2 * Copyright (c) 2010, 2011 Nicira Networks.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
25 #include "dynamic-string.h"
31 #include "poll-loop.h"
37 VLOG_DEFINE_THIS_MODULE(cfm);
39 #define CFM_MAX_RMPS 256
41 /* Ethernet destination address of CCM packets. */
42 static const uint8_t eth_addr_ccm[6] = { 0x01, 0x80, 0xC2, 0x00, 0x00, 0x30 };
43 static const uint8_t eth_addr_ccm_x[6] = {
44 0x01, 0x23, 0x20, 0x00, 0x00, 0x30
47 #define ETH_TYPE_CFM 0x8902
49 /* A 'ccm' represents a Continuity Check Message from the 802.1ag
50 * specification. Continuity Check Messages are broadcast periodically so that
51 * hosts can determine whom they have connectivity to. */
53 #define CCM_MAID_LEN 48
54 #define CCM_OPCODE 1 /* CFM message opcode meaning CCM. */
55 #define CCM_RDI_MASK 0x80
57 uint8_t mdlevel_version; /* MD Level and Version */
63 uint8_t maid[CCM_MAID_LEN];
64 uint8_t zero[16]; /* Defined by ITU-T Y.1731 should be zero */
65 } __attribute__((packed));
66 BUILD_ASSERT_DECL(CCM_LEN == sizeof(struct ccm));
69 char *name; /* Name of this CFM object. */
70 struct hmap_node hmap_node; /* Node in all_cfms list. */
73 bool extended; /* Extended mode. */
74 bool fault; /* Indicates connectivity fault. */
75 bool unexpected_recv; /* Received an unexpected CCM. */
77 uint32_t seq; /* The sequence number of our last CCM. */
78 uint8_t ccm_interval; /* The CCM transmission interval. */
79 int ccm_interval_ms; /* 'ccm_interval' in milliseconds. */
80 uint8_t maid[CCM_MAID_LEN]; /* The MAID of this CFM. */
82 struct timer tx_timer; /* Send CCM when expired. */
83 struct timer fault_timer; /* Check for faults when expired. */
85 struct hmap remote_mps; /* Remote MPs. */
88 /* Remote MPs represent foreign network entities that are configured to have
89 * the same MAID as this CFM instance. */
91 uint16_t mpid; /* The Maintenance Point ID of this 'remote_mp'. */
92 struct hmap_node node; /* Node in 'remote_mps' map. */
94 bool recv; /* CCM was received since last fault check. */
95 bool rdi; /* Remote Defect Indicator. Indicates remote_mp isn't
96 receiving CCMs that it's expecting to. */
99 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
100 static struct hmap all_cfms = HMAP_INITIALIZER(&all_cfms);
102 static void cfm_unixctl_show(struct unixctl_conn *, const char *args,
105 static const uint8_t *
106 cfm_ccm_addr(const struct cfm *cfm)
108 return cfm->extended ? eth_addr_ccm_x : eth_addr_ccm;
112 cfm_generate_maid(struct cfm *cfm)
114 const char *ovs_md_name = "ovs";
115 const char *ovs_ma_name = "ovs";
117 size_t md_len, ma_len;
119 memset(cfm->maid, 0, CCM_MAID_LEN);
121 md_len = strlen(ovs_md_name);
122 ma_len = strlen(ovs_ma_name);
124 assert(md_len && ma_len && md_len + ma_len + 4 <= CCM_MAID_LEN);
126 cfm->maid[0] = 4; /* MD name string format. */
127 cfm->maid[1] = md_len; /* MD name size. */
128 memcpy(&cfm->maid[2], ovs_md_name, md_len); /* MD name. */
130 ma_p = cfm->maid + 2 + md_len;
131 ma_p[0] = 2; /* MA name string format. */
132 ma_p[1] = ma_len; /* MA name size. */
133 memcpy(&ma_p[2], ovs_ma_name, ma_len); /* MA name. */
137 ccm_interval_to_ms(uint8_t interval)
140 case 0: NOT_REACHED(); /* Explicitly not supported by 802.1ag. */
141 case 1: return 3; /* Not recommended due to timer resolution. */
142 case 2: return 10; /* Not recommended due to timer resolution. */
145 case 5: return 10000;
146 case 6: return 60000;
147 case 7: return 600000;
148 default: NOT_REACHED(); /* Explicitly not supported by 802.1ag. */
155 cfm_fault_interval(struct cfm *cfm)
157 /* According to the 802.1ag specification we should assume every other MP
158 * with the same MAID has the same transmission interval that we have. If
159 * an MP has a different interval, cfm_process_heartbeat will register it
160 * as a fault (likely due to a configuration error). Thus we can check all
161 * MPs at once making this quite a bit simpler.
163 * According to the specification we should check when (ccm_interval_ms *
164 * 3.5)ms have passed. */
165 return (cfm->ccm_interval_ms * 7) / 2;
169 ms_to_ccm_interval(int interval_ms)
173 for (i = 7; i > 0; i--) {
174 if (ccm_interval_to_ms(i) <= interval_ms) {
183 hash_mpid(uint8_t mpid)
185 return hash_int(mpid, 0);
189 cfm_is_valid_mpid(uint32_t mpid)
191 /* 802.1ag specification requires MPIDs to be within the range [1, 8191] */
192 return mpid >= 1 && mpid <= 8191;
195 static struct remote_mp *
196 lookup_remote_mp(const struct cfm *cfm, uint16_t mpid)
198 struct remote_mp *rmp;
200 HMAP_FOR_EACH_IN_BUCKET (rmp, node, hash_mpid(mpid), &cfm->remote_mps) {
201 if (rmp->mpid == mpid) {
212 unixctl_command_register("cfm/show", cfm_unixctl_show, NULL);
215 /* Allocates a 'cfm' object called 'name'. 'cfm' should be initialized by
216 * cfm_configure() before use. */
218 cfm_create(const char *name)
222 cfm = xzalloc(sizeof *cfm);
223 cfm->name = xstrdup(name);
224 hmap_init(&cfm->remote_mps);
225 cfm_generate_maid(cfm);
226 hmap_insert(&all_cfms, &cfm->hmap_node, hash_string(cfm->name, 0));
231 cfm_destroy(struct cfm *cfm)
233 struct remote_mp *rmp, *rmp_next;
239 HMAP_FOR_EACH_SAFE (rmp, rmp_next, node, &cfm->remote_mps) {
240 hmap_remove(&cfm->remote_mps, &rmp->node);
244 hmap_destroy(&cfm->remote_mps);
245 hmap_remove(&all_cfms, &cfm->hmap_node);
250 /* Should be run periodically to update fault statistics messages. */
252 cfm_run(struct cfm *cfm)
254 if (timer_expired(&cfm->fault_timer)) {
255 long long int interval = cfm_fault_interval(cfm);
256 struct remote_mp *rmp, *rmp_next;
258 cfm->fault = cfm->unexpected_recv;
259 cfm->unexpected_recv = false;
261 HMAP_FOR_EACH_SAFE (rmp, rmp_next, node, &cfm->remote_mps) {
264 VLOG_DBG("%s: No CCM from RMP %"PRIu16" in the last %lldms",
265 cfm->name, rmp->mpid, interval);
266 hmap_remove(&cfm->remote_mps, &rmp->node);
271 if (rmp->mpid == cfm->mpid) {
272 VLOG_WARN_RL(&rl, "%s: Received CCM with local MPID (%d)",
273 cfm->name, rmp->mpid);
278 VLOG_DBG("%s: RDI bit flagged from RMP %"PRIu16, cfm->name,
285 if (hmap_is_empty(&cfm->remote_mps)) {
289 timer_set_duration(&cfm->fault_timer, interval);
293 /* Should be run periodically to check if the CFM module has a CCM message it
296 cfm_should_send_ccm(struct cfm *cfm)
298 return timer_expired(&cfm->tx_timer);
301 /* Composes a CCM message into 'packet'. Messages generated with this function
302 * should be sent whenever cfm_should_send_ccm() indicates. */
304 cfm_compose_ccm(struct cfm *cfm, struct ofpbuf *packet,
305 uint8_t eth_src[ETH_ADDR_LEN])
309 timer_set_duration(&cfm->tx_timer, cfm->ccm_interval_ms);
310 ccm = eth_compose(packet, cfm_ccm_addr(cfm), eth_src, ETH_TYPE_CFM,
312 ccm->mdlevel_version = 0;
313 ccm->opcode = CCM_OPCODE;
314 ccm->tlv_offset = 70;
315 ccm->seq = htonl(++cfm->seq);
316 ccm->mpid = htons(cfm->mpid);
317 ccm->flags = cfm->ccm_interval;
318 memcpy(ccm->maid, cfm->maid, sizeof ccm->maid);
319 memset(ccm->zero, 0, sizeof ccm->zero);
321 if (hmap_is_empty(&cfm->remote_mps)) {
322 ccm->flags |= CCM_RDI_MASK;
327 cfm_wait(struct cfm *cfm)
330 timer_wait(&cfm->tx_timer);
331 timer_wait(&cfm->fault_timer);
334 /* Configures 'cfm' with settings from 's'. */
336 cfm_configure(struct cfm *cfm, const struct cfm_settings *s)
340 if (!cfm_is_valid_mpid(s->mpid) || s->interval <= 0) {
345 cfm->extended = s->extended;
346 interval = ms_to_ccm_interval(s->interval);
348 if (interval != cfm->ccm_interval) {
349 cfm->ccm_interval = interval;
350 cfm->ccm_interval_ms = ccm_interval_to_ms(interval);
352 timer_set_expired(&cfm->tx_timer);
353 timer_set_duration(&cfm->fault_timer, cfm_fault_interval(cfm));
359 /* Returns true if 'cfm' should process packets from 'flow'. */
361 cfm_should_process_flow(const struct cfm *cfm, const struct flow *flow)
363 return (ntohs(flow->dl_type) == ETH_TYPE_CFM
364 && eth_addr_equals(flow->dl_dst, cfm_ccm_addr(cfm)));
367 /* Updates internal statistics relevant to packet 'p'. Should be called on
368 * every packet whose flow returned true when passed to
369 * cfm_should_process_flow. */
371 cfm_process_heartbeat(struct cfm *cfm, const struct ofpbuf *p)
376 uint8_t ccm_interval;
377 struct remote_mp *rmp;
378 struct eth_header *eth;
381 ccm = ofpbuf_at(p, (uint8_t *)p->l3 - (uint8_t *)p->data, CCM_LEN);
384 VLOG_INFO_RL(&rl, "%s: Received an unparseable 802.1ag CCM heartbeat.",
389 if (ccm->opcode != CCM_OPCODE) {
390 VLOG_INFO_RL(&rl, "%s: Received an unsupported 802.1ag message. "
391 "(opcode %u)", cfm->name, ccm->opcode);
395 /* According to the 802.1ag specification, reception of a CCM with an
396 * incorrect ccm_interval, unexpected MAID, or unexpected MPID should
397 * trigger a fault. We ignore this requirement for several reasons.
399 * Faults can cause a controller or Open vSwitch to make potentially
400 * expensive changes to the network topology. It seems prudent to trigger
401 * them judiciously, especially when CFM is used to check slave status of
402 * bonds. Furthermore, faults can be maliciously triggered by crafting
404 if (memcmp(ccm->maid, cfm->maid, sizeof ccm->maid)) {
405 cfm->unexpected_recv = true;
406 VLOG_WARN_RL(&rl, "%s: Received unexpected remote MAID from MAC "
407 ETH_ADDR_FMT, cfm->name, ETH_ADDR_ARGS(eth->eth_src));
409 ccm_mpid = ntohs(ccm->mpid);
410 ccm_interval = ccm->flags & 0x7;
411 ccm_rdi = ccm->flags & CCM_RDI_MASK;
413 if (ccm_interval != cfm->ccm_interval) {
414 VLOG_WARN_RL(&rl, "%s: received a CCM with an invalid interval"
415 " (%"PRIu8") from RMP %"PRIu16, cfm->name,
416 ccm_interval, ccm_mpid);
419 rmp = lookup_remote_mp(cfm, ccm_mpid);
423 } else if (hmap_count(&cfm->remote_mps) < CFM_MAX_RMPS) {
424 rmp = xmalloc(sizeof *rmp);
425 rmp->mpid = ccm_mpid;
428 hmap_insert(&cfm->remote_mps, &rmp->node, hash_mpid(rmp->mpid));
430 cfm->unexpected_recv = true;
431 VLOG_WARN_RL(&rl, "%s: dropped CCM with MPID %d from MAC "
432 ETH_ADDR_FMT, cfm->name, ccm_mpid,
433 ETH_ADDR_ARGS(eth->eth_src));
436 VLOG_DBG("%s: Received CCM (seq %"PRIu32") (mpid %"PRIu16")"
437 " (interval %"PRIu8") (RDI %s)", cfm->name, ntohl(ccm->seq),
438 ccm_mpid, ccm_interval, ccm_rdi ? "true" : "false");
442 /* Gets the fault status of 'cfm'. Returns true when 'cfm' has detected
443 * connectivity problems, false otherwise. */
445 cfm_get_fault(const struct cfm *cfm)
451 cfm_find(const char *name)
455 HMAP_FOR_EACH_WITH_HASH (cfm, hmap_node, hash_string(name, 0), &all_cfms) {
456 if (!strcmp(cfm->name, name)) {
464 cfm_unixctl_show(struct unixctl_conn *conn,
465 const char *args, void *aux OVS_UNUSED)
467 struct ds ds = DS_EMPTY_INITIALIZER;
468 const struct cfm *cfm;
469 struct remote_mp *rmp;
471 cfm = cfm_find(args);
473 unixctl_command_reply(conn, 501, "no such CFM object");
477 ds_put_format(&ds, "MPID %"PRIu16":%s%s\n", cfm->mpid,
478 cfm->fault ? " fault" : "",
479 cfm->unexpected_recv ? " unexpected_recv" : "");
481 ds_put_format(&ds, "\tinterval: %dms\n", cfm->ccm_interval_ms);
482 ds_put_format(&ds, "\tnext CCM tx: %lldms\n",
483 timer_msecs_until_expired(&cfm->tx_timer));
484 ds_put_format(&ds, "\tnext fault check: %lldms\n",
485 timer_msecs_until_expired(&cfm->fault_timer));
487 ds_put_cstr(&ds, "\n");
488 HMAP_FOR_EACH (rmp, node, &cfm->remote_mps) {
489 ds_put_format(&ds, "Remote MPID %"PRIu16":%s\n", rmp->mpid,
490 rmp->rdi ? " rdi" : "");
491 ds_put_format(&ds, "\trecv since check: %s",
492 rmp->recv ? "true" : "false");
495 unixctl_command_reply(conn, 200, ds_cstr(&ds));