2 * Copyright (c) 2009, 2010, 2011, 2012 Nicira Networks.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
25 #include "fail-open.h"
30 #include "ofproto-provider.h"
32 #include "poll-loop.h"
41 VLOG_DEFINE_THIS_MODULE(connmgr);
42 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
44 /* An OpenFlow connection. */
46 /* Configuration that persists from one connection to the next. */
48 struct list node; /* In struct connmgr's "all_conns" list. */
49 struct hmap_node hmap_node; /* In struct connmgr's "controllers" map. */
51 struct connmgr *connmgr; /* Connection's manager. */
52 struct rconn *rconn; /* OpenFlow connection. */
53 enum ofconn_type type; /* Type. */
54 enum ofproto_band band; /* In-band or out-of-band? */
56 /* State that should be cleared from one connection to the next. */
59 enum nx_role role; /* Role. */
60 enum nx_flow_format flow_format; /* Currently selected flow format. */
61 enum nx_packet_in_format packet_in_format; /* OFPT_PACKET_IN format. */
62 bool flow_mod_table_id; /* NXT_FLOW_MOD_TABLE_ID enabled? */
63 bool invalid_ttl_to_controller; /* Send packets with invalid TTL
66 /* Asynchronous flow table operation support. */
67 struct list opgroups; /* Contains pending "ofopgroups", if any. */
68 struct ofpbuf *blocked; /* Postponed OpenFlow message, if any. */
69 bool retry; /* True if 'blocked' is ready to try again. */
71 /* OFPT_PACKET_IN related data. */
72 struct rconn_packet_counter *packet_in_counter; /* # queued on 'rconn'. */
73 #define N_SCHEDULERS 2
74 struct pinsched *schedulers[N_SCHEDULERS];
75 struct pktbuf *pktbuf; /* OpenFlow packet buffers. */
76 int miss_send_len; /* Bytes to send of buffered packets. */
78 /* Number of OpenFlow messages queued on 'rconn' as replies to OpenFlow
79 * requests, and the maximum number before we stop reading OpenFlow
81 #define OFCONN_REPLY_MAX 100
82 struct rconn_packet_counter *reply_counter;
85 static struct ofconn *ofconn_create(struct connmgr *, struct rconn *,
87 static void ofconn_destroy(struct ofconn *);
88 static void ofconn_flush(struct ofconn *);
90 static void ofconn_reconfigure(struct ofconn *,
91 const struct ofproto_controller *);
93 static void ofconn_run(struct ofconn *,
94 bool (*handle_openflow)(struct ofconn *,
95 struct ofpbuf *ofp_msg));
96 static void ofconn_wait(struct ofconn *, bool handling_openflow);
98 static const char *ofconn_get_target(const struct ofconn *);
99 static char *ofconn_make_name(const struct connmgr *, const char *target);
101 static void ofconn_set_rate_limit(struct ofconn *, int rate, int burst);
103 static bool ofconn_receives_async_msgs(const struct ofconn *);
105 static void ofconn_send(const struct ofconn *, struct ofpbuf *,
106 struct rconn_packet_counter *);
108 static void do_send_packet_in(struct ofpbuf *, void *ofconn_);
110 /* A listener for incoming OpenFlow "service" connections. */
112 struct hmap_node node; /* In struct connmgr's "services" hmap. */
113 struct pvconn *pvconn; /* OpenFlow connection listener. */
115 /* These are not used by ofservice directly. They are settings for
116 * accepted "struct ofconn"s from the pvconn. */
117 int probe_interval; /* Max idle time before probing, in seconds. */
118 int rate_limit; /* Max packet-in rate in packets per second. */
119 int burst_limit; /* Limit on accumulating packet credits. */
122 static void ofservice_reconfigure(struct ofservice *,
123 const struct ofproto_controller *);
124 static int ofservice_create(struct connmgr *, const char *target);
125 static void ofservice_destroy(struct connmgr *, struct ofservice *);
126 static struct ofservice *ofservice_lookup(struct connmgr *,
129 /* Connection manager for an OpenFlow switch. */
131 struct ofproto *ofproto;
133 char *local_port_name;
135 /* OpenFlow connections. */
136 struct hmap controllers; /* Controller "struct ofconn"s. */
137 struct list all_conns; /* Contains "struct ofconn"s. */
139 /* OpenFlow listeners. */
140 struct hmap services; /* Contains "struct ofservice"s. */
141 struct pvconn **snoops;
145 struct fail_open *fail_open;
146 enum ofproto_fail_mode fail_mode;
148 /* In-band control. */
149 struct in_band *in_band;
150 struct sockaddr_in *extra_in_band_remotes;
151 size_t n_extra_remotes;
155 static void update_in_band_remotes(struct connmgr *);
156 static void add_snooper(struct connmgr *, struct vconn *);
158 /* Creates and returns a new connection manager owned by 'ofproto'. 'name' is
159 * a name for the ofproto suitable for using in log messages.
160 * 'local_port_name' is the name of the local port (OFPP_LOCAL) within
163 connmgr_create(struct ofproto *ofproto,
164 const char *name, const char *local_port_name)
168 mgr = xmalloc(sizeof *mgr);
169 mgr->ofproto = ofproto;
170 mgr->name = xstrdup(name);
171 mgr->local_port_name = xstrdup(local_port_name);
173 hmap_init(&mgr->controllers);
174 list_init(&mgr->all_conns);
176 hmap_init(&mgr->services);
180 mgr->fail_open = NULL;
181 mgr->fail_mode = OFPROTO_FAIL_SECURE;
184 mgr->extra_in_band_remotes = NULL;
185 mgr->n_extra_remotes = 0;
186 mgr->in_band_queue = -1;
191 /* Frees 'mgr' and all of its resources. */
193 connmgr_destroy(struct connmgr *mgr)
195 struct ofservice *ofservice, *next_ofservice;
196 struct ofconn *ofconn, *next_ofconn;
203 LIST_FOR_EACH_SAFE (ofconn, next_ofconn, node, &mgr->all_conns) {
204 ofconn_destroy(ofconn);
206 hmap_destroy(&mgr->controllers);
208 HMAP_FOR_EACH_SAFE (ofservice, next_ofservice, node, &mgr->services) {
209 ofservice_destroy(mgr, ofservice);
211 hmap_destroy(&mgr->services);
213 for (i = 0; i < mgr->n_snoops; i++) {
214 pvconn_close(mgr->snoops[i]);
218 fail_open_destroy(mgr->fail_open);
219 mgr->fail_open = NULL;
221 in_band_destroy(mgr->in_band);
223 free(mgr->extra_in_band_remotes);
225 free(mgr->local_port_name);
230 /* Does all of the periodic maintenance required by 'mgr'.
232 * If 'handle_openflow' is nonnull, calls 'handle_openflow' for each message
233 * received on an OpenFlow connection, passing along the OpenFlow connection
234 * itself and the message that was sent. If 'handle_openflow' returns true,
235 * the message is considered to be fully processed. If 'handle_openflow'
236 * returns false, the message is considered not to have been processed at all;
237 * it will be stored and re-presented to 'handle_openflow' following the next
238 * call to connmgr_retry(). 'handle_openflow' must not modify or free the
241 * If 'handle_openflow' is NULL, no OpenFlow messages will be processed and
242 * other activities that could affect the flow table (in-band processing,
243 * fail-open processing) are suppressed too. */
245 connmgr_run(struct connmgr *mgr,
246 bool (*handle_openflow)(struct ofconn *, struct ofpbuf *ofp_msg))
248 struct ofconn *ofconn, *next_ofconn;
249 struct ofservice *ofservice;
252 if (handle_openflow && mgr->in_band) {
253 if (!in_band_run(mgr->in_band)) {
254 in_band_destroy(mgr->in_band);
259 LIST_FOR_EACH_SAFE (ofconn, next_ofconn, node, &mgr->all_conns) {
260 ofconn_run(ofconn, handle_openflow);
263 /* Fail-open maintenance. Do this after processing the ofconns since
264 * fail-open checks the status of the controller rconn. */
265 if (handle_openflow && mgr->fail_open) {
266 fail_open_run(mgr->fail_open);
269 HMAP_FOR_EACH (ofservice, node, &mgr->services) {
273 retval = pvconn_accept(ofservice->pvconn, OFP_VERSION, &vconn);
278 rconn = rconn_create(ofservice->probe_interval, 0);
279 name = ofconn_make_name(mgr, vconn_get_name(vconn));
280 rconn_connect_unreliably(rconn, vconn, name);
283 ofconn = ofconn_create(mgr, rconn, OFCONN_SERVICE);
284 ofconn_set_rate_limit(ofconn, ofservice->rate_limit,
285 ofservice->burst_limit);
286 } else if (retval != EAGAIN) {
287 VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval));
291 for (i = 0; i < mgr->n_snoops; i++) {
295 retval = pvconn_accept(mgr->snoops[i], OFP_VERSION, &vconn);
297 add_snooper(mgr, vconn);
298 } else if (retval != EAGAIN) {
299 VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval));
304 /* Causes the poll loop to wake up when connmgr_run() needs to run.
306 * If 'handling_openflow' is true, arriving OpenFlow messages and other
307 * activities that affect the flow table will wake up the poll loop. If
308 * 'handling_openflow' is false, they will not. */
310 connmgr_wait(struct connmgr *mgr, bool handling_openflow)
312 struct ofservice *ofservice;
313 struct ofconn *ofconn;
316 LIST_FOR_EACH (ofconn, node, &mgr->all_conns) {
317 ofconn_wait(ofconn, handling_openflow);
319 if (handling_openflow && mgr->in_band) {
320 in_band_wait(mgr->in_band);
322 if (handling_openflow && mgr->fail_open) {
323 fail_open_wait(mgr->fail_open);
325 HMAP_FOR_EACH (ofservice, node, &mgr->services) {
326 pvconn_wait(ofservice->pvconn);
328 for (i = 0; i < mgr->n_snoops; i++) {
329 pvconn_wait(mgr->snoops[i]);
333 /* Returns the ofproto that owns 'ofconn''s connmgr. */
335 ofconn_get_ofproto(const struct ofconn *ofconn)
337 return ofconn->connmgr->ofproto;
340 /* If processing of OpenFlow messages was blocked on any 'mgr' ofconns by
341 * returning false to the 'handle_openflow' callback to connmgr_run(), this
342 * re-enables them. */
344 connmgr_retry(struct connmgr *mgr)
346 struct ofconn *ofconn;
348 LIST_FOR_EACH (ofconn, node, &mgr->all_conns) {
349 ofconn->retry = true;
353 /* OpenFlow configuration. */
355 static void add_controller(struct connmgr *, const char *target);
356 static struct ofconn *find_controller_by_target(struct connmgr *,
358 static void update_fail_open(struct connmgr *);
359 static int set_pvconns(struct pvconn ***pvconnsp, size_t *n_pvconnsp,
360 const struct sset *);
362 /* Returns true if 'mgr' has any configured primary controllers.
364 * Service controllers do not count, but configured primary controllers do
365 * count whether or not they are currently connected. */
367 connmgr_has_controllers(const struct connmgr *mgr)
369 return !hmap_is_empty(&mgr->controllers);
372 /* Initializes 'info' and populates it with information about each configured
373 * primary controller. The keys in 'info' are the controllers' targets; the
374 * data values are corresponding "struct ofproto_controller_info".
376 * The caller owns 'info' and everything in it and should free it when it is no
379 connmgr_get_controller_info(struct connmgr *mgr, struct shash *info)
381 const struct ofconn *ofconn;
383 HMAP_FOR_EACH (ofconn, hmap_node, &mgr->controllers) {
384 const struct rconn *rconn = ofconn->rconn;
385 const char *target = rconn_get_target(rconn);
387 if (!shash_find(info, target)) {
388 struct ofproto_controller_info *cinfo = xmalloc(sizeof *cinfo);
389 time_t now = time_now();
390 time_t last_connection = rconn_get_last_connection(rconn);
391 time_t last_disconnect = rconn_get_last_disconnect(rconn);
392 int last_error = rconn_get_last_error(rconn);
394 shash_add(info, target, cinfo);
396 cinfo->is_connected = rconn_is_connected(rconn);
397 cinfo->role = ofconn->role;
402 cinfo->pairs.keys[cinfo->pairs.n] = "last_error";
403 cinfo->pairs.values[cinfo->pairs.n++]
404 = xstrdup(ovs_retval_to_string(last_error));
407 cinfo->pairs.keys[cinfo->pairs.n] = "state";
408 cinfo->pairs.values[cinfo->pairs.n++]
409 = xstrdup(rconn_get_state(rconn));
411 if (last_connection != TIME_MIN) {
412 cinfo->pairs.keys[cinfo->pairs.n] = "sec_since_connect";
413 cinfo->pairs.values[cinfo->pairs.n++]
414 = xasprintf("%ld", (long int) (now - last_connection));
417 if (last_disconnect != TIME_MIN) {
418 cinfo->pairs.keys[cinfo->pairs.n] = "sec_since_disconnect";
419 cinfo->pairs.values[cinfo->pairs.n++]
420 = xasprintf("%ld", (long int) (now - last_disconnect));
427 connmgr_free_controller_info(struct shash *info)
429 struct shash_node *node;
431 SHASH_FOR_EACH (node, info) {
432 struct ofproto_controller_info *cinfo = node->data;
433 while (cinfo->pairs.n) {
434 free((char *) cinfo->pairs.values[--cinfo->pairs.n]);
441 /* Changes 'mgr''s set of controllers to the 'n_controllers' controllers in
444 connmgr_set_controllers(struct connmgr *mgr,
445 const struct ofproto_controller *controllers,
446 size_t n_controllers)
448 bool had_controllers = connmgr_has_controllers(mgr);
449 struct shash new_controllers;
450 struct ofconn *ofconn, *next_ofconn;
451 struct ofservice *ofservice, *next_ofservice;
454 /* Create newly configured controllers and services.
455 * Create a name to ofproto_controller mapping in 'new_controllers'. */
456 shash_init(&new_controllers);
457 for (i = 0; i < n_controllers; i++) {
458 const struct ofproto_controller *c = &controllers[i];
460 if (!vconn_verify_name(c->target)) {
461 if (!find_controller_by_target(mgr, c->target)) {
462 add_controller(mgr, c->target);
464 } else if (!pvconn_verify_name(c->target)) {
465 if (!ofservice_lookup(mgr, c->target)) {
466 ofservice_create(mgr, c->target);
469 VLOG_WARN_RL(&rl, "%s: unsupported controller \"%s\"",
470 mgr->name, c->target);
474 shash_add_once(&new_controllers, c->target, &controllers[i]);
477 /* Delete controllers that are no longer configured.
478 * Update configuration of all now-existing controllers. */
479 HMAP_FOR_EACH_SAFE (ofconn, next_ofconn, hmap_node, &mgr->controllers) {
480 struct ofproto_controller *c;
482 c = shash_find_data(&new_controllers, ofconn_get_target(ofconn));
484 ofconn_destroy(ofconn);
486 ofconn_reconfigure(ofconn, c);
490 /* Delete services that are no longer configured.
491 * Update configuration of all now-existing services. */
492 HMAP_FOR_EACH_SAFE (ofservice, next_ofservice, node, &mgr->services) {
493 struct ofproto_controller *c;
495 c = shash_find_data(&new_controllers,
496 pvconn_get_name(ofservice->pvconn));
498 ofservice_destroy(mgr, ofservice);
500 ofservice_reconfigure(ofservice, c);
504 shash_destroy(&new_controllers);
506 update_in_band_remotes(mgr);
507 update_fail_open(mgr);
508 if (had_controllers != connmgr_has_controllers(mgr)) {
509 ofproto_flush_flows(mgr->ofproto);
513 /* Drops the connections between 'mgr' and all of its primary and secondary
514 * controllers, forcing them to reconnect. */
516 connmgr_reconnect(const struct connmgr *mgr)
518 struct ofconn *ofconn;
520 LIST_FOR_EACH (ofconn, node, &mgr->all_conns) {
521 rconn_reconnect(ofconn->rconn);
525 /* Sets the "snoops" for 'mgr' to the pvconn targets listed in 'snoops'.
527 * A "snoop" is a pvconn to which every OpenFlow message to or from the most
528 * important controller on 'mgr' is mirrored. */
530 connmgr_set_snoops(struct connmgr *mgr, const struct sset *snoops)
532 return set_pvconns(&mgr->snoops, &mgr->n_snoops, snoops);
535 /* Adds each of the snoops currently configured on 'mgr' to 'snoops'. */
537 connmgr_get_snoops(const struct connmgr *mgr, struct sset *snoops)
541 for (i = 0; i < mgr->n_snoops; i++) {
542 sset_add(snoops, pvconn_get_name(mgr->snoops[i]));
546 /* Returns true if 'mgr' has at least one snoop, false if it has none. */
548 connmgr_has_snoops(const struct connmgr *mgr)
550 return mgr->n_snoops > 0;
553 /* Creates a new controller for 'target' in 'mgr'. update_controller() needs
554 * to be called later to finish the new ofconn's configuration. */
556 add_controller(struct connmgr *mgr, const char *target)
558 char *name = ofconn_make_name(mgr, target);
559 struct ofconn *ofconn;
561 ofconn = ofconn_create(mgr, rconn_create(5, 8), OFCONN_PRIMARY);
562 ofconn->pktbuf = pktbuf_create();
563 rconn_connect(ofconn->rconn, target, name);
564 hmap_insert(&mgr->controllers, &ofconn->hmap_node, hash_string(target, 0));
569 static struct ofconn *
570 find_controller_by_target(struct connmgr *mgr, const char *target)
572 struct ofconn *ofconn;
574 HMAP_FOR_EACH_WITH_HASH (ofconn, hmap_node,
575 hash_string(target, 0), &mgr->controllers) {
576 if (!strcmp(ofconn_get_target(ofconn), target)) {
584 update_in_band_remotes(struct connmgr *mgr)
586 struct sockaddr_in *addrs;
587 size_t max_addrs, n_addrs;
588 struct ofconn *ofconn;
591 /* Allocate enough memory for as many remotes as we could possibly have. */
592 max_addrs = mgr->n_extra_remotes + hmap_count(&mgr->controllers);
593 addrs = xmalloc(max_addrs * sizeof *addrs);
596 /* Add all the remotes. */
597 HMAP_FOR_EACH (ofconn, hmap_node, &mgr->controllers) {
598 struct sockaddr_in *sin = &addrs[n_addrs];
599 const char *target = rconn_get_target(ofconn->rconn);
601 if (ofconn->band == OFPROTO_OUT_OF_BAND) {
605 if (stream_parse_target_with_default_ports(target,
612 for (i = 0; i < mgr->n_extra_remotes; i++) {
613 addrs[n_addrs++] = mgr->extra_in_band_remotes[i];
616 /* Create or update or destroy in-band. */
619 in_band_create(mgr->ofproto, mgr->local_port_name, &mgr->in_band);
621 in_band_set_queue(mgr->in_band, mgr->in_band_queue);
623 /* in_band_run() needs a chance to delete any existing in-band flows.
624 * We will destroy mgr->in_band after it's done with that. */
627 in_band_set_remotes(mgr->in_band, addrs, n_addrs);
635 update_fail_open(struct connmgr *mgr)
637 if (connmgr_has_controllers(mgr)
638 && mgr->fail_mode == OFPROTO_FAIL_STANDALONE) {
639 if (!mgr->fail_open) {
640 mgr->fail_open = fail_open_create(mgr->ofproto, mgr);
643 fail_open_destroy(mgr->fail_open);
644 mgr->fail_open = NULL;
649 set_pvconns(struct pvconn ***pvconnsp, size_t *n_pvconnsp,
650 const struct sset *sset)
652 struct pvconn **pvconns = *pvconnsp;
653 size_t n_pvconns = *n_pvconnsp;
658 for (i = 0; i < n_pvconns; i++) {
659 pvconn_close(pvconns[i]);
663 pvconns = xmalloc(sset_count(sset) * sizeof *pvconns);
665 SSET_FOR_EACH (name, sset) {
666 struct pvconn *pvconn;
669 error = pvconn_open(name, &pvconn);
671 pvconns[n_pvconns++] = pvconn;
673 VLOG_ERR("failed to listen on %s: %s", name, strerror(error));
681 *n_pvconnsp = n_pvconns;
686 /* Returns a "preference level" for snooping 'ofconn'. A higher return value
687 * means that 'ofconn' is more interesting for monitoring than a lower return
690 snoop_preference(const struct ofconn *ofconn)
692 switch (ofconn->role) {
700 /* Shouldn't happen. */
705 /* One of 'mgr''s "snoop" pvconns has accepted a new connection on 'vconn'.
706 * Connects this vconn to a controller. */
708 add_snooper(struct connmgr *mgr, struct vconn *vconn)
710 struct ofconn *ofconn, *best;
712 /* Pick a controller for monitoring. */
714 LIST_FOR_EACH (ofconn, node, &mgr->all_conns) {
715 if (ofconn->type == OFCONN_PRIMARY
716 && (!best || snoop_preference(ofconn) > snoop_preference(best))) {
722 rconn_add_monitor(best->rconn, vconn);
724 VLOG_INFO_RL(&rl, "no controller connection to snoop");
729 /* Public ofconn functions. */
731 /* Returns the connection type, either OFCONN_PRIMARY or OFCONN_SERVICE. */
733 ofconn_get_type(const struct ofconn *ofconn)
738 /* Returns the role configured for 'ofconn'.
740 * The default role, if no other role has been set, is NX_ROLE_OTHER. */
742 ofconn_get_role(const struct ofconn *ofconn)
747 /* Changes 'ofconn''s role to 'role'. If 'role' is NX_ROLE_MASTER then any
748 * existing master is demoted to a slave. */
750 ofconn_set_role(struct ofconn *ofconn, enum nx_role role)
752 if (role == NX_ROLE_MASTER) {
753 struct ofconn *other;
755 HMAP_FOR_EACH (other, hmap_node, &ofconn->connmgr->controllers) {
756 if (other->role == NX_ROLE_MASTER) {
757 other->role = NX_ROLE_SLAVE;
765 ofconn_set_invalid_ttl_to_controller(struct ofconn *ofconn, bool val)
767 ofconn->invalid_ttl_to_controller = val;
771 ofconn_get_invalid_ttl_to_controller(struct ofconn *ofconn)
773 return ofconn->invalid_ttl_to_controller;
776 /* Returns the currently configured flow format for 'ofconn', one of NXFF_*.
778 * The default, if no other format has been set, is NXFF_OPENFLOW10. */
780 ofconn_get_flow_format(struct ofconn *ofconn)
782 return ofconn->flow_format;
785 /* Sets the flow format for 'ofconn' to 'flow_format' (one of NXFF_*). */
787 ofconn_set_flow_format(struct ofconn *ofconn, enum nx_flow_format flow_format)
789 ofconn->flow_format = flow_format;
792 /* Returns the currently configured packet in format for 'ofconn', one of
795 * The default, if no other format has been set, is NXPIF_OPENFLOW10. */
796 enum nx_packet_in_format
797 ofconn_get_packet_in_format(struct ofconn *ofconn)
799 return ofconn->packet_in_format;
802 /* Sets the packet in format for 'ofconn' to 'packet_in_format' (one of
805 ofconn_set_packet_in_format(struct ofconn *ofconn,
806 enum nx_packet_in_format packet_in_format)
808 ofconn->packet_in_format = packet_in_format;
811 /* Returns true if the NXT_FLOW_MOD_TABLE_ID extension is enabled, false
814 * By default the extension is not enabled. */
816 ofconn_get_flow_mod_table_id(const struct ofconn *ofconn)
818 return ofconn->flow_mod_table_id;
821 /* Enables or disables (according to 'enable') the NXT_FLOW_MOD_TABLE_ID
822 * extension on 'ofconn'. */
824 ofconn_set_flow_mod_table_id(struct ofconn *ofconn, bool enable)
826 ofconn->flow_mod_table_id = enable;
829 /* Returns the default miss send length for 'ofconn'. */
831 ofconn_get_miss_send_len(const struct ofconn *ofconn)
833 return ofconn->miss_send_len;
836 /* Sets the default miss send length for 'ofconn' to 'miss_send_len'. */
838 ofconn_set_miss_send_len(struct ofconn *ofconn, int miss_send_len)
840 ofconn->miss_send_len = miss_send_len;
843 /* Sends 'msg' on 'ofconn', accounting it as a reply. (If there is a
844 * sufficient number of OpenFlow replies in-flight on a single ofconn, then the
845 * connmgr will stop accepting new OpenFlow requests on that ofconn until the
846 * controller has accepted some of the replies.) */
848 ofconn_send_reply(const struct ofconn *ofconn, struct ofpbuf *msg)
850 ofconn_send(ofconn, msg, ofconn->reply_counter);
853 /* Sends each of the messages in list 'replies' on 'ofconn' in order,
854 * accounting them as replies. */
856 ofconn_send_replies(const struct ofconn *ofconn, struct list *replies)
858 struct ofpbuf *reply, *next;
860 LIST_FOR_EACH_SAFE (reply, next, list_node, replies) {
861 list_remove(&reply->list_node);
862 ofconn_send_reply(ofconn, reply);
866 /* Sends 'error' on 'ofconn', as a reply to 'request'. Only at most the
867 * first 64 bytes of 'request' are used. */
869 ofconn_send_error(const struct ofconn *ofconn,
870 const struct ofp_header *request, enum ofperr error)
872 struct ofpbuf *reply;
874 reply = ofperr_encode_reply(error, request);
876 static struct vlog_rate_limit err_rl = VLOG_RATE_LIMIT_INIT(10, 10);
878 if (!VLOG_DROP_INFO(&err_rl)) {
879 const struct ofputil_msg_type *type;
880 const char *type_name;
883 request_len = ntohs(request->length);
884 type_name = (!ofputil_decode_msg_type_partial(request,
885 MIN(64, request_len),
887 ? ofputil_msg_type_name(type)
890 VLOG_INFO("%s: sending %s error reply to %s message",
891 rconn_get_name(ofconn->rconn), ofperr_to_string(error),
894 ofconn_send_reply(ofconn, reply);
898 /* Same as pktbuf_retrieve(), using the pktbuf owned by 'ofconn'. */
900 ofconn_pktbuf_retrieve(struct ofconn *ofconn, uint32_t id,
901 struct ofpbuf **bufferp, uint16_t *in_port)
903 return pktbuf_retrieve(ofconn->pktbuf, id, bufferp, in_port);
906 /* Returns true if 'ofconn' has any pending opgroups. */
908 ofconn_has_pending_opgroups(const struct ofconn *ofconn)
910 return !list_is_empty(&ofconn->opgroups);
913 /* Adds 'ofconn_node' to 'ofconn''s list of pending opgroups.
915 * If 'ofconn' is destroyed or its connection drops, then 'ofconn' will remove
916 * 'ofconn_node' from the list and re-initialize it with list_init(). The
917 * client may, therefore, use list_is_empty(ofconn_node) to determine whether
918 * 'ofconn_node' is still associated with an active ofconn.
920 * The client may also remove ofconn_node from the list itself, with
923 ofconn_add_opgroup(struct ofconn *ofconn, struct list *ofconn_node)
925 list_push_back(&ofconn->opgroups, ofconn_node);
928 /* Private ofconn functions. */
931 ofconn_get_target(const struct ofconn *ofconn)
933 return rconn_get_target(ofconn->rconn);
936 static struct ofconn *
937 ofconn_create(struct connmgr *mgr, struct rconn *rconn, enum ofconn_type type)
939 struct ofconn *ofconn;
941 ofconn = xzalloc(sizeof *ofconn);
942 ofconn->connmgr = mgr;
943 list_push_back(&mgr->all_conns, &ofconn->node);
944 ofconn->rconn = rconn;
947 list_init(&ofconn->opgroups);
949 ofconn_flush(ofconn);
954 /* Clears all of the state in 'ofconn' that should not persist from one
955 * connection to the next. */
957 ofconn_flush(struct ofconn *ofconn)
961 ofconn->role = NX_ROLE_OTHER;
962 ofconn->flow_format = NXFF_OPENFLOW10;
963 ofconn->packet_in_format = NXPIF_OPENFLOW10;
964 ofconn->flow_mod_table_id = false;
966 /* Disassociate 'ofconn' from all of the ofopgroups that it initiated that
967 * have not yet completed. (Those ofopgroups will still run to completion
968 * in the usual way, but any errors that they run into will not be reported
969 * on any OpenFlow channel.)
971 * Also discard any blocked operation on 'ofconn'. */
972 while (!list_is_empty(&ofconn->opgroups)) {
973 list_init(list_pop_front(&ofconn->opgroups));
975 ofpbuf_delete(ofconn->blocked);
976 ofconn->blocked = NULL;
978 rconn_packet_counter_destroy(ofconn->packet_in_counter);
979 ofconn->packet_in_counter = rconn_packet_counter_create();
980 for (i = 0; i < N_SCHEDULERS; i++) {
981 if (ofconn->schedulers[i]) {
984 pinsched_get_limits(ofconn->schedulers[i], &rate, &burst);
985 pinsched_destroy(ofconn->schedulers[i]);
986 ofconn->schedulers[i] = pinsched_create(rate, burst);
989 if (ofconn->pktbuf) {
990 pktbuf_destroy(ofconn->pktbuf);
991 ofconn->pktbuf = pktbuf_create();
993 ofconn->miss_send_len = (ofconn->type == OFCONN_PRIMARY
994 ? OFP_DEFAULT_MISS_SEND_LEN
997 rconn_packet_counter_destroy(ofconn->reply_counter);
998 ofconn->reply_counter = rconn_packet_counter_create();
1002 ofconn_destroy(struct ofconn *ofconn)
1004 ofconn_flush(ofconn);
1006 if (ofconn->type == OFCONN_PRIMARY) {
1007 hmap_remove(&ofconn->connmgr->controllers, &ofconn->hmap_node);
1010 list_remove(&ofconn->node);
1011 rconn_destroy(ofconn->rconn);
1012 rconn_packet_counter_destroy(ofconn->packet_in_counter);
1013 rconn_packet_counter_destroy(ofconn->reply_counter);
1014 pktbuf_destroy(ofconn->pktbuf);
1018 /* Reconfigures 'ofconn' to match 'c'. 'ofconn' and 'c' must have the same
1021 ofconn_reconfigure(struct ofconn *ofconn, const struct ofproto_controller *c)
1025 ofconn->band = c->band;
1027 rconn_set_max_backoff(ofconn->rconn, c->max_backoff);
1029 probe_interval = c->probe_interval ? MAX(c->probe_interval, 5) : 0;
1030 rconn_set_probe_interval(ofconn->rconn, probe_interval);
1032 ofconn_set_rate_limit(ofconn, c->rate_limit, c->burst_limit);
1035 /* Returns true if it makes sense for 'ofconn' to receive and process OpenFlow
1038 ofconn_may_recv(const struct ofconn *ofconn)
1040 int count = rconn_packet_counter_read (ofconn->reply_counter);
1041 return (!ofconn->blocked || ofconn->retry) && count < OFCONN_REPLY_MAX;
1045 ofconn_run(struct ofconn *ofconn,
1046 bool (*handle_openflow)(struct ofconn *, struct ofpbuf *ofp_msg))
1048 struct connmgr *mgr = ofconn->connmgr;
1051 for (i = 0; i < N_SCHEDULERS; i++) {
1052 pinsched_run(ofconn->schedulers[i], do_send_packet_in, ofconn);
1055 rconn_run(ofconn->rconn);
1057 if (handle_openflow) {
1058 /* Limit the number of iterations to avoid starving other tasks. */
1059 for (i = 0; i < 50 && ofconn_may_recv(ofconn); i++) {
1060 struct ofpbuf *of_msg;
1062 of_msg = (ofconn->blocked
1064 : rconn_recv(ofconn->rconn));
1068 if (mgr->fail_open) {
1069 fail_open_maybe_recover(mgr->fail_open);
1072 if (handle_openflow(ofconn, of_msg)) {
1073 ofpbuf_delete(of_msg);
1074 ofconn->blocked = NULL;
1076 ofconn->blocked = of_msg;
1077 ofconn->retry = false;
1082 if (!rconn_is_alive(ofconn->rconn)) {
1083 ofconn_destroy(ofconn);
1084 } else if (!rconn_is_connected(ofconn->rconn)) {
1085 ofconn_flush(ofconn);
1090 ofconn_wait(struct ofconn *ofconn, bool handling_openflow)
1094 for (i = 0; i < N_SCHEDULERS; i++) {
1095 pinsched_wait(ofconn->schedulers[i]);
1097 rconn_run_wait(ofconn->rconn);
1098 if (handling_openflow && ofconn_may_recv(ofconn)) {
1099 rconn_recv_wait(ofconn->rconn);
1103 /* Returns true if 'ofconn' should receive asynchronous messages. */
1105 ofconn_receives_async_msgs__(const struct ofconn *ofconn)
1107 if (ofconn->type == OFCONN_PRIMARY) {
1108 /* Primary controllers always get asynchronous messages unless they
1109 * have configured themselves as "slaves". */
1110 return ofconn->role != NX_ROLE_SLAVE;
1112 /* Service connections don't get asynchronous messages unless they have
1113 * explicitly asked for them by setting a nonzero miss send length. */
1114 return ofconn->miss_send_len > 0;
1119 ofconn_receives_async_msgs(const struct ofconn *ofconn)
1121 if (!rconn_is_connected(ofconn->rconn)) {
1124 return ofconn_receives_async_msgs__(ofconn);
1129 ofconn_interested_in_packet(const struct ofconn *ofconn,
1130 const struct ofputil_packet_in *pin)
1132 if (!rconn_is_connected(ofconn->rconn)) {
1134 } else if (pin->reason == OFPR_INVALID_TTL) {
1135 return ofconn->invalid_ttl_to_controller;
1137 return ofconn_receives_async_msgs__(ofconn);
1141 /* Returns a human-readable name for an OpenFlow connection between 'mgr' and
1142 * 'target', suitable for use in log messages for identifying the connection.
1144 * The name is dynamically allocated. The caller should free it (with free())
1145 * when it is no longer needed. */
1147 ofconn_make_name(const struct connmgr *mgr, const char *target)
1149 return xasprintf("%s<->%s", mgr->name, target);
1153 ofconn_set_rate_limit(struct ofconn *ofconn, int rate, int burst)
1157 for (i = 0; i < N_SCHEDULERS; i++) {
1158 struct pinsched **s = &ofconn->schedulers[i];
1162 *s = pinsched_create(rate, burst);
1164 pinsched_set_limits(*s, rate, burst);
1167 pinsched_destroy(*s);
1174 ofconn_send(const struct ofconn *ofconn, struct ofpbuf *msg,
1175 struct rconn_packet_counter *counter)
1177 update_openflow_length(msg);
1178 if (rconn_send(ofconn->rconn, msg, counter)) {
1183 /* Sending asynchronous messages. */
1185 static void schedule_packet_in(struct ofconn *, struct ofputil_packet_in,
1186 const struct flow *);
1188 /* Sends an OFPT_PORT_STATUS message with 'opp' and 'reason' to appropriate
1189 * controllers managed by 'mgr'. */
1191 connmgr_send_port_status(struct connmgr *mgr, const struct ofp_phy_port *opp,
1194 /* XXX Should limit the number of queued port status change messages. */
1195 struct ofconn *ofconn;
1197 LIST_FOR_EACH (ofconn, node, &mgr->all_conns) {
1198 struct ofp_port_status *ops;
1201 /* Primary controllers, even slaves, should always get port status
1202 updates. Otherwise obey ofconn_receives_async_msgs(). */
1203 if (ofconn->type != OFCONN_PRIMARY
1204 && !ofconn_receives_async_msgs(ofconn)) {
1208 ops = make_openflow_xid(sizeof *ops, OFPT_PORT_STATUS, 0, &b);
1209 ops->reason = reason;
1211 ofconn_send(ofconn, b, NULL);
1215 /* Sends an OFPT_FLOW_REMOVED or NXT_FLOW_REMOVED message based on 'fr' to
1216 * appropriate controllers managed by 'mgr'. */
1218 connmgr_send_flow_removed(struct connmgr *mgr,
1219 const struct ofputil_flow_removed *fr)
1221 struct ofconn *ofconn;
1223 LIST_FOR_EACH (ofconn, node, &mgr->all_conns) {
1226 if (!ofconn_receives_async_msgs(ofconn)) {
1230 /* Account flow expirations as replies to OpenFlow requests. That
1231 * works because preventing OpenFlow requests from being processed also
1232 * prevents new flows from being added (and expiring). (It also
1233 * prevents processing OpenFlow requests that would not add new flows,
1234 * so it is imperfect.) */
1235 msg = ofputil_encode_flow_removed(fr, ofconn->flow_format);
1236 ofconn_send_reply(ofconn, msg);
1240 /* Given 'pin', sends an OFPT_PACKET_IN message to each OpenFlow controller as
1241 * necessary according to their individual configurations. */
1243 connmgr_send_packet_in(struct connmgr *mgr,
1244 const struct ofputil_packet_in *pin,
1245 const struct flow *flow)
1247 struct ofconn *ofconn;
1249 LIST_FOR_EACH (ofconn, node, &mgr->all_conns) {
1250 if (ofconn_interested_in_packet(ofconn, pin)) {
1251 schedule_packet_in(ofconn, *pin, flow);
1256 /* pinsched callback for sending 'ofp_packet_in' on 'ofconn'. */
1258 do_send_packet_in(struct ofpbuf *ofp_packet_in, void *ofconn_)
1260 struct ofconn *ofconn = ofconn_;
1262 rconn_send_with_limit(ofconn->rconn, ofp_packet_in,
1263 ofconn->packet_in_counter, 100);
1266 /* Takes 'pin', whose packet has the flow specified by 'flow', composes an
1267 * OpenFlow packet-in message from it, and passes it to 'ofconn''s packet
1268 * scheduler for sending. */
1270 schedule_packet_in(struct ofconn *ofconn, struct ofputil_packet_in pin,
1271 const struct flow *flow)
1273 struct connmgr *mgr = ofconn->connmgr;
1275 /* Get OpenFlow buffer_id. */
1276 if (pin.reason == OFPR_ACTION) {
1277 pin.buffer_id = UINT32_MAX;
1278 } else if (mgr->fail_open && fail_open_is_active(mgr->fail_open)) {
1279 pin.buffer_id = pktbuf_get_null();
1280 } else if (!ofconn->pktbuf) {
1281 pin.buffer_id = UINT32_MAX;
1283 pin.buffer_id = pktbuf_save(ofconn->pktbuf, pin.packet, pin.packet_len,
1287 /* Figure out how much of the packet to send. */
1288 if (pin.reason == OFPR_NO_MATCH) {
1289 pin.send_len = pin.packet_len;
1291 /* Caller should have initialized 'send_len' to 'max_len' specified in
1292 * struct ofp_action_output. */
1294 if (pin.buffer_id != UINT32_MAX) {
1295 pin.send_len = MIN(pin.send_len, ofconn->miss_send_len);
1298 /* Make OFPT_PACKET_IN and hand over to packet scheduler. It might
1299 * immediately call into do_send_packet_in() or it might buffer it for a
1300 * while (until a later call to pinsched_run()). */
1301 pinsched_send(ofconn->schedulers[pin.reason == OFPR_NO_MATCH ? 0 : 1],
1303 ofputil_encode_packet_in(&pin, ofconn->packet_in_format),
1304 do_send_packet_in, ofconn);
1307 /* Fail-open settings. */
1309 /* Returns the failure handling mode (OFPROTO_FAIL_SECURE or
1310 * OFPROTO_FAIL_STANDALONE) for 'mgr'. */
1311 enum ofproto_fail_mode
1312 connmgr_get_fail_mode(const struct connmgr *mgr)
1314 return mgr->fail_mode;
1317 /* Sets the failure handling mode for 'mgr' to 'fail_mode' (either
1318 * OFPROTO_FAIL_SECURE or OFPROTO_FAIL_STANDALONE). */
1320 connmgr_set_fail_mode(struct connmgr *mgr, enum ofproto_fail_mode fail_mode)
1322 if (mgr->fail_mode != fail_mode) {
1323 mgr->fail_mode = fail_mode;
1324 update_fail_open(mgr);
1325 if (!connmgr_has_controllers(mgr)) {
1326 ofproto_flush_flows(mgr->ofproto);
1331 /* Fail-open implementation. */
1333 /* Returns the longest probe interval among the primary controllers configured
1334 * on 'mgr'. Returns 0 if there are no primary controllers. */
1336 connmgr_get_max_probe_interval(const struct connmgr *mgr)
1338 const struct ofconn *ofconn;
1339 int max_probe_interval;
1341 max_probe_interval = 0;
1342 HMAP_FOR_EACH (ofconn, hmap_node, &mgr->controllers) {
1343 int probe_interval = rconn_get_probe_interval(ofconn->rconn);
1344 max_probe_interval = MAX(max_probe_interval, probe_interval);
1346 return max_probe_interval;
1349 /* Returns the number of seconds for which all of 'mgr's primary controllers
1350 * have been disconnected. Returns 0 if 'mgr' has no primary controllers. */
1352 connmgr_failure_duration(const struct connmgr *mgr)
1354 const struct ofconn *ofconn;
1355 int min_failure_duration;
1357 if (!connmgr_has_controllers(mgr)) {
1361 min_failure_duration = INT_MAX;
1362 HMAP_FOR_EACH (ofconn, hmap_node, &mgr->controllers) {
1363 int failure_duration = rconn_failure_duration(ofconn->rconn);
1364 min_failure_duration = MIN(min_failure_duration, failure_duration);
1366 return min_failure_duration;
1369 /* Returns true if at least one primary controller is connected (regardless of
1370 * whether those controllers are believed to have authenticated and accepted
1371 * this switch), false if none of them are connected. */
1373 connmgr_is_any_controller_connected(const struct connmgr *mgr)
1375 const struct ofconn *ofconn;
1377 HMAP_FOR_EACH (ofconn, hmap_node, &mgr->controllers) {
1378 if (rconn_is_connected(ofconn->rconn)) {
1385 /* Returns true if at least one primary controller is believed to have
1386 * authenticated and accepted this switch, false otherwise. */
1388 connmgr_is_any_controller_admitted(const struct connmgr *mgr)
1390 const struct ofconn *ofconn;
1392 HMAP_FOR_EACH (ofconn, hmap_node, &mgr->controllers) {
1393 if (rconn_is_admitted(ofconn->rconn)) {
1400 /* Sends 'packet' to each controller connected to 'mgr'. Takes ownership of
1403 connmgr_broadcast(struct connmgr *mgr, struct ofpbuf *packet)
1405 struct ofconn *ofconn, *prev;
1408 LIST_FOR_EACH (ofconn, node, &mgr->all_conns) {
1410 ofconn_send_reply(ofconn, ofpbuf_clone(packet));
1412 if (rconn_is_connected(ofconn->rconn)) {
1417 ofconn_send_reply(prev, packet);
1419 ofpbuf_delete(packet);
1423 /* In-band configuration. */
1425 static bool any_extras_changed(const struct connmgr *,
1426 const struct sockaddr_in *extras, size_t n);
1428 /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'mgr''s
1429 * in-band control should guarantee access, in the same way that in-band
1430 * control guarantees access to OpenFlow controllers. */
1432 connmgr_set_extra_in_band_remotes(struct connmgr *mgr,
1433 const struct sockaddr_in *extras, size_t n)
1435 if (!any_extras_changed(mgr, extras, n)) {
1439 free(mgr->extra_in_band_remotes);
1440 mgr->n_extra_remotes = n;
1441 mgr->extra_in_band_remotes = xmemdup(extras, n * sizeof *extras);
1443 update_in_band_remotes(mgr);
1446 /* Sets the OpenFlow queue used by flows set up by in-band control on
1447 * 'mgr' to 'queue_id'. If 'queue_id' is negative, then in-band control
1448 * flows will use the default queue. */
1450 connmgr_set_in_band_queue(struct connmgr *mgr, int queue_id)
1452 if (queue_id != mgr->in_band_queue) {
1453 mgr->in_band_queue = queue_id;
1454 update_in_band_remotes(mgr);
1459 any_extras_changed(const struct connmgr *mgr,
1460 const struct sockaddr_in *extras, size_t n)
1464 if (n != mgr->n_extra_remotes) {
1468 for (i = 0; i < n; i++) {
1469 const struct sockaddr_in *old = &mgr->extra_in_band_remotes[i];
1470 const struct sockaddr_in *new = &extras[i];
1472 if (old->sin_addr.s_addr != new->sin_addr.s_addr ||
1473 old->sin_port != new->sin_port) {
1481 /* In-band implementation. */
1484 connmgr_msg_in_hook(struct connmgr *mgr, const struct flow *flow,
1485 const struct ofpbuf *packet)
1487 return mgr->in_band && in_band_msg_in_hook(mgr->in_band, flow, packet);
1491 connmgr_may_set_up_flow(struct connmgr *mgr, const struct flow *flow,
1492 const struct nlattr *odp_actions,
1495 return !mgr->in_band || in_band_rule_check(flow, odp_actions, actions_len);
1498 /* Fail-open and in-band implementation. */
1500 /* Called by 'ofproto' after all flows have been flushed, to allow fail-open
1501 * and standalone mode to re-create their flows.
1503 * In-band control has more sophisticated code that manages flows itself. */
1505 connmgr_flushed(struct connmgr *mgr)
1507 if (mgr->fail_open) {
1508 fail_open_flushed(mgr->fail_open);
1511 /* If there are no controllers and we're in standalone mode, set up a flow
1512 * that matches every packet and directs them to OFPP_NORMAL (which goes to
1513 * us). Otherwise, the switch is in secure mode and we won't pass any
1514 * traffic until a controller has been defined and it tells us to do so. */
1515 if (!connmgr_has_controllers(mgr)
1516 && mgr->fail_mode == OFPROTO_FAIL_STANDALONE) {
1517 union ofp_action action;
1518 struct cls_rule rule;
1520 memset(&action, 0, sizeof action);
1521 action.type = htons(OFPAT_OUTPUT);
1522 action.output.len = htons(sizeof action);
1523 action.output.port = htons(OFPP_NORMAL);
1524 cls_rule_init_catchall(&rule, 0);
1525 ofproto_add_flow(mgr->ofproto, &rule, &action, 1);
1529 /* Creates a new ofservice for 'target' in 'mgr'. Returns 0 if successful,
1530 * otherwise a positive errno value.
1532 * ofservice_reconfigure() must be called to fully configure the new
1535 ofservice_create(struct connmgr *mgr, const char *target)
1537 struct ofservice *ofservice;
1538 struct pvconn *pvconn;
1541 error = pvconn_open(target, &pvconn);
1546 ofservice = xzalloc(sizeof *ofservice);
1547 hmap_insert(&mgr->services, &ofservice->node, hash_string(target, 0));
1548 ofservice->pvconn = pvconn;
1554 ofservice_destroy(struct connmgr *mgr, struct ofservice *ofservice)
1556 hmap_remove(&mgr->services, &ofservice->node);
1557 pvconn_close(ofservice->pvconn);
1562 ofservice_reconfigure(struct ofservice *ofservice,
1563 const struct ofproto_controller *c)
1565 ofservice->probe_interval = c->probe_interval;
1566 ofservice->rate_limit = c->rate_limit;
1567 ofservice->burst_limit = c->burst_limit;
1570 /* Finds and returns the ofservice within 'mgr' that has the given
1571 * 'target', or a null pointer if none exists. */
1572 static struct ofservice *
1573 ofservice_lookup(struct connmgr *mgr, const char *target)
1575 struct ofservice *ofservice;
1577 HMAP_FOR_EACH_WITH_HASH (ofservice, node, hash_string(target, 0),
1579 if (!strcmp(pvconn_get_name(ofservice->pvconn), target)) {