X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=lib%2Fbond.c;h=90498f63b35d12991a59b8b7daba42cc10e873f1;hb=e9b14f9f010f365083b92336c579e68d581272dc;hp=913a3071a731a0c943435baf638f9d9af346b1f5;hpb=1ea241383e608ee173671c233a819648d773cb25;p=sliver-openvswitch.git

diff --git a/lib/bond.c b/lib/bond.c
index 913a3071a..90498f63b 100644
--- a/lib/bond.c
+++ b/lib/bond.c
@@ -484,14 +484,15 @@ bond_wait(struct bond *bond)
 static bool
 may_send_learning_packets(const struct bond *bond)
 {
-    return !bond->lacp_negotiated && bond->balance != BM_AB;
+    return !bond->lacp_negotiated && bond->balance != BM_AB &&
+           bond->active_slave;
 }
 
 /* Returns true if 'bond' needs the client to send out packets to assist with
  * MAC learning on 'bond'.  If this function returns true, then the client
  * should iterate through its MAC learning table for the bridge on which 'bond'
  * is located.  For each MAC that has been learned on a port other than 'bond',
- * it should call bond_send_learning_packet().
+ * it should call bond_compose_learning_packet().
  *
  * This function will only return true if 'bond' is in SLB mode and LACP is not
  * negotiated.  Otherwise sending learning packets isn't necessary.
@@ -507,37 +508,33 @@ bond_should_send_learning_packets(struct bond *bond)
 
 /* Sends a gratuitous learning packet on 'bond' from 'eth_src' on 'vlan'.
  *
- * See bond_should_send_learning_packets() for description of usage. */
-int
-bond_send_learning_packet(struct bond *bond,
-                          const uint8_t eth_src[ETH_ADDR_LEN],
-                          uint16_t vlan)
+ * See bond_should_send_learning_packets() for description of usage. The
+ * caller should send the composed packet on the port associated with
+ * port_aux and takes ownership of the returned ofpbuf. */
+struct ofpbuf *
+bond_compose_learning_packet(struct bond *bond,
+                             const uint8_t eth_src[ETH_ADDR_LEN],
+                             uint16_t vlan, void **port_aux)
 {
     struct bond_slave *slave;
-    struct ofpbuf packet;
+    struct ofpbuf *packet;
     struct flow flow;
-    int error;
 
     assert(may_send_learning_packets(bond));
-    if (!bond->active_slave) {
-        /* Nowhere to send the learning packet. */
-        return 0;
-    }
 
     memset(&flow, 0, sizeof flow);
     memcpy(flow.dl_src, eth_src, ETH_ADDR_LEN);
     slave = choose_output_slave(bond, &flow, vlan);
 
-    ofpbuf_init(&packet, 0);
-    compose_benign_packet(&packet, "Open vSwitch Bond Failover", 0xf177,
+    packet = ofpbuf_new(0);
+    compose_benign_packet(packet, "Open vSwitch Bond Failover", 0xf177,
                           eth_src);
     if (vlan) {
-        eth_set_vlan_tci(&packet, htons(vlan));
+        eth_push_vlan(packet, htons(vlan));
     }
-    error = netdev_send(slave->netdev, &packet);
-    ofpbuf_uninit(&packet);
 
-    return error;
+    *port_aux = slave->aux;
+    return packet;
 }
 
 /* Checks whether a packet that arrived on 'slave_' within 'bond', with an
@@ -559,10 +556,15 @@ enum bond_verdict
 bond_check_admissibility(struct bond *bond, const void *slave_,
                          const uint8_t eth_dst[ETH_ADDR_LEN], tag_type *tags)
 {
-    /* Admit all packets if LACP has been negotiated, because that means that
-     * the remote switch is aware of the bond and will "do the right thing". */
+    struct bond_slave *slave = bond_slave_lookup(bond, slave_);
+
+    /* LACP bonds have very loose admissibility restrictions because we can
+     * assume the remote switch is aware of the bond and will "do the right
+     * thing".  However, as a precaution we drop packets on disabled slaves
+     * because no correctly implemented partner switch should be sending
+     * packets to them. */
     if (bond->lacp_negotiated) {
-        return BV_ACCEPT;
+        return slave->enabled ? BV_ACCEPT : BV_DROP;
     }
 
     /* Drop all multicast packets on inactive slaves. */
@@ -573,12 +575,40 @@ bond_check_admissibility(struct bond *bond, const void *slave_,
         }
     }
 
-    /* Drop all packets for which we have learned a different input port,
-     * because we probably sent the packet on one slave and got it back on the
-     * other.  Gratuitous ARP packets are an exception to this rule: the host
-     * has moved to another switch.  The exception to the exception is if we
-     * locked the learning table to avoid reflections on bond slaves. */
-    return BV_DROP_IF_MOVED;
+    switch (bond->balance) {
+    case BM_AB:
+        /* Drop all packets which arrive on backup slaves.  This is similar to
+         * how Linux bonding handles active-backup bonds. */
+        *tags |= bond_get_active_slave_tag(bond);
+        if (bond->active_slave != slave) {
+            static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+
+            VLOG_DBG_RL(&rl, "active-backup bond received packet on backup"
+                        " slave (%s) destined for " ETH_ADDR_FMT,
+                        slave->name, ETH_ADDR_ARGS(eth_dst));
+            return BV_DROP;
+        }
+        return BV_ACCEPT;
+
+    case BM_TCP:
+        /* TCP balancing has degraded to SLB (otherwise the
+         * bond->lacp_negotiated check above would have processed this).
+         *
+         * Fall through. */
+    case BM_SLB:
+        /* Drop all packets for which we have learned a different input port,
+         * because we probably sent the packet on one slave and got it back on
+         * the other.  Gratuitous ARP packets are an exception to this rule:
+         * the host has moved to another switch.  The exception to the
+         * exception is if we locked the learning table to avoid reflections on
+         * bond slaves. */
+        return BV_DROP_IF_MOVED;
+
+    case BM_STABLE:
+        return BV_ACCEPT;
+    }
+
+    NOT_REACHED();
 }
 
 /* Returns the slave (registered on 'bond' by bond_slave_register()) to which
@@ -620,7 +650,6 @@ void
 bond_account(struct bond *bond, const struct flow *flow, uint16_t vlan,
              uint64_t n_bytes)
 {
-
     if (bond_is_balanced(bond)) {
         lookup_bond_entry(bond, flow, vlan)->tx_bytes += n_bytes;
     }
@@ -1160,7 +1189,7 @@ bond_unixctl_hash(struct unixctl_conn *conn, const char *args_,
             return;
         }
     } else {
-        vlan = OFP_VLAN_NONE;
+        vlan = 0;
     }
 
     if (basis_s) {
@@ -1187,16 +1216,18 @@ bond_unixctl_hash(struct unixctl_conn *conn, const char *args_,
 void
 bond_init(void)
 {
-    unixctl_command_register("bond/list", bond_unixctl_list, NULL);
-    unixctl_command_register("bond/show", bond_unixctl_show, NULL);
-    unixctl_command_register("bond/migrate", bond_unixctl_migrate, NULL);
-    unixctl_command_register("bond/set-active-slave",
+    unixctl_command_register("bond/list", "", bond_unixctl_list, NULL);
+    unixctl_command_register("bond/show", "port", bond_unixctl_show, NULL);
+    unixctl_command_register("bond/migrate", "port hash slave",
+                             bond_unixctl_migrate, NULL);
+    unixctl_command_register("bond/set-active-slave", "port slave",
                              bond_unixctl_set_active_slave, NULL);
-    unixctl_command_register("bond/enable-slave", bond_unixctl_enable_slave,
-                             NULL);
-    unixctl_command_register("bond/disable-slave", bond_unixctl_disable_slave,
-                             NULL);
-    unixctl_command_register("bond/hash", bond_unixctl_hash, NULL);
+    unixctl_command_register("bond/enable-slave", "port slave",
+                             bond_unixctl_enable_slave, NULL);
+    unixctl_command_register("bond/disable-slave", "port slave",
+                             bond_unixctl_disable_slave, NULL);
+    unixctl_command_register("bond/hash", "mac [vlan] [basis]",
+                             bond_unixctl_hash, NULL);
 }
 
 static void
@@ -1488,7 +1519,7 @@ bond_update_fake_slave_stats(struct bond *bond)
         }
     }
 
-    if (!netdev_open_default(bond->name, &bond_dev)) {
+    if (!netdev_open(bond->name, "system", &bond_dev)) {
         netdev_set_stats(bond_dev, &bond_stats);
         netdev_close(bond_dev);
     }