X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=ofproto%2Fofproto.c;h=737b86b5001c3b94b0c4925041337d4f614bcc86;hb=1b807595c4e6b4348444852bda8814e92412ad41;hp=147ade3a0cf099767af323c43603cf89117aa19e;hpb=2cdcb8983d9e2f3d690ee5cb62593c05898fb26e;p=sliver-openvswitch.git diff --git a/ofproto/ofproto.c b/ofproto/ofproto.c index 147ade3a0..737b86b50 100644 --- a/ofproto/ofproto.c +++ b/ofproto/ofproto.c @@ -25,9 +25,10 @@ #include #include #include "byte-order.h" +#include "cfm.h" #include "classifier.h" +#include "connmgr.h" #include "coverage.h" -#include "discovery.h" #include "dpif.h" #include "dynamic-string.h" #include "fail-open.h" @@ -54,10 +55,10 @@ #include "poll-loop.h" #include "rconn.h" #include "shash.h" -#include "status.h" +#include "sset.h" #include "stream-ssl.h" -#include "svec.h" #include "tag.h" +#include "timer.h" #include "timeval.h" #include "unaligned.h" #include "unixctl.h" @@ -80,7 +81,6 @@ COVERAGE_DEFINE(ofproto_flows_req); COVERAGE_DEFINE(ofproto_flush); COVERAGE_DEFINE(ofproto_invalidated); COVERAGE_DEFINE(ofproto_no_packet_in); -COVERAGE_DEFINE(ofproto_ofconn_stuck); COVERAGE_DEFINE(ofproto_ofp2odp); COVERAGE_DEFINE(ofproto_packet_in); COVERAGE_DEFINE(ofproto_packet_out); @@ -91,8 +91,6 @@ COVERAGE_DEFINE(ofproto_unexpected_rule); COVERAGE_DEFINE(ofproto_uninstallable); COVERAGE_DEFINE(ofproto_update_port); -#include "sflow_api.h" - /* Maximum depth of flow table recursion (due to NXAST_RESUBMIT actions) in a * flow translation. */ #define MAX_RESUBMIT_RECURSION 16 @@ -104,10 +102,12 @@ struct ofport { struct netdev *netdev; struct ofp_phy_port opp; /* In host byte order. */ uint16_t odp_port; + struct cfm *cfm; /* Connectivity Fault Management, if any. */ }; static void ofport_free(struct ofport *); -static void hton_ofp_phy_port(struct ofp_phy_port *); +static void ofport_run(struct ofproto *, struct ofport *); +static void ofport_wait(struct ofport *); struct action_xlate_ctx { /* action_xlate_ctx_init() initializes these members. */ @@ -271,91 +271,8 @@ static void facet_update_stats(struct ofproto *, struct facet *, const struct dpif_flow_stats *); static void facet_push_stats(struct ofproto *, struct facet *); -/* ofproto supports two kinds of OpenFlow connections: - * - * - "Primary" connections to ordinary OpenFlow controllers. ofproto - * maintains persistent connections to these controllers and by default - * sends them asynchronous messages such as packet-ins. - * - * - "Service" connections, e.g. from ovs-ofctl. When these connections - * drop, it is the other side's responsibility to reconnect them if - * necessary. ofproto does not send them asynchronous messages by default. - * - * Currently, active (tcp, ssl, unix) connections are always "primary" - * connections and passive (ptcp, pssl, punix) connections are always "service" - * connections. There is no inherent reason for this, but it reflects the - * common case. - */ -enum ofconn_type { - OFCONN_PRIMARY, /* An ordinary OpenFlow controller. */ - OFCONN_SERVICE /* A service connection, e.g. "ovs-ofctl". */ -}; - -/* A listener for incoming OpenFlow "service" connections. */ -struct ofservice { - struct hmap_node node; /* In struct ofproto's "services" hmap. */ - struct pvconn *pvconn; /* OpenFlow connection listener. */ - - /* These are not used by ofservice directly. They are settings for - * accepted "struct ofconn"s from the pvconn. */ - int probe_interval; /* Max idle time before probing, in seconds. */ - int rate_limit; /* Max packet-in rate in packets per second. */ - int burst_limit; /* Limit on accumulating packet credits. */ -}; - -static struct ofservice *ofservice_lookup(struct ofproto *, - const char *target); -static int ofservice_create(struct ofproto *, - const struct ofproto_controller *); -static void ofservice_reconfigure(struct ofservice *, - const struct ofproto_controller *); -static void ofservice_destroy(struct ofproto *, struct ofservice *); - -/* An OpenFlow connection. */ -struct ofconn { - struct ofproto *ofproto; /* The ofproto that owns this connection. */ - struct list node; /* In struct ofproto's "all_conns" list. */ - struct rconn *rconn; /* OpenFlow connection. */ - enum ofconn_type type; /* Type. */ - enum nx_flow_format flow_format; /* Currently selected flow format. */ - - /* OFPT_PACKET_IN related data. */ - struct rconn_packet_counter *packet_in_counter; /* # queued on 'rconn'. */ -#define N_SCHEDULERS 2 - struct pinsched *schedulers[N_SCHEDULERS]; - struct pktbuf *pktbuf; /* OpenFlow packet buffers. */ - int miss_send_len; /* Bytes to send of buffered packets. */ - - /* Number of OpenFlow messages queued on 'rconn' as replies to OpenFlow - * requests, and the maximum number before we stop reading OpenFlow - * requests. */ -#define OFCONN_REPLY_MAX 100 - struct rconn_packet_counter *reply_counter; - - /* type == OFCONN_PRIMARY only. */ - enum nx_role role; /* Role. */ - struct hmap_node hmap_node; /* In struct ofproto's "controllers" map. */ - struct discovery *discovery; /* Controller discovery object, if enabled. */ - struct status_category *ss; /* Switch status category. */ - enum ofproto_band band; /* In-band or out-of-band? */ -}; - - -static struct ofconn *ofconn_create(struct ofproto *, struct rconn *, - enum ofconn_type); -static void ofconn_destroy(struct ofconn *); -static void ofconn_run(struct ofconn *); -static void ofconn_wait(struct ofconn *); -static bool ofconn_receives_async_msgs(const struct ofconn *); -static char *ofconn_make_name(const struct ofproto *, const char *target); -static void ofconn_set_rate_limit(struct ofconn *, int rate, int burst); - -static void queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn, - struct rconn_packet_counter *counter); - static void send_packet_in(struct ofproto *, struct dpif_upcall *, const struct flow *, bool clone); -static void do_send_packet_in(struct ofpbuf *ofp_packet_in, void *ofconn); struct ofproto { /* Settings. */ @@ -375,21 +292,12 @@ struct ofproto { uint32_t max_ports; /* Configuration. */ - struct switch_status *switch_status; - struct fail_open *fail_open; struct netflow *netflow; struct ofproto_sflow *sflow; - /* In-band control. */ - struct in_band *in_band; - long long int next_in_band_update; - struct sockaddr_in *extra_in_band_remotes; - size_t n_extra_remotes; - int in_band_queue; - /* Flow table. */ struct classifier cls; - long long int next_expiration; + struct timer next_expiration; /* Facets. */ struct hmap facets; @@ -397,14 +305,7 @@ struct ofproto { struct tag_set revalidate_set; /* OpenFlow connections. */ - struct hmap controllers; /* Controller "struct ofconn"s. */ - struct list all_conns; /* Contains "struct ofconn"s. */ - enum ofproto_fail_mode fail_mode; - - /* OpenFlow listeners. */ - struct hmap services; /* Contains "struct ofservice"s. */ - struct pvconn **snoops; - size_t n_snoops; + struct connmgr *connmgr; /* Hooks for ovs-vswitchd. */ const struct ofhooks *ofhooks; @@ -424,6 +325,7 @@ static const struct ofhooks default_ofhooks; static uint64_t pick_datapath_id(const struct ofproto *); static uint64_t pick_fallback_dpid(void); +static void ofproto_flush_flows__(struct ofproto *); static int ofproto_expire(struct ofproto *); static void flow_push_stats(struct ofproto *, const struct rule *, struct flow *, uint64_t packets, uint64_t bytes, @@ -445,6 +347,7 @@ ofproto_create(const char *datapath, const char *datapath_type, const struct ofhooks *ofhooks, void *aux, struct ofproto **ofprotop) { + char local_name[IF_NAMESIZE]; struct ofproto *p; struct dpif *dpif; int error; @@ -472,6 +375,14 @@ ofproto_create(const char *datapath, const char *datapath_type, dpif_flow_flush(dpif); dpif_recv_purge(dpif); + error = dpif_port_get_name(dpif, ODPP_LOCAL, + local_name, sizeof local_name); + if (error) { + VLOG_ERR("%s: cannot get name of datapath local port (%s)", + datapath, strerror(error)); + return error; + } + /* Initialize settings. */ p = xzalloc(sizeof *p); p->fallback_dpid = pick_fallback_dpid(); @@ -490,31 +401,18 @@ ofproto_create(const char *datapath, const char *datapath_type, p->max_ports = dpif_get_max_ports(dpif); /* Initialize submodules. */ - p->switch_status = switch_status_create(p); - p->fail_open = NULL; p->netflow = NULL; p->sflow = NULL; - /* Initialize in-band control. */ - p->in_band = NULL; - p->in_band_queue = -1; - /* Initialize flow table. */ classifier_init(&p->cls); - p->next_expiration = time_msec() + 1000; + timer_set_duration(&p->next_expiration, 1000); /* Initialize facet table. */ hmap_init(&p->facets); p->need_revalidate = false; tag_set_init(&p->revalidate_set); - /* Initialize OpenFlow connections. */ - list_init(&p->all_conns); - hmap_init(&p->controllers); - hmap_init(&p->services); - p->snoops = NULL; - p->n_snoops = 0; - /* Initialize hooks. */ if (ofhooks) { p->ofhooks = ofhooks; @@ -532,6 +430,9 @@ ofproto_create(const char *datapath, const char *datapath_type, shash_add_once(&all_ofprotos, dpif_name(p->dpif), p); + /* Initialize OpenFlow connections. */ + p->connmgr = connmgr_create(p, datapath, local_name); + *ofprotop = p; return 0; } @@ -550,269 +451,18 @@ ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id) } } -static bool -is_discovery_controller(const struct ofproto_controller *c) -{ - return !strcmp(c->target, "discover"); -} - -static bool -is_in_band_controller(const struct ofproto_controller *c) -{ - return is_discovery_controller(c) || c->band == OFPROTO_IN_BAND; -} - -/* Creates a new controller in 'ofproto'. Some of the settings are initially - * drawn from 'c', but update_controller() needs to be called later to finish - * the new ofconn's configuration. */ -static void -add_controller(struct ofproto *ofproto, const struct ofproto_controller *c) -{ - struct discovery *discovery; - struct ofconn *ofconn; - - if (is_discovery_controller(c)) { - int error = discovery_create(c->accept_re, c->update_resolv_conf, - ofproto->dpif, ofproto->switch_status, - &discovery); - if (error) { - return; - } - } else { - discovery = NULL; - } - - ofconn = ofconn_create(ofproto, rconn_create(5, 8), OFCONN_PRIMARY); - ofconn->pktbuf = pktbuf_create(); - ofconn->miss_send_len = OFP_DEFAULT_MISS_SEND_LEN; - if (discovery) { - ofconn->discovery = discovery; - } else { - char *name = ofconn_make_name(ofproto, c->target); - rconn_connect(ofconn->rconn, c->target, name); - free(name); - } - hmap_insert(&ofproto->controllers, &ofconn->hmap_node, - hash_string(c->target, 0)); -} - -/* Reconfigures 'ofconn' to match 'c'. This function cannot update an ofconn's - * target or turn discovery on or off (these are done by creating new ofconns - * and deleting old ones), but it can update the rest of an ofconn's - * settings. */ -static void -update_controller(struct ofconn *ofconn, const struct ofproto_controller *c) -{ - int probe_interval; - - ofconn->band = (is_in_band_controller(c) - ? OFPROTO_IN_BAND : OFPROTO_OUT_OF_BAND); - - rconn_set_max_backoff(ofconn->rconn, c->max_backoff); - - probe_interval = c->probe_interval ? MAX(c->probe_interval, 5) : 0; - rconn_set_probe_interval(ofconn->rconn, probe_interval); - - if (ofconn->discovery) { - discovery_set_update_resolv_conf(ofconn->discovery, - c->update_resolv_conf); - discovery_set_accept_controller_re(ofconn->discovery, c->accept_re); - } - - ofconn_set_rate_limit(ofconn, c->rate_limit, c->burst_limit); -} - -static const char * -ofconn_get_target(const struct ofconn *ofconn) -{ - return ofconn->discovery ? "discover" : rconn_get_target(ofconn->rconn); -} - -static struct ofconn * -find_controller_by_target(struct ofproto *ofproto, const char *target) -{ - struct ofconn *ofconn; - - HMAP_FOR_EACH_WITH_HASH (ofconn, hmap_node, - hash_string(target, 0), &ofproto->controllers) { - if (!strcmp(ofconn_get_target(ofconn), target)) { - return ofconn; - } - } - return NULL; -} - -static void -update_in_band_remotes(struct ofproto *ofproto) -{ - const struct ofconn *ofconn; - struct sockaddr_in *addrs; - size_t max_addrs, n_addrs; - bool discovery; - size_t i; - - /* Allocate enough memory for as many remotes as we could possibly have. */ - max_addrs = ofproto->n_extra_remotes + hmap_count(&ofproto->controllers); - addrs = xmalloc(max_addrs * sizeof *addrs); - n_addrs = 0; - - /* Add all the remotes. */ - discovery = false; - HMAP_FOR_EACH (ofconn, hmap_node, &ofproto->controllers) { - struct sockaddr_in *sin = &addrs[n_addrs]; - - if (ofconn->band == OFPROTO_OUT_OF_BAND) { - continue; - } - - sin->sin_addr.s_addr = rconn_get_remote_ip(ofconn->rconn); - if (sin->sin_addr.s_addr) { - sin->sin_port = rconn_get_remote_port(ofconn->rconn); - n_addrs++; - } - if (ofconn->discovery) { - discovery = true; - } - } - for (i = 0; i < ofproto->n_extra_remotes; i++) { - addrs[n_addrs++] = ofproto->extra_in_band_remotes[i]; - } - - /* Create or update or destroy in-band. - * - * Ordinarily we only enable in-band if there's at least one remote - * address, but discovery needs the in-band rules for DHCP to be installed - * even before we know any remote addresses. */ - if (n_addrs || discovery) { - if (!ofproto->in_band) { - in_band_create(ofproto, ofproto->dpif, ofproto->switch_status, - &ofproto->in_band); - } - if (ofproto->in_band) { - in_band_set_remotes(ofproto->in_band, addrs, n_addrs); - } - in_band_set_queue(ofproto->in_band, ofproto->in_band_queue); - ofproto->next_in_band_update = time_msec() + 1000; - } else { - in_band_destroy(ofproto->in_band); - ofproto->in_band = NULL; - } - - /* Clean up. */ - free(addrs); -} - -static void -update_fail_open(struct ofproto *p) -{ - struct ofconn *ofconn; - - if (!hmap_is_empty(&p->controllers) - && p->fail_mode == OFPROTO_FAIL_STANDALONE) { - struct rconn **rconns; - size_t n; - - if (!p->fail_open) { - p->fail_open = fail_open_create(p, p->switch_status); - } - - n = 0; - rconns = xmalloc(hmap_count(&p->controllers) * sizeof *rconns); - HMAP_FOR_EACH (ofconn, hmap_node, &p->controllers) { - rconns[n++] = ofconn->rconn; - } - - fail_open_set_controllers(p->fail_open, rconns, n); - /* p->fail_open takes ownership of 'rconns'. */ - } else { - fail_open_destroy(p->fail_open); - p->fail_open = NULL; - } -} - void ofproto_set_controllers(struct ofproto *p, const struct ofproto_controller *controllers, size_t n_controllers) { - struct shash new_controllers; - struct ofconn *ofconn, *next_ofconn; - struct ofservice *ofservice, *next_ofservice; - bool ss_exists; - size_t i; - - /* Create newly configured controllers and services. - * Create a name to ofproto_controller mapping in 'new_controllers'. */ - shash_init(&new_controllers); - for (i = 0; i < n_controllers; i++) { - const struct ofproto_controller *c = &controllers[i]; - - if (!vconn_verify_name(c->target) || !strcmp(c->target, "discover")) { - if (!find_controller_by_target(p, c->target)) { - add_controller(p, c); - } - } else if (!pvconn_verify_name(c->target)) { - if (!ofservice_lookup(p, c->target) && ofservice_create(p, c)) { - continue; - } - } else { - VLOG_WARN_RL(&rl, "%s: unsupported controller \"%s\"", - dpif_name(p->dpif), c->target); - continue; - } - - shash_add_once(&new_controllers, c->target, &controllers[i]); - } - - /* Delete controllers that are no longer configured. - * Update configuration of all now-existing controllers. */ - ss_exists = false; - HMAP_FOR_EACH_SAFE (ofconn, next_ofconn, hmap_node, &p->controllers) { - struct ofproto_controller *c; - - c = shash_find_data(&new_controllers, ofconn_get_target(ofconn)); - if (!c) { - ofconn_destroy(ofconn); - } else { - update_controller(ofconn, c); - if (ofconn->ss) { - ss_exists = true; - } - } - } - - /* Delete services that are no longer configured. - * Update configuration of all now-existing services. */ - HMAP_FOR_EACH_SAFE (ofservice, next_ofservice, node, &p->services) { - struct ofproto_controller *c; - - c = shash_find_data(&new_controllers, - pvconn_get_name(ofservice->pvconn)); - if (!c) { - ofservice_destroy(p, ofservice); - } else { - ofservice_reconfigure(ofservice, c); - } - } - - shash_destroy(&new_controllers); - - update_in_band_remotes(p); - update_fail_open(p); - - if (!hmap_is_empty(&p->controllers) && !ss_exists) { - ofconn = CONTAINER_OF(hmap_first(&p->controllers), - struct ofconn, hmap_node); - ofconn->ss = switch_status_register(p->switch_status, "remote", - rconn_status_cb, ofconn->rconn); - } + connmgr_set_controllers(p->connmgr, controllers, n_controllers); } void ofproto_set_fail_mode(struct ofproto *p, enum ofproto_fail_mode fail_mode) { - p->fail_mode = fail_mode; - update_fail_open(p); + connmgr_set_fail_mode(p->connmgr, fail_mode); } /* Drops the connections between 'ofproto' and all of its controllers, forcing @@ -820,34 +470,7 @@ ofproto_set_fail_mode(struct ofproto *p, enum ofproto_fail_mode fail_mode) void ofproto_reconnect_controllers(struct ofproto *ofproto) { - struct ofconn *ofconn; - - LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) { - rconn_reconnect(ofconn->rconn); - } -} - -static bool -any_extras_changed(const struct ofproto *ofproto, - const struct sockaddr_in *extras, size_t n) -{ - size_t i; - - if (n != ofproto->n_extra_remotes) { - return true; - } - - for (i = 0; i < n; i++) { - const struct sockaddr_in *old = &ofproto->extra_in_band_remotes[i]; - const struct sockaddr_in *new = &extras[i]; - - if (old->sin_addr.s_addr != new->sin_addr.s_addr || - old->sin_port != new->sin_port) { - return true; - } - } - - return false; + connmgr_reconnect(ofproto->connmgr); } /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'ofproto''s @@ -857,15 +480,7 @@ void ofproto_set_extra_in_band_remotes(struct ofproto *ofproto, const struct sockaddr_in *extras, size_t n) { - if (!any_extras_changed(ofproto, extras, n)) { - return; - } - - free(ofproto->extra_in_band_remotes); - ofproto->n_extra_remotes = n; - ofproto->extra_in_band_remotes = xmemdup(extras, n * sizeof *extras); - - update_in_band_remotes(ofproto); + connmgr_set_extra_in_band_remotes(ofproto->connmgr, extras, n); } /* Sets the OpenFlow queue used by flows set up by in-band control on @@ -874,10 +489,7 @@ ofproto_set_extra_in_band_remotes(struct ofproto *ofproto, void ofproto_set_in_band_queue(struct ofproto *ofproto, int queue_id) { - if (queue_id != ofproto->in_band_queue) { - ofproto->in_band_queue = queue_id; - update_in_band_remotes(ofproto); - } + connmgr_set_in_band_queue(ofproto->connmgr, queue_id); } void @@ -931,55 +543,17 @@ ofproto_set_desc(struct ofproto *p, } } -static int -set_pvconns(struct pvconn ***pvconnsp, size_t *n_pvconnsp, - const struct svec *svec) -{ - struct pvconn **pvconns = *pvconnsp; - size_t n_pvconns = *n_pvconnsp; - int retval = 0; - size_t i; - - for (i = 0; i < n_pvconns; i++) { - pvconn_close(pvconns[i]); - } - free(pvconns); - - pvconns = xmalloc(svec->n * sizeof *pvconns); - n_pvconns = 0; - for (i = 0; i < svec->n; i++) { - const char *name = svec->names[i]; - struct pvconn *pvconn; - int error; - - error = pvconn_open(name, &pvconn); - if (!error) { - pvconns[n_pvconns++] = pvconn; - } else { - VLOG_ERR("failed to listen on %s: %s", name, strerror(error)); - if (!retval) { - retval = error; - } - } - } - - *pvconnsp = pvconns; - *n_pvconnsp = n_pvconns; - - return retval; -} - int -ofproto_set_snoops(struct ofproto *ofproto, const struct svec *snoops) +ofproto_set_snoops(struct ofproto *ofproto, const struct sset *snoops) { - return set_pvconns(&ofproto->snoops, &ofproto->n_snoops, snoops); + return connmgr_set_snoops(ofproto->connmgr, snoops); } int ofproto_set_netflow(struct ofproto *ofproto, const struct netflow_options *nf_options) { - if (nf_options && nf_options->collectors.n) { + if (nf_options && !sset_is_empty(&nf_options->collectors)) { if (!ofproto->netflow) { ofproto->netflow = netflow_create(); } @@ -1012,7 +586,70 @@ ofproto_set_sflow(struct ofproto *ofproto, ofproto->sflow = NULL; } } + +/* Connectivity Fault Management configuration. */ +/* Clears the CFM configuration from 'port_no' on 'ofproto'. */ +void +ofproto_iface_clear_cfm(struct ofproto *ofproto, uint32_t port_no) +{ + struct ofport *ofport = get_port(ofproto, port_no); + if (ofport && ofport->cfm){ + cfm_destroy(ofport->cfm); + ofport->cfm = NULL; + } +} + +/* Configures connectivity fault management on 'port_no' in 'ofproto'. Takes + * basic configuration from the configuration members in 'cfm', and the set of + * remote maintenance points from the 'n_remote_mps' elements in 'remote_mps'. + * Ignores the statistics members of 'cfm'. + * + * This function has no effect if 'ofproto' does not have a port 'port_no'. */ +void +ofproto_iface_set_cfm(struct ofproto *ofproto, uint32_t port_no, + const struct cfm *cfm, + const uint16_t *remote_mps, size_t n_remote_mps) +{ + struct ofport *ofport; + + ofport = get_port(ofproto, port_no); + if (!ofport) { + VLOG_WARN("%s: cannot configure CFM on nonexistent port %"PRIu32, + dpif_name(ofproto->dpif), port_no); + return; + } + + if (!ofport->cfm) { + ofport->cfm = cfm_create(); + } + + ofport->cfm->mpid = cfm->mpid; + ofport->cfm->interval = cfm->interval; + memcpy(ofport->cfm->maid, cfm->maid, CCM_MAID_LEN); + + cfm_update_remote_mps(ofport->cfm, remote_mps, n_remote_mps); + + if (!cfm_configure(ofport->cfm)) { + VLOG_WARN("%s: CFM configuration on port %"PRIu32" (%s) failed", + dpif_name(ofproto->dpif), port_no, + netdev_get_name(ofport->netdev)); + cfm_destroy(ofport->cfm); + ofport->cfm = NULL; + } +} + +/* Returns the connectivity fault management object associated with 'port_no' + * within 'ofproto', or a null pointer if 'ofproto' does not have a port + * 'port_no' or if that port does not have CFM configured. The caller must not + * modify or destroy the returned object. */ +const struct cfm * +ofproto_iface_get_cfm(struct ofproto *ofproto, uint32_t port_no) +{ + struct ofport *ofport = get_port(ofproto, port_no); + return ofport ? ofport->cfm : NULL; +} + uint64_t ofproto_get_datapath_id(const struct ofproto *ofproto) { @@ -1022,32 +659,31 @@ ofproto_get_datapath_id(const struct ofproto *ofproto) bool ofproto_has_primary_controller(const struct ofproto *ofproto) { - return !hmap_is_empty(&ofproto->controllers); + return connmgr_has_controllers(ofproto->connmgr); } enum ofproto_fail_mode ofproto_get_fail_mode(const struct ofproto *p) { - return p->fail_mode; + return connmgr_get_fail_mode(p->connmgr); } -void -ofproto_get_snoops(const struct ofproto *ofproto, struct svec *snoops) +bool +ofproto_has_snoops(const struct ofproto *ofproto) { - size_t i; + return connmgr_has_snoops(ofproto->connmgr); +} - for (i = 0; i < ofproto->n_snoops; i++) { - svec_add(snoops, pvconn_get_name(ofproto->snoops[i])); - } +void +ofproto_get_snoops(const struct ofproto *ofproto, struct sset *snoops) +{ + connmgr_get_snoops(ofproto->connmgr, snoops); } void ofproto_destroy(struct ofproto *p) { - struct ofservice *ofservice, *next_ofservice; - struct ofconn *ofconn, *next_ofconn; struct ofport *ofport, *next_ofport; - size_t i; if (!p) { return; @@ -1055,23 +691,11 @@ ofproto_destroy(struct ofproto *p) shash_find_and_delete(&all_ofprotos, dpif_name(p->dpif)); - /* Destroy fail-open and in-band early, since they touch the classifier. */ - fail_open_destroy(p->fail_open); - p->fail_open = NULL; - - in_band_destroy(p->in_band); - p->in_band = NULL; - free(p->extra_in_band_remotes); - - ofproto_flush_flows(p); + ofproto_flush_flows__(p); + connmgr_destroy(p->connmgr); classifier_destroy(&p->cls); hmap_destroy(&p->facets); - LIST_FOR_EACH_SAFE (ofconn, next_ofconn, node, &p->all_conns) { - ofconn_destroy(ofconn); - } - hmap_destroy(&p->controllers); - dpif_close(p->dpif); netdev_monitor_destroy(p->netdev_monitor); HMAP_FOR_EACH_SAFE (ofport, next_ofport, hmap_node, &p->ports) { @@ -1080,20 +704,9 @@ ofproto_destroy(struct ofproto *p) } shash_destroy(&p->port_by_name); - switch_status_destroy(p->switch_status); netflow_destroy(p->netflow); ofproto_sflow_destroy(p->sflow); - HMAP_FOR_EACH_SAFE (ofservice, next_ofservice, node, &p->services) { - ofservice_destroy(p, ofservice); - } - hmap_destroy(&p->services); - - for (i = 0; i < p->n_snoops; i++) { - pvconn_close(p->snoops[i]); - } - free(p->snoops); - mac_learning_destroy(p->ml); free(p->mfr_desc); @@ -1128,54 +741,10 @@ process_port_change(struct ofproto *ofproto, int error, char *devname) } } -/* Returns a "preference level" for snooping 'ofconn'. A higher return value - * means that 'ofconn' is more interesting for monitoring than a lower return - * value. */ -static int -snoop_preference(const struct ofconn *ofconn) -{ - switch (ofconn->role) { - case NX_ROLE_MASTER: - return 3; - case NX_ROLE_OTHER: - return 2; - case NX_ROLE_SLAVE: - return 1; - default: - /* Shouldn't happen. */ - return 0; - } -} - -/* One of ofproto's "snoop" pvconns has accepted a new connection on 'vconn'. - * Connects this vconn to a controller. */ -static void -add_snooper(struct ofproto *ofproto, struct vconn *vconn) -{ - struct ofconn *ofconn, *best; - - /* Pick a controller for monitoring. */ - best = NULL; - LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) { - if (ofconn->type == OFCONN_PRIMARY - && (!best || snoop_preference(ofconn) > snoop_preference(best))) { - best = ofconn; - } - } - - if (best) { - rconn_add_monitor(best->rconn, vconn); - } else { - VLOG_INFO_RL(&rl, "no controller connection to snoop"); - vconn_close(vconn); - } -} - int ofproto_run1(struct ofproto *p) { - struct ofconn *ofconn, *next_ofconn; - struct ofservice *ofservice; + struct ofport *ofport; char *devname; int error; int i; @@ -1212,60 +781,15 @@ ofproto_run1(struct ofproto *p) process_port_change(p, error, devname); } - if (p->in_band) { - if (time_msec() >= p->next_in_band_update) { - update_in_band_remotes(p); - } - in_band_run(p->in_band); - } - - LIST_FOR_EACH_SAFE (ofconn, next_ofconn, node, &p->all_conns) { - ofconn_run(ofconn); - } - - /* Fail-open maintenance. Do this after processing the ofconns since - * fail-open checks the status of the controller rconn. */ - if (p->fail_open) { - fail_open_run(p->fail_open); - } - - HMAP_FOR_EACH (ofservice, node, &p->services) { - struct vconn *vconn; - int retval; - - retval = pvconn_accept(ofservice->pvconn, OFP_VERSION, &vconn); - if (!retval) { - struct rconn *rconn; - char *name; - - rconn = rconn_create(ofservice->probe_interval, 0); - name = ofconn_make_name(p, vconn_get_name(vconn)); - rconn_connect_unreliably(rconn, vconn, name); - free(name); - - ofconn = ofconn_create(p, rconn, OFCONN_SERVICE); - ofconn_set_rate_limit(ofconn, ofservice->rate_limit, - ofservice->burst_limit); - } else if (retval != EAGAIN) { - VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval)); - } + HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { + ofport_run(p, ofport); } - for (i = 0; i < p->n_snoops; i++) { - struct vconn *vconn; - int retval; + connmgr_run(p->connmgr, handle_openflow); - retval = pvconn_accept(p->snoops[i], OFP_VERSION, &vconn); - if (!retval) { - add_snooper(p, vconn); - } else if (retval != EAGAIN) { - VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval)); - } - } - - if (time_msec() >= p->next_expiration) { + if (timer_expired(&p->next_expiration)) { int delay = ofproto_expire(p); - p->next_expiration = time_msec() + delay; + timer_set_duration(&p->next_expiration, delay); COVERAGE_INC(ofproto_expiration); } @@ -1310,23 +834,14 @@ ofproto_run2(struct ofproto *p, bool revalidate_all) void ofproto_wait(struct ofproto *p) { - struct ofservice *ofservice; - struct ofconn *ofconn; - size_t i; + struct ofport *ofport; + HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { + ofport_wait(ofport); + } dpif_recv_wait(p->dpif); dpif_port_poll_wait(p->dpif); netdev_monitor_poll_wait(p->netdev_monitor); - LIST_FOR_EACH (ofconn, node, &p->all_conns) { - ofconn_wait(ofconn); - } - if (p->in_band) { - poll_timer_wait_until(p->next_in_band_update); - in_band_wait(p->in_band); - } - if (p->fail_open) { - fail_open_wait(p->fail_open); - } if (p->sflow) { ofproto_sflow_wait(p->sflow); } @@ -1337,15 +852,10 @@ ofproto_wait(struct ofproto *p) /* Shouldn't happen, but if it does just go around again. */ VLOG_DBG_RL(&rl, "need revalidate in ofproto_wait_cb()"); poll_immediate_wake(); - } else if (p->next_expiration != LLONG_MAX) { - poll_timer_wait_until(p->next_expiration); - } - HMAP_FOR_EACH (ofservice, node, &p->services) { - pvconn_wait(ofservice->pvconn); - } - for (i = 0; i < p->n_snoops; i++) { - pvconn_wait(p->snoops[i]); + } else { + timer_wait(&p->next_expiration); } + connmgr_wait(p->connmgr); } void @@ -1363,54 +873,14 @@ ofproto_get_revalidate_set(struct ofproto *ofproto) bool ofproto_is_alive(const struct ofproto *p) { - return !hmap_is_empty(&p->controllers); + return connmgr_has_controllers(p->connmgr); } void ofproto_get_ofproto_controller_info(const struct ofproto *ofproto, struct shash *info) { - const struct ofconn *ofconn; - - shash_init(info); - - HMAP_FOR_EACH (ofconn, hmap_node, &ofproto->controllers) { - const struct rconn *rconn = ofconn->rconn; - time_t now = time_now(); - time_t last_connection = rconn_get_last_connection(rconn); - time_t last_disconnect = rconn_get_last_disconnect(rconn); - const int last_error = rconn_get_last_error(rconn); - struct ofproto_controller_info *cinfo = xmalloc(sizeof *cinfo); - - shash_add(info, rconn_get_target(rconn), cinfo); - - cinfo->is_connected = rconn_is_connected(rconn); - cinfo->role = ofconn->role; - - cinfo->pairs.n = 0; - - if (last_error) { - cinfo->pairs.keys[cinfo->pairs.n] = "last_error"; - cinfo->pairs.values[cinfo->pairs.n++] = - xstrdup(ovs_retval_to_string(last_error)); - } - - cinfo->pairs.keys[cinfo->pairs.n] = "state"; - cinfo->pairs.values[cinfo->pairs.n++] = - xstrdup(rconn_get_state(rconn)); - - if (last_connection != TIME_MIN) { - cinfo->pairs.keys[cinfo->pairs.n] = "sec_since_connect"; - cinfo->pairs.values[cinfo->pairs.n++] - = xasprintf("%ld", (long int) (now - last_connection)); - } - - if (last_disconnect != TIME_MIN) { - cinfo->pairs.keys[cinfo->pairs.n] = "sec_since_disconnect"; - cinfo->pairs.values[cinfo->pairs.n++] - = xasprintf("%ld", (long int) (now - last_disconnect)); - } - } + connmgr_get_controller_info(ofproto->connmgr, info); } void @@ -1442,7 +912,7 @@ int ofproto_port_del(struct ofproto *ofproto, uint16_t odp_port) { struct ofport *ofport = get_port(ofproto, odp_port); - const char *name = ofport ? ofport->opp.name : ""; + const char *name = ofport ? netdev_get_name(ofport->netdev) : ""; int error; error = dpif_port_del(ofproto->dpif, odp_port); @@ -1450,8 +920,8 @@ ofproto_port_del(struct ofproto *ofproto, uint16_t odp_port) VLOG_ERR("%s: failed to remove port %"PRIu16" (%s) interface (%s)", dpif_name(ofproto->dpif), odp_port, name, strerror(error)); } else if (ofport) { - /* 'name' is ofport->opp.name and update_port() is going to destroy - * 'ofport'. Just in case update_port() refers to 'name' after it + /* 'name' is the netdev's name and update_port() is going to close the + * netdev. Just in case update_port() refers to 'name' after it * destroys 'ofport', make a copy of it around the update_port() * call. */ char *devname = xstrdup(name); @@ -1470,26 +940,34 @@ ofproto_port_is_floodable(struct ofproto *ofproto, uint16_t odp_port) return ofport && !(ofport->opp.config & OFPPC_NO_FLOOD); } +/* Sends 'packet' out of port 'port_no' within 'p'. If 'vlan_tci' is zero the + * packet will not have any 802.1Q hader; if it is nonzero, then the packet + * will be sent with the VLAN TCI specified by 'vlan_tci & ~VLAN_CFI'. + * + * Returns 0 if successful, otherwise a positive errno value. */ int -ofproto_send_packet(struct ofproto *p, const struct flow *flow, - const union ofp_action *actions, size_t n_actions, +ofproto_send_packet(struct ofproto *ofproto, + uint32_t port_no, uint16_t vlan_tci, const struct ofpbuf *packet) { - struct action_xlate_ctx ctx; - struct ofpbuf *odp_actions; - - action_xlate_ctx_init(&ctx, p, flow, packet); - /* Always xlate packets originated in this function. */ - ctx.check_special = false; - odp_actions = xlate_actions(&ctx, actions, n_actions); - - /* XXX Should we translate the dpif_execute() errno value into an OpenFlow - * error code? */ - dpif_execute(p->dpif, odp_actions->data, odp_actions->size, packet); + struct ofpbuf odp_actions; + int error; - ofpbuf_delete(odp_actions); + ofpbuf_init(&odp_actions, 32); + if (vlan_tci != 0) { + nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_SET_DL_TCI, + ntohs(vlan_tci & ~VLAN_CFI)); + } + nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_OUTPUT, port_no); + error = dpif_execute(ofproto->dpif, odp_actions.data, odp_actions.size, + packet); + ofpbuf_uninit(&odp_actions); - return 0; + if (error) { + VLOG_WARN_RL(&rl, "%s: failed to send packet on port %"PRIu32" (%s)", + dpif_name(ofproto->dpif), port_no, strerror(error)); + } + return error; } /* Adds a flow to the OpenFlow flow table in 'p' that matches 'cls_rule' and @@ -1522,8 +1000,8 @@ ofproto_delete_flow(struct ofproto *ofproto, const struct cls_rule *target) } } -void -ofproto_flush_flows(struct ofproto *ofproto) +static void +ofproto_flush_flows__(struct ofproto *ofproto) { struct facet *facet, *next_facet; struct rule *rule, *next_rule; @@ -1548,45 +1026,47 @@ ofproto_flush_flows(struct ofproto *ofproto) } dpif_flow_flush(ofproto->dpif); - if (ofproto->in_band) { - in_band_flushed(ofproto->in_band); - } - if (ofproto->fail_open) { - fail_open_flushed(ofproto->fail_open); - } +} + +void +ofproto_flush_flows(struct ofproto *ofproto) +{ + ofproto_flush_flows__(ofproto); + connmgr_flushed(ofproto->connmgr); } static void reinit_ports(struct ofproto *p) { struct dpif_port_dump dump; - struct shash_node *node; - struct shash devnames; + struct sset devnames; struct ofport *ofport; struct dpif_port dpif_port; + const char *devname; COVERAGE_INC(ofproto_reinit_ports); - shash_init(&devnames); + sset_init(&devnames); HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { - shash_add_once (&devnames, ofport->opp.name, NULL); + sset_add(&devnames, netdev_get_name(ofport->netdev)); } DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) { - shash_add_once (&devnames, dpif_port.name, NULL); + sset_add(&devnames, dpif_port.name); } - SHASH_FOR_EACH (node, &devnames) { - update_port(p, node->name); + SSET_FOR_EACH (devname, &devnames) { + update_port(p, devname); } - shash_destroy(&devnames); + sset_destroy(&devnames); } -static struct ofport * -make_ofport(const struct dpif_port *dpif_port) +/* Opens and returns a netdev for 'dpif_port', or a null pointer if the netdev + * cannot be opened. On success, also fills in 'opp', in *HOST* byte order. */ +static struct netdev * +ofport_open(const struct dpif_port *dpif_port, struct ofp_phy_port *opp) { struct netdev_options netdev_options; enum netdev_flags flags; - struct ofport *ofport; struct netdev *netdev; int error; @@ -1604,22 +1084,16 @@ make_ofport(const struct dpif_port *dpif_port) return NULL; } - ofport = xzalloc(sizeof *ofport); - ofport->netdev = netdev; - ofport->odp_port = dpif_port->port_no; - ofport->opp.port_no = odp_port_to_ofp_port(dpif_port->port_no); - netdev_get_etheraddr(netdev, ofport->opp.hw_addr); - ovs_strlcpy(ofport->opp.name, dpif_port->name, sizeof ofport->opp.name); - netdev_get_flags(netdev, &flags); - ofport->opp.config = flags & NETDEV_UP ? 0 : OFPPC_PORT_DOWN; - ofport->opp.state = netdev_get_carrier(netdev) ? 0 : OFPPS_LINK_DOWN; - - netdev_get_features(netdev, - &ofport->opp.curr, &ofport->opp.advertised, - &ofport->opp.supported, &ofport->opp.peer); - return ofport; + opp->port_no = odp_port_to_ofp_port(dpif_port->port_no); + netdev_get_etheraddr(netdev, opp->hw_addr); + ovs_strzcpy(opp->name, dpif_port->name, sizeof opp->name); + opp->config = flags & NETDEV_UP ? 0 : OFPPC_PORT_DOWN; + opp->state = netdev_get_carrier(netdev) ? 0 : OFPPS_LINK_DOWN; + netdev_get_features(netdev, &opp->curr, &opp->advertised, + &opp->supported, &opp->peer); + return netdev; } static bool @@ -1638,54 +1112,42 @@ ofport_conflicts(const struct ofproto *p, const struct dpif_port *dpif_port) } } -static int -ofport_equal(const struct ofport *a_, const struct ofport *b_) +/* Returns true if most fields of 'a' and 'b' are equal. Differences in name, + * port number, and 'config' bits other than OFPPC_PORT_DOWN are + * disregarded. */ +static bool +ofport_equal(const struct ofp_phy_port *a, const struct ofp_phy_port *b) { - const struct ofp_phy_port *a = &a_->opp; - const struct ofp_phy_port *b = &b_->opp; - BUILD_ASSERT_DECL(sizeof *a == 48); /* Detect ofp_phy_port changes. */ - return (a->port_no == b->port_no - && !memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr) - && !strcmp(a->name, b->name) + return (!memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr) && a->state == b->state - && a->config == b->config + && !((a->config ^ b->config) & OFPPC_PORT_DOWN) && a->curr == b->curr && a->advertised == b->advertised && a->supported == b->supported && a->peer == b->peer); } +/* Adds an ofport to 'p' initialized based on the given 'netdev' and 'opp'. + * The caller must ensure that 'p' does not have a conflicting ofport (that is, + * one with the same name or port number). */ static void -send_port_status(struct ofproto *p, const struct ofport *ofport, - uint8_t reason) +ofport_install(struct ofproto *p, + struct netdev *netdev, const struct ofp_phy_port *opp) { - /* XXX Should limit the number of queued port status change messages. */ - struct ofconn *ofconn; - LIST_FOR_EACH (ofconn, node, &p->all_conns) { - struct ofp_port_status *ops; - struct ofpbuf *b; - - /* Primary controllers, even slaves, should always get port status - updates. Otherwise obey ofconn_receives_async_msgs(). */ - if (ofconn->type != OFCONN_PRIMARY - && !ofconn_receives_async_msgs(ofconn)) { - continue; - } + const char *netdev_name = netdev_get_name(netdev); + struct ofport *ofport; - ops = make_openflow_xid(sizeof *ops, OFPT_PORT_STATUS, 0, &b); - ops->reason = reason; - ops->desc = ofport->opp; - hton_ofp_phy_port(&ops->desc); - queue_tx(b, ofconn, NULL); - } -} + connmgr_send_port_status(p->connmgr, opp, OFPPR_ADD); -static void -ofport_install(struct ofproto *p, struct ofport *ofport) -{ - const char *netdev_name = ofport->opp.name; + /* Create ofport. */ + ofport = xmalloc(sizeof *ofport); + ofport->netdev = netdev; + ofport->opp = *opp; + ofport->odp_port = ofp_port_to_odp_port(opp->port_no); + ofport->cfm = NULL; + /* Add port to 'p'. */ netdev_monitor_add(p->netdev_monitor, ofport->netdev); hmap_insert(&p->ports, &ofport->hmap_node, hash_int(ofport->odp_port, 0)); shash_add(&p->port_by_name, netdev_name, ofport); @@ -1694,339 +1156,172 @@ ofport_install(struct ofproto *p, struct ofport *ofport) } } +/* Removes 'ofport' from 'p' and destroys it. */ static void ofport_remove(struct ofproto *p, struct ofport *ofport) { + connmgr_send_port_status(p->connmgr, &ofport->opp, OFPPR_DELETE); + netdev_monitor_remove(p->netdev_monitor, ofport->netdev); hmap_remove(&p->ports, &ofport->hmap_node); shash_delete(&p->port_by_name, - shash_find(&p->port_by_name, ofport->opp.name)); + shash_find(&p->port_by_name, + netdev_get_name(ofport->netdev))); if (p->sflow) { ofproto_sflow_del_port(p->sflow, ofport->odp_port); } -} -static void -ofport_free(struct ofport *ofport) -{ - if (ofport) { - netdev_close(ofport->netdev); - free(ofport); - } + ofport_free(ofport); } -static struct ofport * -get_port(const struct ofproto *ofproto, uint16_t odp_port) +/* If 'ofproto' contains an ofport named 'name', removes it from 'ofproto' and + * destroys it. */ +static void +ofport_remove_with_name(struct ofproto *ofproto, const char *name) { - struct ofport *port; - - HMAP_FOR_EACH_IN_BUCKET (port, hmap_node, - hash_int(odp_port, 0), &ofproto->ports) { - if (port->odp_port == odp_port) { - return port; - } + struct ofport *port = shash_find_data(&ofproto->port_by_name, name); + if (port) { + ofport_remove(ofproto, port); } - return NULL; } +/* Updates 'port' within 'ofproto' with the new 'netdev' and 'opp'. + * + * Does not handle a name or port number change. The caller must implement + * such a change as a delete followed by an add. */ static void -update_port(struct ofproto *p, const char *devname) +ofport_modified(struct ofproto *ofproto, struct ofport *port, + struct netdev *netdev, struct ofp_phy_port *opp) { - struct dpif_port dpif_port; - struct ofport *old_ofport; - struct ofport *new_ofport; - int error; - - COVERAGE_INC(ofproto_update_port); - - /* Query the datapath for port information. */ - error = dpif_port_query_by_name(p->dpif, devname, &dpif_port); + memcpy(port->opp.hw_addr, opp->hw_addr, ETH_ADDR_LEN); + port->opp.config = ((port->opp.config & ~OFPPC_PORT_DOWN) + | (opp->config & OFPPC_PORT_DOWN)); + port->opp.state = opp->state; + port->opp.curr = opp->curr; + port->opp.advertised = opp->advertised; + port->opp.supported = opp->supported; + port->opp.peer = opp->peer; - /* Find the old ofport. */ - old_ofport = shash_find_data(&p->port_by_name, devname); - if (!error) { - if (!old_ofport) { - /* There's no port named 'devname' but there might be a port with - * the same port number. This could happen if a port is deleted - * and then a new one added in its place very quickly, or if a port - * is renamed. In the former case we want to send an OFPPR_DELETE - * and an OFPPR_ADD, and in the latter case we want to send a - * single OFPPR_MODIFY. We can distinguish the cases by comparing - * the old port's ifindex against the new port, or perhaps less - * reliably but more portably by comparing the old port's MAC - * against the new port's MAC. However, this code isn't that smart - * and always sends an OFPPR_MODIFY (XXX). */ - old_ofport = get_port(p, dpif_port.port_no); - } - } else if (error != ENOENT && error != ENODEV) { - VLOG_WARN_RL(&rl, "dpif_port_query_by_name returned unexpected error " - "%s", strerror(error)); - goto exit; - } - - /* Create a new ofport. */ - new_ofport = !error ? make_ofport(&dpif_port) : NULL; - - /* Eliminate a few pathological cases. */ - if (!old_ofport && !new_ofport) { - goto exit; - } else if (old_ofport && new_ofport) { - /* Most of the 'config' bits are OpenFlow soft state, but - * OFPPC_PORT_DOWN is maintained by the kernel. So transfer the - * OpenFlow bits from old_ofport. (make_ofport() only sets - * OFPPC_PORT_DOWN and leaves the other bits 0.) */ - new_ofport->opp.config |= old_ofport->opp.config & ~OFPPC_PORT_DOWN; - - if (ofport_equal(old_ofport, new_ofport)) { - /* False alarm--no change. */ - ofport_free(new_ofport); - goto exit; - } - } + netdev_monitor_remove(ofproto->netdev_monitor, port->netdev); + netdev_monitor_add(ofproto->netdev_monitor, netdev); - /* Now deal with the normal cases. */ - if (old_ofport) { - ofport_remove(p, old_ofport); - } - if (new_ofport) { - ofport_install(p, new_ofport); - } - send_port_status(p, new_ofport ? new_ofport : old_ofport, - (!old_ofport ? OFPPR_ADD - : !new_ofport ? OFPPR_DELETE - : OFPPR_MODIFY)); - ofport_free(old_ofport); + netdev_close(port->netdev); + port->netdev = netdev; -exit: - dpif_port_destroy(&dpif_port); + connmgr_send_port_status(ofproto->connmgr, &port->opp, OFPPR_MODIFY); } -static int -init_ports(struct ofproto *p) +static void +ofport_run(struct ofproto *ofproto, struct ofport *ofport) { - struct dpif_port_dump dump; - struct dpif_port dpif_port; + if (ofport->cfm) { + cfm_run(ofport->cfm); - DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) { - if (!ofport_conflicts(p, &dpif_port)) { - struct ofport *ofport = make_ofport(&dpif_port); - if (ofport) { - ofport_install(p, ofport); - } + if (cfm_should_send_ccm(ofport->cfm)) { + struct ofpbuf packet; + struct ccm *ccm; + + ofpbuf_init(&packet, 0); + ccm = compose_packet(&packet, eth_addr_ccm, ofport->opp.hw_addr, + ETH_TYPE_CFM, sizeof *ccm); + cfm_compose_ccm(ofport->cfm, ccm); + ofproto_send_packet(ofproto, ofport->odp_port, 0, &packet); + ofpbuf_uninit(&packet); } } - - return 0; -} - -static struct ofconn * -ofconn_create(struct ofproto *p, struct rconn *rconn, enum ofconn_type type) -{ - struct ofconn *ofconn = xzalloc(sizeof *ofconn); - ofconn->ofproto = p; - list_push_back(&p->all_conns, &ofconn->node); - ofconn->rconn = rconn; - ofconn->type = type; - ofconn->flow_format = NXFF_OPENFLOW10; - ofconn->role = NX_ROLE_OTHER; - ofconn->packet_in_counter = rconn_packet_counter_create (); - ofconn->pktbuf = NULL; - ofconn->miss_send_len = 0; - ofconn->reply_counter = rconn_packet_counter_create (); - return ofconn; } static void -ofconn_destroy(struct ofconn *ofconn) +ofport_wait(struct ofport *ofport) { - if (ofconn->type == OFCONN_PRIMARY) { - hmap_remove(&ofconn->ofproto->controllers, &ofconn->hmap_node); + if (ofport->cfm) { + cfm_wait(ofport->cfm); } - discovery_destroy(ofconn->discovery); - - list_remove(&ofconn->node); - switch_status_unregister(ofconn->ss); - rconn_destroy(ofconn->rconn); - rconn_packet_counter_destroy(ofconn->packet_in_counter); - rconn_packet_counter_destroy(ofconn->reply_counter); - pktbuf_destroy(ofconn->pktbuf); - free(ofconn); } static void -ofconn_run(struct ofconn *ofconn) +ofport_free(struct ofport *ofport) { - struct ofproto *p = ofconn->ofproto; - int iteration; - size_t i; - - if (ofconn->discovery) { - char *controller_name; - if (rconn_is_connectivity_questionable(ofconn->rconn)) { - discovery_question_connectivity(ofconn->discovery); - } - if (discovery_run(ofconn->discovery, &controller_name)) { - if (controller_name) { - char *ofconn_name = ofconn_make_name(p, controller_name); - rconn_connect(ofconn->rconn, controller_name, ofconn_name); - free(ofconn_name); - free(controller_name); - } else { - rconn_disconnect(ofconn->rconn); - } - } - } - - for (i = 0; i < N_SCHEDULERS; i++) { - pinsched_run(ofconn->schedulers[i], do_send_packet_in, ofconn); - } - - rconn_run(ofconn->rconn); - - if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) { - /* Limit the number of iterations to prevent other tasks from - * starving. */ - for (iteration = 0; iteration < 50; iteration++) { - struct ofpbuf *of_msg = rconn_recv(ofconn->rconn); - if (!of_msg) { - break; - } - if (p->fail_open) { - fail_open_maybe_recover(p->fail_open); - } - handle_openflow(ofconn, of_msg); - ofpbuf_delete(of_msg); - } - } - - if (!ofconn->discovery && !rconn_is_alive(ofconn->rconn)) { - ofconn_destroy(ofconn); + if (ofport) { + cfm_destroy(ofport->cfm); + netdev_close(ofport->netdev); + free(ofport); } } -static void -ofconn_wait(struct ofconn *ofconn) +static struct ofport * +get_port(const struct ofproto *ofproto, uint16_t odp_port) { - int i; - - if (ofconn->discovery) { - discovery_wait(ofconn->discovery); - } - for (i = 0; i < N_SCHEDULERS; i++) { - pinsched_wait(ofconn->schedulers[i]); - } - rconn_run_wait(ofconn->rconn); - if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) { - rconn_recv_wait(ofconn->rconn); - } else { - COVERAGE_INC(ofproto_ofconn_stuck); - } -} + struct ofport *port; -/* Returns true if 'ofconn' should receive asynchronous messages. */ -static bool -ofconn_receives_async_msgs(const struct ofconn *ofconn) -{ - if (ofconn->type == OFCONN_PRIMARY) { - /* Primary controllers always get asynchronous messages unless they - * have configured themselves as "slaves". */ - return ofconn->role != NX_ROLE_SLAVE; - } else { - /* Service connections don't get asynchronous messages unless they have - * explicitly asked for them by setting a nonzero miss send length. */ - return ofconn->miss_send_len > 0; + HMAP_FOR_EACH_IN_BUCKET (port, hmap_node, + hash_int(odp_port, 0), &ofproto->ports) { + if (port->odp_port == odp_port) { + return port; + } } -} - -/* Returns a human-readable name for an OpenFlow connection between 'ofproto' - * and 'target', suitable for use in log messages for identifying the - * connection. - * - * The name is dynamically allocated. The caller should free it (with free()) - * when it is no longer needed. */ -static char * -ofconn_make_name(const struct ofproto *ofproto, const char *target) -{ - return xasprintf("%s<->%s", dpif_base_name(ofproto->dpif), target); + return NULL; } static void -ofconn_set_rate_limit(struct ofconn *ofconn, int rate, int burst) +update_port(struct ofproto *ofproto, const char *name) { - int i; + struct dpif_port dpif_port; + struct ofp_phy_port opp; + struct netdev *netdev; + struct ofport *port; - for (i = 0; i < N_SCHEDULERS; i++) { - struct pinsched **s = &ofconn->schedulers[i]; + COVERAGE_INC(ofproto_update_port); - if (rate > 0) { - if (!*s) { - *s = pinsched_create(rate, burst, - ofconn->ofproto->switch_status); + /* Fetch 'name''s location and properties from the datapath. */ + netdev = (!dpif_port_query_by_name(ofproto->dpif, name, &dpif_port) + ? ofport_open(&dpif_port, &opp) + : NULL); + if (netdev) { + port = get_port(ofproto, dpif_port.port_no); + if (port && !strcmp(netdev_get_name(port->netdev), name)) { + /* 'name' hasn't changed location. Any properties changed? */ + if (!ofport_equal(&port->opp, &opp)) { + ofport_modified(ofproto, port, netdev, &opp); } else { - pinsched_set_limits(*s, rate, burst); + netdev_close(netdev); } } else { - pinsched_destroy(*s); - *s = NULL; + /* If 'port' is nonnull then its name differs from 'name' and thus + * we should delete it. If we think there's a port named 'name' + * then its port number must be wrong now so delete it too. */ + if (port) { + ofport_remove(ofproto, port); + } + ofport_remove_with_name(ofproto, name); + ofport_install(ofproto, netdev, &opp); } + } else { + /* Any port named 'name' is gone now. */ + ofport_remove_with_name(ofproto, name); } -} - -static void -ofservice_reconfigure(struct ofservice *ofservice, - const struct ofproto_controller *c) -{ - ofservice->probe_interval = c->probe_interval; - ofservice->rate_limit = c->rate_limit; - ofservice->burst_limit = c->burst_limit; + dpif_port_destroy(&dpif_port); } -/* Creates a new ofservice in 'ofproto'. Returns 0 if successful, otherwise a - * positive errno value. */ static int -ofservice_create(struct ofproto *ofproto, const struct ofproto_controller *c) -{ - struct ofservice *ofservice; - struct pvconn *pvconn; - int error; - - error = pvconn_open(c->target, &pvconn); - if (error) { - return error; - } - - ofservice = xzalloc(sizeof *ofservice); - hmap_insert(&ofproto->services, &ofservice->node, - hash_string(c->target, 0)); - ofservice->pvconn = pvconn; - - ofservice_reconfigure(ofservice, c); - - return 0; -} - -static void -ofservice_destroy(struct ofproto *ofproto, struct ofservice *ofservice) +init_ports(struct ofproto *p) { - hmap_remove(&ofproto->services, &ofservice->node); - pvconn_close(ofservice->pvconn); - free(ofservice); -} + struct dpif_port_dump dump; + struct dpif_port dpif_port; -/* Finds and returns the ofservice within 'ofproto' that has the given - * 'target', or a null pointer if none exists. */ -static struct ofservice * -ofservice_lookup(struct ofproto *ofproto, const char *target) -{ - struct ofservice *ofservice; + DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) { + if (!ofport_conflicts(p, &dpif_port)) { + struct ofp_phy_port opp; + struct netdev *netdev; - HMAP_FOR_EACH_WITH_HASH (ofservice, node, hash_string(target, 0), - &ofproto->services) { - if (!strcmp(pvconn_get_name(ofservice->pvconn), target)) { - return ofservice; + netdev = ofport_open(&dpif_port, &opp); + if (netdev) { + ofport_install(p, netdev, &opp); + } } } - return NULL; + + return 0; } /* Returns true if 'rule' should be hidden from the controller. @@ -2341,7 +1636,7 @@ facet_put__(struct ofproto *ofproto, struct facet *facet, const struct nlattr *actions, size_t actions_len, struct dpif_flow_stats *stats) { - uint32_t keybuf[ODPUTIL_FLOW_KEY_U32S]; + struct odputil_keybuf keybuf; enum dpif_flow_put_flags flags; struct ofpbuf key; @@ -2352,9 +1647,8 @@ facet_put__(struct ofproto *ofproto, struct facet *facet, facet->dp_byte_count = 0; } - ofpbuf_use_stack(&key, keybuf, sizeof keybuf); + ofpbuf_use_stack(&key, &keybuf, sizeof keybuf); odp_flow_key_from_flow(&key, &facet->flow); - assert(key.base == keybuf); return dpif_flow_put(ofproto->dpif, flags, key.data, key.size, actions, actions_len, stats); @@ -2398,13 +1692,12 @@ static void facet_uninstall(struct ofproto *p, struct facet *facet) { if (facet->installed) { - uint32_t keybuf[ODPUTIL_FLOW_KEY_U32S]; + struct odputil_keybuf keybuf; struct dpif_flow_stats stats; struct ofpbuf key; - ofpbuf_use_stack(&key, keybuf, sizeof keybuf); + ofpbuf_use_stack(&key, &keybuf, sizeof keybuf); odp_flow_key_from_flow(&key, &facet->flow); - assert(key.base == keybuf); if (!dpif_flow_del(p->dpif, key.data, key.size, &stats)) { facet_update_stats(p, facet, &stats); @@ -2588,16 +1881,6 @@ facet_revalidate(struct ofproto *ofproto, struct facet *facet) return true; } -static void -queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn, - struct rconn_packet_counter *counter) -{ - update_openflow_length(msg); - if (rconn_send(ofconn->rconn, msg, counter)) { - ofpbuf_delete(msg); - } -} - static void send_error_oh(const struct ofconn *ofconn, const struct ofp_header *oh, int error) @@ -2605,38 +1888,27 @@ send_error_oh(const struct ofconn *ofconn, const struct ofp_header *oh, struct ofpbuf *buf = ofputil_encode_error_msg(error, oh); if (buf) { COVERAGE_INC(ofproto_error); - queue_tx(buf, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, buf); } } -static void -hton_ofp_phy_port(struct ofp_phy_port *opp) -{ - opp->port_no = htons(opp->port_no); - opp->config = htonl(opp->config); - opp->state = htonl(opp->state); - opp->curr = htonl(opp->curr); - opp->advertised = htonl(opp->advertised); - opp->supported = htonl(opp->supported); - opp->peer = htonl(opp->peer); -} - static int handle_echo_request(struct ofconn *ofconn, const struct ofp_header *oh) { - queue_tx(make_echo_reply(oh), ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, make_echo_reply(oh)); return 0; } static int handle_features_request(struct ofconn *ofconn, const struct ofp_header *oh) { + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct ofp_switch_features *osf; struct ofpbuf *buf; struct ofport *port; osf = make_openflow_xid(sizeof *osf, OFPT_FEATURES_REPLY, oh->xid, &buf); - osf->datapath_id = htonll(ofconn->ofproto->datapath_id); + osf->datapath_id = htonll(ofproto->datapath_id); osf->n_buffers = htonl(pktbuf_capacity()); osf->n_tables = 2; osf->capabilities = htonl(OFPC_FLOW_STATS | OFPC_TABLE_STATS | @@ -2654,31 +1926,32 @@ handle_features_request(struct ofconn *ofconn, const struct ofp_header *oh) (1u << OFPAT_SET_TP_DST) | (1u << OFPAT_ENQUEUE)); - HMAP_FOR_EACH (port, hmap_node, &ofconn->ofproto->ports) { + HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) { hton_ofp_phy_port(ofpbuf_put(buf, &port->opp, sizeof port->opp)); } - queue_tx(buf, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, buf); return 0; } static int handle_get_config_request(struct ofconn *ofconn, const struct ofp_header *oh) { + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct ofpbuf *buf; struct ofp_switch_config *osc; uint16_t flags; bool drop_frags; /* Figure out flags. */ - dpif_get_drop_frags(ofconn->ofproto->dpif, &drop_frags); + dpif_get_drop_frags(ofproto->dpif, &drop_frags); flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL; /* Send reply. */ osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf); osc->flags = htons(flags); - osc->miss_send_len = htons(ofconn->miss_send_len); - queue_tx(buf, ofconn, ofconn->reply_counter); + osc->miss_send_len = htons(ofconn_get_miss_send_len(ofconn)); + ofconn_send_reply(ofconn, buf); return 0; } @@ -2686,15 +1959,17 @@ handle_get_config_request(struct ofconn *ofconn, const struct ofp_header *oh) static int handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc) { + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); uint16_t flags = ntohs(osc->flags); - if (ofconn->type == OFCONN_PRIMARY && ofconn->role != NX_ROLE_SLAVE) { + if (ofconn_get_type(ofconn) == OFCONN_PRIMARY + && ofconn_get_role(ofconn) != NX_ROLE_SLAVE) { switch (flags & OFPC_FRAG_MASK) { case OFPC_FRAG_NORMAL: - dpif_set_drop_frags(ofconn->ofproto->dpif, false); + dpif_set_drop_frags(ofproto->dpif, false); break; case OFPC_FRAG_DROP: - dpif_set_drop_frags(ofconn->ofproto->dpif, true); + dpif_set_drop_frags(ofproto->dpif, true); break; default: VLOG_WARN_RL(&rl, "requested bad fragment mode (flags=%"PRIx16")", @@ -2703,7 +1978,7 @@ handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc) } } - ofconn->miss_send_len = ntohs(osc->miss_send_len); + ofconn_set_miss_send_len(ofconn, ntohs(osc->miss_send_len)); return 0; } @@ -3162,6 +2437,18 @@ action_xlate_ctx_init(struct action_xlate_ctx *ctx, ctx->check_special = true; } +static void +ofproto_process_cfm(struct ofproto *ofproto, const struct flow *flow, + const struct ofpbuf *packet) +{ + struct ofport *ofport; + + ofport = get_port(ofproto, flow->in_port); + if (ofport && ofport->cfm) { + cfm_process_heartbeat(ofport->cfm, packet); + } +} + static struct ofpbuf * xlate_actions(struct action_xlate_ctx *ctx, const union ofp_action *in, size_t n_in) @@ -3175,21 +2462,27 @@ xlate_actions(struct action_xlate_ctx *ctx, ctx->recurse = 0; ctx->last_pop_priority = -1; - if (!ctx->check_special - || !ctx->ofproto->ofhooks->special_cb - || ctx->ofproto->ofhooks->special_cb(&ctx->flow, ctx->packet, - ctx->ofproto->aux)) { - do_xlate_actions(in, n_in, ctx); - } else { + if (ctx->check_special && cfm_should_process_flow(&ctx->flow)) { + if (ctx->packet) { + ofproto_process_cfm(ctx->ofproto, &ctx->flow, ctx->packet); + } + ctx->may_set_up_flow = false; + } else if (ctx->check_special + && ctx->ofproto->ofhooks->special_cb + && !ctx->ofproto->ofhooks->special_cb(&ctx->flow, ctx->packet, + ctx->ofproto->aux)) { ctx->may_set_up_flow = false; + } else { + do_xlate_actions(in, n_in, ctx); } remove_pop_action(ctx); /* Check with in-band control to see if we're allowed to set up this * flow. */ - if (!in_band_rule_check(ctx->ofproto->in_band, &ctx->flow, - ctx->odp_actions->data, ctx->odp_actions->size)) { + if (!connmgr_may_set_up_flow(ctx->ofproto->connmgr, &ctx->flow, + ctx->odp_actions->data, + ctx->odp_actions->size)) { ctx->may_set_up_flow = false; } @@ -3204,7 +2497,8 @@ xlate_actions(struct action_xlate_ctx *ctx, static int reject_slave_controller(struct ofconn *ofconn, const const char *msg_type) { - if (ofconn->type == OFCONN_PRIMARY && ofconn->role == NX_ROLE_SLAVE) { + if (ofconn_get_type(ofconn) == OFCONN_PRIMARY + && ofconn_get_role(ofconn) == NX_ROLE_SLAVE) { static struct vlog_rate_limit perm_rl = VLOG_RATE_LIMIT_INIT(1, 5); VLOG_WARN_RL(&perm_rl, "rejecting %s message from slave controller", msg_type); @@ -3218,7 +2512,7 @@ reject_slave_controller(struct ofconn *ofconn, const const char *msg_type) static int handle_packet_out(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct ofp_packet_out *opo; struct ofpbuf payload, *buffer; union ofp_action *ofp_actions; @@ -3250,8 +2544,8 @@ handle_packet_out(struct ofconn *ofconn, const struct ofp_header *oh) /* Get payload. */ if (opo->buffer_id != htonl(UINT32_MAX)) { - error = pktbuf_retrieve(ofconn->pktbuf, ntohl(opo->buffer_id), - &buffer, &in_port); + error = ofconn_pktbuf_retrieve(ofconn, ntohl(opo->buffer_id), + &buffer, &in_port); if (error || !buffer) { return error; } @@ -3308,7 +2602,7 @@ update_port_config(struct ofproto *p, struct ofport *port, static int handle_port_mod(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); const struct ofp_port_mod *opm = (const struct ofp_port_mod *) oh; struct ofport *port; int error; @@ -3363,7 +2657,7 @@ append_ofp_stats_reply(size_t nbytes, struct ofconn *ofconn, struct ofp_stats_reply *reply = msg->data; reply->flags = htons(OFPSF_REPLY_MORE); *msgp = make_ofp_stats_reply(reply->header.xid, reply->type, nbytes); - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, msg); } return ofpbuf_put_uninit(*msgp, nbytes); } @@ -3399,7 +2693,7 @@ append_nxstats_reply(size_t nbytes, struct ofconn *ofconn, struct nicira_stats_msg *reply = msg->data; reply->flags = htons(OFPSF_REPLY_MORE); *msgp = make_nxstats_reply(reply->header.xid, reply->subtype, nbytes); - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, msg); } ofpbuf_prealloc_tailroom(*msgp, nbytes); } @@ -3408,7 +2702,7 @@ static int handle_desc_stats_request(struct ofconn *ofconn, const struct ofp_header *request) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct ofp_desc_stats *ods; struct ofpbuf *msg; @@ -3420,7 +2714,7 @@ handle_desc_stats_request(struct ofconn *ofconn, ovs_strlcpy(ods->sw_desc, p->sw_desc, sizeof ods->sw_desc); ovs_strlcpy(ods->serial_num, p->serial_desc, sizeof ods->serial_num); ovs_strlcpy(ods->dp_desc, p->dp_desc, sizeof ods->dp_desc); - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, msg); return 0; } @@ -3429,7 +2723,7 @@ static int handle_table_stats_request(struct ofconn *ofconn, const struct ofp_header *request) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct ofp_table_stats *ots; struct ofpbuf *msg; @@ -3439,14 +2733,14 @@ handle_table_stats_request(struct ofconn *ofconn, ots = append_ofp_stats_reply(sizeof *ots, ofconn, &msg); memset(ots, 0, sizeof *ots); strcpy(ots->name, "classifier"); - ots->wildcards = (ofconn->flow_format == NXFF_OPENFLOW10 + ots->wildcards = (ofconn_get_flow_format(ofconn) == NXFF_OPENFLOW10 ? htonl(OFPFW_ALL) : htonl(OVSFW_ALL)); ots->max_entries = htonl(1024 * 1024); /* An arbitrary big number. */ ots->active_count = htonl(classifier_count(&p->cls)); put_32aligned_be64(&ots->lookup_count, htonll(0)); /* XXX */ put_32aligned_be64(&ots->matched_count, htonll(0)); /* XXX */ - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, msg); return 0; } @@ -3482,7 +2776,7 @@ append_port_stat(struct ofport *port, struct ofconn *ofconn, static int handle_port_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); const struct ofp_port_stats_request *psr = ofputil_stats_body(oh); struct ofp_port_stats *ops; struct ofpbuf *msg; @@ -3500,16 +2794,26 @@ handle_port_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) } } - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, msg); return 0; } static void -calc_flow_duration(long long int start, ovs_be32 *sec, ovs_be32 *nsec) +calc_flow_duration__(long long int start, uint32_t *sec, uint32_t *nsec) { long long int msecs = time_msec() - start; - *sec = htonl(msecs / 1000); - *nsec = htonl((msecs % 1000) * (1000 * 1000)); + *sec = msecs / 1000; + *nsec = (msecs % 1000) * (1000 * 1000); +} + +static void +calc_flow_duration(long long int start, ovs_be32 *sec_be, ovs_be32 *nsec_be) +{ + uint32_t sec, nsec; + + calc_flow_duration__(start, &sec, &nsec); + *sec_be = htonl(sec); + *nsec_be = htonl(nsec); } static void @@ -3534,8 +2838,8 @@ put_ofp_flow_stats(struct ofconn *ofconn, struct rule *rule, ofs->length = htons(len); ofs->table_id = 0; ofs->pad = 0; - ofputil_cls_rule_to_match(&rule->cr, ofconn->flow_format, &ofs->match, - rule->flow_cookie, &cookie); + ofputil_cls_rule_to_match(&rule->cr, ofconn_get_flow_format(ofconn), + &ofs->match, rule->flow_cookie, &cookie); put_32aligned_be64(&ofs->cookie, cookie); calc_flow_duration(rule->created, &ofs->duration_sec, &ofs->duration_nsec); ofs->priority = htons(rule->cr.priority); @@ -3568,6 +2872,7 @@ static int handle_flow_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) { const struct ofp_flow_stats_request *fsr = ofputil_stats_body(oh); + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct ofpbuf *reply; COVERAGE_INC(ofproto_flows_req); @@ -3579,12 +2884,12 @@ handle_flow_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) ofputil_cls_rule_from_match(&fsr->match, 0, NXFF_OPENFLOW10, 0, &target); - cls_cursor_init(&cursor, &ofconn->ofproto->cls, &target); + cls_cursor_init(&cursor, &ofproto->cls, &target); CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { put_ofp_flow_stats(ofconn, rule, fsr->out_port, &reply); } } - queue_tx(reply, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, reply); return 0; } @@ -3631,6 +2936,7 @@ put_nx_flow_stats(struct ofconn *ofconn, struct rule *rule, static int handle_nxst_flow(struct ofconn *ofconn, const struct ofp_header *oh) { + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct nx_flow_stats_request *nfsr; struct cls_rule target; struct ofpbuf *reply; @@ -3655,12 +2961,12 @@ handle_nxst_flow(struct ofconn *ofconn, const struct ofp_header *oh) struct cls_cursor cursor; struct rule *rule; - cls_cursor_init(&cursor, &ofconn->ofproto->cls, &target); + cls_cursor_init(&cursor, &ofproto->cls, &target); CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { put_nx_flow_stats(ofconn, rule, nfsr->out_port, &reply); } } - queue_tx(reply, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, reply); return 0; } @@ -3690,7 +2996,7 @@ flow_stats_ds(struct rule *rule, struct ds *results) } /* Adds a pretty-printed description of all flows to 'results', including - * those marked hidden by secchan (e.g., by in-band control). */ + * hidden flows (e.g., set up by in-band control). */ void ofproto_get_all_flows(struct ofproto *p, struct ds *results) { @@ -3744,6 +3050,7 @@ handle_aggregate_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) { const struct ofp_aggregate_stats_request *request = ofputil_stats_body(oh); + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct ofp_aggregate_stats_reply *reply; struct cls_rule target; struct ofpbuf *msg; @@ -3753,15 +3060,16 @@ handle_aggregate_stats_request(struct ofconn *ofconn, msg = start_ofp_stats_reply(oh, sizeof *reply); reply = append_ofp_stats_reply(sizeof *reply, ofconn, &msg); - query_aggregate_stats(ofconn->ofproto, &target, request->out_port, + query_aggregate_stats(ofproto, &target, request->out_port, request->table_id, reply); - queue_tx(msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, msg); return 0; } static int handle_nxst_aggregate(struct ofconn *ofconn, const struct ofp_header *oh) { + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct nx_aggregate_stats_request *request; struct ofp_aggregate_stats_reply *reply; struct cls_rule target; @@ -3785,9 +3093,9 @@ handle_nxst_aggregate(struct ofconn *ofconn, const struct ofp_header *oh) COVERAGE_INC(ofproto_flows_req); buf = start_nxstats_reply(&request->nsm, sizeof *reply); reply = ofpbuf_put_uninit(buf, sizeof *reply); - query_aggregate_stats(ofconn->ofproto, &target, request->out_port, + query_aggregate_stats(ofproto, &target, request->out_port, request->table_id, reply); - queue_tx(buf, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, buf); return 0; } @@ -3843,7 +3151,7 @@ handle_queue_stats_for_port(struct ofport *port, uint32_t queue_id, static int handle_queue_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofproto *ofproto = ofconn->ofproto; + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); const struct ofp_queue_stats_request *qsr; struct queue_stats_cbdata cbdata; struct ofport *port; @@ -3875,7 +3183,7 @@ handle_queue_stats_request(struct ofconn *ofconn, const struct ofp_header *oh) ofpbuf_delete(cbdata.msg); return ofp_mkerr(OFPET_QUEUE_OP_FAILED, OFPQOFC_BAD_PORT); } - queue_tx(cbdata.msg, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, cbdata.msg); return 0; } @@ -3977,7 +3285,7 @@ flow_push_stats(struct ofproto *ofproto, const struct rule *rule, * in which no matching flow already exists in the flow table. * * Adds the flow specified by 'ofm', which is followed by 'n_actions' - * ofp_actions, to ofconn->ofproto's flow table. Returns 0 on success or an + * ofp_actions, to the ofproto's flow table. Returns 0 on success or an * OpenFlow error code as encoded by ofp_mkerr() on failure. * * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id, @@ -3985,7 +3293,7 @@ flow_push_stats(struct ofproto *ofproto, const struct rule *rule, static int add_flow(struct ofconn *ofconn, struct flow_mod *fm) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct ofpbuf *packet; struct rule *rule; uint16_t in_port; @@ -3998,8 +3306,8 @@ add_flow(struct ofconn *ofconn, struct flow_mod *fm) error = 0; if (fm->buffer_id != UINT32_MAX) { - error = pktbuf_retrieve(ofconn->pktbuf, fm->buffer_id, - &packet, &in_port); + error = ofconn_pktbuf_retrieve(ofconn, fm->buffer_id, + &packet, &in_port); } else { packet = NULL; in_port = UINT16_MAX; @@ -4025,6 +3333,7 @@ static int send_buffered_packet(struct ofconn *ofconn, struct rule *rule, uint32_t buffer_id) { + struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct ofpbuf *packet; uint16_t in_port; int error; @@ -4033,12 +3342,12 @@ send_buffered_packet(struct ofconn *ofconn, return 0; } - error = pktbuf_retrieve(ofconn->pktbuf, buffer_id, &packet, &in_port); + error = ofconn_pktbuf_retrieve(ofconn, buffer_id, &packet, &in_port); if (error) { return error; } - rule_execute(ofconn->ofproto, rule, in_port, packet); + rule_execute(ofproto, rule, in_port, packet); return 0; } @@ -4062,7 +3371,7 @@ static int modify_flow(struct ofproto *, const struct flow_mod *, static int modify_flows_loose(struct ofconn *ofconn, struct flow_mod *fm) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct rule *match = NULL; struct cls_cursor cursor; struct rule *rule; @@ -4094,7 +3403,7 @@ modify_flows_loose(struct ofconn *ofconn, struct flow_mod *fm) static int modify_flow_strict(struct ofconn *ofconn, struct flow_mod *fm) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct rule *rule = find_flow_strict(p, fm); if (rule && !rule_is_hidden(rule)) { modify_flow(p, fm, rule); @@ -4185,7 +3494,7 @@ delete_flow(struct ofproto *p, struct rule *rule, ovs_be16 out_port) static int handle_flow_mod(struct ofconn *ofconn, const struct ofp_header *oh) { - struct ofproto *p = ofconn->ofproto; + struct ofproto *p = ofconn_get_ofproto(ofconn); struct flow_mod fm; int error; @@ -4194,7 +3503,7 @@ handle_flow_mod(struct ofconn *ofconn, const struct ofp_header *oh) return error; } - error = ofputil_decode_flow_mod(&fm, oh, ofconn->flow_format); + error = ofputil_decode_flow_mod(&fm, oh, ofconn_get_flow_format(ofconn)); if (error) { return error; } @@ -4241,8 +3550,11 @@ handle_tun_id_from_cookie(struct ofconn *ofconn, const struct ofp_header *oh) { const struct nxt_tun_id_cookie *msg = (const struct nxt_tun_id_cookie *) oh; + enum nx_flow_format flow_format; + + flow_format = msg->set ? NXFF_TUN_ID_FROM_COOKIE : NXFF_OPENFLOW10; + ofconn_set_flow_format(ofconn, flow_format); - ofconn->flow_format = msg->set ? NXFF_TUN_ID_FROM_COOKIE : NXFF_OPENFLOW10; return 0; } @@ -4254,9 +3566,8 @@ handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh) struct ofpbuf *buf; uint32_t role; - if (ofconn->type != OFCONN_PRIMARY) { - VLOG_WARN_RL(&rl, "ignoring role request on non-controller " - "connection"); + if (ofconn_get_type(ofconn) != OFCONN_PRIMARY) { + VLOG_WARN_RL(&rl, "ignoring role request on service connection"); return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM); } @@ -4269,20 +3580,11 @@ handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh) return ofp_mkerr(OFPET_BAD_REQUEST, -1); } - if (role == NX_ROLE_MASTER) { - struct ofconn *other; - - HMAP_FOR_EACH (other, hmap_node, &ofconn->ofproto->controllers) { - if (other->role == NX_ROLE_MASTER) { - other->role = NX_ROLE_SLAVE; - } - } - } - ofconn->role = role; + ofconn_set_role(ofconn, role); reply = make_nxmsg_xid(sizeof *reply, NXT_ROLE_REPLY, oh->xid, &buf); reply->role = htonl(role); - queue_tx(buf, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, buf); return 0; } @@ -4298,7 +3600,7 @@ handle_nxt_set_flow_format(struct ofconn *ofconn, const struct ofp_header *oh) if (format == NXFF_OPENFLOW10 || format == NXFF_TUN_ID_FROM_COOKIE || format == NXFF_NXM) { - ofconn->flow_format = format; + ofconn_set_flow_format(ofconn, format); return 0; } else { return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM); @@ -4314,7 +3616,7 @@ handle_barrier_request(struct ofconn *ofconn, const struct ofp_header *oh) /* Currently, everything executes synchronously, so we can just * immediately send the barrier reply. */ ob = make_openflow_xid(sizeof *ob, OFPT_BARRIER_REPLY, oh->xid, &buf); - queue_tx(buf, ofconn, ofconn->reply_counter); + ofconn_send_reply(ofconn, buf); return 0; } @@ -4361,10 +3663,6 @@ handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) return 0; /* Nicira extension requests. */ - case OFPUTIL_NXT_STATUS_REQUEST: - return switch_status_handle_request( - ofconn->ofproto->switch_status, ofconn->rconn, oh); - case OFPUTIL_NXT_TUN_ID_FROM_COOKIE: return handle_tun_id_from_cookie(ofconn, oh); @@ -4420,7 +3718,6 @@ handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) case OFPUTIL_OFPST_PORT_REPLY: case OFPUTIL_OFPST_TABLE_REPLY: case OFPUTIL_OFPST_AGGREGATE_REPLY: - case OFPUTIL_NXT_STATUS_REPLY: case OFPUTIL_NXT_ROLE_REPLY: case OFPUTIL_NXT_FLOW_REMOVED: case OFPUTIL_NXST_FLOW_REPLY: @@ -4461,22 +3758,20 @@ handle_miss_upcall(struct ofproto *p, struct dpif_upcall *upcall) /* Set header pointers in 'flow'. */ flow_extract(upcall->packet, flow.tun_id, flow.in_port, &flow); - if (p->ofhooks->special_cb - && !p->ofhooks->special_cb(&flow, upcall->packet, p->aux)) { + if (cfm_should_process_flow(&flow)) { + ofproto_process_cfm(p, &flow, upcall->packet); + ofpbuf_delete(upcall->packet); + return; + } else if (p->ofhooks->special_cb + && !p->ofhooks->special_cb(&flow, upcall->packet, p->aux)) { ofpbuf_delete(upcall->packet); return; } /* Check with in-band control to see if this packet should be sent * to the local port regardless of the flow table. */ - if (in_band_msg_in_hook(p->in_band, &flow, upcall->packet)) { - struct ofpbuf odp_actions; - - ofpbuf_init(&odp_actions, 32); - nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_OUTPUT, ODPP_LOCAL); - dpif_execute(p->dpif, odp_actions.data, odp_actions.size, - upcall->packet); - ofpbuf_uninit(&odp_actions); + if (connmgr_msg_in_hook(p->connmgr, &flow, upcall->packet)) { + ofproto_send_packet(p, ODPP_LOCAL, 0, upcall->packet); } facet = facet_lookup_valid(p, &flow); @@ -4832,77 +4127,24 @@ rule_expire(struct ofproto *ofproto, struct rule *rule) rule_remove(ofproto, rule); } -static struct ofpbuf * -compose_ofp_flow_removed(struct ofconn *ofconn, const struct rule *rule, - uint8_t reason) -{ - struct ofp_flow_removed *ofr; - struct ofpbuf *buf; - - ofr = make_openflow_xid(sizeof *ofr, OFPT_FLOW_REMOVED, htonl(0), &buf); - ofputil_cls_rule_to_match(&rule->cr, ofconn->flow_format, &ofr->match, - rule->flow_cookie, &ofr->cookie); - ofr->priority = htons(rule->cr.priority); - ofr->reason = reason; - calc_flow_duration(rule->created, &ofr->duration_sec, &ofr->duration_nsec); - ofr->idle_timeout = htons(rule->idle_timeout); - ofr->packet_count = htonll(rule->packet_count); - ofr->byte_count = htonll(rule->byte_count); - - return buf; -} - -static struct ofpbuf * -compose_nx_flow_removed(const struct rule *rule, uint8_t reason) -{ - struct nx_flow_removed *nfr; - struct ofpbuf *buf; - int match_len; - - make_nxmsg_xid(sizeof *nfr, NXT_FLOW_REMOVED, htonl(0), &buf); - match_len = nx_put_match(buf, &rule->cr); - - nfr = buf->data; - nfr->cookie = rule->flow_cookie; - nfr->priority = htons(rule->cr.priority); - nfr->reason = reason; - calc_flow_duration(rule->created, &nfr->duration_sec, &nfr->duration_nsec); - nfr->idle_timeout = htons(rule->idle_timeout); - nfr->match_len = htons(match_len); - nfr->packet_count = htonll(rule->packet_count); - nfr->byte_count = htonll(rule->byte_count); - - return buf; -} - static void rule_send_removed(struct ofproto *p, struct rule *rule, uint8_t reason) { - struct ofconn *ofconn; + struct ofputil_flow_removed fr; if (!rule->send_flow_removed) { return; } - LIST_FOR_EACH (ofconn, node, &p->all_conns) { - struct ofpbuf *msg; + fr.rule = rule->cr; + fr.cookie = rule->flow_cookie; + fr.reason = reason; + calc_flow_duration__(rule->created, &fr.duration_sec, &fr.duration_nsec); + fr.idle_timeout = rule->idle_timeout; + fr.packet_count = rule->packet_count; + fr.byte_count = rule->byte_count; - if (!rconn_is_connected(ofconn->rconn) - || !ofconn_receives_async_msgs(ofconn)) { - continue; - } - - msg = (ofconn->flow_format == NXFF_NXM - ? compose_nx_flow_removed(rule, reason) - : compose_ofp_flow_removed(ofconn, rule, reason)); - - /* Account flow expirations under ofconn->reply_counter, the counter - * for replies to OpenFlow requests. That works because preventing - * OpenFlow requests from being processed also prevents new flows from - * being added (and expiring). (It also prevents processing OpenFlow - * requests that would not add new flows, so it is imperfect.) */ - queue_tx(msg, ofconn, ofconn->reply_counter); - } + connmgr_send_flow_removed(p->connmgr, &fr); } /* Obtains statistics for 'rule' and stores them in '*packets' and '*bytes'. @@ -4930,106 +4172,25 @@ rule_get_stats(const struct rule *rule, uint64_t *packets, uint64_t *bytes) *bytes = b; } -/* pinsched callback for sending 'ofp_packet_in' on 'ofconn'. */ -static void -do_send_packet_in(struct ofpbuf *ofp_packet_in, void *ofconn_) -{ - struct ofconn *ofconn = ofconn_; - - rconn_send_with_limit(ofconn->rconn, ofp_packet_in, - ofconn->packet_in_counter, 100); -} - -/* Takes 'upcall', whose packet has the flow specified by 'flow', composes an - * OpenFlow packet-in message from it, and passes it to 'ofconn''s packet - * scheduler for sending. - * - * If 'clone' is true, the caller retains ownership of 'upcall->packet'. - * Otherwise, ownership is transferred to this function. */ -static void -schedule_packet_in(struct ofconn *ofconn, struct dpif_upcall *upcall, - const struct flow *flow, bool clone) -{ - enum { OPI_SIZE = offsetof(struct ofp_packet_in, data) }; - struct ofproto *ofproto = ofconn->ofproto; - struct ofp_packet_in *opi; - int total_len, send_len; - struct ofpbuf *packet; - uint32_t buffer_id; - int idx; - - /* Get OpenFlow buffer_id. */ - if (upcall->type == DPIF_UC_ACTION) { - buffer_id = UINT32_MAX; - } else if (ofproto->fail_open && fail_open_is_active(ofproto->fail_open)) { - buffer_id = pktbuf_get_null(); - } else if (!ofconn->pktbuf) { - buffer_id = UINT32_MAX; - } else { - buffer_id = pktbuf_save(ofconn->pktbuf, upcall->packet, flow->in_port); - } - - /* Figure out how much of the packet to send. */ - total_len = send_len = upcall->packet->size; - if (buffer_id != UINT32_MAX) { - send_len = MIN(send_len, ofconn->miss_send_len); - } - if (upcall->type == DPIF_UC_ACTION) { - send_len = MIN(send_len, upcall->userdata); - } - - /* Copy or steal buffer for OFPT_PACKET_IN. */ - if (clone) { - packet = ofpbuf_clone_data_with_headroom(upcall->packet->data, - send_len, OPI_SIZE); - } else { - packet = upcall->packet; - packet->size = send_len; - } - - /* Add OFPT_PACKET_IN. */ - opi = ofpbuf_push_zeros(packet, OPI_SIZE); - opi->header.version = OFP_VERSION; - opi->header.type = OFPT_PACKET_IN; - opi->total_len = htons(total_len); - opi->in_port = htons(odp_port_to_ofp_port(flow->in_port)); - opi->reason = upcall->type == DPIF_UC_MISS ? OFPR_NO_MATCH : OFPR_ACTION; - opi->buffer_id = htonl(buffer_id); - update_openflow_length(packet); - - /* Hand over to packet scheduler. It might immediately call into - * do_send_packet_in() or it might buffer it for a while (until a later - * call to pinsched_run()). */ - idx = upcall->type == DPIF_UC_MISS ? 0 : 1; - pinsched_send(ofconn->schedulers[idx], flow->in_port, - packet, do_send_packet_in, ofconn); -} - /* Given 'upcall', of type DPIF_UC_ACTION or DPIF_UC_MISS, sends an * OFPT_PACKET_IN message to each OpenFlow controller as necessary according to * their individual configurations. * - * Takes ownership of 'packet'. */ + * If 'clone' is true, the caller retains ownership of 'upcall->packet'. + * Otherwise, ownership is transferred to this function. */ static void send_packet_in(struct ofproto *ofproto, struct dpif_upcall *upcall, const struct flow *flow, bool clone) { - struct ofconn *ofconn, *prev; + struct ofputil_packet_in pin; - prev = NULL; - LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) { - if (ofconn_receives_async_msgs(ofconn)) { - if (prev) { - schedule_packet_in(prev, upcall, flow, true); - } - prev = ofconn; - } - } - if (prev) { - schedule_packet_in(prev, upcall, flow, clone); - } else if (!clone) { - ofpbuf_delete(upcall->packet); - } + pin.packet = upcall->packet; + pin.in_port = odp_port_to_ofp_port(flow->in_port); + pin.reason = upcall->type == DPIF_UC_MISS ? OFPR_NO_MATCH : OFPR_ACTION; + pin.buffer_id = 0; /* not yet known */ + pin.send_len = upcall->userdata; + connmgr_send_packet_in(ofproto->connmgr, upcall, flow, + clone ? NULL : upcall->packet); } static uint64_t @@ -5163,7 +4324,7 @@ ofproto_unixctl_trace(struct unixctl_conn *conn, const char *args_, goto exit; } - tun_id = htonll(strtoull(tun_id_s, NULL, 10)); + tun_id = htonll(strtoull(tun_id_s, NULL, 0)); in_port = ofp_port_to_odp_port(atoi(in_port_s)); packet_s = ofpbuf_put_hex(&packet, packet_s, NULL); @@ -5234,7 +4395,7 @@ default_normal_ofhook_cb(const struct flow *flow, const struct ofpbuf *packet, uint16_t *nf_output_iface, void *ofproto_) { struct ofproto *ofproto = ofproto_; - int out_port; + struct mac_entry *dst_mac; /* Drop frames for reserved multicast addresses. */ if (eth_addr_is_reserved(flow->dl_dst)) { @@ -5242,31 +4403,37 @@ default_normal_ofhook_cb(const struct flow *flow, const struct ofpbuf *packet, } /* Learn source MAC (but don't try to learn from revalidation). */ - if (packet != NULL) { - tag_type rev_tag = mac_learning_learn(ofproto->ml, flow->dl_src, - 0, flow->in_port, - GRAT_ARP_LOCK_NONE); - if (rev_tag) { + if (packet != NULL + && mac_learning_may_learn(ofproto->ml, flow->dl_src, 0)) { + struct mac_entry *src_mac; + + src_mac = mac_learning_insert(ofproto->ml, flow->dl_src, 0); + if (mac_entry_is_new(src_mac) || src_mac->port.i != flow->in_port) { /* The log messages here could actually be useful in debugging, * so keep the rate limit relatively high. */ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300); VLOG_DBG_RL(&rl, "learned that "ETH_ADDR_FMT" is on port %"PRIu16, ETH_ADDR_ARGS(flow->dl_src), flow->in_port); - ofproto_revalidate(ofproto, rev_tag); + + ofproto_revalidate(ofproto, + mac_learning_changed(ofproto->ml, src_mac)); + src_mac->port.i = flow->in_port; } } /* Determine output port. */ - out_port = mac_learning_lookup_tag(ofproto->ml, flow->dl_dst, 0, tags, - NULL); - if (out_port < 0) { + dst_mac = mac_learning_lookup(ofproto->ml, flow->dl_dst, 0, tags); + if (!dst_mac) { flood_packets(ofproto, flow->in_port, OFPPC_NO_FLOOD, nf_output_iface, odp_actions); - } else if (out_port != flow->in_port) { - nl_msg_put_u32(odp_actions, ODP_ACTION_ATTR_OUTPUT, out_port); - *nf_output_iface = out_port; } else { - /* Drop. */ + int out_port = dst_mac->port.i; + if (out_port != flow->in_port) { + nl_msg_put_u32(odp_actions, ODP_ACTION_ATTR_OUTPUT, out_port); + *nf_output_iface = out_port; + } else { + /* Drop. */ + } } return true;