char *dp_desc; /* Datapath description. */
/* Datapath. */
- struct netdev_monitor *netdev_monitor;
struct hmap ports; /* Contains "struct ofport"s. */
struct shash port_by_name;
- /* Flow table. */
- struct classifier cls; /* Contains "struct rule"s. */
+ /* Flow tables. */
+ struct classifier *tables; /* Each classifier contains "struct rule"s. */
+ int n_tables;
/* OpenFlow connections. */
struct connmgr *connmgr;
+
+ /* Flow table operation tracking. */
+ int state; /* Internal state. */
+ struct list pending; /* List of "struct ofopgroup"s. */
+ struct hmap deletions; /* All OFOPERATION_DELETE "ofoperation"s. */
};
struct ofproto *ofproto_lookup(const char *name);
struct netdev *netdev;
struct ofp_phy_port opp;
uint16_t ofp_port; /* OpenFlow port number. */
+ unsigned int change_seq;
};
/* An OpenFlow flow within a "struct ofproto".
* should not modify them. */
struct rule {
struct ofproto *ofproto; /* The ofproto that contains this rule. */
+ struct list ofproto_node; /* Owned by ofproto base code. */
struct cls_rule cr; /* In owning ofproto's classifier. */
+ struct ofoperation *pending; /* Operation now in progress, if nonnull. */
+
ovs_be64 flow_cookie; /* Controller-issued identifier. */
long long int created; /* Creation time. */
uint16_t idle_timeout; /* In seconds from time of last use. */
uint16_t hard_timeout; /* In seconds from time of creation. */
+ uint8_t table_id; /* Index in ofproto's 'tables' array. */
bool send_flow_removed; /* Send a flow removed message? */
union ofp_action *actions; /* OpenFlow actions. */
void ofproto_rule_expire(struct rule *, uint8_t reason);
void ofproto_rule_destroy(struct rule *);
+void ofoperation_complete(struct ofoperation *, int status);
+struct rule *ofoperation_get_victim(struct ofoperation *);
+
/* ofproto class structure, to be defined by each ofproto implementation.
*
*
/* Life-cycle functions for an "ofproto" (see "Life Cycle" above).
*
- * ->construct() should not modify any base members of the ofproto, even
- * though it may be tempting in a few cases. In particular, the client
- * will initialize the ofproto's 'ports' member after construction is
- * complete. An ofproto's flow table should be initially empty, so
- * ->construct() should delete flows from the underlying datapath, if
- * necessary, rather than populating the ofproto's 'cls'.
+ *
+ * Construction
+ * ============
+ *
+ * ->construct() should not modify most base members of the ofproto. In
+ * particular, the client will initialize the ofproto's 'ports' member
+ * after construction is complete.
+ *
+ * ->construct() should initialize the base 'n_tables' member to the number
+ * of flow tables supported by the datapath (between 1 and 255, inclusive),
+ * initialize the base 'tables' member with space for one classifier per
+ * table, and initialize each classifier with classifier_init. Each flow
+ * table should be initially empty, so ->construct() should delete flows
+ * from the underlying datapath, if necessary, rather than populating the
+ * tables.
*
* Only one ofproto instance needs to be supported for any given datapath.
* If a datapath is already open as part of one "ofproto", then another
* allowed to fail with an error.
*
* ->construct() returns 0 if successful, otherwise a positive errno
- * value. */
+ * value.
+ *
+ *
+ * Destruction
+ * ===========
+ *
+ * ->destruct() must do at least the following:
+ *
+ * - If 'ofproto' has any pending asynchronous operations, ->destruct()
+ * must complete all of them by calling ofoperation_complete().
+ *
+ * - If 'ofproto' has any rules left in any of its flow tables, ->
+ */
struct ofproto *(*alloc)(void);
int (*construct)(struct ofproto *ofproto);
void (*destruct)(struct ofproto *ofproto);
* than to do it one by one. */
void (*flush)(struct ofproto *ofproto);
+ /* Helper for the OpenFlow OFPT_FEATURES_REQUEST request.
+ *
+ * The implementation should store true in '*arp_match_ip' if the switch
+ * supports matching IP addresses inside ARP requests and replies, false
+ * otherwise.
+ *
+ * The implementation should store in '*actions' a bitmap of the supported
+ * OpenFlow actions: the bit with value (1 << n) should be set to 1 if the
+ * implementation supports the action with value 'n', and to 0 otherwise.
+ * For example, if the implementation supports the OFPAT_OUTPUT and
+ * OFPAT_ENQUEUE actions, but no others, it would set '*actions' to (1 <<
+ * OFPAT_OUTPUT) | (1 << OFPAT_ENQUEUE). Vendor actions are not included
+ * in '*actions'. */
+ void (*get_features)(struct ofproto *ofproto,
+ bool *arp_match_ip, uint32_t *actions);
+
+ /* Helper for the OpenFlow OFPST_TABLE statistics request.
+ *
+ * The 'ots' array contains 'ofproto->n_tables' elements. Each element is
+ * initialized as:
+ *
+ * - 'table_id' to the array index.
+ *
+ * - 'name' to "table#" where # is the table ID.
+ *
+ * - 'wildcards' to OFPFW_ALL.
+ *
+ * - 'max_entries' to 1,000,000.
+ *
+ * - 'active_count' to the classifier_count() for the table.
+ *
+ * - 'lookup_count' and 'matched_count' to 0.
+ *
+ * The implementation should update any members in each element for which
+ * it has better values:
+ *
+ * - 'name' to a more meaningful name.
+ *
+ * - 'wildcards' to the set of wildcards actually supported by the table
+ * (if it doesn't support all OpenFlow wildcards).
+ *
+ * - 'max_entries' to the maximum number of flows actually supported by
+ * the hardware.
+ *
+ * - 'lookup_count' to the number of packets looked up in this flow table
+ * so far.
+ *
+ * - 'matched_count' to the number of packets looked up in this flow
+ * table so far that matched one of the flow entries.
+ *
+ * Keep in mind that all of the members of struct ofp_table_stats are in
+ * network byte order.
+ */
+ void (*get_tables)(struct ofproto *ofproto, struct ofp_table_stats *ots);
+
/* ## ---------------- ## */
/* ## ofport Functions ## */
/* ## ---------------- ## */
* convenient. */
int (*port_del)(struct ofproto *ofproto, uint16_t ofp_port);
- /* Attempts to begin dumping the ports in 'ofproto'. On success, returns 0
- * and initializes '*statep' with any data needed for iteration. On
- * failure, returns a positive errno value. */
+ /* Port iteration functions.
+ *
+ * The client might not be entirely in control of the ports within an
+ * ofproto. Some hardware implementations, for example, might have a fixed
+ * set of ports in a datapath, and the Linux datapath allows the system
+ * administrator to externally add and remove ports with ovs-dpctl. For
+ * this reason, the client needs a way to iterate through all the ports
+ * that are actually in a datapath. These functions provide that
+ * functionality.
+ *
+ * The 'state' pointer provides the implementation a place to
+ * keep track of its position. Its format is opaque to the caller.
+ *
+ * The ofproto provider retains ownership of the data that it stores into
+ * ->port_dump_next()'s 'port' argument. The data must remain valid until
+ * at least the next call to ->port_dump_next() or ->port_dump_done() for
+ * 'state'. The caller will not modify or free it.
+ *
+ * Details
+ * =======
+ *
+ * ->port_dump_start() attempts to begin dumping the ports in 'ofproto'.
+ * On success, it should return 0 and initialize '*statep' with any data
+ * needed for iteration. On failure, returns a positive errno value, and
+ * the client will not call ->port_dump_next() or ->port_dump_done().
+ *
+ * ->port_dump_next() attempts to retrieve another port from 'ofproto' for
+ * 'state'. If there is another port, it should store the port's
+ * information into 'port' and return 0. It should return EOF if all ports
+ * have already been iterated. Otherwise, on error, it should return a
+ * positive errno value. This function will not be called again once it
+ * returns nonzero once for a given iteration (but the 'port_dump_done'
+ * function will be called afterward).
+ *
+ * ->port_dump_done() allows the implementation to release resources used
+ * for iteration. The caller might decide to stop iteration in the middle
+ * by calling this function before ->port_dump_next() returns nonzero.
+ *
+ * Usage Example
+ * =============
+ *
+ * int error;
+ * void *state;
+ *
+ * error = ofproto->ofproto_class->port_dump_start(ofproto, &state);
+ * if (!error) {
+ * for (;;) {
+ * struct ofproto_port port;
+ *
+ * error = ofproto->ofproto_class->port_dump_next(
+ * ofproto, state, &port);
+ * if (error) {
+ * break;
+ * }
+ * // Do something with 'port' here (without modifying or freeing
+ * // any of its data).
+ * }
+ * ofproto->ofproto_class->port_dump_done(ofproto, state);
+ * }
+ * // 'error' is now EOF (success) or a positive errno value (failure).
+ */
int (*port_dump_start)(const struct ofproto *ofproto, void **statep);
-
- /* Attempts to retrieve another port from 'ofproto' for 'state', which was
- * initialized by a successful call to the 'port_dump_start' function for
- * 'ofproto'. On success, stores a new ofproto_port into 'port' and
- * returns 0. Returns EOF if the end of the port table has been reached,
- * or a positive errno value on error. This function will not be called
- * again once it returns nonzero once for a given iteration (but the
- * 'port_dump_done' function will be called afterward).
- *
- * The ofproto provider retains ownership of the data stored in 'port'. It
- * must remain valid until at least the next call to 'port_dump_next' or
- * 'port_dump_done' for 'state'. */
int (*port_dump_next)(const struct ofproto *ofproto, void *state,
struct ofproto_port *port);
-
- /* Releases resources from 'ofproto' for 'state', which was initialized by
- * a successful call to the 'port_dump_start' function for 'ofproto'. */
int (*port_dump_done)(const struct ofproto *ofproto, void *state);
/* Polls for changes in the set of ports in 'ofproto'. If the set of ports
/* ## OpenFlow Rule Functions ## */
/* ## ----------------------- ## */
+
+
+ /* Chooses an appropriate table for 'cls_rule' within 'ofproto'. On
+ * success, stores the table ID into '*table_idp' and returns 0. On
+ * failure, returns an OpenFlow error code (as returned by ofp_mkerr()).
+ *
+ * The choice of table should be a function of 'cls_rule' and 'ofproto''s
+ * datapath capabilities. It should not depend on the flows already in
+ * 'ofproto''s flow tables. Failure implies that an OpenFlow rule with
+ * 'cls_rule' as its matching condition can never be inserted into
+ * 'ofproto', even starting from an empty flow table.
+ *
+ * If multiple tables are candidates for inserting the flow, the function
+ * should choose one arbitrarily (but deterministically).
+ *
+ * This function will never be called for an ofproto that has only one
+ * table, so it may be NULL in that case. */
+ int (*rule_choose_table)(const struct ofproto *ofproto,
+ const struct cls_rule *cls_rule,
+ uint8_t *table_idp);
+
/* Life-cycle functions for a "struct rule" (see "Life Cycle" above).
*
- * ->rule_construct() should first check whether the rule is acceptable:
*
- * - Validate that the matching rule in 'rule->cr' is supported by the
- * datapath. If not, then return an OpenFlow error code (as returned
- * by ofp_mkerr()).
+ * Asynchronous Operation Support
+ * ==============================
+ *
+ * The life-cycle operations on rules can operate asynchronously, meaning
+ * that ->rule_construct() and ->rule_destruct() only need to initiate
+ * their respective operations and do not need to wait for them to complete
+ * before they return. ->rule_modify_actions() also operates
+ * asynchronously.
+ *
+ * An ofproto implementation reports the success or failure of an
+ * asynchronous operation on a rule using the rule's 'pending' member,
+ * which points to a opaque "struct ofoperation" that represents the
+ * ongoing opreation. When the operation completes, the ofproto
+ * implementation calls ofoperation_complete(), passing the ofoperation and
+ * an error indication.
+ *
+ * Only the following contexts may call ofoperation_complete():
+ *
+ * - The function called to initiate the operation,
+ * e.g. ->rule_construct() or ->rule_destruct(). This is the best
+ * choice if the operation completes quickly.
+ *
+ * - The implementation's ->run() function.
+ *
+ * - The implementation's ->destruct() function.
+ *
+ * The ofproto base code updates the flow table optimistically, assuming
+ * that the operation will probably succeed:
+ *
+ * - ofproto adds or replaces the rule in the flow table before calling
+ * ->rule_construct().
+ *
+ * - ofproto updates the rule's actions before calling
+ * ->rule_modify_actions().
+ *
+ * - ofproto removes the rule before calling ->rule_destruct().
+ *
+ * With one exception, when an asynchronous operation completes with an
+ * error, ofoperation_complete() backs out the already applied changes:
+ *
+ * - If adding or replacing a rule in the flow table fails, ofproto
+ * removes the new rule or restores the original rule.
+ *
+ * - If modifying a rule's actions fails, ofproto restores the original
+ * actions.
+ *
+ * - Removing a rule is not allowed to fail. It must always succeed.
+ *
+ * The ofproto base code serializes operations: if any operation is in
+ * progress on a given rule, ofproto postpones initiating any new operation
+ * on that rule until the pending operation completes. Therefore, every
+ * operation must eventually complete through a call to
+ * ofoperation_complete() to avoid delaying new operations indefinitely
+ * (including any OpenFlow request that affects the rule in question, even
+ * just to query its statistics).
+ *
+ *
+ * Construction
+ * ============
+ *
+ * When ->rule_construct() is called, the caller has already inserted
+ * 'rule' into 'rule->ofproto''s flow table numbered 'rule->table_id'.
+ * There are two cases:
*
- * For example, if the datapath does not support registers, then it
- * should return an error if 'rule->cr' does not wildcard all
+ * - 'rule' is a new rule in its flow table. In this case,
+ * ofoperation_get_victim(rule) returns NULL.
+ *
+ * - 'rule' is replacing an existing rule in its flow table that had the
+ * same matching criteria and priority. In this case,
+ * ofoperation_get_victim(rule) returns the rule being replaced.
+ *
+ * ->rule_construct() should set the following in motion:
+ *
+ * - Validate that the matching rule in 'rule->cr' is supported by the
+ * datapath. For example, if the rule's table does not support
+ * registers, then it is an error if 'rule->cr' does not wildcard all
* registers.
*
* - Validate that 'rule->actions' and 'rule->n_actions' are well-formed
- * OpenFlow actions that can be correctly implemented by the datapath.
- * If not, then return an OpenFlow error code (as returned by
- * ofp_mkerr()).
- *
- * The validate_actions() function (in ofp-util.c) can be useful as a
- * model for action validation, but it accepts all of the OpenFlow
- * actions that OVS understands. If your ofproto implementation only
+ * OpenFlow actions that the datapath can correctly implement. The
+ * validate_actions() function (in ofp-util.c) can be useful as a model
+ * for action validation, but it accepts all of the OpenFlow actions
+ * that OVS understands. If your ofproto implementation only
* implements a subset of those, then you should implement your own
* action validation.
*
- * If the rule is acceptable, then ->rule_construct() should modify the
- * flow table:
+ * - If the rule is valid, update the datapath flow table, adding the new
+ * rule or replacing the existing one.
*
- * - If there was already a rule with exactly the same matching criteria
- * and priority in the classifier, then it should destroy it (with
- * ofproto_rule_destroy()).
+ * (On failure, the ofproto code will roll back the insertion from the flow
+ * table, either removing 'rule' or replacing it by the flow that was
+ * originally in its place.)
*
- * To the greatest extent possible, the old rule should be destroyed
- * only if inserting the new rule succeeds; that is, ->rule_construct()
- * should be transactional.
+ * ->rule_construct() must act in one of the following ways:
*
- * The function classifier_find_rule_exactly() can locate such a rule.
+ * - If it succeeds, it must call ofoperation_complete() and return 0.
*
- * - Insert the new rule into the ofproto's 'cls' classifier, and into
- * the datapath flow table.
+ * - If it fails, it must act in one of the following ways:
*
- * The function classifier_insert() inserts a rule into the classifier.
+ * * Call ofoperation_complete() and return 0.
*
- * Other than inserting 'rule->cr' into the classifier, ->rule_construct()
- * should not modify any base members of struct rule.
+ * * Return an OpenFlow error code (as returned by ofp_mkerr()). (Do
+ * not call ofoperation_complete() in this case.)
*
- * ->rule_destruct() should remove 'rule' from the ofproto's 'cls'
- * classifier (e.g. with classifier_remove()) and from the datapath flow
- * table. */
+ * In the former case, ->rule_destruct() will be called; in the latter
+ * case, it will not. ->rule_dealloc() will be called in either case.
+ *
+ * - If the operation is only partially complete, then it must return 0.
+ * Later, when the operation is complete, the ->run() or ->destruct()
+ * function must call ofoperation_complete() to report success or
+ * failure.
+ *
+ * ->rule_construct() should not modify any base members of struct rule.
+ *
+ *
+ * Destruction
+ * ===========
+ *
+ * When ->rule_destruct() is called, the caller has already removed 'rule'
+ * from 'rule->ofproto''s flow table. ->rule_destruct() should set in
+ * motion removing 'rule' from the datapath flow table. If removal
+ * completes synchronously, it should call ofoperation_complete().
+ * Otherwise, the ->run() or ->destruct() function must later call
+ * ofoperation_complete() after the operation completes.
+ *
+ * Rule destruction must not fail. */
struct rule *(*rule_alloc)(void);
int (*rule_construct)(struct rule *rule);
void (*rule_destruct)(struct rule *rule);
/* Obtains statistics for 'rule', storing the number of packets that have
* matched it in '*packet_count' and the number of bytes in those packets
- * in '*byte_count'. */
+ * in '*byte_count'. UINT64_MAX indicates that the packet count or byte
+ * count is unknown. */
void (*rule_get_stats)(struct rule *rule, uint64_t *packet_count,
uint64_t *byte_count);
int (*rule_execute)(struct rule *rule, struct flow *flow,
struct ofpbuf *packet);
- /* Validates that the 'n' elements in 'actions' are well-formed OpenFlow
- * actions that can be correctly implemented by the datapath. If not, then
- * return an OpenFlow error code (as returned by ofp_mkerr()). If so,
- * then update the datapath to implement the new actions and return 0.
+ /* When ->rule_modify_actions() is called, the caller has already replaced
+ * the OpenFlow actions in 'rule' by a new set. (The original actions are
+ * in rule->pending->actions.)
+ *
+ * ->rule_modify_actions() should set the following in motion:
+ *
+ * - Validate that the actions now in 'rule' are well-formed OpenFlow
+ * actions that the datapath can correctly implement.
+ *
+ * - Update the datapath flow table with the new actions.
*
- * When this function runs, 'rule' still has its original actions. If this
- * function returns 0, then the caller will update 'rule' with the new
- * actions and free the old ones. */
- int (*rule_modify_actions)(struct rule *rule,
- const union ofp_action *actions, size_t n);
+ * If the operation synchronously completes, ->rule_modify_actions() may
+ * call ofoperation_complete() before it returns. Otherwise, ->run()
+ * should call ofoperation_complete() later, after the operation does
+ * complete.
+ *
+ * If the operation fails, then the base ofproto code will restore the
+ * original 'actions' and 'n_actions' of 'rule'.
+ *
+ * ->rule_modify_actions() should not modify any base members of struct
+ * rule. */
+ void (*rule_modify_actions)(struct rule *rule);
/* These functions implement the OpenFlow IP fragment handling policy. By
* default ('drop_frags' == false), an OpenFlow switch should treat IP
* 'netflow_options', or turns off NetFlow if 'netflow_options' is NULL.
*
* EOPNOTSUPP as a return value indicates that 'ofproto' does not support
- * sFlow, as does a null pointer. */
+ * NetFlow, as does a null pointer. */
int (*set_netflow)(struct ofproto *ofproto,
const struct netflow_options *netflow_options);
/* Configures connectivity fault management on 'ofport'.
*
- * If 'cfm' is nonnull, takes basic configuration from the configuration
- * members in 'cfm', and the set of remote maintenance points from the
- * 'n_remote_mps' elements in 'remote_mps'. Ignores the statistics members
- * of 'cfm'.
+ * If 'cfm_settings' is nonnull, configures CFM according to its members.
*
- * If 'cfm' is null, removes any connectivity fault management
+ * If 'cfm_settings' is null, removes any connectivity fault management
* configuration from 'ofport'.
*
* EOPNOTSUPP as a return value indicates that this ofproto_class does not
* support CFM, as does a null pointer. */
- int (*set_cfm)(struct ofport *ofport, const struct cfm *cfm,
- const uint16_t *remote_mps, size_t n_remote_mps);
+ int (*set_cfm)(struct ofport *ofport, const struct cfm_settings *s);
- /* Stores the connectivity fault management object associated with 'ofport'
- * in '*cfmp'. Stores a null pointer in '*cfmp' if CFM is not configured
- * on 'ofport'. The caller must not modify or destroy the returned object.
+ /* Checks the fault status of CFM configured on 'ofport'. Returns 1 if CFM
+ * is faulted (generally indicating a connectivity problem), 0 if CFM is
+ * not faulted, or -1 if CFM is not enabled on 'port'
*
- * This function may be NULL if this ofproto_class does not support CFM. */
- int (*get_cfm)(struct ofport *ofport, const struct cfm **cfmp);
+ * This function may be a null pointer if the ofproto implementation does
+ * not support CFM. */
+ int (*get_cfm_fault)(const struct ofport *ofport);
/* If 's' is nonnull, this function registers a "bundle" associated with
* client data pointer 'aux' in 'ofproto'. A bundle is the same concept as
void ofproto_add_flow(struct ofproto *, const struct cls_rule *,
const union ofp_action *, size_t n_actions);
-void ofproto_delete_flow(struct ofproto *, const struct cls_rule *);
+bool ofproto_delete_flow(struct ofproto *, const struct cls_rule *);
void ofproto_flush_flows(struct ofproto *);
#endif /* ofproto/private.h */