#include "shash.h"
#include "socket-util.h"
#include "stream-ssl.h"
+#include "sset.h"
#include "svec.h"
#include "system-stats.h"
#include "timeval.h"
struct uuid uuid; /* UUID of this "mirror" record in database. */
/* Selection criteria. */
- struct shash src_ports; /* Name is port name; data is always NULL. */
- struct shash dst_ports; /* Name is port name; data is always NULL. */
+ struct sset src_ports; /* Source port names. */
+ struct sset dst_ports; /* Destination port names. */
int *vlans;
size_t n_vlans;
/* Port mirroring. */
struct mirror *mirrors[MAX_MIRRORS];
+
+ /* Synthetic local port if necessary. */
+ struct ovsrec_port synth_local_port;
+ struct ovsrec_interface synth_local_iface;
+ struct ovsrec_interface *synth_local_ifacep;
};
/* List of all bridges. */
static bool iface_refresh_cfm_stats(struct iface *iface);
static void iface_update_carrier(struct iface *);
static bool iface_get_carrier(const struct iface *);
+static bool iface_is_synthetic(const struct iface *);
static void shash_from_ovs_idl_map(char **keys, char **values, size_t n,
struct shash *);
ovsdb_idl_omit_alert(idl, &ovsrec_open_vswitch_col_cur_cfg);
ovsdb_idl_omit_alert(idl, &ovsrec_open_vswitch_col_statistics);
ovsdb_idl_omit(idl, &ovsrec_open_vswitch_col_external_ids);
+ ovsdb_idl_omit(idl, &ovsrec_open_vswitch_col_ovs_version);
+ ovsdb_idl_omit(idl, &ovsrec_open_vswitch_col_db_version);
+ ovsdb_idl_omit(idl, &ovsrec_open_vswitch_col_system_type);
+ ovsdb_idl_omit(idl, &ovsrec_open_vswitch_col_system_version);
+ ovsdb_idl_omit_alert(idl, &ovsrec_bridge_col_datapath_id);
ovsdb_idl_omit(idl, &ovsrec_bridge_col_external_ids);
ovsdb_idl_omit(idl, &ovsrec_port_col_external_ids);
ovsdb_idl_omit(idl, &ovsrec_port_col_fake_bridge);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_admin_state);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_duplex);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_link_speed);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_link_state);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_mtu);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_ofport);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_statistics);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_status);
ovsdb_idl_omit(idl, &ovsrec_interface_col_external_ids);
+ ovsdb_idl_omit_alert(idl, &ovsrec_controller_col_is_connected);
+ ovsdb_idl_omit_alert(idl, &ovsrec_controller_col_role);
+ ovsdb_idl_omit_alert(idl, &ovsrec_controller_col_status);
+ ovsdb_idl_omit(idl, &ovsrec_controller_col_external_ids);
+
+ ovsdb_idl_omit_alert(idl, &ovsrec_maintenance_point_col_fault);
+
+ ovsdb_idl_omit_alert(idl, &ovsrec_monitor_col_fault);
+
+ ovsdb_idl_omit(idl, &ovsrec_qos_col_external_ids);
+
+ ovsdb_idl_omit(idl, &ovsrec_queue_col_external_ids);
+
+ ovsdb_idl_omit(idl, &ovsrec_mirror_col_external_ids);
+
+ ovsdb_idl_omit(idl, &ovsrec_netflow_col_external_ids);
+
+ ovsdb_idl_omit(idl, &ovsrec_sflow_col_external_ids);
+
+ ovsdb_idl_omit(idl, &ovsrec_manager_col_external_ids);
+ ovsdb_idl_omit(idl, &ovsrec_manager_col_inactivity_probe);
+ ovsdb_idl_omit(idl, &ovsrec_manager_col_is_connected);
+ ovsdb_idl_omit(idl, &ovsrec_manager_col_max_backoff);
+ ovsdb_idl_omit(idl, &ovsrec_manager_col_status);
+
+ ovsdb_idl_omit(idl, &ovsrec_ssl_col_external_ids);
+
/* Register unixctl commands. */
unixctl_command_register("fdb/show", bridge_unixctl_fdb_show, NULL);
unixctl_command_register("cfm/show", cfm_unixctl_show, NULL);
bridge_configure_once(const struct ovsrec_open_vswitch *cfg)
{
static bool already_configured_once;
- struct svec bridge_names;
- struct svec dpif_names, dpif_types;
+ struct sset bridge_names;
+ struct sset dpif_names, dpif_types;
+ const char *type;
size_t i;
/* Only do this once per ovs-vswitchd run. */
stats_timer = time_msec() + STATS_INTERVAL;
/* Get all the configured bridges' names from 'cfg' into 'bridge_names'. */
- svec_init(&bridge_names);
+ sset_init(&bridge_names);
for (i = 0; i < cfg->n_bridges; i++) {
- svec_add(&bridge_names, cfg->bridges[i]->name);
+ sset_add(&bridge_names, cfg->bridges[i]->name);
}
- svec_sort(&bridge_names);
/* Iterate over all system dpifs and delete any of them that do not appear
* in 'cfg'. */
- svec_init(&dpif_names);
- svec_init(&dpif_types);
+ sset_init(&dpif_names);
+ sset_init(&dpif_types);
dp_enumerate_types(&dpif_types);
- for (i = 0; i < dpif_types.n; i++) {
- size_t j;
+ SSET_FOR_EACH (type, &dpif_types) {
+ const char *name;
- dp_enumerate_names(dpif_types.names[i], &dpif_names);
+ dp_enumerate_names(type, &dpif_names);
/* Delete each dpif whose name is not in 'bridge_names'. */
- for (j = 0; j < dpif_names.n; j++) {
- if (!svec_contains(&bridge_names, dpif_names.names[j])) {
+ SSET_FOR_EACH (name, &dpif_names) {
+ if (!sset_contains(&bridge_names, name)) {
struct dpif *dpif;
int retval;
- retval = dpif_open(dpif_names.names[j], dpif_types.names[i],
- &dpif);
+ retval = dpif_open(name, type, &dpif);
if (!retval) {
dpif_delete(dpif);
dpif_close(dpif);
}
}
}
- svec_destroy(&bridge_names);
- svec_destroy(&dpif_names);
- svec_destroy(&dpif_types);
+ sset_destroy(&bridge_names);
+ sset_destroy(&dpif_names);
+ sset_destroy(&dpif_types);
}
/* Callback for iterate_and_prune_ifaces(). */
/* Set MAC address of internal interfaces other than the local
* interface. */
- if (iface->dp_ifidx != ODPP_LOCAL && !strcmp(iface->type, "internal")) {
- iface_set_mac(iface);
- }
+ iface_set_mac(iface);
return true;
}
{
struct sockaddr_in *managers = NULL;
size_t n_managers = 0;
- struct shash targets;
+ struct sset targets;
size_t i;
/* Collect all of the potential targets from the "targets" columns of the
* rows pointed to by "manager_options", excluding any that are
* out-of-band. */
- shash_init(&targets);
+ sset_init(&targets);
for (i = 0; i < ovs_cfg->n_manager_options; i++) {
struct ovsrec_manager *m = ovs_cfg->manager_options[i];
if (m->connection_mode && !strcmp(m->connection_mode, "out-of-band")) {
- shash_find_and_delete(&targets, m->target);
+ sset_find_and_delete(&targets, m->target);
} else {
- shash_add_once(&targets, m->target, NULL);
+ sset_add(&targets, m->target);
}
}
/* Now extract the targets' IP addresses. */
- if (!shash_is_empty(&targets)) {
- struct shash_node *node;
+ if (!sset_is_empty(&targets)) {
+ const char *target;
- managers = xmalloc(shash_count(&targets) * sizeof *managers);
- SHASH_FOR_EACH (node, &targets) {
- const char *target = node->name;
+ managers = xmalloc(sset_count(&targets) * sizeof *managers);
+ SSET_FOR_EACH (target, &targets) {
struct sockaddr_in *sin = &managers[n_managers];
if ((!strncmp(target, "tcp:", 4)
}
}
}
- shash_destroy(&targets);
+ sset_destroy(&targets);
*managersp = managers;
*n_managersp = n_managers;
}
}
- opts.collectors.n = nf_cfg->n_targets;
- opts.collectors.names = nf_cfg->targets;
+ sset_init(&opts.collectors);
+ sset_add_array(&opts.collectors,
+ nf_cfg->targets, nf_cfg->n_targets);
if (ofproto_set_netflow(br->ofproto, &opts)) {
VLOG_ERR("bridge %s: problem setting netflow collectors",
br->name);
}
+ sset_destroy(&opts.collectors);
} else {
ofproto_set_netflow(br->ofproto, NULL);
}
memset(&oso, 0, sizeof oso);
- oso.targets.n = sflow_cfg->n_targets;
- oso.targets.names = sflow_cfg->targets;
+ sset_init(&oso.targets);
+ sset_add_array(&oso.targets,
+ sflow_cfg->targets, sflow_cfg->n_targets);
oso.sampling_rate = SFL_DEFAULT_SAMPLING_RATE;
if (sflow_cfg->sampling) {
}
ofproto_set_sflow(br->ofproto, &oso);
- /* Do not destroy oso.targets because it is owned by sflow_cfg. */
+ sset_destroy(&oso.targets);
} else {
ofproto_set_sflow(br->ofproto, NULL);
}
iterate_and_prune_ifaces(br, set_iface_properties, NULL);
}
+ /* Some reconfiguration operations require the bridge to have been run at
+ * least once. */
LIST_FOR_EACH (br, node, &all_bridges) {
struct iface *iface;
+
+ bridge_run_one(br);
+
HMAP_FOR_EACH (iface, dp_ifidx_node, &br->ifaces) {
iface_update_cfm(iface);
}
int64_t mtu_64;
int error;
+ if (iface_is_synthetic(iface)) {
+ return;
+ }
+
shash_init(&sh);
if (!netdev_get_status(iface->netdev, &sh)) {
struct netdev_stats stats;
+ if (iface_is_synthetic(iface)) {
+ return;
+ }
+
/* Intentionally ignore return value, since errors will set 'stats' to
* all-1s, and we will deal with that correctly below. */
netdev_get_stats(iface->netdev, &stats);
if (br) {
struct port *port, *next;
int error;
+ int i;
HMAP_FOR_EACH_SAFE (port, next, hmap_node, &br->ports) {
port_destroy(port);
}
+ for (i = 0; i < MAX_MIRRORS; i++) {
+ mirror_destroy(br->mirrors[i]);
+ }
list_remove(&br->node);
+ ofproto_destroy(br->ofproto);
error = dpif_delete(br->dpif);
if (error && error != ENOENT) {
VLOG_ERR("failed to delete %s: %s",
dpif_name(br->dpif), strerror(error));
}
dpif_close(br->dpif);
- ofproto_destroy(br->ofproto);
mac_learning_destroy(br->ml);
hmap_destroy(&br->ifaces);
hmap_destroy(&br->ports);
shash_destroy(&br->iface_by_name);
+ free(br->synth_local_iface.type);
free(br->name);
free(br);
}
bridge_reconfigure_one(struct bridge *br)
{
enum ofproto_fail_mode fail_mode;
- struct svec snoops, old_snoops;
struct port *port, *next;
struct shash_node *node;
struct shash new_ports;
br->name, name);
}
}
+ if (!shash_find(&new_ports, br->name)) {
+ struct dpif_port dpif_port;
+ char *type;
- /* If we have a controller, then we need a local port. Complain if the
- * user didn't specify one.
- *
- * XXX perhaps we should synthesize a port ourselves in this case. */
- if (bridge_get_controllers(br, NULL)) {
- char local_name[IF_NAMESIZE];
- int error;
+ VLOG_WARN("bridge %s: no port named %s, synthesizing one",
+ br->name, br->name);
- error = dpif_port_get_name(br->dpif, ODPP_LOCAL,
- local_name, sizeof local_name);
- if (!error && !shash_find(&new_ports, local_name)) {
- VLOG_WARN("bridge %s: controller specified but no local port "
- "(port named %s) defined",
- br->name, local_name);
- }
+ dpif_port_query_by_number(br->dpif, ODPP_LOCAL, &dpif_port);
+ type = xstrdup(dpif_port.type ? dpif_port.type : "internal");
+ dpif_port_destroy(&dpif_port);
+
+ br->synth_local_port.interfaces = &br->synth_local_ifacep;
+ br->synth_local_port.n_interfaces = 1;
+ br->synth_local_port.name = br->name;
+
+ br->synth_local_iface.name = br->name;
+ free(br->synth_local_iface.type);
+ br->synth_local_iface.type = type;
+
+ br->synth_local_ifacep = &br->synth_local_iface;
+
+ shash_add(&new_ports, br->name, &br->synth_local_port);
}
/* Get rid of deleted ports.
* controller to another?) */
/* Configure OpenFlow controller connection snooping. */
- svec_init(&snoops);
- svec_add_nocopy(&snoops, xasprintf("punix:%s/%s.snoop",
- ovs_rundir(), br->name));
- svec_init(&old_snoops);
- ofproto_get_snoops(br->ofproto, &old_snoops);
- if (!svec_equal(&snoops, &old_snoops)) {
+ if (!ofproto_has_snoops(br->ofproto)) {
+ struct sset snoops;
+
+ sset_init(&snoops);
+ sset_add_and_free(&snoops, xasprintf("punix:%s/%s.snoop",
+ ovs_rundir(), br->name));
ofproto_set_snoops(br->ofproto, &snoops);
+ sset_destroy(&snoops);
}
- svec_destroy(&snoops);
- svec_destroy(&old_snoops);
mirror_reconfigure(br);
}
return CONTAINER_OF(list_front(&port->ifaces), struct iface, port_elem);
}
+/* Returns true if a packet with Ethernet destination MAC 'dst' may be mirrored
+ * to a VLAN. In general most packets may be mirrored but we want to drop
+ * protocols that may confuse switches. */
+static bool
+eth_dst_may_rspan(const uint8_t dst[ETH_ADDR_LEN])
+{
+ /* If you change this function's behavior, please update corresponding
+ * documentation in vswitch.xml at the same time. */
+ if (dst[0] != 0x01) {
+ /* All the currently banned MACs happen to start with 01 currently, so
+ * this is a quick way to eliminate most of the good ones. */
+ } else {
+ if (eth_addr_is_reserved(dst)) {
+ /* Drop STP, IEEE pause frames, and other reserved protocols
+ * (01-80-c2-00-00-0x). */
+ return false;
+ }
+
+ if (dst[0] == 0x01 && dst[1] == 0x00 && dst[2] == 0x0c) {
+ /* Cisco OUI. */
+ if ((dst[3] & 0xfe) == 0xcc &&
+ (dst[4] & 0xfe) == 0xcc &&
+ (dst[5] & 0xfe) == 0xcc) {
+ /* Drop the following protocols plus others following the same
+ pattern:
+
+ CDP, VTP, DTP, PAgP (01-00-0c-cc-cc-cc)
+ Spanning Tree PVSTP+ (01-00-0c-cc-cc-cd)
+ STP Uplink Fast (01-00-0c-cd-cd-cd) */
+ return false;
+ }
+
+ if (!(dst[3] | dst[4] | dst[5])) {
+ /* Drop Inter Switch Link packets (01-00-0c-00-00-00). */
+ return false;
+ }
+ }
+ }
+ return true;
+}
+
static void
compose_dsts(const struct bridge *br, const struct flow *flow, uint16_t vlan,
const struct port *in_port, const struct port *out_port,
&& !dst_is_duplicate(set, &dst)) {
dst_set_add(set, &dst);
}
- } else {
+ } else if (eth_dst_may_rspan(flow->dl_dst)) {
struct port *port;
HMAP_FOR_EACH (port, hmap_node, &br->ports) {
port_del_ifaces(struct port *port, const struct ovsrec_port *cfg)
{
struct iface *iface, *next;
- struct shash new_ifaces;
+ struct sset new_ifaces;
size_t i;
/* Collect list of new interfaces. */
- shash_init(&new_ifaces);
+ sset_init(&new_ifaces);
for (i = 0; i < cfg->n_interfaces; i++) {
const char *name = cfg->interfaces[i]->name;
- shash_add_once(&new_ifaces, name, NULL);
+ sset_add(&new_ifaces, name);
}
/* Get rid of deleted interfaces. */
LIST_FOR_EACH_SAFE (iface, next, port_elem, &port->ifaces) {
- if (!shash_find(&new_ifaces, iface->name)) {
+ if (!sset_contains(&new_ifaces, iface->name)) {
iface_destroy(iface);
}
}
- shash_destroy(&new_ifaces);
+ sset_destroy(&new_ifaces);
}
/* Expires all MAC learning entries associated with 'port' and forces ofproto
port_reconfigure(struct port *port, const struct ovsrec_port *cfg)
{
const char *detect_mode;
- struct shash new_ifaces;
+ struct sset new_ifaces;
long long int next_rebalance, miimon_next_update, lacp_priority;
bool need_flush = false;
unsigned long *trunks;
}
/* Add new interfaces and update 'cfg' member of existing ones. */
- shash_init(&new_ifaces);
+ sset_init(&new_ifaces);
for (i = 0; i < cfg->n_interfaces; i++) {
const struct ovsrec_interface *if_cfg = cfg->interfaces[i];
struct iface *iface;
- if (!shash_add_once(&new_ifaces, if_cfg->name, NULL)) {
+ if (!sset_add(&new_ifaces, if_cfg->name)) {
VLOG_WARN("port %s: %s specified twice as port interface",
port->name, if_cfg->name);
iface_set_ofport(if_cfg, -1);
iface->lacp_priority = lacp_priority;
}
}
- shash_destroy(&new_ifaces);
+ sset_destroy(&new_ifaces);
port->lacp_fast = !strcmp(get_port_other_config(cfg, "lacp-time", "slow"),
"fast");
{
uint8_t ea[ETH_ADDR_LEN];
- if (iface->cfg->mac && eth_addr_from_string(iface->cfg->mac, ea)) {
- if (eth_addr_is_multicast(ea)) {
+ if (!strcmp(iface->type, "internal")
+ && iface->cfg->mac && eth_addr_from_string(iface->cfg->mac, ea)) {
+ if (iface->dp_ifidx == ODPP_LOCAL) {
+ VLOG_ERR("interface %s: ignoring mac in Interface record "
+ "(use Bridge record to set local port's mac)",
+ iface->name);
+ } else if (eth_addr_is_multicast(ea)) {
VLOG_ERR("interface %s: cannot set MAC to multicast address",
iface->name);
- } else if (iface->dp_ifidx == ODPP_LOCAL) {
- VLOG_ERR("ignoring iface.%s.mac; use bridge.%s.mac instead",
- iface->name, iface->name);
} else {
int error = netdev_set_etheraddr(iface->netdev, ea);
if (error) {
static void
iface_set_ofport(const struct ovsrec_interface *if_cfg, int64_t ofport)
{
- if (if_cfg) {
+ if (if_cfg && !ovsdb_idl_row_is_synthetic(&if_cfg->header_)) {
ovsrec_interface_set_ofport(if_cfg, &ofport, 1);
}
}
static void
iface_update_qos(struct iface *iface, const struct ovsrec_qos *qos)
{
- if (!qos || qos->type[0] == '\0') {
+ if (!qos || qos->type[0] == '\0' || qos->n_queues < 1) {
netdev_set_qos(iface->netdev, NULL, NULL);
} else {
struct iface_delete_queues_cbdata cbdata;
? netdev_get_carrier(iface->netdev)
: netdev_get_miimon(iface->netdev));
}
+
+/* Returns true if 'iface' is synthetic, that is, if we constructed it locally
+ * instead of obtaining it from the database. */
+static bool
+iface_is_synthetic(const struct iface *iface)
+{
+ return ovsdb_idl_row_is_synthetic(&iface->cfg->header_);
+}
\f
/* Port mirroring. */
mac_learning_flush(br->ml);
br->mirrors[i] = m = xzalloc(sizeof *m);
+ m->uuid = cfg->header_.uuid;
m->bridge = br;
m->idx = i;
m->name = xstrdup(cfg->name);
- shash_init(&m->src_ports);
- shash_init(&m->dst_ports);
+ sset_init(&m->src_ports);
+ sset_init(&m->dst_ports);
m->vlans = NULL;
m->n_vlans = 0;
m->out_vlan = -1;
port->dst_mirrors &= ~(MIRROR_MASK_C(1) << m->idx);
}
- shash_destroy(&m->src_ports);
- shash_destroy(&m->dst_ports);
+ sset_destroy(&m->src_ports);
+ sset_destroy(&m->dst_ports);
free(m->vlans);
m->bridge->mirrors[m->idx] = NULL;
static void
mirror_collect_ports(struct mirror *m, struct ovsrec_port **ports, int n_ports,
- struct shash *names)
+ struct sset *names)
{
size_t i;
for (i = 0; i < n_ports; i++) {
const char *name = ports[i]->name;
if (port_lookup(m->bridge, name)) {
- shash_add_once(names, name, NULL);
+ sset_add(names, name);
} else {
VLOG_WARN("bridge %s: mirror %s cannot match on nonexistent "
"port %s", m->bridge->name, m->name, name);
return false;
}
-static bool
-port_trunks_any_mirrored_vlan(const struct mirror *m, const struct port *p)
-{
- size_t i;
-
- for (i = 0; i < m->n_vlans; i++) {
- if (port_trunks_vlan(p, m->vlans[i])) {
- return true;
- }
- }
- return false;
-}
-
static void
mirror_reconfigure_one(struct mirror *m, struct ovsrec_mirror *cfg)
{
- struct shash src_ports, dst_ports;
+ struct sset src_ports, dst_ports;
mirror_mask_t mirror_bit;
struct port *out_port;
struct port *port;
return;
}
- shash_init(&src_ports);
- shash_init(&dst_ports);
+ sset_init(&src_ports);
+ sset_init(&dst_ports);
if (cfg->select_all) {
HMAP_FOR_EACH (port, hmap_node, &m->bridge->ports) {
- shash_add_once(&src_ports, port->name, NULL);
- shash_add_once(&dst_ports, port->name, NULL);
+ sset_add(&src_ports, port->name);
+ sset_add(&dst_ports, port->name);
}
vlans = NULL;
n_vlans = 0;
}
/* Update mirror data. */
- if (!shash_equal_keys(&m->src_ports, &src_ports)
- || !shash_equal_keys(&m->dst_ports, &dst_ports)
+ if (!sset_equals(&m->src_ports, &src_ports)
+ || !sset_equals(&m->dst_ports, &dst_ports)
|| m->n_vlans != n_vlans
|| memcmp(m->vlans, vlans, sizeof *vlans * n_vlans)
|| m->out_port != out_port
bridge_flush(m->bridge);
mac_learning_flush(m->bridge->ml);
}
- shash_swap(&m->src_ports, &src_ports);
- shash_swap(&m->dst_ports, &dst_ports);
+ sset_swap(&m->src_ports, &src_ports);
+ sset_swap(&m->dst_ports, &dst_ports);
free(m->vlans);
m->vlans = vlans;
m->n_vlans = n_vlans;
/* Update ports. */
mirror_bit = MIRROR_MASK_C(1) << m->idx;
HMAP_FOR_EACH (port, hmap_node, &m->bridge->ports) {
- if (shash_find(&m->src_ports, port->name)
- || (m->n_vlans
- && (!port->vlan
- ? port_trunks_any_mirrored_vlan(m, port)
- : vlan_is_mirrored(m, port->vlan)))) {
+ if (sset_contains(&m->src_ports, port->name)) {
port->src_mirrors |= mirror_bit;
} else {
port->src_mirrors &= ~mirror_bit;
}
- if (shash_find(&m->dst_ports, port->name)) {
+ if (sset_contains(&m->dst_ports, port->name)) {
port->dst_mirrors |= mirror_bit;
} else {
port->dst_mirrors &= ~mirror_bit;
}
/* Clean up. */
- shash_destroy(&src_ports);
- shash_destroy(&dst_ports);
+ sset_destroy(&src_ports);
+ sset_destroy(&dst_ports);
}