERR("failed to delete %s: %s",
1712 dpif_name(br->dpif), strerror(error));
1714 dpif_close(br->dpif);
1715 ofproto_destroy(br->ofproto);
1716 mac_learning_destroy(br->ml);
1717 hmap_destroy(&br->ifaces);
1718 shash_destroy(&br->port_by_name);
1719 shash_destroy(&br->iface_by_name);
1726 static struct bridge *
1727 bridge_lookup(const char *name)
1731 LIST_FOR_EACH (br, node, &all_bridges) {
1732 if (!strcmp(br->name, name)) {
1739 /* Handle requests for a listing of all flows known by the OpenFlow
1740 * stack, including those normally hidden. */
1742 bridge_unixctl_dump_flows(struct unixctl_conn *conn,
1743 const char *args, void *aux OVS_UNUSED)
1748 br = bridge_lookup(args);
1750 unixctl_command_reply(conn, 501, "Unknown bridge");
1755 ofproto_get_all_flows(br->ofproto, &results);
1757 unixctl_command_reply(conn, 200, ds_cstr(&results));
1758 ds_destroy(&results);
1761 /* "bridge/reconnect [BRIDGE]": makes BRIDGE drop all of its controller
1762 * connections and reconnect. If BRIDGE is not specified, then all bridges
1763 * drop their controller connections and reconnect. */
1765 bridge_unixctl_reconnect(struct unixctl_conn *conn,
1766 const char *args, void *aux OVS_UNUSED)
1769 if (args[0] != '\0') {
1770 br = bridge_lookup(args);
1772 unixctl_command_reply(conn, 501, "Unknown bridge");
1775 ofproto_reconnect_controllers(br->ofproto);
1777 LIST_FOR_EACH (br, node, &all_bridges) {
1778 ofproto_reconnect_controllers(br->ofproto);
1781 unixctl_command_reply(conn, 200, NULL);
1785 bridge_run_one(struct bridge *br)
1790 error = ofproto_run1(br->ofproto);
1795 mac_learning_run(br->ml, ofproto_get_revalidate_set(br->ofproto));
1797 for (i = 0; i < br->n_ports; i++) {
1798 port_run(br->ports[i]);
1801 error = ofproto_run2(br->ofproto, br->flush);
1808 bridge_get_controllers(const struct bridge *br,
1809 struct ovsrec_controller ***controllersp)
1811 struct ovsrec_controller **controllers;
1812 size_t n_controllers;
1814 controllers = br->cfg->controller;
1815 n_controllers = br->cfg->n_controller;
1817 if (n_controllers == 1 && !strcmp(controllers[0]->target, "none")) {
1823 *controllersp = controllers;
1825 return n_controllers;
1829 bridge_reconfigure_one(struct bridge *br)
1831 struct shash old_ports, new_ports;
1832 struct svec snoops, old_snoops;
1833 struct shash_node *node;
1834 enum ofproto_fail_mode fail_mode;
1837 /* Collect old ports. */
1838 shash_init(&old_ports);
1839 for (i = 0; i < br->n_ports; i++) {
1840 shash_add(&old_ports, br->ports[i]->name, br->ports[i]);
1843 /* Collect new ports. */
1844 shash_init(&new_ports);
1845 for (i = 0; i < br->cfg->n_ports; i++) {
1846 const char *name = br->cfg->ports[i]->name;
1847 if (!shash_add_once(&new_ports, name, br->cfg->ports[i])) {
1848 VLOG_WARN("bridge %s: %s specified twice as bridge port",
1853 /* If we have a controller, then we need a local port. Complain if the
1854 * user didn't specify one.
1856 * XXX perhaps we should synthesize a port ourselves in this case. */
1857 if (bridge_get_controllers(br, NULL)) {
1858 char local_name[IF_NAMESIZE];
1861 error = dpif_port_get_name(br->dpif, ODPP_LOCAL,
1862 local_name, sizeof local_name);
1863 if (!error && !shash_find(&new_ports, local_name)) {
1864 VLOG_WARN("bridge %s: controller specified but no local port "
1865 "(port named %s) defined",
1866 br->name, local_name);
1870 /* Get rid of deleted ports.
1871 * Get rid of deleted interfaces on ports that still exist. */
1872 SHASH_FOR_EACH (node, &old_ports) {
1873 struct port *port = node->data;
1874 const struct ovsrec_port *port_cfg;
1876 port_cfg = shash_find_data(&new_ports, node->name);
1880 port_del_ifaces(port, port_cfg);
1884 /* Create new ports.
1885 * Add new interfaces to existing ports.
1886 * Reconfigure existing ports. */
1887 SHASH_FOR_EACH (node, &new_ports) {
1888 struct port *port = shash_find_data(&old_ports, node->name);
1890 port = port_create(br, node->name);
1893 port_reconfigure(port, node->data);
1894 if (!port->n_ifaces) {
1895 VLOG_WARN("bridge %s: port %s has no interfaces, dropping",
1896 br->name, port->name);
1900 shash_destroy(&old_ports);
1901 shash_destroy(&new_ports);
1903 /* Set the fail-mode */
1904 fail_mode = !br->cfg->fail_mode
1905 || !strcmp(br->cfg->fail_mode, "standalone")
1906 ? OFPROTO_FAIL_STANDALONE
1907 : OFPROTO_FAIL_SECURE;
1908 if (ofproto_get_fail_mode(br->ofproto) != fail_mode
1909 && !ofproto_has_primary_controller(br->ofproto)) {
1910 ofproto_flush_flows(br->ofproto);
1912 ofproto_set_fail_mode(br->ofproto, fail_mode);
1914 /* Delete all flows if we're switching from connected to standalone or vice
1915 * versa. (XXX Should we delete all flows if we are switching from one
1916 * controller to another?) */
1918 /* Configure OpenFlow controller connection snooping. */
1920 svec_add_nocopy(&snoops, xasprintf("punix:%s/%s.snoop",
1921 ovs_rundir(), br->name));
1922 svec_init(&old_snoops);
1923 ofproto_get_snoops(br->ofproto, &old_snoops);
1924 if (!svec_equal(&snoops, &old_snoops)) {
1925 ofproto_set_snoops(br->ofproto, &snoops);
1927 svec_destroy(&snoops);
1928 svec_destroy(&old_snoops);
1930 mirror_reconfigure(br);
1933 /* Initializes 'oc' appropriately as a management service controller for
1936 * The caller must free oc->target when it is no longer needed. */
1938 bridge_ofproto_controller_for_mgmt(const struct bridge *br,
1939 struct ofproto_controller *oc)
1941 oc->target = xasprintf("punix:%s/%s.mgmt", ovs_rundir(), br->name);
1942 oc->max_backoff = 0;
1943 oc->probe_interval = 60;
1944 oc->band = OFPROTO_OUT_OF_BAND;
1946 oc->burst_limit = 0;
1949 /* Converts ovsrec_controller 'c' into an ofproto_controller in 'oc'. */
1951 bridge_ofproto_controller_from_ovsrec(const struct ovsrec_controller *c,
1952 struct ofproto_controller *oc)
1954 oc->target = c->target;
1955 oc->max_backoff = c->max_backoff ? *c->max_backoff / 1000 : 8;
1956 oc->probe_interval = c->inactivity_probe ? *c->inactivity_probe / 1000 : 5;
1957 oc->band = (!c->connection_mode || !strcmp(c->connection_mode, "in-band")
1958 ? OFPROTO_IN_BAND : OFPROTO_OUT_OF_BAND);
1959 oc->rate_limit = c->controller_rate_limit ? *c->controller_rate_limit : 0;
1960 oc->burst_limit = (c->controller_burst_limit
1961 ? *c->controller_burst_limit : 0);
1964 /* Configures the IP stack for 'br''s local interface properly according to the
1965 * configuration in 'c'. */
1967 bridge_configure_local_iface_netdev(struct bridge *br,
1968 struct ovsrec_controller *c)
1970 struct netdev *netdev;
1971 struct in_addr mask, gateway;
1973 struct iface *local_iface;
1976 /* If there's no local interface or no IP address, give up. */
1977 local_iface = bridge_get_local_iface(br);
1978 if (!local_iface || !c->local_ip || !inet_aton(c->local_ip, &ip)) {
1982 /* Bring up the local interface. */
1983 netdev = local_iface->netdev;
1984 netdev_turn_flags_on(netdev, NETDEV_UP, true);
1986 /* Configure the IP address and netmask. */
1987 if (!c->local_netmask
1988 || !inet_aton(c->local_netmask, &mask)
1990 mask.s_addr = guess_netmask(ip.s_addr);
1992 if (!netdev_set_in4(netdev, ip, mask)) {
1993 VLOG_INFO("bridge %s: configured IP address "IP_FMT", netmask "IP_FMT,
1994 br->name, IP_ARGS(&ip.s_addr), IP_ARGS(&mask.s_addr));
1997 /* Configure the default gateway. */
1998 if (c->local_gateway
1999 && inet_aton(c->local_gateway, &gateway)
2000 && gateway.s_addr) {
2001 if (!netdev_add_router(netdev, gateway)) {
2002 VLOG_INFO("bridge %s: configured gateway "IP_FMT,
2003 br->name, IP_ARGS(&gateway.s_addr));
2009 bridge_reconfigure_remotes(struct bridge *br,
2010 const struct sockaddr_in *managers,
2013 const char *disable_ib_str, *queue_id_str;
2014 bool disable_in_band = false;
2017 struct ovsrec_controller **controllers;
2018 size_t n_controllers;
2021 struct ofproto_controller *ocs;
2025 /* Check if we should disable in-band control on this bridge. */
2026 disable_ib_str = bridge_get_other_config(br->cfg, "disable-in-band");
2027 if (disable_ib_str && !strcmp(disable_ib_str, "true")) {
2028 disable_in_band = true;
2031 /* Set OpenFlow queue ID for in-band control. */
2032 queue_id_str = bridge_get_other_config(br->cfg, "in-band-queue");
2033 queue_id = queue_id_str ? strtol(queue_id_str, NULL, 10) : -1;
2034 ofproto_set_in_band_queue(br->ofproto, queue_id);
2036 if (disable_in_band) {
2037 ofproto_set_extra_in_band_remotes(br->ofproto, NULL, 0);
2039 ofproto_set_extra_in_band_remotes(br->ofproto, managers, n_managers);
2041 had_primary = ofproto_has_primary_controller(br->ofproto);
2043 n_controllers = bridge_get_controllers(br, &controllers);
2045 ocs = xmalloc((n_controllers + 1) * sizeof *ocs);
2048 bridge_ofproto_controller_for_mgmt(br, &ocs[n_ocs++]);
2049 for (i = 0; i < n_controllers; i++) {
2050 struct ovsrec_controller *c = controllers[i];
2052 if (!strncmp(c->target, "punix:", 6)
2053 || !strncmp(c->target, "unix:", 5)) {
2054 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2056 /* Prevent remote ovsdb-server users from accessing arbitrary Unix
2057 * domain sockets and overwriting arbitrary local files. */
2058 VLOG_ERR_RL(&rl, "%s: not adding Unix domain socket controller "
2059 "\"%s\" due to possibility for remote exploit",
2060 dpif_name(br->dpif), c->target);
2064 bridge_configure_local_iface_netdev(br, c);
2065 bridge_ofproto_controller_from_ovsrec(c, &ocs[n_ocs]);
2066 if (disable_in_band) {
2067 ocs[n_ocs].band = OFPROTO_OUT_OF_BAND;
2072 ofproto_set_controllers(br->ofproto, ocs, n_ocs);
2073 free(ocs[0].target); /* From bridge_ofproto_controller_for_mgmt(). */
2076 if (had_primary != ofproto_has_primary_controller(br->ofproto)) {
2077 ofproto_flush_flows(br->ofproto);
2080 /* If there are no controllers and the bridge is in standalone
2081 * mode, set up a flow that matches every packet and directs
2082 * them to OFPP_NORMAL (which goes to us). Otherwise, the
2083 * switch is in secure mode and we won't pass any traffic until
2084 * a controller has been defined and it tells us to do so. */
2086 && ofproto_get_fail_mode(br->ofproto) == OFPROTO_FAIL_STANDALONE) {
2087 union ofp_action action;
2088 struct cls_rule rule;
2090 memset(&action, 0, sizeof action);
2091 action.type = htons(OFPAT_OUTPUT);
2092 action.output.len = htons(sizeof action);
2093 action.output.port = htons(OFPP_NORMAL);
2094 cls_rule_init_catchall(&rule, 0);
2095 ofproto_add_flow(br->ofproto, &rule, &action, 1);
2100 bridge_get_all_ifaces(const struct bridge *br, struct shash *ifaces)
2105 for (i = 0; i < br->n_ports; i++) {
2106 struct port *port = br->ports[i];
2107 for (j = 0; j < port->n_ifaces; j++) {
2108 struct iface *iface = port->ifaces[j];
2109 shash_add_once(ifaces, iface->name, iface);
2111 if (port->n_ifaces > 1 && port->cfg->bond_fake_iface) {
2112 shash_add_once(ifaces, port->name, NULL);
2117 /* For robustness, in case the administrator moves around datapath ports behind
2118 * our back, we re-check all the datapath port numbers here.
2120 * This function will set the 'dp_ifidx' members of interfaces that have
2121 * disappeared to -1, so only call this function from a context where those
2122 * 'struct iface's will be removed from the bridge. Otherwise, the -1
2123 * 'dp_ifidx'es will cause trouble later when we try to send them to the
2124 * datapath, which doesn't support UINT16_MAX+1 ports. */
2126 bridge_fetch_dp_ifaces(struct bridge *br)
2128 struct dpif_port_dump dump;
2129 struct dpif_port dpif_port;
2132 /* Reset all interface numbers. */
2133 for (i = 0; i < br->n_ports; i++) {
2134 struct port *port = br->ports[i];
2135 for (j = 0; j < port->n_ifaces; j++) {
2136 struct iface *iface = port->ifaces[j];
2137 iface->dp_ifidx = -1;
2140 hmap_clear(&br->ifaces);
2142 DPIF_PORT_FOR_EACH (&dpif_port, &dump, br->dpif) {
2143 struct iface *iface = iface_lookup(br, dpif_port.name);
2145 if (iface->dp_ifidx >= 0) {
2146 VLOG_WARN("%s reported interface %s twice",
2147 dpif_name(br->dpif), dpif_port.name);
2148 } else if (iface_from_dp_ifidx(br, dpif_port.port_no)) {
2149 VLOG_WARN("%s reported interface %"PRIu16" twice",
2150 dpif_name(br->dpif), dpif_port.port_no);
2152 iface->dp_ifidx = dpif_port.port_no;
2153 hmap_insert(&br->ifaces, &iface->dp_ifidx_node,
2154 hash_int(iface->dp_ifidx, 0));
2157 iface_set_ofport(iface->cfg,
2158 (iface->dp_ifidx >= 0
2159 ? odp_port_to_ofp_port(iface->dp_ifidx)
2165 /* Bridge packet processing functions. */
2168 bond_is_tcp_hash(const struct port *port)
2170 return port->bond_mode == BM_TCP && lacp_negotiated(port->lacp);
2174 bond_hash_src(const uint8_t mac[ETH_ADDR_LEN], uint16_t vlan)
2176 return hash_bytes(mac, ETH_ADDR_LEN, vlan) & BOND_MASK;
2179 static int bond_hash_tcp(const struct flow *flow, uint16_t vlan)
2181 struct flow hash_flow;
2183 memcpy(&hash_flow, flow, sizeof hash_flow);
2184 hash_flow.vlan_tci = 0;
2186 /* The symmetric quality of this hash function is not required, but
2187 * flow_hash_symmetric_l4 already exists, and is sufficient for our
2188 * purposes, so we use it out of convenience. */
2189 return flow_hash_symmetric_l4(&hash_flow, vlan) & BOND_MASK;
2192 static struct bond_entry *
2193 lookup_bond_entry(const struct port *port, const struct flow *flow,
2196 assert(port->bond_mode != BM_AB);
2198 if (bond_is_tcp_hash(port)) {
2199 return &port->bond_hash[bond_hash_tcp(flow, vlan)];
2201 return &port->bond_hash[bond_hash_src(flow->dl_src, vlan)];
2206 bond_choose_iface(const struct port *port)
2208 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
2209 size_t i, best_down_slave = -1;
2210 long long next_delay_expiration = LLONG_MAX;
2212 for (i = 0; i < port->n_ifaces; i++) {
2213 struct iface *iface = port->ifaces[i];
2215 if (iface->enabled) {
2217 } else if (iface->delay_expires < next_delay_expiration
2218 && lacp_slave_may_enable(port->lacp, iface)) {
2219 best_down_slave = i;
2220 next_delay_expiration = iface->delay_expires;
2224 if (best_down_slave != -1) {
2225 struct iface *iface = port->ifaces[best_down_slave];
2227 VLOG_INFO_RL(&rl, "interface %s: skipping remaining %lli ms updelay "
2228 "since no other interface is up", iface->name,
2229 iface->delay_expires - time_msec());
2230 bond_enable_slave(iface, true);
2233 return best_down_slave;
2237 choose_output_iface(const struct port *port, const struct flow *flow,
2238 uint16_t vlan, uint16_t *dp_ifidx, tag_type *tags)
2240 struct iface *iface;
2242 assert(port->n_ifaces);
2243 if (port->n_ifaces == 1) {
2244 iface = port->ifaces[0];
2245 } else if (port->bond_mode == BM_AB) {
2246 if (port->active_iface < 0) {
2247 *tags |= port->no_ifaces_tag;
2250 iface = port->ifaces[port->active_iface];
2252 struct bond_entry *e = lookup_bond_entry(port, flow, vlan);
2253 if (e->iface_idx < 0 || e->iface_idx >= port->n_ifaces
2254 || !port->ifaces[e->iface_idx]->enabled) {
2255 /* XXX select interface properly. The current interface selection
2256 * is only good for testing the rebalancing code. */
2257 e->iface_idx = bond_choose_iface(port);
2258 if (e->iface_idx < 0) {
2259 *tags |= port->no_ifaces_tag;
2262 e->iface_tag = tag_create_random();
2264 *tags |= e->iface_tag;
2265 iface = port->ifaces[e->iface_idx];
2267 *dp_ifidx = iface->dp_ifidx;
2268 *tags |= iface->tag; /* Currently only used for bonding. */
2273 bond_link_status_update(struct iface *iface)
2275 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
2276 struct port *port = iface->port;
2277 bool up = iface->up && lacp_slave_may_enable(port->lacp, iface);
2278 int updelay, downdelay;
2280 updelay = port->updelay;
2281 downdelay = port->downdelay;
2283 if (lacp_negotiated(port->lacp)) {
2288 if ((up == iface->enabled) == (iface->delay_expires == LLONG_MAX)) {
2289 /* Nothing to do. */
2292 VLOG_INFO_RL(&rl, "interface %s: link state %s",
2293 iface->name, up ? "up" : "down");
2294 if (up == iface->enabled) {
2295 iface->delay_expires = LLONG_MAX;
2296 VLOG_INFO_RL(&rl, "interface %s: will not be %s",
2297 iface->name, up ? "disabled" : "enabled");
2298 } else if (up && port->active_iface < 0) {
2299 bond_enable_slave(iface, true);
2301 VLOG_INFO_RL(&rl, "interface %s: skipping %d ms updelay since no "
2302 "other interface is up", iface->name, updelay);
2305 int delay = up ? updelay : downdelay;
2306 iface->delay_expires = time_msec() + delay;
2309 "interface %s: will be %s if it stays %s for %d ms",
2311 up ? "enabled" : "disabled",
2319 bond_choose_active_iface(struct port *port)
2321 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
2323 port->active_iface = bond_choose_iface(port);
2324 port->active_iface_tag = tag_create_random();
2325 if (port->active_iface >= 0) {
2326 VLOG_INFO_RL(&rl, "port %s: active interface is now %s",
2327 port->name, port->ifaces[port->active_iface]->name);
2329 VLOG_WARN_RL(&rl, "port %s: all ports disabled, no active interface",
2335 bond_enable_slave(struct iface *iface, bool enable)
2337 struct port *port = iface->port;
2338 struct bridge *br = port->bridge;
2340 /* This acts as a recursion check. If the act of disabling a slave
2341 * causes a different slave to be enabled, the flag will allow us to
2342 * skip redundant work when we reenter this function. It must be
2343 * cleared on exit to keep things safe with multiple bonds. */
2344 static bool moving_active_iface = false;
2346 iface->delay_expires = LLONG_MAX;
2347 if (enable == iface->enabled) {
2351 iface->enabled = enable;
2352 if (!iface->enabled) {
2353 VLOG_WARN("interface %s: disabled", iface->name);
2354 ofproto_revalidate(br->ofproto, iface->tag);
2355 if (iface->port_ifidx == port->active_iface) {
2356 ofproto_revalidate(br->ofproto,
2357 port->active_iface_tag);
2359 /* Disabling a slave can lead to another slave being immediately
2360 * enabled if there will be no active slaves but one is waiting
2361 * on an updelay. In this case we do not need to run most of the
2362 * code for the newly enabled slave since there was no period
2363 * without an active slave and it is redundant with the disabling
2365 moving_active_iface = true;
2366 bond_choose_active_iface(port);
2368 bond_send_learning_packets(port);
2370 VLOG_WARN("interface %s: enabled", iface->name);
2371 if (port->active_iface < 0 && !moving_active_iface) {
2372 ofproto_revalidate(br->ofproto, port->no_ifaces_tag);
2373 bond_choose_active_iface(port);
2374 bond_send_learning_packets(port);
2376 iface->tag = tag_create_random();
2379 moving_active_iface = false;
2382 /* Attempts to make the sum of the bond slaves' statistics appear on the fake
2383 * bond interface. */
2385 bond_update_fake_iface_stats(struct port *port)
2387 struct netdev_stats bond_stats;
2388 struct netdev *bond_dev;
2391 memset(&bond_stats, 0, sizeof bond_stats);
2393 for (i = 0; i < port->n_ifaces; i++) {
2394 struct netdev_stats slave_stats;
2396 if (!netdev_get_stats(port->ifaces[i]->netdev, &slave_stats)) {
2397 /* XXX: We swap the stats here because they are swapped back when
2398 * reported by the internal device. The reason for this is
2399 * internal devices normally represent packets going into the system
2400 * but when used as fake bond device they represent packets leaving
2401 * the system. We really should do this in the internal device
2402 * itself because changing it here reverses the counts from the
2403 * perspective of the switch. However, the internal device doesn't
2404 * know what type of device it represents so we have to do it here
2406 bond_stats.tx_packets += slave_stats.rx_packets;
2407 bond_stats.tx_bytes += slave_stats.rx_bytes;
2408 bond_stats.rx_packets += slave_stats.tx_packets;
2409 bond_stats.rx_bytes += slave_stats.tx_bytes;
2413 if (!netdev_open_default(port->name, &bond_dev)) {
2414 netdev_set_stats(bond_dev, &bond_stats);
2415 netdev_close(bond_dev);
2420 bond_run(struct port *port)
2424 if (port->n_ifaces < 2) {
2428 for (i = 0; i < port->n_ifaces; i++) {
2429 bond_link_status_update(port->ifaces[i]);
2432 for (i = 0; i < port->n_ifaces; i++) {
2433 struct iface *iface = port->ifaces[i];
2434 if (time_msec() >= iface->delay_expires) {
2435 bond_enable_slave(iface, !iface->enabled);
2439 if (port->bond_fake_iface
2440 && time_msec() >= port->bond_next_fake_iface_update) {
2441 bond_update_fake_iface_stats(port);
2442 port->bond_next_fake_iface_update = time_msec() + 1000;
2447 bond_wait(struct port *port)
2451 if (port->n_ifaces < 2) {
2455 for (i = 0; i < port->n_ifaces; i++) {
2456 struct iface *iface = port->ifaces[i];
2457 if (iface->delay_expires != LLONG_MAX) {
2458 poll_timer_wait_until(iface->delay_expires);
2462 if (port->bond_fake_iface) {
2463 poll_timer_wait_until(port->bond_next_fake_iface_update);
2468 set_dst(struct dst *dst, const struct flow *flow,
2469 const struct port *in_port, const struct port *out_port,
2472 dst->vlan = (out_port->vlan >= 0 ? OFP_VLAN_NONE
2473 : in_port->vlan >= 0 ? in_port->vlan
2474 : flow->vlan_tci == 0 ? OFP_VLAN_NONE
2475 : vlan_tci_to_vid(flow->vlan_tci));
2476 return choose_output_iface(out_port, flow, dst->vlan,
2477 &dst->dp_ifidx, tags);
2481 swap_dst(struct dst *p, struct dst *q)
2483 struct dst tmp = *p;
2488 /* Moves all the dsts with vlan == 'vlan' to the front of the 'n_dsts' in
2489 * 'dsts'. (This may help performance by reducing the number of VLAN changes
2490 * that we push to the datapath. We could in fact fully sort the array by
2491 * vlan, but in most cases there are at most two different vlan tags so that's
2492 * possibly overkill.) */
2494 partition_dsts(struct dst_set *set, int vlan)
2496 struct dst *first = set->dsts;
2497 struct dst *last = set->dsts + set->n;
2499 while (first != last) {
2501 * - All dsts < first have vlan == 'vlan'.
2502 * - All dsts >= last have vlan != 'vlan'.
2503 * - first < last. */
2504 while (first->vlan == vlan) {
2505 if (++first == last) {
2510 /* Same invariants, plus one additional:
2511 * - first->vlan != vlan.
2513 while (last[-1].vlan != vlan) {
2514 if (--last == first) {
2519 /* Same invariants, plus one additional:
2520 * - last[-1].vlan == vlan.*/
2521 swap_dst(first++, --last);
2526 mirror_mask_ffs(mirror_mask_t mask)
2528 BUILD_ASSERT_DECL(sizeof(unsigned int) >= sizeof(mask));
2533 dst_set_init(struct dst_set *set)
2535 set->dsts = set->builtin;
2537 set->allocated = ARRAY_SIZE(set->builtin);
2541 dst_set_add(struct dst_set *set, const struct dst *dst)
2543 if (set->n >= set->allocated) {
2544 size_t new_allocated;
2545 struct dst *new_dsts;
2547 new_allocated = set->allocated * 2;
2548 new_dsts = xmalloc(new_allocated * sizeof *new_dsts);
2549 memcpy(new_dsts, set->dsts, set->n * sizeof *new_dsts);
2553 set->dsts = new_dsts;
2554 set->allocated = new_allocated;
2556 set->dsts[set->n++] = *dst;
2560 dst_set_free(struct dst_set *set)
2562 if (set->dsts != set->builtin) {
2568 dst_is_duplicate(const struct dst_set *set, const struct dst *test)
2571 for (i = 0; i < set->n; i++) {
2572 if (set->dsts[i].vlan == test->vlan
2573 && set->dsts[i].dp_ifidx == test->dp_ifidx) {
2581 port_trunks_vlan(const struct port *port, uint16_t vlan)
2583 return (port->vlan < 0
2584 && (!port->trunks || bitmap_is_set(port->trunks, vlan)));
2588 port_includes_vlan(const struct port *port, uint16_t vlan)
2590 return vlan == port->vlan || port_trunks_vlan(port, vlan);
2594 port_is_floodable(const struct port *port)
2598 for (i = 0; i < port->n_ifaces; i++) {
2599 if (!ofproto_port_is_floodable(port->bridge->ofproto,
2600 port->ifaces[i]->dp_ifidx)) {
2608 compose_dsts(const struct bridge *br, const struct flow *flow, uint16_t vlan,
2609 const struct port *in_port, const struct port *out_port,
2610 struct dst_set *set, tag_type *tags, uint16_t *nf_output_iface)
2612 mirror_mask_t mirrors = in_port->src_mirrors;
2617 flow_vlan = vlan_tci_to_vid(flow->vlan_tci);
2618 if (flow_vlan == 0) {
2619 flow_vlan = OFP_VLAN_NONE;
2622 if (out_port == FLOOD_PORT) {
2623 for (i = 0; i < br->n_ports; i++) {
2624 struct port *port = br->ports[i];
2626 && port_is_floodable(port)
2627 && port_includes_vlan(port, vlan)
2628 && !port->is_mirror_output_port
2629 && set_dst(&dst, flow, in_port, port, tags)) {
2630 mirrors |= port->dst_mirrors;
2631 dst_set_add(set, &dst);
2634 *nf_output_iface = NF_OUT_FLOOD;
2635 } else if (out_port && set_dst(&dst, flow, in_port, out_port, tags)) {
2636 dst_set_add(set, &dst);
2637 *nf_output_iface = dst.dp_ifidx;
2638 mirrors |= out_port->dst_mirrors;
2642 struct mirror *m = br->mirrors[mirror_mask_ffs(mirrors) - 1];
2643 if (!m->n_vlans || vlan_is_mirrored(m, vlan)) {
2645 if (set_dst(&dst, flow, in_port, m->out_port, tags)
2646 && !dst_is_duplicate(set, &dst)) {
2647 dst_set_add(set, &dst);
2650 for (i = 0; i < br->n_ports; i++) {
2651 struct port *port = br->ports[i];
2652 if (port_includes_vlan(port, m->out_vlan)
2653 && set_dst(&dst, flow, in_port, port, tags))
2655 if (port->vlan < 0) {
2656 dst.vlan = m->out_vlan;
2658 if (dst_is_duplicate(set, &dst)) {
2662 /* Use the vlan tag on the original flow instead of
2663 * the one passed in the vlan parameter. This ensures
2664 * that we compare the vlan from before any implicit
2665 * tagging tags place. This is necessary because
2666 * dst->vlan is the final vlan, after removing implicit
2668 if (port == in_port && dst.vlan == flow_vlan) {
2669 /* Don't send out input port on same VLAN. */
2672 dst_set_add(set, &dst);
2677 mirrors &= mirrors - 1;
2680 partition_dsts(set, flow_vlan);
2683 static void OVS_UNUSED
2684 print_dsts(const struct dst_set *set)
2688 for (i = 0; i < set->n; i++) {
2689 const struct dst *dst = &set->dsts[i];
2691 printf(">p%"PRIu16, dst->dp_ifidx);
2692 if (dst->vlan != OFP_VLAN_NONE) {
2693 printf("v%"PRIu16, dst->vlan);
2699 compose_actions(struct bridge *br, const struct flow *flow, uint16_t vlan,
2700 const struct port *in_port, const struct port *out_port,
2701 tag_type *tags, struct ofpbuf *actions,
2702 uint16_t *nf_output_iface)
2709 compose_dsts(br, flow, vlan, in_port, out_port, &set, tags,
2712 cur_vlan = vlan_tci_to_vid(flow->vlan_tci);
2713 if (cur_vlan == 0) {
2714 cur_vlan = OFP_VLAN_NONE;
2716 for (i = 0; i < set.n; i++) {
2717 const struct dst *dst = &set.dsts[i];
2718 if (dst->vlan != cur_vlan) {
2719 if (dst->vlan == OFP_VLAN_NONE) {
2720 nl_msg_put_flag(actions, ODP_ACTION_ATTR_STRIP_VLAN);
2723 tci = htons(dst->vlan & VLAN_VID_MASK);
2724 tci |= flow->vlan_tci & htons(VLAN_PCP_MASK);
2725 nl_msg_put_be16(actions, ODP_ACTION_ATTR_SET_DL_TCI, tci);
2727 cur_vlan = dst->vlan;
2729 nl_msg_put_u32(actions, ODP_ACTION_ATTR_OUTPUT, dst->dp_ifidx);
2734 /* Returns the effective vlan of a packet, taking into account both the
2735 * 802.1Q header and implicitly tagged ports. A value of 0 indicates that
2736 * the packet is untagged and -1 indicates it has an invalid header and
2737 * should be dropped. */
2738 static int flow_get_vlan(struct bridge *br, const struct flow *flow,
2739 struct port *in_port, bool have_packet)
2741 int vlan = vlan_tci_to_vid(flow->vlan_tci);
2742 if (in_port->vlan >= 0) {
2744 /* XXX support double tagging? */
2746 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2747 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
2748 "packet received on port %s configured with "
2749 "implicit VLAN %"PRIu16,
2750 br->name, vlan, in_port->name, in_port->vlan);
2754 vlan = in_port->vlan;
2756 if (!port_includes_vlan(in_port, vlan)) {
2758 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2759 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
2760 "packet received on port %s not configured for "
2762 br->name, vlan, in_port->name, vlan);
2771 /* A VM broadcasts a gratuitous ARP to indicate that it has resumed after
2772 * migration. Older Citrix-patched Linux DomU used gratuitous ARP replies to
2773 * indicate this; newer upstream kernels use gratuitous ARP requests. */
2775 is_gratuitous_arp(const struct flow *flow)
2777 return (flow->dl_type == htons(ETH_TYPE_ARP)
2778 && eth_addr_is_broadcast(flow->dl_dst)
2779 && (flow->nw_proto == ARP_OP_REPLY
2780 || (flow->nw_proto == ARP_OP_REQUEST
2781 && flow->nw_src == flow->nw_dst)));
2785 update_learning_table(struct bridge *br, const struct flow *flow, int vlan,
2786 struct port *in_port)
2788 enum grat_arp_lock_type lock_type;
2791 /* We don't want to learn from gratuitous ARP packets that are reflected
2792 * back over bond slaves so we lock the learning table. */
2793 lock_type = !is_gratuitous_arp(flow) ? GRAT_ARP_LOCK_NONE :
2794 (in_port->n_ifaces == 1) ? GRAT_ARP_LOCK_SET :
2795 GRAT_ARP_LOCK_CHECK;
2797 rev_tag = mac_learning_learn(br->ml, flow->dl_src, vlan, in_port->port_idx,
2800 /* The log messages here could actually be useful in debugging,
2801 * so keep the rate limit relatively high. */
2802 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30,
2804 VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is "
2805 "on port %s in VLAN %d",
2806 br->name, ETH_ADDR_ARGS(flow->dl_src),
2807 in_port->name, vlan);
2808 ofproto_revalidate(br->ofproto, rev_tag);
2812 /* Determines whether packets in 'flow' within 'br' should be forwarded or
2813 * dropped. Returns true if they may be forwarded, false if they should be
2816 * If 'have_packet' is true, it indicates that the caller is processing a
2817 * received packet. If 'have_packet' is false, then the caller is just
2818 * revalidating an existing flow because configuration has changed. Either
2819 * way, 'have_packet' only affects logging (there is no point in logging errors
2820 * during revalidation).
2822 * Sets '*in_portp' to the input port. This will be a null pointer if
2823 * flow->in_port does not designate a known input port (in which case
2824 * is_admissible() returns false).
2826 * When returning true, sets '*vlanp' to the effective VLAN of the input
2827 * packet, as returned by flow_get_vlan().
2829 * May also add tags to '*tags', although the current implementation only does
2830 * so in one special case.
2833 is_admissible(struct bridge *br, const struct flow *flow, bool have_packet,
2834 tag_type *tags, int *vlanp, struct port **in_portp)
2836 struct iface *in_iface;
2837 struct port *in_port;
2840 /* Find the interface and port structure for the received packet. */
2841 in_iface = iface_from_dp_ifidx(br, flow->in_port);
2843 /* No interface? Something fishy... */
2845 /* Odd. A few possible reasons here:
2847 * - We deleted an interface but there are still a few packets
2848 * queued up from it.
2850 * - Someone externally added an interface (e.g. with "ovs-dpctl
2851 * add-if") that we don't know about.
2853 * - Packet arrived on the local port but the local port is not
2854 * one of our bridge ports.
2856 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2858 VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown "
2859 "interface %"PRIu16, br->name, flow->in_port);
2865 *in_portp = in_port = in_iface->port;
2866 *vlanp = vlan = flow_get_vlan(br, flow, in_port, have_packet);
2871 /* Drop frames for reserved multicast addresses. */
2872 if (eth_addr_is_reserved(flow->dl_dst)) {
2876 /* Drop frames on ports reserved for mirroring. */
2877 if (in_port->is_mirror_output_port) {
2879 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2880 VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port "
2881 "%s, which is reserved exclusively for mirroring",
2882 br->name, in_port->name);
2887 /* When using LACP, do not accept packets from disabled interfaces. */
2888 if (lacp_negotiated(in_port->lacp) && !in_iface->enabled) {
2892 /* Packets received on non-LACP bonds need special attention to avoid
2894 if (in_port->n_ifaces > 1 && !lacp_negotiated(in_port->lacp)) {
2896 bool is_grat_arp_locked;
2898 if (eth_addr_is_multicast(flow->dl_dst)) {
2899 *tags |= in_port->active_iface_tag;
2900 if (in_port->active_iface != in_iface->port_ifidx) {
2901 /* Drop all multicast packets on inactive slaves. */
2906 /* Drop all packets for which we have learned a different input
2907 * port, because we probably sent the packet on one slave and got
2908 * it back on the other. Gratuitous ARP packets are an exception
2909 * to this rule: the host has moved to another switch. The exception
2910 * to the exception is if we locked the learning table to avoid
2911 * reflections on bond slaves. If this is the case, just drop the
2913 src_idx = mac_learning_lookup(br->ml, flow->dl_src, vlan,
2914 &is_grat_arp_locked);
2915 if (src_idx != -1 && src_idx != in_port->port_idx &&
2916 (!is_gratuitous_arp(flow) || is_grat_arp_locked)) {
2924 /* If the composed actions may be applied to any packet in the given 'flow',
2925 * returns true. Otherwise, the actions should only be applied to 'packet', or
2926 * not at all, if 'packet' was NULL. */
2928 process_flow(struct bridge *br, const struct flow *flow,
2929 const struct ofpbuf *packet, struct ofpbuf *actions,
2930 tag_type *tags, uint16_t *nf_output_iface)
2932 struct port *in_port;
2933 struct port *out_port;
2937 /* Check whether we should drop packets in this flow. */
2938 if (!is_admissible(br, flow, packet != NULL, tags, &vlan, &in_port)) {
2943 /* Learn source MAC (but don't try to learn from revalidation). */
2945 update_learning_table(br, flow, vlan, in_port);
2948 /* Determine output port. */
2949 out_port_idx = mac_learning_lookup_tag(br->ml, flow->dl_dst, vlan, tags,
2951 if (out_port_idx >= 0 && out_port_idx < br->n_ports) {
2952 out_port = br->ports[out_port_idx];
2953 } else if (!packet && !eth_addr_is_multicast(flow->dl_dst)) {
2954 /* If we are revalidating but don't have a learning entry then
2955 * eject the flow. Installing a flow that floods packets opens
2956 * up a window of time where we could learn from a packet reflected
2957 * on a bond and blackhole packets before the learning table is
2958 * updated to reflect the correct port. */
2961 out_port = FLOOD_PORT;
2964 /* Don't send packets out their input ports. */
2965 if (in_port == out_port) {
2971 compose_actions(br, flow, vlan, in_port, out_port, tags, actions,
2979 bridge_normal_ofhook_cb(const struct flow *flow, const struct ofpbuf *packet,
2980 struct ofpbuf *actions, tag_type *tags,
2981 uint16_t *nf_output_iface, void *br_)
2983 struct bridge *br = br_;
2985 COVERAGE_INC(bridge_process_flow);
2986 return process_flow(br, flow, packet, actions, tags, nf_output_iface);
2990 bridge_special_ofhook_cb(const struct flow *flow,
2991 const struct ofpbuf *packet, void *br_)
2993 struct iface *iface;
2994 struct bridge *br = br_;
2996 iface = iface_from_dp_ifidx(br, flow->in_port);
2998 if (cfm_should_process_flow(flow)) {
3000 if (iface && packet && iface->cfm) {
3001 COVERAGE_INC(bridge_process_cfm);
3002 cfm_process_heartbeat(iface->cfm, packet);
3005 } else if (flow->dl_type == htons(ETH_TYPE_LACP)) {
3007 if (iface && iface->port->lacp && packet) {
3008 const struct lacp_pdu *pdu = parse_lacp_packet(packet);
3011 COVERAGE_INC(bridge_process_lacp);
3012 lacp_process_pdu(iface->port->lacp, iface, pdu);
3022 bridge_account_flow_ofhook_cb(const struct flow *flow, tag_type tags,
3023 const struct nlattr *actions,
3025 uint64_t n_bytes, void *br_)
3027 struct bridge *br = br_;
3028 const struct nlattr *a;
3029 struct port *in_port;
3034 /* Feed information from the active flows back into the learning table to
3035 * ensure that table is always in sync with what is actually flowing
3036 * through the datapath.
3038 * We test that 'tags' is nonzero to ensure that only flows that include an
3039 * OFPP_NORMAL action are used for learning. This works because
3040 * bridge_normal_ofhook_cb() always sets a nonzero tag value. */
3041 if (tags && is_admissible(br, flow, false, &dummy, &vlan, &in_port)) {
3042 update_learning_table(br, flow, vlan, in_port);
3045 /* Account for bond slave utilization. */
3046 if (!br->has_bonded_ports) {
3049 NL_ATTR_FOR_EACH_UNSAFE (a, left, actions, actions_len) {
3050 if (nl_attr_type(a) == ODP_ACTION_ATTR_OUTPUT) {
3051 struct port *out_port = port_from_dp_ifidx(br, nl_attr_get_u32(a));
3052 if (out_port && out_port->n_ifaces >= 2 &&
3053 out_port->bond_mode != BM_AB) {
3054 uint16_t vlan = (flow->vlan_tci
3055 ? vlan_tci_to_vid(flow->vlan_tci)
3057 struct bond_entry *e = lookup_bond_entry(out_port, flow, vlan);
3058 e->tx_bytes += n_bytes;
3065 bridge_account_checkpoint_ofhook_cb(void *br_)
3067 struct bridge *br = br_;
3071 if (!br->has_bonded_ports) {
3076 for (i = 0; i < br->n_ports; i++) {
3077 struct port *port = br->ports[i];
3078 if (port->n_ifaces > 1 && port->bond_mode != BM_AB
3079 && now >= port->bond_next_rebalance) {
3080 port->bond_next_rebalance = now + port->bond_rebalance_interval;
3081 bond_rebalance_port(port);
3086 static struct ofhooks bridge_ofhooks = {
3087 bridge_normal_ofhook_cb,
3088 bridge_special_ofhook_cb,
3089 bridge_account_flow_ofhook_cb,
3090 bridge_account_checkpoint_ofhook_cb,
3093 /* Bonding functions. */
3095 /* Statistics for a single interface on a bonded port, used for load-based
3096 * bond rebalancing. */
3097 struct slave_balance {
3098 struct iface *iface; /* The interface. */
3099 uint64_t tx_bytes; /* Sum of hashes[*]->tx_bytes. */
3101 /* All the "bond_entry"s that are assigned to this interface, in order of
3102 * increasing tx_bytes. */
3103 struct bond_entry **hashes;
3108 bond_mode_to_string(enum bond_mode bm) {
3109 static char *bm_slb = "balance-slb";
3110 static char *bm_ab = "active-backup";
3111 static char *bm_tcp = "balance-tcp";
3114 case BM_SLB: return bm_slb;
3115 case BM_AB: return bm_ab;
3116 case BM_TCP: return bm_tcp;
3123 /* Sorts pointers to pointers to bond_entries in ascending order by the
3124 * interface to which they are assigned, and within a single interface in
3125 * ascending order of bytes transmitted. */
3127 compare_bond_entries(const void *a_, const void *b_)
3129 const struct bond_entry *const *ap = a_;
3130 const struct bond_entry *const *bp = b_;
3131 const struct bond_entry *a = *ap;
3132 const struct bond_entry *b = *bp;
3133 if (a->iface_idx != b->iface_idx) {
3134 return a->iface_idx > b->iface_idx ? 1 : -1;
3135 } else if (a->tx_bytes != b->tx_bytes) {
3136 return a->tx_bytes > b->tx_bytes ? 1 : -1;
3142 /* Sorts slave_balances so that enabled ports come first, and otherwise in
3143 * *descending* order by number of bytes transmitted. */
3145 compare_slave_balance(const void *a_, const void *b_)
3147 const struct slave_balance *a = a_;
3148 const struct slave_balance *b = b_;
3149 if (a->iface->enabled != b->iface->enabled) {
3150 return a->iface->enabled ? -1 : 1;
3151 } else if (a->tx_bytes != b->tx_bytes) {
3152 return a->tx_bytes > b->tx_bytes ? -1 : 1;
3159 swap_bals(struct slave_balance *a, struct slave_balance *b)
3161 struct slave_balance tmp = *a;
3166 /* Restores the 'n_bals' slave_balance structures in 'bals' to sorted order
3167 * given that 'p' (and only 'p') might be in the wrong location.
3169 * This function invalidates 'p', since it might now be in a different memory
3172 resort_bals(struct slave_balance *p,
3173 struct slave_balance bals[], size_t n_bals)
3176 for (; p > bals && p->tx_bytes > p[-1].tx_bytes; p--) {
3177 swap_bals(p, p - 1);
3179 for (; p < &bals[n_bals - 1] && p->tx_bytes < p[1].tx_bytes; p++) {
3180 swap_bals(p, p + 1);
3186 log_bals(const struct slave_balance *bals, size_t n_bals, struct port *port)
3188 if (VLOG_IS_DBG_ENABLED()) {
3189 struct ds ds = DS_EMPTY_INITIALIZER;
3190 const struct slave_balance *b;
3192 for (b = bals; b < bals + n_bals; b++) {
3196 ds_put_char(&ds, ',');
3198 ds_put_format(&ds, " %s %"PRIu64"kB",
3199 b->iface->name, b->tx_bytes / 1024);
3201 if (!b->iface->enabled) {
3202 ds_put_cstr(&ds, " (disabled)");
3204 if (b->n_hashes > 0) {
3205 ds_put_cstr(&ds, " (");
3206 for (i = 0; i < b->n_hashes; i++) {
3207 const struct bond_entry *e = b->hashes[i];
3209 ds_put_cstr(&ds, " + ");
3211 ds_put_format(&ds, "h%td: %"PRIu64"kB",
3212 e - port->bond_hash, e->tx_bytes / 1024);
3214 ds_put_cstr(&ds, ")");
3217 VLOG_DBG("bond %s:%s", port->name, ds_cstr(&ds));
3222 /* Shifts 'hash' from 'from' to 'to' within 'port'. */
3224 bond_shift_load(struct slave_balance *from, struct slave_balance *to,
3227 struct bond_entry *hash = from->hashes[hash_idx];
3228 struct port *port = from->iface->port;
3229 uint64_t delta = hash->tx_bytes;
3231 assert(port->bond_mode != BM_AB);
3233 VLOG_INFO("bond %s: shift %"PRIu64"kB of load (with hash %td) "
3234 "from %s to %s (now carrying %"PRIu64"kB and "
3235 "%"PRIu64"kB load, respectively)",
3236 port->name, delta / 1024, hash - port->bond_hash,
3237 from->iface->name, to->iface->name,
3238 (from->tx_bytes - delta) / 1024,
3239 (to->tx_bytes + delta) / 1024);
3241 /* Delete element from from->hashes.
3243 * We don't bother to add the element to to->hashes because not only would
3244 * it require more work, the only purpose it would be to allow that hash to
3245 * be migrated to another slave in this rebalancing run, and there is no
3246 * point in doing that. */
3247 if (hash_idx == 0) {
3250 memmove(from->hashes + hash_idx, from->hashes + hash_idx + 1,
3251 (from->n_hashes - (hash_idx + 1)) * sizeof *from->hashes);
3255 /* Shift load away from 'from' to 'to'. */
3256 from->tx_bytes -= delta;
3257 to->tx_bytes += delta;
3259 /* Arrange for flows to be revalidated. */
3260 ofproto_revalidate(port->bridge->ofproto, hash->iface_tag);
3261 hash->iface_idx = to->iface->port_ifidx;
3262 hash->iface_tag = tag_create_random();
3266 bond_rebalance_port(struct port *port)
3268 struct slave_balance *bals;
3270 struct bond_entry *hashes[BOND_MASK + 1];
3271 struct slave_balance *b, *from, *to;
3272 struct bond_entry *e;
3275 assert(port->bond_mode != BM_AB);
3277 /* Sets up 'bals' to describe each of the port's interfaces, sorted in
3278 * descending order of tx_bytes, so that bals[0] represents the most
3279 * heavily loaded slave and bals[n_bals - 1] represents the least heavily
3282 * The code is a bit tricky: to avoid dynamically allocating a 'hashes'
3283 * array for each slave_balance structure, we sort our local array of
3284 * hashes in order by slave, so that all of the hashes for a given slave
3285 * become contiguous in memory, and then we point each 'hashes' members of
3286 * a slave_balance structure to the start of a contiguous group. */
3287 n_bals = port->n_ifaces;
3288 bals = xmalloc(n_bals * sizeof *bals);
3289 for (b = bals; b < &bals[n_bals]; b++) {
3290 b->iface = port->ifaces[b - bals];
3295 for (i = 0; i <= BOND_MASK; i++) {
3296 hashes[i] = &port->bond_hash[i];
3298 qsort(hashes, BOND_MASK + 1, sizeof *hashes, compare_bond_entries);
3299 for (i = 0; i <= BOND_MASK; i++) {
3301 if (e->iface_idx >= 0 && e->iface_idx < port->n_ifaces) {
3302 b = &bals[e->iface_idx];
3303 b->tx_bytes += e->tx_bytes;
3305 b->hashes = &hashes[i];
3310 qsort(bals, n_bals, sizeof *bals, compare_slave_balance);
3311 log_bals(bals, n_bals, port);
3313 /* Discard slaves that aren't enabled (which were sorted to the back of the
3314 * array earlier). */
3315 while (!bals[n_bals - 1].iface->enabled) {
3322 /* Shift load from the most-loaded slaves to the least-loaded slaves. */
3323 to = &bals[n_bals - 1];
3324 for (from = bals; from < to; ) {
3325 uint64_t overload = from->tx_bytes - to->tx_bytes;
3326 if (overload < to->tx_bytes >> 5 || overload < 100000) {
3327 /* The extra load on 'from' (and all less-loaded slaves), compared
3328 * to that of 'to' (the least-loaded slave), is less than ~3%, or
3329 * it is less than ~1Mbps. No point in rebalancing. */
3331 } else if (from->n_hashes == 1) {
3332 /* 'from' only carries a single MAC hash, so we can't shift any
3333 * load away from it, even though we want to. */
3336 /* 'from' is carrying significantly more load than 'to', and that
3337 * load is split across at least two different hashes. Pick a hash
3338 * to migrate to 'to' (the least-loaded slave), given that doing so
3339 * must decrease the ratio of the load on the two slaves by at
3342 * The sort order we use means that we prefer to shift away the
3343 * smallest hashes instead of the biggest ones. There is little
3344 * reason behind this decision; we could use the opposite sort
3345 * order to shift away big hashes ahead of small ones. */
3348 for (i = 0; i < from->n_hashes; i++) {
3349 double old_ratio, new_ratio;
3350 uint64_t delta = from->hashes[i]->tx_bytes;
3352 if (delta == 0 || from->tx_bytes - delta == 0) {
3353 /* Pointless move. */
3357 order_swapped = from->tx_bytes - delta < to->tx_bytes + delta;
3359 if (to->tx_bytes == 0) {
3360 /* Nothing on the new slave, move it. */
3364 old_ratio = (double)from->tx_bytes / to->tx_bytes;
3365 new_ratio = (double)(from->tx_bytes - delta) /
3366 (to->tx_bytes + delta);
3368 if (new_ratio == 0) {
3369 /* Should already be covered but check to prevent division
3374 if (new_ratio < 1) {
3375 new_ratio = 1 / new_ratio;
3378 if (old_ratio - new_ratio > 0.1) {
3379 /* Would decrease the ratio, move it. */
3383 if (i < from->n_hashes) {
3384 bond_shift_load(from, to, i);
3386 /* If the result of the migration changed the relative order of
3387 * 'from' and 'to' swap them back to maintain invariants. */
3388 if (order_swapped) {
3389 swap_bals(from, to);
3392 /* Re-sort 'bals'. Note that this may make 'from' and 'to'
3393 * point to different slave_balance structures. It is only
3394 * valid to do these two operations in a row at all because we
3395 * know that 'from' will not move past 'to' and vice versa. */
3396 resort_bals(from, bals, n_bals);
3397 resort_bals(to, bals, n_bals);
3404 /* Implement exponentially weighted moving average. A weight of 1/2 causes
3405 * historical data to decay to <1% in 7 rebalancing runs. */
3406 for (e = &port->bond_hash[0]; e <= &port->bond_hash[BOND_MASK]; e++) {
3415 bond_send_learning_packets(struct port *port)
3417 struct bridge *br = port->bridge;
3418 struct mac_entry *e;
3419 struct ofpbuf packet;
3420 int error, n_packets, n_errors;
3422 if (!port->n_ifaces || port->active_iface < 0 || bond_is_tcp_hash(port)) {
3426 ofpbuf_init(&packet, 128);
3427 error = n_packets = n_errors = 0;
3428 LIST_FOR_EACH (e, lru_node, &br->ml->lrus) {
3429 union ofp_action actions[2], *a;
3435 if (e->port == port->port_idx) {
3439 compose_benign_packet(&packet, "Open vSwitch Bond Failover", 0xf177,
3441 flow_extract(&packet, 0, ODPP_NONE, &flow);
3443 if (!choose_output_iface(port, &flow, e->vlan, &dp_ifidx, &tags)) {
3447 /* Compose actions. */
3448 memset(actions, 0, sizeof actions);
3451 a->vlan_vid.type = htons(OFPAT_SET_VLAN_VID);
3452 a->vlan_vid.len = htons(sizeof *a);
3453 a->vlan_vid.vlan_vid = htons(e->vlan);
3456 a->output.type = htons(OFPAT_OUTPUT);
3457 a->output.len = htons(sizeof *a);
3458 a->output.port = htons(odp_port_to_ofp_port(dp_ifidx));
3463 retval = ofproto_send_packet(br->ofproto, &flow, actions, a - actions,
3470 ofpbuf_uninit(&packet);
3473 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3474 VLOG_WARN_RL(&rl, "bond %s: %d errors sending %d gratuitous learning "
3475 "packets, last error was: %s",
3476 port->name, n_errors, n_packets, strerror(error));
3478 VLOG_DBG("bond %s: sent %d gratuitous learning packets",
3479 port->name, n_packets);
3483 /* Bonding unixctl user interface functions. */
3486 bond_unixctl_list(struct unixctl_conn *conn,
3487 const char *args OVS_UNUSED, void *aux OVS_UNUSED)
3489 struct ds ds = DS_EMPTY_INITIALIZER;
3490 const struct bridge *br;
3492 ds_put_cstr(&ds, "bridge\tbond\ttype\tslaves\n");
3494 LIST_FOR_EACH (br, node, &all_bridges) {
3497 for (i = 0; i < br->n_ports; i++) {
3498 const struct port *port = br->ports[i];
3499 if (port->n_ifaces > 1) {
3502 ds_put_format(&ds, "%s\t%s\t%s\t", br->name, port->name,
3503 bond_mode_to_string(port->bond_mode));
3504 for (j = 0; j < port->n_ifaces; j++) {
3505 const struct iface *iface = port->ifaces[j];
3507 ds_put_cstr(&ds, ", ");
3509 ds_put_cstr(&ds, iface->name);
3511 ds_put_char(&ds, '\n');
3515 unixctl_command_reply(conn, 200, ds_cstr(&ds));
3519 static struct port *
3520 bond_find(const char *name)
3522 const struct bridge *br;
3524 LIST_FOR_EACH (br, node, &all_bridges) {
3527 for (i = 0; i < br->n_ports; i++) {
3528 struct port *port = br->ports[i];
3529 if (!strcmp(port->name, name) && port->n_ifaces > 1) {
3538 bond_unixctl_show(struct unixctl_conn *conn,
3539 const char *args, void *aux OVS_UNUSED)
3541 struct ds ds = DS_EMPTY_INITIALIZER;
3542 const struct port *port;
3545 port = bond_find(args);
3547 unixctl_command_reply(conn, 501, "no such bond");
3551 ds_put_format(&ds, "bond_mode: %s\n",
3552 bond_mode_to_string(port->bond_mode));
3555 ds_put_format(&ds, "lacp: %s\n",
3556 port->lacp_active ? "active" : "passive");
3558 ds_put_cstr(&ds, "lacp: off\n");
3561 if (port->bond_mode != BM_AB) {
3562 ds_put_format(&ds, "bond-hash-algorithm: %s\n",
3563 bond_is_tcp_hash(port) ? "balance-tcp" : "balance-slb");
3567 ds_put_format(&ds, "bond-detect-mode: %s\n",
3568 port->monitor ? "carrier" : "miimon");
3570 if (!port->monitor) {
3571 ds_put_format(&ds, "bond-miimon-interval: %lld\n",
3572 port->miimon_interval);
3575 ds_put_format(&ds, "updelay: %d ms\n", port->updelay);
3576 ds_put_format(&ds, "downdelay: %d ms\n", port->downdelay);
3578 if (port->bond_mode != BM_AB) {
3579 ds_put_format(&ds, "next rebalance: %lld ms\n",
3580 port->bond_next_rebalance - time_msec());
3583 for (j = 0; j < port->n_ifaces; j++) {
3584 const struct iface *iface = port->ifaces[j];
3585 struct bond_entry *be;
3589 ds_put_format(&ds, "\nslave %s: %s\n",
3590 iface->name, iface->enabled ? "enabled" : "disabled");
3591 if (j == port->active_iface) {
3592 ds_put_cstr(&ds, "\tactive slave\n");
3594 if (iface->delay_expires != LLONG_MAX) {
3595 ds_put_format(&ds, "\t%s expires in %lld ms\n",
3596 iface->enabled ? "downdelay" : "updelay",
3597 iface->delay_expires - time_msec());
3600 if (port->bond_mode == BM_AB) {
3605 memset(&flow, 0, sizeof flow);
3606 for (be = port->bond_hash; be <= &port->bond_hash[BOND_MASK]; be++) {
3607 int hash = be - port->bond_hash;
3608 struct mac_entry *me;
3610 if (be->iface_idx != j) {
3614 ds_put_format(&ds, "\thash %d: %"PRIu64" kB load\n",
3615 hash, be->tx_bytes / 1024);
3617 if (port->bond_mode != BM_SLB) {
3622 LIST_FOR_EACH (me, lru_node, &port->bridge->ml->lrus) {
3626 memcpy(flow.dl_src, me->mac, ETH_ADDR_LEN);
3627 if (bond_hash_src(me->mac, me->vlan) == hash
3628 && me->port != port->port_idx
3629 && choose_output_iface(port, &flow, me->vlan,
3631 && dp_ifidx == iface->dp_ifidx)
3633 ds_put_format(&ds, "\t\t"ETH_ADDR_FMT"\n",
3634 ETH_ADDR_ARGS(me->mac));
3639 unixctl_command_reply(conn, 200, ds_cstr(&ds));
3644 bond_unixctl_migrate(struct unixctl_conn *conn, const char *args_,
3645 void *aux OVS_UNUSED)
3647 char *args = (char *) args_;
3648 char *save_ptr = NULL;
3649 char *bond_s, *hash_s, *slave_s;
3651 struct iface *iface;
3652 struct bond_entry *entry;
3655 bond_s = strtok_r(args, " ", &save_ptr);
3656 hash_s = strtok_r(NULL, " ", &save_ptr);
3657 slave_s = strtok_r(NULL, " ", &save_ptr);
3659 unixctl_command_reply(conn, 501,
3660 "usage: bond/migrate BOND HASH SLAVE");
3664 port = bond_find(bond_s);
3666 unixctl_command_reply(conn, 501, "no such bond");
3670 if (port->bond_mode != BM_SLB) {
3671 unixctl_command_reply(conn, 501, "not an SLB bond");
3675 if (strspn(hash_s, "0123456789") == strlen(hash_s)) {
3676 hash = atoi(hash_s) & BOND_MASK;
3678 unixctl_command_reply(conn, 501, "bad hash");
3682 iface = port_lookup_iface(port, slave_s);
3684 unixctl_command_reply(conn, 501, "no such slave");
3688 if (!iface->enabled) {
3689 unixctl_command_reply(conn, 501, "cannot migrate to disabled slave");
3693 entry = &port->bond_hash[hash];
3694 ofproto_revalidate(port->bridge->ofproto, entry->iface_tag);
3695 entry->iface_idx = iface->port_ifidx;
3696 entry->iface_tag = tag_create_random();
3697 unixctl_command_reply(conn, 200, "migrated");
3701 bond_unixctl_set_active_slave(struct unixctl_conn *conn, const char *args_,
3702 void *aux OVS_UNUSED)
3704 char *args = (char *) args_;
3705 char *save_ptr = NULL;
3706 char *bond_s, *slave_s;
3708 struct iface *iface;
3710 bond_s = strtok_r(args, " ", &save_ptr);
3711 slave_s = strtok_r(NULL, " ", &save_ptr);
3713 unixctl_command_reply(conn, 501,
3714 "usage: bond/set-active-slave BOND SLAVE");
3718 port = bond_find(bond_s);
3720 unixctl_command_reply(conn, 501, "no such bond");
3724 iface = port_lookup_iface(port, slave_s);
3726 unixctl_command_reply(conn, 501, "no such slave");
3730 if (!iface->enabled) {
3731 unixctl_command_reply(conn, 501, "cannot make disabled slave active");
3735 if (port->active_iface != iface->port_ifidx) {
3736 ofproto_revalidate(port->bridge->ofproto, port->active_iface_tag);
3737 port->active_iface = iface->port_ifidx;
3738 port->active_iface_tag = tag_create_random();
3739 VLOG_INFO("port %s: active interface is now %s",
3740 port->name, iface->name);
3741 bond_send_learning_packets(port);
3742 unixctl_command_reply(conn, 200, "done");
3744 unixctl_command_reply(conn, 200, "no change");
3749 enable_slave(struct unixctl_conn *conn, const char *args_, bool enable)
3751 char *args = (char *) args_;
3752 char *save_ptr = NULL;
3753 char *bond_s, *slave_s;
3755 struct iface *iface;
3757 bond_s = strtok_r(args, " ", &save_ptr);
3758 slave_s = strtok_r(NULL, " ", &save_ptr);
3760 unixctl_command_reply(conn, 501,
3761 "usage: bond/enable/disable-slave BOND SLAVE");
3765 port = bond_find(bond_s);
3767 unixctl_command_reply(conn, 501, "no such bond");
3771 iface = port_lookup_iface(port, slave_s);
3773 unixctl_command_reply(conn, 501, "no such slave");
3777 bond_enable_slave(iface, enable);
3778 unixctl_command_reply(conn, 501, enable ? "enabled" : "disabled");
3782 bond_unixctl_enable_slave(struct unixctl_conn *conn, const char *args,
3783 void *aux OVS_UNUSED)
3785 enable_slave(conn, args, true);
3789 bond_unixctl_disable_slave(struct unixctl_conn *conn, const char *args,
3790 void *aux OVS_UNUSED)
3792 enable_slave(conn, args, false);
3796 bond_unixctl_hash(struct unixctl_conn *conn, const char *args_,
3797 void *aux OVS_UNUSED)
3799 char *args = (char *) args_;
3800 uint8_t mac[ETH_ADDR_LEN];
3804 char *mac_s, *vlan_s;
3805 char *save_ptr = NULL;
3807 mac_s = strtok_r(args, " ", &save_ptr);
3808 vlan_s = strtok_r(NULL, " ", &save_ptr);
3811 if (sscanf(vlan_s, "%u", &vlan) != 1) {
3812 unixctl_command_reply(conn, 501, "invalid vlan");
3816 vlan = OFP_VLAN_NONE;
3819 if (sscanf(mac_s, ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))
3820 == ETH_ADDR_SCAN_COUNT) {
3821 hash = bond_hash_src(mac, vlan);
3823 hash_cstr = xasprintf("%u", hash);
3824 unixctl_command_reply(conn, 200, hash_cstr);
3827 unixctl_command_reply(conn, 501, "invalid mac");
3834 unixctl_command_register("bond/list", bond_unixctl_list, NULL);
3835 unixctl_command_register("bond/show", bond_unixctl_show, NULL);
3836 unixctl_command_register("bond/migrate", bond_unixctl_migrate, NULL);
3837 unixctl_command_register("bond/set-active-slave",
3838 bond_unixctl_set_active_slave, NULL);
3839 unixctl_command_register("bond/enable-slave", bond_unixctl_enable_slave,
3841 unixctl_command_register("bond/disable-slave", bond_unixctl_disable_slave,
3843 unixctl_command_register("bond/hash", bond_unixctl_hash, NULL);
3846 /* Port functions. */
3849 lacp_send_pdu_cb(void *aux, const struct lacp_pdu *pdu)
3851 struct iface *iface = aux;
3852 uint8_t ea[ETH_ADDR_LEN];
3855 error = netdev_get_etheraddr(iface->netdev, ea);
3857 struct ofpbuf packet;
3859 ofpbuf_init(&packet, ETH_HEADER_LEN + LACP_PDU_LEN);
3860 compose_lacp_packet(&packet, ea, pdu);
3861 iface_send_packet(iface, &packet);
3862 ofpbuf_uninit(&packet);
3864 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 10);
3865 VLOG_ERR_RL(&rl, "iface %s: failed to obtain Ethernet address "
3866 "(%s)", iface->name, strerror(error));
3871 port_run(struct port *port)
3875 if (port->monitor) {
3878 /* Track carrier going up and down on interfaces. */
3879 while (!netdev_monitor_poll(port->monitor, &devname)) {
3880 struct iface *iface;
3882 iface = port_lookup_iface(port, devname);
3884 iface_update_carrier(iface, netdev_get_carrier(iface->netdev));
3888 } else if (time_msec() >= port->miimon_next_update) {
3890 for (i = 0; i < port->n_ifaces; i++) {
3891 struct iface *iface = port->ifaces[i];
3892 iface_update_carrier(iface, netdev_get_miimon(iface->netdev));
3894 port->miimon_next_update = time_msec() + port->miimon_interval;
3898 for (i = 0; i < port->n_ifaces; i++) {
3899 struct iface *iface = port->ifaces[i];
3900 lacp_slave_enable(port->lacp, iface, iface->enabled);
3903 lacp_run(port->lacp, lacp_send_pdu_cb);
3908 for (i = 0; i < port->n_ifaces; i++) {
3909 struct iface *iface = port->ifaces[i];
3912 struct ofpbuf *packet = cfm_run(iface->cfm);
3914 iface_send_packet(iface, packet);
3915 ofpbuf_uninit(packet);
3923 port_wait(struct port *port)
3927 if (port->monitor) {
3928 netdev_monitor_poll_wait(port->monitor);
3930 poll_timer_wait_until(port->miimon_next_update);
3934 lacp_wait(port->lacp);
3939 for (i = 0; i < port->n_ifaces; i++) {
3940 struct iface *iface = port->ifaces[i];
3942 cfm_wait(iface->cfm);
3947 static struct port *
3948 port_create(struct bridge *br, const char *name)
3952 port = xzalloc(sizeof *port);
3954 port->port_idx = br->n_ports;
3956 port->trunks = NULL;
3957 port->name = xstrdup(name);
3958 port->active_iface = -1;
3960 if (br->n_ports >= br->allocated_ports) {
3961 br->ports = x2nrealloc(br->ports, &br->allocated_ports,
3964 br->ports[br->n_ports++] = port;
3965 shash_add_assert(&br->port_by_name, port->name, port);
3967 VLOG_INFO("created port %s on bridge %s", port->name, br->name);
3974 get_port_other_config(const struct ovsrec_port *port, const char *key,
3975 const char *default_value)
3979 value = get_ovsrec_key_value(&port->header_, &ovsrec_port_col_other_config,
3981 return value ? value : default_value;
3985 get_interface_other_config(const struct ovsrec_interface *iface,
3986 const char *key, const char *default_value)
3990 value = get_ovsrec_key_value(&iface->header_,
3991 &ovsrec_interface_col_other_config, key);
3992 return value ? value : default_value;
3996 port_del_ifaces(struct port *port, const struct ovsrec_port *cfg)
3998 struct shash new_ifaces;
4001 /* Collect list of new interfaces. */
4002 shash_init(&new_ifaces);
4003 for (i = 0; i < cfg->n_interfaces; i++) {
4004 const char *name = cfg->interfaces[i]->name;
4005 shash_add_once(&new_ifaces, name, NULL);
4008 /* Get rid of deleted interfaces. */
4009 for (i = 0; i < port->n_ifaces; ) {
4010 if (!shash_find(&new_ifaces, cfg->interfaces[i]->name)) {
4011 iface_destroy(port->ifaces[i]);
4017 shash_destroy(&new_ifaces);
4021 port_reconfigure(struct port *port, const struct ovsrec_port *cfg)
4023 const char *detect_mode;
4024 struct shash new_ifaces;
4025 long long int next_rebalance, miimon_next_update, lacp_priority;
4026 unsigned long *trunks;
4032 /* Update settings. */
4033 port->updelay = cfg->bond_updelay;
4034 if (port->updelay < 0) {
4037 port->downdelay = cfg->bond_downdelay;
4038 if (port->downdelay < 0) {
4039 port->downdelay = 0;
4041 port->bond_rebalance_interval = atoi(
4042 get_port_other_config(cfg, "bond-rebalance-interval", "10000"));
4043 if (port->bond_rebalance_interval < 1000) {
4044 port->bond_rebalance_interval = 1000;
4046 next_rebalance = time_msec() + port->bond_rebalance_interval;
4047 if (port->bond_next_rebalance > next_rebalance) {
4048 port->bond_next_rebalance = next_rebalance;
4051 detect_mode = get_port_other_config(cfg, "bond-detect-mode",
4054 netdev_monitor_destroy(port->monitor);
4055 port->monitor = NULL;
4057 if (strcmp(detect_mode, "miimon")) {
4058 port->monitor = netdev_monitor_create();
4060 if (strcmp(detect_mode, "carrier")) {
4061 VLOG_WARN("port %s: unsupported bond-detect-mode %s, "
4062 "defaulting to carrier", port->name, detect_mode);
4066 port->miimon_interval = atoi(
4067 get_port_other_config(cfg, "bond-miimon-interval", "200"));
4068 if (port->miimon_interval < 100) {
4069 port->miimon_interval = 100;
4071 miimon_next_update = time_msec() + port->miimon_interval;
4072 if (port->miimon_next_update > miimon_next_update) {
4073 port->miimon_next_update = miimon_next_update;
4076 if (!port->cfg->bond_mode ||
4077 !strcmp(port->cfg->bond_mode, bond_mode_to_string(BM_SLB))) {
4078 port->bond_mode = BM_SLB;
4079 } else if (!strcmp(port->cfg->bond_mode, bond_mode_to_string(BM_AB))) {
4080 port->bond_mode = BM_AB;
4081 } else if (!strcmp(port->cfg->bond_mode, bond_mode_to_string(BM_TCP))) {
4082 port->bond_mode = BM_TCP;
4084 port->bond_mode = BM_SLB;
4085 VLOG_WARN("port %s: unknown bond_mode %s, defaulting to %s",
4086 port->name, port->cfg->bond_mode,
4087 bond_mode_to_string(port->bond_mode));
4090 /* Add new interfaces and update 'cfg' member of existing ones. */
4091 shash_init(&new_ifaces);
4092 for (i = 0; i < cfg->n_interfaces; i++) {
4093 const struct ovsrec_interface *if_cfg = cfg->interfaces[i];
4094 struct iface *iface;
4096 if (!shash_add_once(&new_ifaces, if_cfg->name, NULL)) {
4097 VLOG_WARN("port %s: %s specified twice as port interface",
4098 port->name, if_cfg->name);
4099 iface_set_ofport(if_cfg, -1);
4103 iface = iface_lookup(port->bridge, if_cfg->name);
4105 if (iface->port != port) {
4106 VLOG_ERR("bridge %s: %s interface is on multiple ports, "
4108 port->bridge->name, if_cfg->name, iface->port->name);
4111 iface->cfg = if_cfg;
4113 iface = iface_create(port, if_cfg);
4116 /* Determine interface type. The local port always has type
4117 * "internal". Other ports take their type from the database and
4118 * default to "system" if none is specified. */
4119 iface->type = (!strcmp(if_cfg->name, port->bridge->name) ? "internal"
4120 : if_cfg->type[0] ? if_cfg->type
4124 atoi(get_interface_other_config(if_cfg, "lacp-port-priority",
4127 if (lacp_priority <= 0 || lacp_priority > UINT16_MAX) {
4128 iface->lacp_priority = UINT16_MAX;
4130 iface->lacp_priority = lacp_priority;
4133 shash_destroy(&new_ifaces);
4136 atoi(get_port_other_config(cfg, "lacp-system-priority", "0"));
4138 if (lacp_priority <= 0 || lacp_priority > UINT16_MAX) {
4139 /* Prefer bondable links if unspecified. */
4140 port->lacp_priority = port->n_ifaces > 1 ? UINT16_MAX - 1 : UINT16_MAX;
4142 port->lacp_priority = lacp_priority;
4145 if (!port->cfg->lacp) {
4146 /* XXX when LACP implementation has been sufficiently tested, enable by
4147 * default and make active on bonded ports. */
4148 lacp_destroy(port->lacp);
4150 } else if (!strcmp(port->cfg->lacp, "off")) {
4151 lacp_destroy(port->lacp);
4153 } else if (!strcmp(port->cfg->lacp, "active")) {
4155 port->lacp = lacp_create();
4157 port->lacp_active = true;
4158 } else if (!strcmp(port->cfg->lacp, "passive")) {
4160 port->lacp = lacp_create();
4162 port->lacp_active = false;
4164 VLOG_WARN("port %s: unknown LACP mode %s",
4165 port->name, port->cfg->lacp);
4166 lacp_destroy(port->lacp);
4173 if (port->n_ifaces < 2) {
4175 if (vlan >= 0 && vlan <= 4095) {
4176 VLOG_DBG("port %s: assigning VLAN tag %d", port->name, vlan);
4181 /* It's possible that bonded, VLAN-tagged ports make sense. Maybe
4182 * they even work as-is. But they have not been tested. */
4183 VLOG_WARN("port %s: VLAN tags not supported on bonded ports",
4187 if (port->vlan != vlan) {
4189 bridge_flush(port->bridge);
4192 /* Get trunked VLANs. */
4194 if (vlan < 0 && cfg->n_trunks) {
4197 trunks = bitmap_allocate(4096);
4199 for (i = 0; i < cfg->n_trunks; i++) {
4200 int trunk = cfg->trunks[i];
4202 bitmap_set1(trunks, trunk);
4208 VLOG_ERR("port %s: invalid values for %zu trunk VLANs",
4209 port->name, cfg->n_trunks);
4211 if (n_errors == cfg->n_trunks) {
4212 VLOG_ERR("port %s: no valid trunks, trunking all VLANs",
4214 bitmap_free(trunks);
4217 } else if (vlan >= 0 && cfg->n_trunks) {
4218 VLOG_ERR("port %s: ignoring trunks in favor of implicit vlan",
4222 ? port->trunks != NULL
4223 : port->trunks == NULL || !bitmap_equal(trunks, port->trunks, 4096)) {
4224 bridge_flush(port->bridge);
4226 bitmap_free(port->trunks);
4227 port->trunks = trunks;
4231 port_destroy(struct port *port)
4234 struct bridge *br = port->bridge;
4238 for (i = 0; i < MAX_MIRRORS; i++) {
4239 struct mirror *m = br->mirrors[i];
4240 if (m && m->out_port == port) {
4245 while (port->n_ifaces > 0) {
4246 iface_destroy(port->ifaces[port->n_ifaces - 1]);
4249 shash_find_and_delete_assert(&br->port_by_name, port->name);
4251 del = br->ports[port->port_idx] = br->ports[--br->n_ports];
4252 del->port_idx = port->port_idx;
4254 VLOG_INFO("destroyed port %s on bridge %s", port->name, br->name);
4256 netdev_monitor_destroy(port->monitor);
4258 bitmap_free(port->trunks);
4265 static struct port *
4266 port_from_dp_ifidx(const struct bridge *br, uint16_t dp_ifidx)
4268 struct iface *iface = iface_from_dp_ifidx(br, dp_ifidx);
4269 return iface ? iface->port : NULL;
4272 static struct port *
4273 port_lookup(const struct bridge *br, const char *name)
4275 return shash_find_data(&br->port_by_name, name);
4278 static struct iface *
4279 port_lookup_iface(const struct port *port, const char *name)
4281 struct iface *iface = iface_lookup(port->bridge, name);
4282 return iface && iface->port == port ? iface : NULL;
4286 port_update_lacp(struct port *port)
4291 lacp_configure(port->lacp, port->name,
4292 port->bridge->ea, port->lacp_priority,
4295 for (i = 0; i < port->n_ifaces; i++) {
4296 struct iface *iface = port->ifaces[i];
4297 lacp_slave_register(port->lacp, iface, iface->name,
4298 iface->dp_ifidx, iface->lacp_priority);
4304 port_update_bonding(struct port *port)
4306 if (port->n_ifaces < 2) {
4307 /* Not a bonded port. */
4308 free(port->bond_hash);
4309 port->bond_hash = NULL;
4310 port->bond_fake_iface = false;
4311 port->active_iface = -1;
4312 port->no_ifaces_tag = 0;
4316 if (port->bond_mode != BM_AB && !port->bond_hash) {
4317 port->bond_hash = xcalloc(BOND_MASK + 1, sizeof *port->bond_hash);
4318 for (i = 0; i <= BOND_MASK; i++) {
4319 struct bond_entry *e = &port->bond_hash[i];
4323 port->bond_next_rebalance
4324 = time_msec() + port->bond_rebalance_interval;
4325 } else if (port->bond_mode == BM_AB) {
4326 free(port->bond_hash);
4327 port->bond_hash = NULL;
4330 if (!port->no_ifaces_tag) {
4331 port->no_ifaces_tag = tag_create_random();
4334 if (port->active_iface < 0) {
4335 bond_choose_active_iface(port);
4338 port->bond_fake_iface = port->cfg->bond_fake_iface;
4339 if (port->bond_fake_iface) {
4340 port->bond_next_fake_iface_update = time_msec();
4346 /* Interface functions. */
4349 iface_send_packet(struct iface *iface, struct ofpbuf *packet)
4352 union ofp_action action;
4354 memset(&action, 0, sizeof action);
4355 action.output.type = htons(OFPAT_OUTPUT);
4356 action.output.len = htons(sizeof action);
4357 action.output.port = htons(odp_port_to_ofp_port(iface->dp_ifidx));
4359 flow_extract(packet, 0, ODPP_NONE, &flow);
4361 if (ofproto_send_packet(iface->port->bridge->ofproto, &flow, &action, 1,
4363 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
4364 VLOG_WARN_RL(&rl, "interface %s: Failed to send packet.", iface->name);
4368 static struct iface *
4369 iface_create(struct port *port, const struct ovsrec_interface *if_cfg)
4371 struct bridge *br = port->bridge;
4372 struct iface *iface;
4373 char *name = if_cfg->name;
4375 iface = xzalloc(sizeof *iface);
4377 iface->port_ifidx = port->n_ifaces;
4378 iface->name = xstrdup(name);
4379 iface->dp_ifidx = -1;
4380 iface->tag = tag_create_random();
4381 iface->delay_expires = LLONG_MAX;
4382 iface->netdev = NULL;
4383 iface->cfg = if_cfg;
4385 shash_add_assert(&br->iface_by_name, iface->name, iface);
4387 if (port->n_ifaces >= port->allocated_ifaces) {
4388 port->ifaces = x2nrealloc(port->ifaces, &port->allocated_ifaces,
4389 sizeof *port->ifaces);
4391 port->ifaces[port->n_ifaces++] = iface;
4392 if (port->n_ifaces > 1) {
4393 br->has_bonded_ports = true;
4396 VLOG_DBG("attached network device %s to port %s", iface->name, port->name);
4404 iface_destroy(struct iface *iface)
4407 struct port *port = iface->port;
4408 struct bridge *br = port->bridge;
4409 bool del_active = port->active_iface == iface->port_ifidx;
4412 if (iface->port->lacp) {
4413 lacp_slave_unregister(iface->port->lacp, iface);
4416 if (port->monitor && iface->netdev) {
4417 netdev_monitor_remove(port->monitor, iface->netdev);
4420 shash_find_and_delete_assert(&br->iface_by_name, iface->name);
4422 if (iface->dp_ifidx >= 0) {
4423 hmap_remove(&br->ifaces, &iface->dp_ifidx_node);
4426 del = port->ifaces[iface->port_ifidx] = port->ifaces[--port->n_ifaces];
4427 del->port_ifidx = iface->port_ifidx;
4429 netdev_close(iface->netdev);
4432 ofproto_revalidate(port->bridge->ofproto, port->active_iface_tag);
4433 bond_choose_active_iface(port);
4434 bond_send_learning_packets(port);
4437 cfm_destroy(iface->cfm);
4442 bridge_flush(port->bridge);
4446 static struct iface *
4447 iface_lookup(const struct bridge *br, const char *name)
4449 return shash_find_data(&br->iface_by_name, name);
4452 static struct iface *
4453 iface_find(const char *name)
4455 const struct bridge *br;
4457 LIST_FOR_EACH (br, node, &all_bridges) {
4458 struct iface *iface = iface_lookup(br, name);
4467 static struct iface *
4468 iface_from_dp_ifidx(const struct bridge *br, uint16_t dp_ifidx)
4470 struct iface *iface;
4472 HMAP_FOR_EACH_IN_BUCKET (iface, dp_ifidx_node,
4473 hash_int(dp_ifidx, 0), &br->ifaces) {
4474 if (iface->dp_ifidx == dp_ifidx) {
4481 /* Set Ethernet address of 'iface', if one is specified in the configuration
4484 iface_set_mac(struct iface *iface)
4486 uint8_t ea[ETH_ADDR_LEN];
4488 if (iface->cfg->mac && eth_addr_from_string(iface->cfg->mac, ea)) {
4489 if (eth_addr_is_multicast(ea)) {
4490 VLOG_ERR("interface %s: cannot set MAC to multicast address",
4492 } else if (iface->dp_ifidx == ODPP_LOCAL) {
4493 VLOG_ERR("ignoring iface.%s.mac; use bridge.%s.mac instead",
4494 iface->name, iface->name);
4496 int error = netdev_set_etheraddr(iface->netdev, ea);
4498 VLOG_ERR("interface %s: setting MAC failed (%s)",
4499 iface->name, strerror(error));
4505 /* Sets the ofport column of 'if_cfg' to 'ofport'. */
4507 iface_set_ofport(const struct ovsrec_interface *if_cfg, int64_t ofport)
4510 ovsrec_interface_set_ofport(if_cfg, &ofport, 1);
4514 /* Adds the 'n' key-value pairs in 'keys' in 'values' to 'shash'.
4516 * The value strings in '*shash' are taken directly from values[], not copied,
4517 * so the caller should not modify or free them. */
4519 shash_from_ovs_idl_map(char **keys, char **values, size_t n,
4520 struct shash *shash)
4525 for (i = 0; i < n; i++) {
4526 shash_add(shash, keys[i], values[i]);
4530 /* Creates 'keys' and 'values' arrays from 'shash'.
4532 * Sets 'keys' and 'values' to heap allocated arrays representing the key-value
4533 * pairs in 'shash'. The caller takes ownership of 'keys' and 'values'. They
4534 * are populated with with strings taken directly from 'shash' and thus have
4535 * the same ownership of the key-value pairs in shash.
4538 shash_to_ovs_idl_map(struct shash *shash,
4539 char ***keys, char ***values, size_t *n)
4543 struct shash_node *sn;
4545 count = shash_count(shash);
4547 k = xmalloc(count * sizeof *k);
4548 v = xmalloc(count * sizeof *v);
4551 SHASH_FOR_EACH(sn, shash) {
4562 struct iface_delete_queues_cbdata {
4563 struct netdev *netdev;
4564 const struct ovsdb_datum *queues;
4568 queue_ids_include(const struct ovsdb_datum *queues, int64_t target)
4570 union ovsdb_atom atom;
4572 atom.integer = target;
4573 return ovsdb_datum_find_key(queues, &atom, OVSDB_TYPE_INTEGER) != UINT_MAX;
4577 iface_delete_queues(unsigned int queue_id,
4578 const struct shash *details OVS_UNUSED, void *cbdata_)
4580 struct iface_delete_queues_cbdata *cbdata = cbdata_;
4582 if (!queue_ids_include(cbdata->queues, queue_id)) {
4583 netdev_delete_queue(cbdata->netdev, queue_id);
4588 iface_update_carrier(struct iface *iface, bool carrier)
4590 if (carrier == iface->up) {
4594 iface->up = carrier;
4595 if (iface->port->lacp) {
4596 lacp_slave_carrier_changed(iface->port->lacp, iface);
4601 iface_update_qos(struct iface *iface, const struct ovsrec_qos *qos)
4603 if (!qos || qos->type[0] == '\0') {
4604 netdev_set_qos(iface->netdev, NULL, NULL);
4606 struct iface_delete_queues_cbdata cbdata;
4607 struct shash details;
4610 /* Configure top-level Qos for 'iface'. */
4611 shash_from_ovs_idl_map(qos->key_other_config, qos->value_other_config,
4612 qos->n_other_config, &details);
4613 netdev_set_qos(iface->netdev, qos->type, &details);
4614 shash_destroy(&details);
4616 /* Deconfigure queues that were deleted. */
4617 cbdata.netdev = iface->netdev;
4618 cbdata.queues = ovsrec_qos_get_queues(qos, OVSDB_TYPE_INTEGER,
4620 netdev_dump_queues(iface->netdev, iface_delete_queues, &cbdata);
4622 /* Configure queues for 'iface'. */
4623 for (i = 0; i < qos->n_queues; i++) {
4624 const struct ovsrec_queue *queue = qos->value_queues[i];
4625 unsigned int queue_id = qos->key_queues[i];
4627 shash_from_ovs_idl_map(queue->key_other_config,
4628 queue->value_other_config,
4629 queue->n_other_config, &details);
4630 netdev_set_queue(iface->netdev, queue_id, &details);
4631 shash_destroy(&details);
4637 iface_update_cfm(struct iface *iface)
4641 uint16_t *remote_mps;
4642 struct ovsrec_monitor *mon;
4643 uint8_t ea[ETH_ADDR_LEN], maid[CCM_MAID_LEN];
4645 mon = iface->cfg->monitor;
4648 cfm_destroy(iface->cfm);
4653 if (netdev_get_etheraddr(iface->netdev, ea)) {
4654 VLOG_WARN("interface %s: Failed to get ethernet address. "
4655 "Skipping Monitor.", iface->name);
4659 if (!cfm_generate_maid(mon->md_name, mon->ma_name, maid)) {
4660 VLOG_WARN("interface %s: Failed to generate MAID.", iface->name);
4665 iface->cfm = cfm_create();
4669 cfm->mpid = mon->mpid;
4670 cfm->interval = mon->interval ? *mon->interval : 1000;
4672 memcpy(cfm->eth_src, ea, sizeof cfm->eth_src);
4673 memcpy(cfm->maid, maid, sizeof cfm->maid);
4675 remote_mps = xzalloc(mon->n_remote_mps * sizeof *remote_mps);
4676 for(i = 0; i < mon->n_remote_mps; i++) {
4677 remote_mps[i] = mon->remote_mps[i]->mpid;
4679 cfm_update_remote_mps(cfm, remote_mps, mon->n_remote_mps);
4682 if (!cfm_configure(iface->cfm)) {
4683 cfm_destroy(iface->cfm);
4688 /* Port mirroring. */
4690 static struct mirror *
4691 mirror_find_by_uuid(struct bridge *br, const struct uuid *uuid)
4695 for (i = 0; i < MAX_MIRRORS; i++) {
4696 struct mirror *m = br->mirrors[i];
4697 if (m && uuid_equals(uuid, &m->uuid)) {
4705 mirror_reconfigure(struct bridge *br)
4707 unsigned long *rspan_vlans;
4710 /* Get rid of deleted mirrors. */
4711 for (i = 0; i < MAX_MIRRORS; i++) {
4712 struct mirror *m = br->mirrors[i];
4714 const struct ovsdb_datum *mc;
4715 union ovsdb_atom atom;
4717 mc = ovsrec_bridge_get_mirrors(br->cfg, OVSDB_TYPE_UUID);
4718 atom.uuid = br->mirrors[i]->uuid;
4719 if (ovsdb_datum_find_key(mc, &atom, OVSDB_TYPE_UUID) == UINT_MAX) {
4725 /* Add new mirrors and reconfigure existing ones. */
4726 for (i = 0; i < br->cfg->n_mirrors; i++) {
4727 struct ovsrec_mirror *cfg = br->cfg->mirrors[i];
4728 struct mirror *m = mirror_find_by_uuid(br, &cfg->header_.uuid);
4730 mirror_reconfigure_one(m, cfg);
4732 mirror_create(br, cfg);
4736 /* Update port reserved status. */
4737 for (i = 0; i < br->n_ports; i++) {
4738 br->ports[i]->is_mirror_output_port = false;
4740 for (i = 0; i < MAX_MIRRORS; i++) {
4741 struct mirror *m = br->mirrors[i];
4742 if (m && m->out_port) {
4743 m->out_port->is_mirror_output_port = true;
4747 /* Update flooded vlans (for RSPAN). */
4749 if (br->cfg->n_flood_vlans) {
4750 rspan_vlans = bitmap_allocate(4096);
4752 for (i = 0; i < br->cfg->n_flood_vlans; i++) {
4753 int64_t vlan = br->cfg->flood_vlans[i];
4754 if (vlan >= 0 && vlan < 4096) {
4755 bitmap_set1(rspan_vlans, vlan);
4756 VLOG_INFO("bridge %s: disabling learning on vlan %"PRId64,
4759 VLOG_ERR("bridge %s: invalid value %"PRId64 "for flood VLAN",
4764 if (mac_learning_set_flood_vlans(br->ml, rspan_vlans)) {
4770 mirror_create(struct bridge *br, struct ovsrec_mirror *cfg)
4775 for (i = 0; ; i++) {
4776 if (i >= MAX_MIRRORS) {
4777 VLOG_WARN("bridge %s: maximum of %d port mirrors reached, "
4778 "cannot create %s", br->name, MAX_MIRRORS, cfg->name);
4781 if (!br->mirrors[i]) {
4786 VLOG_INFO("created port mirror %s on bridge %s", cfg->name, br->name);
4789 br->mirrors[i] = m = xzalloc(sizeof *m);
4792 m->name = xstrdup(cfg->name);
4793 shash_init(&m->src_ports);
4794 shash_init(&m->dst_ports);
4800 mirror_reconfigure_one(m, cfg);
4804 mirror_destroy(struct mirror *m)
4807 struct bridge *br = m->bridge;
4810 for (i = 0; i < br->n_ports; i++) {
4811 br->ports[i]->src_mirrors &= ~(MIRROR_MASK_C(1) << m->idx);
4812 br->ports[i]->dst_mirrors &= ~(MIRROR_MASK_C(1) << m->idx);
4815 shash_destroy(&m->src_ports);
4816 shash_destroy(&m->dst_ports);
4819 m->bridge->mirrors[m->idx] = NULL;
4828 mirror_collect_ports(struct mirror *m, struct ovsrec_port **ports, int n_ports,
4829 struct shash *names)
4833 for (i = 0; i < n_ports; i++) {
4834 const char *name = ports[i]->name;
4835 if (port_lookup(m->bridge, name)) {
4836 shash_add_once(names, name, NULL);
4838 VLOG_WARN("bridge %s: mirror %s cannot match on nonexistent "
4839 "port %s", m->bridge->name, m->name, name);
4845 mirror_collect_vlans(struct mirror *m, const struct ovsrec_mirror *cfg,
4851 *vlans = xmalloc(sizeof **vlans * cfg->n_select_vlan);
4853 for (i = 0; i < cfg->n_select_vlan; i++) {
4854 int64_t vlan = cfg->select_vlan[i];
4855 if (vlan < 0 || vlan > 4095) {
4856 VLOG_WARN("bridge %s: mirror %s selects invalid VLAN %"PRId64,
4857 m->bridge->name, m->name, vlan);
4859 (*vlans)[n_vlans++] = vlan;
4866 vlan_is_mirrored(const struct mirror *m, int vlan)
4870 for (i = 0; i < m->n_vlans; i++) {
4871 if (m->vlans[i] == vlan) {
4879 port_trunks_any_mirrored_vlan(const struct mirror *m, const struct port *p)
4883 for (i = 0; i < m->n_vlans; i++) {
4884 if (port_trunks_vlan(p, m->vlans[i])) {
4892 mirror_reconfigure_one(struct mirror *m, struct ovsrec_mirror *cfg)
4894 struct shash src_ports, dst_ports;
4895 mirror_mask_t mirror_bit;
4896 struct port *out_port;
4903 if (strcmp(cfg->name, m->name)) {
4905 m->name = xstrdup(cfg->name);
4908 /* Get output port. */
4909 if (cfg->output_port) {
4910 out_port = port_lookup(m->bridge, cfg->output_port->name);
4912 VLOG_ERR("bridge %s: mirror %s outputs to port not on bridge",
4913 m->bridge->name, m->name);
4919 if (cfg->output_vlan) {
4920 VLOG_ERR("bridge %s: mirror %s specifies both output port and "
4921 "output vlan; ignoring output vlan",
4922 m->bridge->name, m->name);
4924 } else if (cfg->output_vlan) {
4926 out_vlan = *cfg->output_vlan;
4928 VLOG_ERR("bridge %s: mirror %s does not specify output; ignoring",
4929 m->bridge->name, m->name);
4934 shash_init(&src_ports);
4935 shash_init(&dst_ports);
4936 if (cfg->select_all) {
4937 for (i = 0; i < m->bridge->n_ports; i++) {
4938 const char *name = m->bridge->ports[i]->name;
4939 shash_add_once(&src_ports, name, NULL);
4940 shash_add_once(&dst_ports, name, NULL);
4945 /* Get ports, and drop duplicates and ports that don't exist. */
4946 mirror_collect_ports(m, cfg->select_src_port, cfg->n_select_src_port,
4948 mirror_collect_ports(m, cfg->select_dst_port, cfg->n_select_dst_port,
4951 /* Get all the vlans, and drop duplicate and invalid vlans. */
4952 n_vlans = mirror_collect_vlans(m, cfg, &vlans);
4955 /* Update mirror data. */
4956 if (!shash_equal_keys(&m->src_ports, &src_ports)
4957 || !shash_equal_keys(&m->dst_ports, &dst_ports)
4958 || m->n_vlans != n_vlans
4959 || memcmp(m->vlans, vlans, sizeof *vlans * n_vlans)
4960 || m->out_port != out_port
4961 || m->out_vlan != out_vlan) {
4962 bridge_flush(m->bridge);
4964 shash_swap(&m->src_ports, &src_ports);
4965 shash_swap(&m->dst_ports, &dst_ports);
4968 m->n_vlans = n_vlans;
4969 m->out_port = out_port;
4970 m->out_vlan = out_vlan;
4973 mirror_bit = MIRROR_MASK_C(1) << m->idx;
4974 for (i = 0; i < m->bridge->n_ports; i++) {
4975 struct port *port = m->bridge->ports[i];
4977 if (shash_find(&m->src_ports, port->name)
4980 ? port_trunks_any_mirrored_vlan(m, port)
4981 : vlan_is_mirrored(m, port->vlan)))) {
4982 port->src_mirrors |= mirror_bit;
4984 port->src_mirrors &= ~mirror_bit;
4987 if (shash_find(&m->dst_ports, port->name)) {
4988 port->dst_mirrors |= mirror_bit;
4990 port->dst_mirrors &= ~mirror_bit;
4995 shash_destroy(&src_ports);
4996 shash_destroy(&dst_ports);
git://git.onelab.eu / sliver-openvswitch.git / blob