X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=ofproto%2Fofproto.c;h=d3fd45a3dd79ef9c7d16ca56c04c3fdce35f6cbb;hb=600c9d5950dfdcd98699497793087899dbe2e8cf;hp=f31794f9ae0413ad20cb8cb3be00eb03f1dbf2a3;hpb=e8b52a913a8fc3d2ef0dae82eda5905668ebfae1;p=sliver-openvswitch.git diff --git a/ofproto/ofproto.c b/ofproto/ofproto.c index f31794f9a..d3fd45a3d 100644 --- a/ofproto/ofproto.c +++ b/ofproto/ofproto.c @@ -82,21 +82,21 @@ static int xlate_actions(const union ofp_action *in, size_t n_in, const flow_t *flow, struct ofproto *ofproto, const struct ofpbuf *packet, struct odp_actions *out, tag_type *tags, - bool *may_setup_flow); + bool *may_set_up_flow, uint16_t *nf_output_iface); struct rule { struct cls_rule cr; uint16_t idle_timeout; /* In seconds from time of last use. */ uint16_t hard_timeout; /* In seconds from time of creation. */ + bool send_flow_removed; /* Send a flow removed message? */ long long int used; /* Last-used time (0 if never used). */ long long int created; /* Creation time. */ uint64_t packet_count; /* Number of packets received. */ uint64_t byte_count; /* Number of bytes received. */ uint64_t accounted_bytes; /* Number of bytes passed to account_cb. */ - uint8_t tcp_flags; /* Bitwise-OR of all TCP flags seen. */ - uint8_t ip_tos; /* Last-seen IP type-of-service. */ tag_type tags; /* Tags (set only by hooks). */ + struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */ /* If 'super' is non-NULL, this rule is a subrule, that is, it is an * exact-match rule (having cr.wc.wildcards of 0) generated from the @@ -145,9 +145,10 @@ rule_is_hidden(const struct rule *rule) return false; } -static struct rule *rule_create(struct rule *super, const union ofp_action *, - size_t n_actions, uint16_t idle_timeout, - uint16_t hard_timeout); +static struct rule *rule_create(struct ofproto *, struct rule *super, + const union ofp_action *, size_t n_actions, + uint16_t idle_timeout, uint16_t hard_timeout, + bool send_flow_removed); static void rule_free(struct rule *); static void rule_destroy(struct ofproto *, struct rule *); static struct rule *rule_from_cls_rule(const struct cls_rule *); @@ -160,12 +161,13 @@ static void rule_install(struct ofproto *, struct rule *, struct rule *displaced_rule); static void rule_uninstall(struct ofproto *, struct rule *); static void rule_post_uninstall(struct ofproto *, struct rule *); +static void send_flow_removed(struct ofproto *p, struct rule *rule, + long long int now, uint8_t reason); struct ofconn { struct list node; struct rconn *rconn; struct pktbuf *pktbuf; - bool send_flow_exp; int miss_send_len; struct rconn_packet_counter *packet_in_counter; @@ -242,8 +244,10 @@ static uint64_t pick_fallback_dpid(void); static void send_packet_in_miss(struct ofpbuf *, void *ofproto); static void send_packet_in_action(struct ofpbuf *, void *ofproto); static void update_used(struct ofproto *); -static void update_stats(struct rule *, const struct odp_flow_stats *); +static void update_stats(struct ofproto *, struct rule *, + const struct odp_flow_stats *); static void expire_rule(struct cls_rule *, void *ofproto); +static void active_timeout(struct ofproto *ofproto, struct rule *rule); static bool revalidate_rule(struct ofproto *p, struct rule *rule); static void revalidate_cb(struct cls_rule *rule_, void *p_); @@ -532,16 +536,14 @@ ofproto_set_snoops(struct ofproto *ofproto, const struct svec *snoops) } int -ofproto_set_netflow(struct ofproto *ofproto, const struct svec *collectors, - uint8_t engine_type, uint8_t engine_id, bool add_id_to_iface) +ofproto_set_netflow(struct ofproto *ofproto, + const struct netflow_options *nf_options) { - if (collectors && collectors->n) { + if (nf_options->collectors.n) { if (!ofproto->netflow) { ofproto->netflow = netflow_create(); } - netflow_set_engine(ofproto->netflow, engine_type, engine_id, - add_id_to_iface); - return netflow_set_collectors(ofproto->netflow, collectors); + return netflow_set_options(ofproto->netflow, nf_options); } else { netflow_destroy(ofproto->netflow); ofproto->netflow = NULL; @@ -972,7 +974,7 @@ ofproto_send_packet(struct ofproto *p, const flow_t *flow, int error; error = xlate_actions(actions, n_actions, flow, p, packet, &odp_actions, - NULL, NULL); + NULL, NULL, NULL); if (error) { return error; } @@ -991,8 +993,9 @@ ofproto_add_flow(struct ofproto *p, int idle_timeout) { struct rule *rule; - rule = rule_create(NULL, actions, n_actions, - idle_timeout >= 0 ? idle_timeout : 5 /* XXX */, 0); + rule = rule_create(p, NULL, actions, n_actions, + idle_timeout >= 0 ? idle_timeout : 5 /* XXX */, + 0, false); cls_rule_from_flow(&rule->cr, flow, wildcards, priority); rule_insert(p, rule, NULL, 0); } @@ -1321,7 +1324,6 @@ ofconn_create(struct ofproto *p, struct rconn *rconn) list_push_back(&p->all_conns, &ofconn->node); ofconn->rconn = rconn; ofconn->pktbuf = NULL; - ofconn->send_flow_exp = false; ofconn->miss_send_len = 0; ofconn->packet_in_counter = rconn_packet_counter_create (); ofconn->reply_counter = rconn_packet_counter_create (); @@ -1385,14 +1387,16 @@ ofconn_wait(struct ofconn *ofconn) /* Caller is responsible for initializing the 'cr' member of the returned * rule. */ static struct rule * -rule_create(struct rule *super, +rule_create(struct ofproto *ofproto, struct rule *super, const union ofp_action *actions, size_t n_actions, - uint16_t idle_timeout, uint16_t hard_timeout) + uint16_t idle_timeout, uint16_t hard_timeout, + bool send_flow_removed) { struct rule *rule = xcalloc(1, sizeof *rule); rule->idle_timeout = idle_timeout; rule->hard_timeout = hard_timeout; rule->used = rule->created = time_msec(); + rule->send_flow_removed = send_flow_removed; rule->super = super; if (super) { list_push_back(&super->list, &rule->list); @@ -1401,6 +1405,9 @@ rule_create(struct rule *super, } rule->n_actions = n_actions; rule->actions = xmemdup(actions, n_actions * sizeof *actions); + netflow_flow_clear(&rule->nf_flow); + netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, rule->created); + return rule; } @@ -1489,7 +1496,7 @@ rule_execute(struct ofproto *ofproto, struct rule *rule, if (rule->cr.wc.wildcards || !flow_equal(flow, &rule->cr.flow)) { struct rule *super = rule->super ? rule->super : rule; if (xlate_actions(super->actions, super->n_actions, flow, ofproto, - packet, &a, NULL, 0)) { + packet, &a, NULL, 0, NULL)) { return; } actions = a.actions; @@ -1504,8 +1511,9 @@ rule_execute(struct ofproto *ofproto, struct rule *rule, actions, n_actions, packet)) { struct odp_flow_stats stats; flow_extract_stats(flow, packet, &stats); - update_stats(rule, &stats); + update_stats(ofproto, rule, &stats); rule->used = time_msec(); + netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, rule->used); } } @@ -1547,8 +1555,9 @@ static struct rule * rule_create_subrule(struct ofproto *ofproto, struct rule *rule, const flow_t *flow) { - struct rule *subrule = rule_create(rule, NULL, 0, - rule->idle_timeout, rule->hard_timeout); + struct rule *subrule = rule_create(ofproto, rule, NULL, 0, + rule->idle_timeout, rule->hard_timeout, + false); COVERAGE_INC(ofproto_subrule_create); cls_rule_from_flow(&subrule->cr, flow, 0, (rule->cr.priority <= UINT16_MAX ? UINT16_MAX @@ -1585,7 +1594,8 @@ rule_make_actions(struct ofproto *p, struct rule *rule, super = rule->super ? rule->super : rule; rule->tags = 0; xlate_actions(super->actions, super->n_actions, &rule->cr.flow, p, - packet, &a, &rule->tags, &rule->may_install); + packet, &a, &rule->tags, &rule->may_install, + &rule->nf_flow.output_iface); actions_len = a.n_actions * sizeof *a.actions; if (rule->n_odp_actions != a.n_actions @@ -1624,7 +1634,7 @@ rule_install(struct ofproto *p, struct rule *rule, struct rule *displaced_rule) &put)) { rule->installed = true; if (displaced_rule) { - update_stats(rule, &put.flow.stats); + update_stats(p, displaced_rule, &put.flow.stats); rule_post_uninstall(p, displaced_rule); } } @@ -1648,14 +1658,27 @@ rule_reinstall(struct ofproto *ofproto, struct rule *rule) static void rule_update_actions(struct ofproto *ofproto, struct rule *rule) { - bool actions_changed = rule_make_actions(ofproto, rule, NULL); + bool actions_changed; + uint16_t new_out_iface, old_out_iface; + + old_out_iface = rule->nf_flow.output_iface; + actions_changed = rule_make_actions(ofproto, rule, NULL); + if (rule->may_install) { if (rule->installed) { if (actions_changed) { - /* XXX should really do rule_post_uninstall() for the *old* set - * of actions, and distinguish the old stats from the new. */ struct odp_flow_put put; - do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY, &put); + do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY + | ODPPF_ZERO_STATS, &put); + update_stats(ofproto, rule, &put.flow.stats); + + /* Temporarily set the old output iface so that NetFlow + * messages have the correct output interface for the old + * stats. */ + new_out_iface = rule->nf_flow.output_iface; + rule->nf_flow.output_iface = old_out_iface; + rule_post_uninstall(ofproto, rule); + rule->nf_flow.output_iface = new_out_iface; } } else { rule_install(ofproto, rule, NULL); @@ -1691,7 +1714,7 @@ rule_uninstall(struct ofproto *p, struct rule *rule) odp_flow.actions = NULL; odp_flow.n_actions = 0; if (!dpif_flow_del(p->dpif, &odp_flow)) { - update_stats(rule, &odp_flow.stats); + update_stats(p, rule, &odp_flow.stats); } rule->installed = false; @@ -1699,39 +1722,51 @@ rule_uninstall(struct ofproto *p, struct rule *rule) } } +static bool +is_controller_rule(struct rule *rule) +{ + /* If the only action is send to the controller then don't report + * NetFlow expiration messages since it is just part of the control + * logic for the network and not real traffic. */ + + if (rule && rule->super) { + struct rule *super = rule->super; + + return super->n_actions == 1 && + super->actions[0].type == htons(OFPAT_OUTPUT) && + super->actions[0].output.port == htons(OFPP_CONTROLLER); + } + + return false; +} + static void rule_post_uninstall(struct ofproto *ofproto, struct rule *rule) { struct rule *super = rule->super; rule_account(ofproto, rule, 0); - if (ofproto->netflow && rule->byte_count) { + + if (ofproto->netflow && !is_controller_rule(rule)) { struct ofexpired expired; expired.flow = rule->cr.flow; expired.packet_count = rule->packet_count; expired.byte_count = rule->byte_count; expired.used = rule->used; - expired.created = rule->created; - expired.tcp_flags = rule->tcp_flags; - expired.ip_tos = rule->ip_tos; - netflow_expire(ofproto->netflow, &expired); + netflow_expire(ofproto->netflow, &rule->nf_flow, &expired); } if (super) { super->packet_count += rule->packet_count; super->byte_count += rule->byte_count; - super->tcp_flags |= rule->tcp_flags; - if (rule->packet_count) { - super->ip_tos = rule->ip_tos; - } - } - /* Reset counters to prevent double counting if the rule ever gets - * reinstalled. */ - rule->packet_count = 0; - rule->byte_count = 0; - rule->accounted_bytes = 0; - rule->tcp_flags = 0; - rule->ip_tos = 0; + /* Reset counters to prevent double counting if the rule ever gets + * reinstalled. */ + rule->packet_count = 0; + rule->byte_count = 0; + rule->accounted_bytes = 0; + + netflow_flow_clear(&rule->nf_flow); + } } static void @@ -1817,6 +1852,7 @@ handle_features_request(struct ofproto *p, struct ofconn *ofconn, (1u << OFPAT_SET_DL_DST) | (1u << OFPAT_SET_NW_SRC) | (1u << OFPAT_SET_NW_DST) | + (1u << OFPAT_SET_NW_TOS) | (1u << OFPAT_SET_TP_SRC) | (1u << OFPAT_SET_TP_DST)); @@ -1840,9 +1876,6 @@ handle_get_config_request(struct ofproto *p, struct ofconn *ofconn, /* Figure out flags. */ dpif_get_drop_frags(p->dpif, &drop_frags); flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL; - if (ofconn->send_flow_exp) { - flags |= OFPC_SEND_FLOW_EXP; - } /* Send reply. */ osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf); @@ -1866,8 +1899,6 @@ handle_set_config(struct ofproto *p, struct ofconn *ofconn, } flags = ntohs(osc->flags); - ofconn->send_flow_exp = (flags & OFPC_SEND_FLOW_EXP) != 0; - if (ofconn == p->controller) { switch (flags & OFPC_FRAG_MASK) { case OFPC_FRAG_NORMAL: @@ -1897,9 +1928,14 @@ handle_set_config(struct ofproto *p, struct ofconn *ofconn, } static void -add_output_group_action(struct odp_actions *actions, uint16_t group) +add_output_group_action(struct odp_actions *actions, uint16_t group, + uint16_t *nf_output_iface) { odp_actions_add(actions, ODPAT_OUTPUT_GROUP)->output_group.group = group; + + if (group == DP_GROUP_ALL || group == DP_GROUP_FLOOD) { + *nf_output_iface = NF_OUT_FLOOD; + } } static void @@ -1922,8 +1958,9 @@ struct action_xlate_ctx { /* Output. */ struct odp_actions *out; /* Datapath actions. */ tag_type *tags; /* Tags associated with OFPP_NORMAL actions. */ - bool may_setup_flow; /* True ordinarily; false if the actions must + bool may_set_up_flow; /* True ordinarily; false if the actions must * be reassessed for every packet. */ + uint16_t nf_output_iface; /* Output interface index for NetFlow. */ }; static void do_xlate_actions(const union ofp_action *in, size_t n_in, @@ -1948,6 +1985,7 @@ add_output_action(struct action_xlate_ctx *ctx, uint16_t port) } odp_actions_add(ctx->out, ODPAT_OUTPUT)->output.port = port; + ctx->nf_output_iface = port; } static struct rule * @@ -1997,6 +2035,9 @@ xlate_output_action(struct action_xlate_ctx *ctx, const struct ofp_action_output *oao) { uint16_t odp_port; + uint16_t prev_nf_output_iface = ctx->nf_output_iface; + + ctx->nf_output_iface = NF_OUT_DROP; switch (ntohs(oao->port)) { case OFPP_IN_PORT: @@ -2008,16 +2049,18 @@ xlate_output_action(struct action_xlate_ctx *ctx, case OFPP_NORMAL: if (!ctx->ofproto->ofhooks->normal_cb(ctx->flow, ctx->packet, ctx->out, ctx->tags, + &ctx->nf_output_iface, ctx->ofproto->aux)) { COVERAGE_INC(ofproto_uninstallable); - ctx->may_setup_flow = false; + ctx->may_set_up_flow = false; } break; case OFPP_FLOOD: - add_output_group_action(ctx->out, DP_GROUP_FLOOD); + add_output_group_action(ctx->out, DP_GROUP_FLOOD, + &ctx->nf_output_iface); break; case OFPP_ALL: - add_output_group_action(ctx->out, DP_GROUP_ALL); + add_output_group_action(ctx->out, DP_GROUP_ALL, &ctx->nf_output_iface); break; case OFPP_CONTROLLER: add_controller_action(ctx->out, oao); @@ -2032,6 +2075,15 @@ xlate_output_action(struct action_xlate_ctx *ctx, } break; } + + if (prev_nf_output_iface == NF_OUT_FLOOD) { + ctx->nf_output_iface = NF_OUT_FLOOD; + } else if (ctx->nf_output_iface == NF_OUT_DROP) { + ctx->nf_output_iface = prev_nf_output_iface; + } else if (prev_nf_output_iface != NF_OUT_DROP && + ctx->nf_output_iface != NF_OUT_FLOOD) { + ctx->nf_output_iface = NF_OUT_MULTI; + } } static void @@ -2110,11 +2162,25 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, oa->nw_addr.nw_addr = ia->nw_addr.nw_addr; break; + case OFPAT_SET_NW_DST: + oa = odp_actions_add(ctx->out, ODPAT_SET_NW_DST); + oa->nw_addr.nw_addr = ia->nw_addr.nw_addr; + + case OFPAT_SET_NW_TOS: + oa = odp_actions_add(ctx->out, ODPAT_SET_NW_TOS); + oa->nw_tos.nw_tos = ia->nw_tos.nw_tos; + break; + case OFPAT_SET_TP_SRC: oa = odp_actions_add(ctx->out, ODPAT_SET_TP_SRC); oa->tp_port.tp_port = ia->tp_port.tp_port; break; + case OFPAT_SET_TP_DST: + oa = odp_actions_add(ctx->out, ODPAT_SET_TP_DST); + oa->tp_port.tp_port = ia->tp_port.tp_port; + break; + case OFPAT_VENDOR: xlate_nicira_action(ctx, (const struct nx_action_header *) ia); break; @@ -2130,7 +2196,8 @@ static int xlate_actions(const union ofp_action *in, size_t n_in, const flow_t *flow, struct ofproto *ofproto, const struct ofpbuf *packet, - struct odp_actions *out, tag_type *tags, bool *may_setup_flow) + struct odp_actions *out, tag_type *tags, bool *may_set_up_flow, + uint16_t *nf_output_iface) { tag_type no_tags = 0; struct action_xlate_ctx ctx; @@ -2142,17 +2209,21 @@ xlate_actions(const union ofp_action *in, size_t n_in, ctx.packet = packet; ctx.out = out; ctx.tags = tags ? tags : &no_tags; - ctx.may_setup_flow = true; + ctx.may_set_up_flow = true; + ctx.nf_output_iface = NF_OUT_DROP; do_xlate_actions(in, n_in, &ctx); - /* Check with in-band control to see if we're allowed to setup this + /* Check with in-band control to see if we're allowed to set up this * flow. */ if (!in_band_rule_check(ofproto->in_band, flow, out)) { - ctx.may_setup_flow = false; + ctx.may_set_up_flow = false; } - if (may_setup_flow) { - *may_setup_flow = ctx.may_setup_flow; + if (may_set_up_flow) { + *may_set_up_flow = ctx.may_set_up_flow; + } + if (nf_output_iface) { + *nf_output_iface = ctx.nf_output_iface; } if (odp_actions_overflow(out)) { odp_actions_init(out); @@ -2193,7 +2264,7 @@ handle_packet_out(struct ofproto *p, struct ofconn *ofconn, flow_extract(&payload, ofp_port_to_odp_port(ntohs(opo->in_port)), &flow); error = xlate_actions((const union ofp_action *) opo->actions, n_actions, - &flow, p, &payload, &actions, NULL, NULL); + &flow, p, &payload, &actions, NULL, NULL, NULL); if (error) { return error; } @@ -2423,12 +2494,17 @@ query_stats(struct ofproto *p, struct rule *rule, struct odp_flow *odp_flows; size_t n_odp_flows; + packet_count = rule->packet_count; + byte_count = rule->byte_count; + n_odp_flows = rule->cr.wc.wildcards ? list_size(&rule->list) : 1; odp_flows = xcalloc(1, n_odp_flows * sizeof *odp_flows); if (rule->cr.wc.wildcards) { size_t i = 0; LIST_FOR_EACH (subrule, struct rule, list, &rule->list) { odp_flows[i++].key = subrule->cr.flow; + packet_count += subrule->packet_count; + byte_count += subrule->byte_count; } } else { odp_flows[0].key = rule->cr.flow; @@ -2477,7 +2553,7 @@ flow_stats_cb(struct cls_rule *rule_, void *cbdata_) ofs->priority = htons(rule->cr.priority); ofs->idle_timeout = htons(rule->idle_timeout); ofs->hard_timeout = htons(rule->hard_timeout); - memset(ofs->pad2, 0, sizeof ofs->pad2); + ofs->pad2 = 0; ofs->packet_count = htonll(packet_count); ofs->byte_count = htonll(byte_count); memcpy(ofs->actions, rule->actions, act_len); @@ -2502,7 +2578,7 @@ handle_flow_stats_request(struct ofproto *p, struct ofconn *ofconn, struct cls_rule target; if (arg_size != sizeof *fsr) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LENGTH); + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } fsr = (struct ofp_flow_stats_request *) osr->body; @@ -2610,7 +2686,7 @@ handle_aggregate_stats_request(struct ofproto *p, struct ofconn *ofconn, struct ofpbuf *msg; if (arg_size != sizeof *asr) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LENGTH); + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } asr = (struct ofp_aggregate_stats_request *) osr->body; @@ -2680,23 +2756,29 @@ msec_from_nsec(uint64_t sec, uint32_t nsec) } static void -update_time(struct rule *rule, const struct odp_flow_stats *stats) +update_time(struct ofproto *ofproto, struct rule *rule, + const struct odp_flow_stats *stats) { long long int used = msec_from_nsec(stats->used_sec, stats->used_nsec); if (used > rule->used) { rule->used = used; + if (rule->super && used > rule->super->used) { + rule->super->used = used; + } + netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, used); } } static void -update_stats(struct rule *rule, const struct odp_flow_stats *stats) +update_stats(struct ofproto *ofproto, struct rule *rule, + const struct odp_flow_stats *stats) { - update_time(rule, stats); - rule->packet_count += stats->n_packets; - rule->byte_count += stats->n_bytes; - rule->tcp_flags |= stats->tcp_flags; if (stats->n_packets) { - rule->ip_tos = stats->ip_tos; + update_time(ofproto, rule, stats); + rule->packet_count += stats->n_packets; + rule->byte_count += stats->n_bytes; + netflow_flow_update_flags(&rule->nf_flow, stats->ip_tos, + stats->tcp_flags); } } @@ -2709,9 +2791,21 @@ add_flow(struct ofproto *p, struct ofconn *ofconn, uint16_t in_port; int error; - rule = rule_create(NULL, (const union ofp_action *) ofm->actions, + if (ofm->flags & htons(OFPFF_CHECK_OVERLAP)) { + flow_t flow; + uint32_t wildcards; + + flow_from_match(&flow, &wildcards, &ofm->match); + if (classifier_rule_overlaps(&p->cls, &flow, wildcards, + ntohs(ofm->priority))) { + return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_OVERLAP); + } + } + + rule = rule_create(p, NULL, (const union ofp_action *) ofm->actions, n_actions, ntohs(ofm->idle_timeout), - ntohs(ofm->hard_timeout)); + ntohs(ofm->hard_timeout), + ofm->flags & htons(OFPFF_SEND_FLOW_REM)); cls_rule_from_match(&rule->cr, &ofm->match, ntohs(ofm->priority)); packet = NULL; @@ -2735,6 +2829,8 @@ modify_flow(struct ofproto *p, const struct ofp_flow_mod *ofm, } if (command == OFPFC_DELETE) { + long long int now = time_msec(); + send_flow_removed(p, rule, now, OFPRR_DELETE); rule_remove(p, rule); } else { size_t actions_len = n_actions * sizeof *rule->actions; @@ -2842,6 +2938,14 @@ handle_flow_mod(struct ofproto *p, struct ofconn *ofconn, return error; } + /* We do not support the emergency flow cache. It will hopefully + * get dropped from OpenFlow in the near future. */ + if (ofm->flags & htons(OFPFF_EMERG)) { + /* There isn't a good fit for an error code, so just state that the + * flow table is full. */ + return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_ALL_TABLES_FULL); + } + normalize_match(&ofm->match); if (!ofm->match.wildcards) { ofm->priority = htons(UINT16_MAX); @@ -2900,17 +3004,17 @@ handle_ofmp(struct ofproto *p, struct ofconn *ofconn, { size_t msg_len = ntohs(ofmph->header.header.length); if (msg_len < sizeof(*ofmph)) { - VLOG_WARN_RL(&rl, "dropping short managment message: %d\n", msg_len); - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LENGTH); + VLOG_WARN_RL(&rl, "dropping short managment message: %zu\n", msg_len); + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } if (ofmph->type == htons(OFMPT_CAPABILITY_REQUEST)) { struct ofmp_capability_request *ofmpcr; if (msg_len < sizeof(struct ofmp_capability_request)) { - VLOG_WARN_RL(&rl, "dropping short capability request: %d\n", + VLOG_WARN_RL(&rl, "dropping short capability request: %zu\n", msg_len); - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LENGTH); + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } ofmpcr = (struct ofmp_capability_request *)ofmph; @@ -2933,13 +3037,13 @@ handle_vendor(struct ofproto *p, struct ofconn *ofconn, void *msg) struct nicira_header *nh; if (ntohs(ovh->header.length) < sizeof(struct ofp_vendor_header)) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LENGTH); + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } if (ovh->vendor != htonl(NX_VENDOR_ID)) { return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR); } if (ntohs(ovh->header.length) < sizeof(struct nicira_header)) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LENGTH); + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } nh = msg; @@ -3160,25 +3264,39 @@ revalidate_rule(struct ofproto *p, struct rule *rule) } static struct ofpbuf * -compose_flow_exp(const struct rule *rule, long long int now, uint8_t reason) +compose_flow_removed(const struct rule *rule, long long int now, uint8_t reason) { - struct ofp_flow_expired *ofe; + struct ofp_flow_removed *ofr; struct ofpbuf *buf; + long long int last_used = rule->used ? now - rule->used : 0; - ofe = make_openflow(sizeof *ofe, OFPT_FLOW_EXPIRED, &buf); - flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards, &ofe->match); - ofe->priority = htons(rule->cr.priority); - ofe->reason = reason; - ofe->duration = (now - rule->created) / 1000; - ofe->packet_count = rule->packet_count; - ofe->byte_count = rule->byte_count; + ofr = make_openflow(sizeof *ofr, OFPT_FLOW_REMOVED, &buf); + flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards, &ofr->match); + ofr->priority = htons(rule->cr.priority); + ofr->reason = reason; + ofr->duration = htonl((now - rule->created - last_used) / 1000); + ofr->idle_timeout = htons(rule->idle_timeout); + ofr->packet_count = htonll(rule->packet_count); + ofr->byte_count = htonll(rule->byte_count); return buf; } static void -send_flow_exp(struct ofproto *p, struct rule *rule, - long long int now, uint8_t reason) +uninstall_idle_flow(struct ofproto *ofproto, struct rule *rule) +{ + assert(rule->installed); + assert(!rule->cr.wc.wildcards); + + if (rule->super) { + rule_remove(ofproto, rule); + } else { + rule_uninstall(ofproto, rule); + } +} +static void +send_flow_removed(struct ofproto *p, struct rule *rule, + long long int now, uint8_t reason) { struct ofconn *ofconn; struct ofconn *prev; @@ -3192,11 +3310,11 @@ send_flow_exp(struct ofproto *p, struct rule *rule, prev = NULL; LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) { - if (ofconn->send_flow_exp && rconn_is_connected(ofconn->rconn)) { + if (rule->send_flow_removed && rconn_is_connected(ofconn->rconn)) { if (prev) { queue_tx(ofpbuf_clone(buf), prev, prev->reply_counter); } else { - buf = compose_flow_exp(rule, now, reason); + buf = compose_flow_removed(rule, now, reason); } prev = ofconn; } @@ -3206,18 +3324,6 @@ send_flow_exp(struct ofproto *p, struct rule *rule, } } -static void -uninstall_idle_flow(struct ofproto *ofproto, struct rule *rule) -{ - assert(rule->installed); - assert(!rule->cr.wc.wildcards); - - if (rule->super) { - rule_remove(ofproto, rule); - } else { - rule_uninstall(ofproto, rule); - } -} static void expire_rule(struct cls_rule *cls_rule, void *p_) @@ -3234,38 +3340,75 @@ expire_rule(struct cls_rule *cls_rule, void *p_) ? rule->used + rule->idle_timeout * 1000 : LLONG_MAX); expire = MIN(hard_expire, idle_expire); - if (expire == LLONG_MAX) { - if (rule->installed && time_msec() >= rule->used + 5000) { - uninstall_idle_flow(p, rule); - } - return; - } now = time_msec(); if (now < expire) { if (rule->installed && now >= rule->used + 5000) { uninstall_idle_flow(p, rule); + } else if (!rule->cr.wc.wildcards) { + active_timeout(p, rule); } + return; } COVERAGE_INC(ofproto_expired); + + /* Update stats. This code will be a no-op if the rule expired + * due to an idle timeout. */ if (rule->cr.wc.wildcards) { - /* Update stats. (This code will be a no-op if the rule expired - * due to an idle timeout, because in that case the rule has no - * subrules left.) */ struct rule *subrule, *next; LIST_FOR_EACH_SAFE (subrule, next, struct rule, list, &rule->list) { rule_remove(p, subrule); } + } else { + rule_uninstall(p, rule); } - send_flow_exp(p, rule, now, - (now >= hard_expire - ? OFPER_HARD_TIMEOUT : OFPER_IDLE_TIMEOUT)); + if (!rule_is_hidden(rule)) { + send_flow_removed(p, rule, now, + (now >= hard_expire + ? OFPRR_HARD_TIMEOUT : OFPRR_IDLE_TIMEOUT)); + } rule_remove(p, rule); } +static void +active_timeout(struct ofproto *ofproto, struct rule *rule) +{ + if (ofproto->netflow && !is_controller_rule(rule) && + netflow_active_timeout_expired(ofproto->netflow, &rule->nf_flow)) { + struct ofexpired expired; + struct odp_flow odp_flow; + + /* Get updated flow stats. */ + memset(&odp_flow, 0, sizeof odp_flow); + if (rule->installed) { + odp_flow.key = rule->cr.flow; + odp_flow.flags = ODPFF_ZERO_TCP_FLAGS; + dpif_flow_get(ofproto->dpif, &odp_flow); + + if (odp_flow.stats.n_packets) { + update_time(ofproto, rule, &odp_flow.stats); + netflow_flow_update_flags(&rule->nf_flow, odp_flow.stats.ip_tos, + odp_flow.stats.tcp_flags); + } + } + + expired.flow = rule->cr.flow; + expired.packet_count = rule->packet_count + + odp_flow.stats.n_packets; + expired.byte_count = rule->byte_count + odp_flow.stats.n_bytes; + expired.used = rule->used; + + netflow_expire(ofproto->netflow, &rule->nf_flow, &expired); + + /* Schedule us to send the accumulated records once we have + * collected all of them. */ + poll_immediate_wake(); + } +} + static void update_used(struct ofproto *p) { @@ -3291,7 +3434,7 @@ update_used(struct ofproto *p) continue; } - update_time(rule, &f->stats); + update_time(p, rule, &f->stats); rule_account(p, rule, f->stats.n_bytes); } free(flows); @@ -3395,7 +3538,7 @@ pick_fallback_dpid(void) static bool default_normal_ofhook_cb(const flow_t *flow, const struct ofpbuf *packet, struct odp_actions *actions, tag_type *tags, - void *ofproto_) + uint16_t *nf_output_iface, void *ofproto_) { struct ofproto *ofproto = ofproto_; int out_port; @@ -3422,9 +3565,10 @@ default_normal_ofhook_cb(const flow_t *flow, const struct ofpbuf *packet, /* Determine output port. */ out_port = mac_learning_lookup_tag(ofproto->ml, flow->dl_dst, 0, tags); if (out_port < 0) { - add_output_group_action(actions, DP_GROUP_FLOOD); + add_output_group_action(actions, DP_GROUP_FLOOD, nf_output_iface); } else if (out_port != flow->in_port) { odp_actions_add(actions, ODPAT_OUTPUT)->output.port = out_port; + *nf_output_iface = out_port; } else { /* Drop. */ }