/*
- * Distributed under the terms of the GNU GPL version 2.
- * Copyright (c) 2008, 2009 Nicira Networks
+ * Copyright (c) 2008, 2009, 2010 Nicira Networks
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
#ifndef OPENFLOW_NICIRA_EXT_H
* pairs in the form "key=value\n". */
NXT_STATUS_REPLY,
- /* Configure an action. Most actions do not require configuration
- * beyond that supplied in the actual action call. */
- NXT_ACT_SET_CONFIG,
-
- /* Get configuration of action. */
- NXT_ACT_GET_CONFIG,
-
- /* Remote command execution. The request body is a sequence of strings
- * delimited by null bytes. The first string is a command name.
- * Subsequent strings are command arguments. */
- NXT_COMMAND_REQUEST,
-
- /* Remote command execution reply, sent when the command's execution
- * completes. The reply body is struct nx_command_reply. */
- NXT_COMMAND_REPLY,
-
/* No longer used. */
+ NXT_ACT_SET_CONFIG__OBSOLETE,
+ NXT_ACT_GET_CONFIG__OBSOLETE,
+ NXT_COMMAND_REQUEST__OBSOLETE,
+ NXT_COMMAND_REPLY__OBSOLETE,
NXT_FLOW_END_CONFIG__OBSOLETE,
-
- /* No longer used. */
NXT_FLOW_END__OBSOLETE,
+ NXT_MGMT__OBSOLETE,
- /* Management protocol. See "openflow-mgmt.h". */
- NXT_MGMT,
+ /* Use the high 32 bits of the cookie field as the tunnel ID in the flow
+ * match. */
+ NXT_TUN_ID_FROM_COOKIE,
+
+ /* Controller role support. The request body is struct nx_role_request.
+ * The reply echos the request. */
+ NXT_ROLE_REQUEST,
+ NXT_ROLE_REPLY
};
struct nicira_header {
uint32_t vendor; /* NX_VENDOR_ID. */
uint32_t subtype; /* One of NXT_* above. */
};
-OFP_ASSERT(sizeof(struct nicira_header) == sizeof(struct ofp_vendor_header) + 4);
+OFP_ASSERT(sizeof(struct nicira_header) == 16);
+struct nxt_tun_id_cookie {
+ struct ofp_header header;
+ uint32_t vendor; /* NX_VENDOR_ID. */
+ uint32_t subtype; /* NXT_TUN_ID_FROM_COOKIE */
+ uint8_t set; /* Nonzero to enable, zero to disable. */
+ uint8_t pad[7];
+};
+OFP_ASSERT(sizeof(struct nxt_tun_id_cookie) == 24);
+
+/* Configures the "role" of the sending controller. The default role is:
+ *
+ * - Other (NX_ROLE_OTHER), which allows the controller access to all
+ * OpenFlow features.
+ *
+ * The other possible roles are a related pair:
+ *
+ * - Master (NX_ROLE_MASTER) is equivalent to Other, except that there may
+ * be at most one Master controller at a time: when a controller
+ * configures itself as Master, any existing Master is demoted to the
+ * Slave role.
+ *
+ * - Slave (NX_ROLE_SLAVE) allows the controller read-only access to
+ * OpenFlow features. In particular attempts to modify the flow table
+ * will be rejected with an OFPBRC_EPERM error.
+ *
+ * Slave controllers also do not receive asynchronous messages
+ * (OFPT_PACKET_IN, OFPT_FLOW_REMOVED, OFPT_PORT_STATUS).
+ */
+struct nx_role_request {
+ struct nicira_header nxh;
+ uint32_t role; /* One of NX_ROLE_*. */
+};
+
+enum nx_role {
+ NX_ROLE_OTHER, /* Default role, full access. */
+ NX_ROLE_MASTER, /* Full access, at most one. */
+ NX_ROLE_SLAVE /* Read-only access. */
+};
enum nx_action_subtype {
NXAST_SNAT__OBSOLETE, /* No longer used. */
- NXAST_RESUBMIT /* Throw against flow table again. */
+
+ /* Searches the flow table again, using a flow that is slightly modified
+ * from the original lookup:
+ *
+ * - The 'in_port' member of struct nx_action_resubmit is used as the
+ * flow's in_port.
+ *
+ * - If NXAST_RESUBMIT is preceded by actions that affect the flow
+ * (e.g. OFPAT_SET_VLAN_VID), then the flow is updated with the new
+ * values.
+ *
+ * Following the lookup, the original in_port is restored.
+ *
+ * If the modified flow matched in the flow table, then the corresponding
+ * actions are executed. Afterward, actions following NXAST_RESUBMIT in
+ * the original set of actions, if any, are executed; any changes made to
+ * the packet (e.g. changes to VLAN) by secondary actions persist when
+ * those actions are executed, although the original in_port is restored.
+ *
+ * NXAST_RESUBMIT may be used any number of times within a set of actions.
+ *
+ * NXAST_RESUBMIT may nest to an implementation-defined depth. Beyond this
+ * implementation-defined depth, further NXAST_RESUBMIT actions are simply
+ * ignored. (Open vSwitch 1.0.1 and earlier did not support recursion.)
+ */
+ NXAST_RESUBMIT,
+
+ /* Set encapsulating tunnel ID. */
+ NXAST_SET_TUNNEL,
+
+ /* Stops processing further actions, if the packet being processed is an
+ * Ethernet+IPv4 ARP packet for which the source Ethernet address inside
+ * the ARP packet differs from the source Ethernet address in the Ethernet
+ * header.
+ *
+ * This is useful because OpenFlow does not provide a way to match on the
+ * Ethernet addresses inside ARP packets, so there is no other way to drop
+ * spoofed ARPs other than sending every packet up to the controller. */
+ NXAST_DROP_SPOOFED_ARP
};
/* Action structure for NXAST_RESUBMIT. */
struct nx_action_resubmit {
uint16_t type; /* OFPAT_VENDOR. */
- uint16_t len; /* Length is 8. */
+ uint16_t len; /* Length is 16. */
uint32_t vendor; /* NX_VENDOR_ID. */
uint16_t subtype; /* NXAST_RESUBMIT. */
uint16_t in_port; /* New in_port for checking flow table. */
};
OFP_ASSERT(sizeof(struct nx_action_resubmit) == 16);
+/* Action structure for NXAST_SET_TUNNEL. */
+struct nx_action_set_tunnel {
+ uint16_t type; /* OFPAT_VENDOR. */
+ uint16_t len; /* Length is 16. */
+ uint32_t vendor; /* NX_VENDOR_ID. */
+ uint16_t subtype; /* NXAST_SET_TUNNEL. */
+ uint8_t pad[2];
+ uint32_t tun_id; /* Tunnel ID. */
+};
+OFP_ASSERT(sizeof(struct nx_action_set_tunnel) == 16);
+
/* Header for Nicira-defined actions. */
struct nx_action_header {
uint16_t type; /* OFPAT_VENDOR. */
- uint16_t len; /* Length is 8. */
+ uint16_t len; /* Length is 16. */
uint32_t vendor; /* NX_VENDOR_ID. */
uint16_t subtype; /* NXAST_*. */
uint8_t pad[6];
};
OFP_ASSERT(sizeof(struct nx_action_header) == 16);
-/* Status bits for NXT_COMMAND_REPLY. */
-enum {
- NXT_STATUS_EXITED = 1 << 31, /* Exited normally. */
- NXT_STATUS_SIGNALED = 1 << 30, /* Exited due to signal. */
- NXT_STATUS_UNKNOWN = 1 << 29, /* Exited for unknown reason. */
- NXT_STATUS_COREDUMP = 1 << 28, /* Exited with core dump. */
- NXT_STATUS_ERROR = 1 << 27, /* Command could not be executed. */
- NXT_STATUS_STARTED = 1 << 26, /* Command was started. */
- NXT_STATUS_EXITSTATUS = 0xff, /* Exit code mask if NXT_STATUS_EXITED. */
- NXT_STATUS_TERMSIG = 0xff, /* Signal number if NXT_STATUS_SIGNALED. */
-};
+/* Wildcard for tunnel ID. */
+#define NXFW_TUN_ID (1 << 25)
-/* NXT_COMMAND_REPLY. */
-struct nx_command_reply {
- struct nicira_header nxh;
- uint32_t status; /* Status bits defined above. */
- /* Followed by any number of bytes of process output. */
-};
-OFP_ASSERT(sizeof(struct nx_command_reply) == 20);
+#define NXFW_ALL NXFW_TUN_ID
+#define OVSFW_ALL (OFPFW_ALL | NXFW_ALL)
#endif /* openflow/nicira-ext.h */
git://git.onelab.eu / sliver-openvswitch.git / blobdiff