1 /* Copyright (c) 2008, 2009 Nicira Networks
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
20 #include <arpa/inet.h>
24 #include <openflow/openflow.h>
29 #include <sys/socket.h>
30 #include <sys/types.h>
37 #include "dynamic-string.h"
41 #include "mac-learning.h"
44 #include "ofp-print.h"
46 #include "ofproto/ofproto.h"
48 #include "poll-loop.h"
49 #include "port-array.h"
50 #include "proc-net-compat.h"
52 #include "socket-util.h"
59 #include "vconn-ssl.h"
60 #include "xenserver.h"
63 #define THIS_MODULE VLM_bridge
71 extern uint64_t mgmt_id;
74 struct port *port; /* Containing port. */
75 size_t port_ifidx; /* Index within containing port. */
77 char *name; /* Host network device name. */
78 int dp_ifidx; /* Index within kernel datapath. */
80 uint8_t mac[ETH_ADDR_LEN]; /* Ethernet address (all zeros if unknowns). */
82 tag_type tag; /* Tag associated with this interface. */
83 bool enabled; /* May be chosen for flows? */
84 long long delay_expires; /* Time after which 'enabled' may change. */
87 #define BOND_MASK 0xff
89 int iface_idx; /* Index of assigned iface, or -1 if none. */
90 uint64_t tx_bytes; /* Count of bytes recently transmitted. */
91 tag_type iface_tag; /* Tag associated with iface_idx. */
94 #define MAX_MIRRORS 32
95 typedef uint32_t mirror_mask_t;
96 #define MIRROR_MASK_C(X) UINT32_C(X)
97 BUILD_ASSERT_DECL(sizeof(mirror_mask_t) * CHAR_BIT >= MAX_MIRRORS);
99 struct bridge *bridge;
103 /* Selection criteria. */
104 struct svec src_ports;
105 struct svec dst_ports;
110 struct port *out_port;
114 #define FLOOD_PORT ((struct port *) 1) /* The 'flood' output port. */
116 struct bridge *bridge;
118 int vlan; /* -1=trunk port, else a 12-bit VLAN ID. */
119 unsigned long *trunks; /* Bitmap of trunked VLANs, if 'vlan' == -1. */
122 /* An ordinary bridge port has 1 interface.
123 * A bridge port for bonding has at least 2 interfaces. */
124 struct iface **ifaces;
125 size_t n_ifaces, allocated_ifaces;
128 struct bond_entry *bond_hash; /* An array of (BOND_MASK + 1) elements. */
129 int active_iface; /* Ifidx on which bcasts accepted, or -1. */
130 tag_type active_iface_tag; /* Tag for bcast flows. */
131 tag_type no_ifaces_tag; /* Tag for flows when all ifaces disabled. */
132 int updelay, downdelay; /* Delay before iface goes up/down, in ms. */
134 /* Port mirroring info. */
135 mirror_mask_t src_mirrors; /* Mirrors triggered when packet received. */
136 mirror_mask_t dst_mirrors; /* Mirrors triggered when packet sent. */
137 bool is_mirror_output_port; /* Does port mirroring send frames here? */
139 /* Spanning tree info. */
140 enum stp_state stp_state; /* Always STP_FORWARDING if STP not in use. */
141 tag_type stp_state_tag; /* Tag for STP state change. */
144 #define DP_MAX_PORTS 255
146 struct list node; /* Node in global list of bridges. */
147 char *name; /* User-specified arbitrary name. */
148 struct mac_learning *ml; /* MAC learning table, or null not to learn. */
149 bool sent_config_request; /* Successfully sent config request? */
150 uint8_t default_ea[ETH_ADDR_LEN]; /* Default MAC. */
152 /* Support for remote controllers. */
153 char *controller; /* NULL if there is no remote controller;
154 * "discover" to do controller discovery;
155 * otherwise a vconn name. */
157 /* OpenFlow switch processing. */
158 struct ofproto *ofproto; /* OpenFlow switch. */
160 /* Kernel datapath information. */
161 struct dpif *dpif; /* Datapath. */
162 struct port_array ifaces; /* Indexed by kernel datapath port number. */
166 size_t n_ports, allocated_ports;
169 bool has_bonded_ports;
170 long long int bond_next_rebalance;
175 /* Flow statistics gathering. */
176 time_t next_stats_request;
178 /* Port mirroring. */
179 struct mirror *mirrors[MAX_MIRRORS];
183 long long int stp_last_tick;
186 /* List of all bridges. */
187 static struct list all_bridges = LIST_INITIALIZER(&all_bridges);
189 /* Maximum number of datapaths. */
190 enum { DP_MAX = 256 };
192 static struct bridge *bridge_create(const char *name);
193 static void bridge_destroy(struct bridge *);
194 static struct bridge *bridge_lookup(const char *name);
195 static int bridge_run_one(struct bridge *);
196 static void bridge_reconfigure_one(struct bridge *);
197 static void bridge_reconfigure_controller(struct bridge *);
198 static void bridge_get_all_ifaces(const struct bridge *, struct svec *ifaces);
199 static void bridge_fetch_dp_ifaces(struct bridge *);
200 static void bridge_flush(struct bridge *);
201 static void bridge_pick_local_hw_addr(struct bridge *,
202 uint8_t ea[ETH_ADDR_LEN],
203 const char **devname);
204 static uint64_t bridge_pick_datapath_id(struct bridge *,
205 const uint8_t bridge_ea[ETH_ADDR_LEN],
206 const char *devname);
207 static uint64_t dpid_from_hash(const void *, size_t nbytes);
209 static void bridge_unixctl_fdb_show(struct unixctl_conn *, const char *args);
211 static void bond_init(void);
212 static void bond_run(struct bridge *);
213 static void bond_wait(struct bridge *);
214 static void bond_rebalance_port(struct port *);
215 static void bond_send_learning_packets(struct port *);
217 static void port_create(struct bridge *, const char *name);
218 static void port_reconfigure(struct port *);
219 static void port_destroy(struct port *);
220 static struct port *port_lookup(const struct bridge *, const char *name);
221 static struct iface *port_lookup_iface(const struct port *, const char *name);
222 static struct port *port_from_dp_ifidx(const struct bridge *,
224 static void port_update_bond_compat(struct port *);
225 static void port_update_vlan_compat(struct port *);
227 static void mirror_create(struct bridge *, const char *name);
228 static void mirror_destroy(struct mirror *);
229 static void mirror_reconfigure(struct bridge *);
230 static void mirror_reconfigure_one(struct mirror *);
231 static bool vlan_is_mirrored(const struct mirror *, int vlan);
233 static void brstp_reconfigure(struct bridge *);
234 static void brstp_adjust_timers(struct bridge *);
235 static void brstp_run(struct bridge *);
236 static void brstp_wait(struct bridge *);
238 static void iface_create(struct port *, const char *name);
239 static void iface_destroy(struct iface *);
240 static struct iface *iface_lookup(const struct bridge *, const char *name);
241 static struct iface *iface_from_dp_ifidx(const struct bridge *,
244 /* Hooks into ofproto processing. */
245 static struct ofhooks bridge_ofhooks;
247 /* Public functions. */
249 /* Adds the name of each interface used by a bridge, including local and
250 * internal ports, to 'svec'. */
252 bridge_get_ifaces(struct svec *svec)
254 struct bridge *br, *next;
257 LIST_FOR_EACH_SAFE (br, next, struct bridge, node, &all_bridges) {
258 for (i = 0; i < br->n_ports; i++) {
259 struct port *port = br->ports[i];
261 for (j = 0; j < port->n_ifaces; j++) {
262 struct iface *iface = port->ifaces[j];
263 if (iface->dp_ifidx < 0) {
264 VLOG_ERR("%s interface not in datapath %s, ignoring",
265 iface->name, dpif_name(br->dpif));
267 if (iface->dp_ifidx != ODPP_LOCAL) {
268 svec_add(svec, iface->name);
276 /* The caller must already have called cfg_read(). */
280 struct svec dpif_names;
283 unixctl_command_register("fdb/show", bridge_unixctl_fdb_show);
285 dp_enumerate(&dpif_names);
286 for (i = 0; i < dpif_names.n; i++) {
287 const char *dpif_name = dpif_names.names[i];
291 retval = dpif_open(dpif_name, &dpif);
293 struct svec all_names;
296 svec_init(&all_names);
297 dpif_get_all_names(dpif, &all_names);
298 for (j = 0; j < all_names.n; j++) {
299 if (cfg_has("bridge.%s.port", all_names.names[j])) {
305 svec_destroy(&all_names);
311 bridge_reconfigure();
316 config_string_change(const char *key, char **valuep)
318 const char *value = cfg_get_string(0, "%s", key);
319 if (value && (!*valuep || strcmp(value, *valuep))) {
321 *valuep = xstrdup(value);
329 bridge_configure_ssl(void)
331 /* XXX SSL should be configurable on a per-bridge basis.
332 * XXX should be possible to de-configure SSL. */
333 static char *private_key_file;
334 static char *certificate_file;
335 static char *cacert_file;
338 if (config_string_change("ssl.private-key", &private_key_file)) {
339 vconn_ssl_set_private_key_file(private_key_file);
342 if (config_string_change("ssl.certificate", &certificate_file)) {
343 vconn_ssl_set_certificate_file(certificate_file);
346 /* We assume that even if the filename hasn't changed, if the CA cert
347 * file has been removed, that we want to move back into
348 * boot-strapping mode. This opens a small security hole, because
349 * the old certificate will still be trusted until vSwitch is
350 * restarted. We may want to address this in vconn's SSL library. */
351 if (config_string_change("ssl.ca-cert", &cacert_file)
352 || (cacert_file && stat(cacert_file, &s) && errno == ENOENT)) {
353 vconn_ssl_set_ca_cert_file(cacert_file,
354 cfg_get_bool(0, "ssl.bootstrap-ca-cert"));
360 bridge_reconfigure(void)
362 struct svec old_br, new_br;
363 struct bridge *br, *next;
366 COVERAGE_INC(bridge_reconfigure);
368 /* Collect old and new bridges. */
371 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
372 svec_add(&old_br, br->name);
374 cfg_get_subsections(&new_br, "bridge");
376 /* Get rid of deleted bridges and add new bridges. */
379 assert(svec_is_unique(&old_br));
380 assert(svec_is_unique(&new_br));
381 LIST_FOR_EACH_SAFE (br, next, struct bridge, node, &all_bridges) {
382 if (!svec_contains(&new_br, br->name)) {
386 for (i = 0; i < new_br.n; i++) {
387 const char *name = new_br.names[i];
388 if (!svec_contains(&old_br, name)) {
392 svec_destroy(&old_br);
393 svec_destroy(&new_br);
397 bridge_configure_ssl();
400 /* Reconfigure all bridges. */
401 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
402 bridge_reconfigure_one(br);
405 /* Add and delete ports on all datapaths.
407 * The kernel will reject any attempt to add a given port to a datapath if
408 * that port already belongs to a different datapath, so we must do all
409 * port deletions before any port additions. */
410 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
411 struct odp_port *dpif_ports;
413 struct svec want_ifaces;
415 dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports);
416 bridge_get_all_ifaces(br, &want_ifaces);
417 for (i = 0; i < n_dpif_ports; i++) {
418 const struct odp_port *p = &dpif_ports[i];
419 if (!svec_contains(&want_ifaces, p->devname)
420 && strcmp(p->devname, br->name)) {
421 int retval = dpif_port_del(br->dpif, p->port);
423 VLOG_ERR("failed to remove %s interface from %s: %s",
424 p->devname, dpif_name(br->dpif),
429 svec_destroy(&want_ifaces);
432 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
433 struct odp_port *dpif_ports;
435 struct svec cur_ifaces, want_ifaces, add_ifaces;
437 dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports);
438 svec_init(&cur_ifaces);
439 for (i = 0; i < n_dpif_ports; i++) {
440 svec_add(&cur_ifaces, dpif_ports[i].devname);
443 svec_sort_unique(&cur_ifaces);
444 bridge_get_all_ifaces(br, &want_ifaces);
445 svec_diff(&want_ifaces, &cur_ifaces, &add_ifaces, NULL, NULL);
447 for (i = 0; i < add_ifaces.n; i++) {
448 const char *if_name = add_ifaces.names[i];
449 int internal = cfg_get_bool(0, "iface.%s.internal", if_name);
450 int flags = internal ? ODP_PORT_INTERNAL : 0;
451 int error = dpif_port_add(br->dpif, if_name, flags, NULL);
452 if (error == EXFULL) {
453 VLOG_ERR("ran out of valid port numbers on %s",
454 dpif_name(br->dpif));
457 VLOG_ERR("failed to add %s interface to %s: %s",
458 if_name, dpif_name(br->dpif), strerror(error));
461 svec_destroy(&cur_ifaces);
462 svec_destroy(&want_ifaces);
463 svec_destroy(&add_ifaces);
465 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
468 struct iface *local_iface = NULL;
470 uint8_t engine_type, engine_id;
471 bool add_id_to_iface = false;
472 struct svec nf_hosts;
474 bridge_fetch_dp_ifaces(br);
475 for (i = 0; i < br->n_ports; ) {
476 struct port *port = br->ports[i];
478 for (j = 0; j < port->n_ifaces; ) {
479 struct iface *iface = port->ifaces[j];
480 if (iface->dp_ifidx < 0) {
481 VLOG_ERR("%s interface not in %s, dropping",
482 iface->name, dpif_name(br->dpif));
483 iface_destroy(iface);
485 if (iface->dp_ifidx == ODPP_LOCAL) {
488 VLOG_DBG("%s has interface %s on port %d",
490 iface->name, iface->dp_ifidx);
494 if (!port->n_ifaces) {
495 VLOG_ERR("%s port has no interfaces, dropping", port->name);
502 /* Pick local port hardware address, datapath ID. */
503 bridge_pick_local_hw_addr(br, ea, &devname);
505 int error = netdev_nodev_set_etheraddr(local_iface->name, ea);
507 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
508 VLOG_ERR_RL(&rl, "bridge %s: failed to set bridge "
509 "Ethernet address: %s",
510 br->name, strerror(error));
514 dpid = bridge_pick_datapath_id(br, ea, devname);
515 ofproto_set_datapath_id(br->ofproto, dpid);
517 /* Set NetFlow configuration on this bridge. */
518 dpif_get_netflow_ids(br->dpif, &engine_type, &engine_id);
519 if (cfg_has("netflow.%s.engine-type", br->name)) {
520 engine_type = cfg_get_int(0, "netflow.%s.engine-type",
523 if (cfg_has("netflow.%s.engine-id", br->name)) {
524 engine_id = cfg_get_int(0, "netflow.%s.engine-id", br->name);
526 if (cfg_has("netflow.%s.add-id-to-iface", br->name)) {
527 add_id_to_iface = cfg_get_bool(0, "netflow.%s.add-id-to-iface",
530 if (add_id_to_iface && engine_id > 0x7f) {
531 VLOG_WARN("bridge %s: netflow port mangling may conflict with "
532 "another vswitch, choose an engine id less than 128",
535 if (add_id_to_iface && br->n_ports > 0x1ff) {
536 VLOG_WARN("bridge %s: netflow port mangling will conflict with "
537 "another port when 512 or more ports are used",
540 svec_init(&nf_hosts);
541 cfg_get_all_keys(&nf_hosts, "netflow.%s.host", br->name);
542 if (ofproto_set_netflow(br->ofproto, &nf_hosts, engine_type,
543 engine_id, add_id_to_iface)) {
544 VLOG_ERR("bridge %s: problem setting netflow collectors",
548 /* Update the controller and related settings. It would be more
549 * straightforward to call this from bridge_reconfigure_one(), but we
550 * can't do it there for two reasons. First, and most importantly, at
551 * that point we don't know the dp_ifidx of any interfaces that have
552 * been added to the bridge (because we haven't actually added them to
553 * the datapath). Second, at that point we haven't set the datapath ID
554 * yet; when a controller is configured, resetting the datapath ID will
555 * immediately disconnect from the controller, so it's better to set
556 * the datapath ID before the controller. */
557 bridge_reconfigure_controller(br);
559 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
560 for (i = 0; i < br->n_ports; i++) {
561 struct port *port = br->ports[i];
562 port_update_vlan_compat(port);
565 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
566 brstp_reconfigure(br);
571 bridge_pick_local_hw_addr(struct bridge *br, uint8_t ea[ETH_ADDR_LEN],
572 const char **devname)
574 uint64_t requested_ea;
580 /* Did the user request a particular MAC? */
581 requested_ea = cfg_get_mac(0, "bridge.%s.mac", br->name);
583 eth_addr_from_uint64(requested_ea, ea);
584 if (eth_addr_is_multicast(ea)) {
585 VLOG_ERR("bridge %s: cannot set MAC address to multicast "
586 "address "ETH_ADDR_FMT, br->name, ETH_ADDR_ARGS(ea));
587 } else if (eth_addr_is_zero(ea)) {
588 VLOG_ERR("bridge %s: cannot set MAC address to zero", br->name);
594 /* Otherwise choose the minimum MAC address among all of the interfaces.
595 * (Xen uses FE:FF:FF:FF:FF:FF for virtual interfaces so this will get the
596 * MAC of the physical interface in such an environment.) */
597 memset(ea, 0xff, sizeof ea);
598 for (i = 0; i < br->n_ports; i++) {
599 struct port *port = br->ports[i];
600 if (port->is_mirror_output_port) {
603 for (j = 0; j < port->n_ifaces; j++) {
604 struct iface *iface = port->ifaces[j];
605 uint8_t iface_ea[ETH_ADDR_LEN];
606 if (iface->dp_ifidx == ODPP_LOCAL
607 || cfg_get_bool(0, "iface.%s.internal", iface->name)) {
610 error = netdev_nodev_get_etheraddr(iface->name, iface_ea);
612 if (!eth_addr_is_multicast(iface_ea) &&
613 !eth_addr_is_reserved(iface_ea) &&
614 !eth_addr_is_zero(iface_ea) &&
615 memcmp(iface_ea, ea, ETH_ADDR_LEN) < 0) {
616 memcpy(ea, iface_ea, ETH_ADDR_LEN);
617 *devname = iface->name;
620 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
621 VLOG_ERR_RL(&rl, "failed to obtain Ethernet address of %s: %s",
622 iface->name, strerror(error));
626 if (eth_addr_is_multicast(ea) || eth_addr_is_vif(ea)) {
627 memcpy(ea, br->default_ea, ETH_ADDR_LEN);
629 VLOG_WARN("bridge %s: using default bridge Ethernet "
630 "address "ETH_ADDR_FMT, br->name, ETH_ADDR_ARGS(ea));
632 VLOG_DBG("bridge %s: using bridge Ethernet address "ETH_ADDR_FMT,
633 br->name, ETH_ADDR_ARGS(ea));
637 /* Choose and returns the datapath ID for bridge 'br' given that the bridge
638 * Ethernet address is 'bridge_ea'. If 'bridge_ea' is the Ethernet address of
639 * a network device, then that network device's name must be passed in as
640 * 'devname'; if 'bridge_ea' was derived some other way, then 'devname' must be
641 * passed in as a null pointer. */
643 bridge_pick_datapath_id(struct bridge *br,
644 const uint8_t bridge_ea[ETH_ADDR_LEN],
648 * The procedure for choosing a bridge MAC address will, in the most
649 * ordinary case, also choose a unique MAC that we can use as a datapath
650 * ID. In some special cases, though, multiple bridges will end up with
651 * the same MAC address. This is OK for the bridges, but it will confuse
652 * the OpenFlow controller, because each datapath needs a unique datapath
655 * Datapath IDs must be unique. It is also very desirable that they be
656 * stable from one run to the next, so that policy set on a datapath
661 dpid = cfg_get_dpid(0, "bridge.%s.datapath-id", br->name);
668 if (!netdev_get_vlan_vid(devname, &vlan)) {
670 * A bridge whose MAC address is taken from a VLAN network device
671 * (that is, a network device created with vconfig(8) or similar
672 * tool) will have the same MAC address as a bridge on the VLAN
673 * device's physical network device.
675 * Handle this case by hashing the physical network device MAC
676 * along with the VLAN identifier.
678 uint8_t buf[ETH_ADDR_LEN + 2];
679 memcpy(buf, bridge_ea, ETH_ADDR_LEN);
680 buf[ETH_ADDR_LEN] = vlan >> 8;
681 buf[ETH_ADDR_LEN + 1] = vlan;
682 return dpid_from_hash(buf, sizeof buf);
685 * Assume that this bridge's MAC address is unique, since it
686 * doesn't fit any of the cases we handle specially.
691 * A purely internal bridge, that is, one that has no non-virtual
692 * network devices on it at all, is more difficult because it has no
693 * natural unique identifier at all.
695 * When the host is a XenServer, we handle this case by hashing the
696 * host's UUID with the name of the bridge. Names of bridges are
697 * persistent across XenServer reboots, although they can be reused if
698 * an internal network is destroyed and then a new one is later
699 * created, so this is fairly effective.
701 * When the host is not a XenServer, we punt by using a random MAC
702 * address on each run.
704 const char *host_uuid = xenserver_get_host_uuid();
706 char *combined = xasprintf("%s,%s", host_uuid, br->name);
707 dpid = dpid_from_hash(combined, strlen(combined));
713 return eth_addr_to_uint64(bridge_ea);
717 dpid_from_hash(const void *data, size_t n)
719 uint8_t hash[SHA1_DIGEST_SIZE];
721 BUILD_ASSERT_DECL(sizeof hash >= ETH_ADDR_LEN);
722 sha1_bytes(data, n, hash);
723 eth_addr_mark_random(hash);
724 return eth_addr_to_uint64(hash);
730 struct bridge *br, *next;
734 LIST_FOR_EACH_SAFE (br, next, struct bridge, node, &all_bridges) {
735 int error = bridge_run_one(br);
737 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
738 VLOG_ERR_RL(&rl, "bridge %s: datapath was destroyed externally, "
739 "forcing reconfiguration", br->name);
753 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
754 ofproto_wait(br->ofproto);
755 if (br->controller) {
760 mac_learning_wait(br->ml);
767 /* Forces 'br' to revalidate all of its flows. This is appropriate when 'br''s
768 * configuration changes. */
770 bridge_flush(struct bridge *br)
772 COVERAGE_INC(bridge_flush);
775 mac_learning_flush(br->ml);
779 /* Bridge unixctl user interface functions. */
781 bridge_unixctl_fdb_show(struct unixctl_conn *conn, const char *args)
783 struct ds ds = DS_EMPTY_INITIALIZER;
784 const struct bridge *br;
786 br = bridge_lookup(args);
788 unixctl_command_reply(conn, 501, "no such bridge");
792 ds_put_cstr(&ds, " port VLAN MAC Age\n");
794 const struct mac_entry *e;
795 LIST_FOR_EACH (e, struct mac_entry, lru_node, &br->ml->lrus) {
796 ds_put_format(&ds, "%5d %4d "ETH_ADDR_FMT" %3d\n",
797 e->port, e->vlan, ETH_ADDR_ARGS(e->mac),
801 unixctl_command_reply(conn, 200, ds_cstr(&ds));
805 /* Bridge reconfiguration functions. */
807 static struct bridge *
808 bridge_create(const char *name)
813 assert(!bridge_lookup(name));
814 br = xcalloc(1, sizeof *br);
816 error = dpif_create(name, &br->dpif);
817 if (error == EEXIST || error == EBUSY) {
818 error = dpif_open(name, &br->dpif);
820 VLOG_ERR("datapath %s already exists but cannot be opened: %s",
821 name, strerror(error));
825 dpif_flow_flush(br->dpif);
827 VLOG_ERR("failed to create datapath %s: %s", name, strerror(error));
832 error = ofproto_create(name, &bridge_ofhooks, br, &br->ofproto);
834 VLOG_ERR("failed to create switch %s: %s", name, strerror(error));
835 dpif_delete(br->dpif);
836 dpif_close(br->dpif);
841 br->name = xstrdup(name);
842 br->ml = mac_learning_create();
843 br->sent_config_request = false;
844 eth_addr_random(br->default_ea);
846 port_array_init(&br->ifaces);
849 br->bond_next_rebalance = time_msec() + 10000;
851 list_push_back(&all_bridges, &br->node);
853 VLOG_INFO("created bridge %s on %s", br->name, dpif_name(br->dpif));
859 bridge_destroy(struct bridge *br)
864 while (br->n_ports > 0) {
865 port_destroy(br->ports[br->n_ports - 1]);
867 list_remove(&br->node);
868 error = dpif_delete(br->dpif);
869 if (error && error != ENOENT) {
870 VLOG_ERR("failed to delete %s: %s",
871 dpif_name(br->dpif), strerror(error));
873 dpif_close(br->dpif);
874 ofproto_destroy(br->ofproto);
875 free(br->controller);
876 mac_learning_destroy(br->ml);
877 port_array_destroy(&br->ifaces);
884 static struct bridge *
885 bridge_lookup(const char *name)
889 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
890 if (!strcmp(br->name, name)) {
898 bridge_exists(const char *name)
900 return bridge_lookup(name) ? true : false;
904 bridge_get_datapathid(const char *name)
906 struct bridge *br = bridge_lookup(name);
907 return br ? ofproto_get_datapath_id(br->ofproto) : 0;
911 bridge_run_one(struct bridge *br)
915 error = ofproto_run1(br->ofproto);
921 mac_learning_run(br->ml, ofproto_get_revalidate_set(br->ofproto));
926 error = ofproto_run2(br->ofproto, br->flush);
933 bridge_get_controller(const struct bridge *br)
935 const char *controller;
937 controller = cfg_get_string(0, "bridge.%s.controller", br->name);
939 controller = cfg_get_string(0, "mgmt.controller");
941 return controller && controller[0] ? controller : NULL;
945 bridge_reconfigure_one(struct bridge *br)
947 struct svec old_ports, new_ports, ifaces;
948 struct svec listeners, old_listeners;
949 struct svec snoops, old_snoops;
952 /* Collect old ports. */
953 svec_init(&old_ports);
954 for (i = 0; i < br->n_ports; i++) {
955 svec_add(&old_ports, br->ports[i]->name);
957 svec_sort(&old_ports);
958 assert(svec_is_unique(&old_ports));
960 /* Collect new ports. */
961 svec_init(&new_ports);
962 cfg_get_all_keys(&new_ports, "bridge.%s.port", br->name);
963 svec_sort(&new_ports);
964 if (bridge_get_controller(br)) {
965 char local_name[IF_NAMESIZE];
968 error = dpif_port_get_name(br->dpif, ODPP_LOCAL,
969 local_name, sizeof local_name);
970 if (!error && !svec_contains(&new_ports, local_name)) {
971 svec_add(&new_ports, local_name);
972 svec_sort(&new_ports);
975 if (!svec_is_unique(&new_ports)) {
976 VLOG_WARN("bridge %s: %s specified twice as bridge port",
977 br->name, svec_get_duplicate(&new_ports));
978 svec_unique(&new_ports);
981 ofproto_set_mgmt_id(br->ofproto, mgmt_id);
983 /* Get rid of deleted ports and add new ports. */
984 for (i = 0; i < br->n_ports; ) {
985 struct port *port = br->ports[i];
986 if (!svec_contains(&new_ports, port->name)) {
992 for (i = 0; i < new_ports.n; i++) {
993 const char *name = new_ports.names[i];
994 if (!svec_contains(&old_ports, name)) {
995 port_create(br, name);
998 svec_destroy(&old_ports);
999 svec_destroy(&new_ports);
1001 /* Reconfigure all ports. */
1002 for (i = 0; i < br->n_ports; i++) {
1003 port_reconfigure(br->ports[i]);
1006 /* Check and delete duplicate interfaces. */
1008 for (i = 0; i < br->n_ports; ) {
1009 struct port *port = br->ports[i];
1010 for (j = 0; j < port->n_ifaces; ) {
1011 struct iface *iface = port->ifaces[j];
1012 if (svec_contains(&ifaces, iface->name)) {
1013 VLOG_ERR("bridge %s: %s interface is on multiple ports, "
1015 br->name, iface->name, port->name);
1016 iface_destroy(iface);
1018 svec_add(&ifaces, iface->name);
1023 if (!port->n_ifaces) {
1024 VLOG_ERR("%s port has no interfaces, dropping", port->name);
1030 svec_destroy(&ifaces);
1032 /* Delete all flows if we're switching from connected to standalone or vice
1033 * versa. (XXX Should we delete all flows if we are switching from one
1034 * controller to another?) */
1036 /* Configure OpenFlow management listeners. */
1037 svec_init(&listeners);
1038 cfg_get_all_strings(&listeners, "bridge.%s.openflow.listeners", br->name);
1040 svec_add_nocopy(&listeners, xasprintf("punix:%s/%s.mgmt",
1041 ovs_rundir, br->name));
1042 } else if (listeners.n == 1 && !strcmp(listeners.names[0], "none")) {
1043 svec_clear(&listeners);
1045 svec_sort_unique(&listeners);
1047 svec_init(&old_listeners);
1048 ofproto_get_listeners(br->ofproto, &old_listeners);
1049 svec_sort_unique(&old_listeners);
1051 if (!svec_equal(&listeners, &old_listeners)) {
1052 ofproto_set_listeners(br->ofproto, &listeners);
1054 svec_destroy(&listeners);
1055 svec_destroy(&old_listeners);
1057 /* Configure OpenFlow controller connection snooping. */
1059 cfg_get_all_strings(&snoops, "bridge.%s.openflow.snoops", br->name);
1061 svec_add_nocopy(&snoops, xasprintf("punix:%s/%s.snoop",
1062 ovs_rundir, br->name));
1063 } else if (snoops.n == 1 && !strcmp(snoops.names[0], "none")) {
1064 svec_clear(&snoops);
1066 svec_sort_unique(&snoops);
1068 svec_init(&old_snoops);
1069 ofproto_get_snoops(br->ofproto, &old_snoops);
1070 svec_sort_unique(&old_snoops);
1072 if (!svec_equal(&snoops, &old_snoops)) {
1073 ofproto_set_snoops(br->ofproto, &snoops);
1075 svec_destroy(&snoops);
1076 svec_destroy(&old_snoops);
1078 mirror_reconfigure(br);
1082 bridge_reconfigure_controller(struct bridge *br)
1084 char *pfx = xasprintf("bridge.%s.controller", br->name);
1085 const char *controller;
1087 controller = bridge_get_controller(br);
1088 if ((br->controller != NULL) != (controller != NULL)) {
1089 ofproto_flush_flows(br->ofproto);
1091 free(br->controller);
1092 br->controller = controller ? xstrdup(controller) : NULL;
1095 const char *fail_mode;
1096 int max_backoff, probe;
1097 int rate_limit, burst_limit;
1099 if (!strcmp(controller, "discover")) {
1100 bool update_resolv_conf = true;
1102 if (cfg_has("%s.update-resolv.conf", pfx)) {
1103 update_resolv_conf = cfg_get_bool(0, "%s.update-resolv.conf",
1106 ofproto_set_discovery(br->ofproto, true,
1107 cfg_get_string(0, "%s.accept-regex", pfx),
1108 update_resolv_conf);
1110 char local_name[IF_NAMESIZE];
1111 struct netdev *netdev;
1115 in_band = (!cfg_is_valid(CFG_BOOL | CFG_REQUIRED,
1117 || cfg_get_bool(0, "%s.in-band", pfx));
1118 ofproto_set_discovery(br->ofproto, false, NULL, NULL);
1119 ofproto_set_in_band(br->ofproto, in_band);
1121 error = dpif_port_get_name(br->dpif, ODPP_LOCAL,
1122 local_name, sizeof local_name);
1124 error = netdev_open(local_name, NETDEV_ETH_TYPE_NONE, &netdev);
1127 if (cfg_is_valid(CFG_IP | CFG_REQUIRED, "%s.ip", pfx)) {
1128 struct in_addr ip, mask, gateway;
1129 ip.s_addr = cfg_get_ip(0, "%s.ip", pfx);
1130 mask.s_addr = cfg_get_ip(0, "%s.netmask", pfx);
1131 gateway.s_addr = cfg_get_ip(0, "%s.gateway", pfx);
1133 netdev_turn_flags_on(netdev, NETDEV_UP, true);
1135 mask.s_addr = guess_netmask(ip.s_addr);
1137 if (!netdev_set_in4(netdev, ip, mask)) {
1138 VLOG_INFO("bridge %s: configured IP address "IP_FMT", "
1140 br->name, IP_ARGS(&ip.s_addr),
1141 IP_ARGS(&mask.s_addr));
1144 if (gateway.s_addr) {
1145 if (!netdev_add_router(gateway)) {
1146 VLOG_INFO("bridge %s: configured gateway "IP_FMT,
1147 br->name, IP_ARGS(&gateway.s_addr));
1151 netdev_close(netdev);
1155 fail_mode = cfg_get_string(0, "%s.fail-mode", pfx);
1157 fail_mode = cfg_get_string(0, "mgmt.fail-mode");
1159 ofproto_set_failure(br->ofproto,
1161 || !strcmp(fail_mode, "standalone")
1162 || !strcmp(fail_mode, "open")));
1164 probe = cfg_get_int(0, "%s.inactivity-probe", pfx);
1166 probe = cfg_get_int(0, "mgmt.inactivity-probe");
1171 ofproto_set_probe_interval(br->ofproto, probe);
1173 max_backoff = cfg_get_int(0, "%s.max-backoff", pfx);
1175 max_backoff = cfg_get_int(0, "mgmt.max-backoff");
1180 ofproto_set_max_backoff(br->ofproto, max_backoff);
1182 rate_limit = cfg_get_int(0, "%s.rate-limit", pfx);
1184 rate_limit = cfg_get_int(0, "mgmt.rate-limit");
1186 burst_limit = cfg_get_int(0, "%s.burst-limit", pfx);
1188 burst_limit = cfg_get_int(0, "mgmt.burst-limit");
1190 ofproto_set_rate_limit(br->ofproto, rate_limit, burst_limit);
1192 ofproto_set_stp(br->ofproto, cfg_get_bool(0, "%s.stp", pfx));
1194 if (cfg_has("%s.commands.acl", pfx)) {
1195 struct svec command_acls;
1198 svec_init(&command_acls);
1199 cfg_get_all_strings(&command_acls, "%s.commands.acl", pfx);
1200 command_acl = svec_join(&command_acls, ",", "");
1202 ofproto_set_remote_execution(br->ofproto, command_acl,
1203 cfg_get_string(0, "%s.commands.dir",
1206 svec_destroy(&command_acls);
1209 ofproto_set_remote_execution(br->ofproto, NULL, NULL);
1212 union ofp_action action;
1215 /* Set up a flow that matches every packet and directs them to
1216 * OFPP_NORMAL (which goes to us). */
1217 memset(&action, 0, sizeof action);
1218 action.type = htons(OFPAT_OUTPUT);
1219 action.output.len = htons(sizeof action);
1220 action.output.port = htons(OFPP_NORMAL);
1221 memset(&flow, 0, sizeof flow);
1222 ofproto_add_flow(br->ofproto, &flow, OFPFW_ALL, 0,
1225 ofproto_set_in_band(br->ofproto, false);
1226 ofproto_set_max_backoff(br->ofproto, 1);
1227 ofproto_set_probe_interval(br->ofproto, 5);
1228 ofproto_set_failure(br->ofproto, false);
1229 ofproto_set_stp(br->ofproto, false);
1233 ofproto_set_controller(br->ofproto, br->controller);
1237 bridge_get_all_ifaces(const struct bridge *br, struct svec *ifaces)
1242 for (i = 0; i < br->n_ports; i++) {
1243 struct port *port = br->ports[i];
1244 for (j = 0; j < port->n_ifaces; j++) {
1245 struct iface *iface = port->ifaces[j];
1246 svec_add(ifaces, iface->name);
1250 assert(svec_is_unique(ifaces));
1253 /* For robustness, in case the administrator moves around datapath ports behind
1254 * our back, we re-check all the datapath port numbers here.
1256 * This function will set the 'dp_ifidx' members of interfaces that have
1257 * disappeared to -1, so only call this function from a context where those
1258 * 'struct iface's will be removed from the bridge. Otherwise, the -1
1259 * 'dp_ifidx'es will cause trouble later when we try to send them to the
1260 * datapath, which doesn't support UINT16_MAX+1 ports. */
1262 bridge_fetch_dp_ifaces(struct bridge *br)
1264 struct odp_port *dpif_ports;
1265 size_t n_dpif_ports;
1268 /* Reset all interface numbers. */
1269 for (i = 0; i < br->n_ports; i++) {
1270 struct port *port = br->ports[i];
1271 for (j = 0; j < port->n_ifaces; j++) {
1272 struct iface *iface = port->ifaces[j];
1273 iface->dp_ifidx = -1;
1276 port_array_clear(&br->ifaces);
1278 dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports);
1279 for (i = 0; i < n_dpif_ports; i++) {
1280 struct odp_port *p = &dpif_ports[i];
1281 struct iface *iface = iface_lookup(br, p->devname);
1283 if (iface->dp_ifidx >= 0) {
1284 VLOG_WARN("%s reported interface %s twice",
1285 dpif_name(br->dpif), p->devname);
1286 } else if (iface_from_dp_ifidx(br, p->port)) {
1287 VLOG_WARN("%s reported interface %"PRIu16" twice",
1288 dpif_name(br->dpif), p->port);
1290 port_array_set(&br->ifaces, p->port, iface);
1291 iface->dp_ifidx = p->port;
1298 /* Bridge packet processing functions. */
1301 bond_hash(const uint8_t mac[ETH_ADDR_LEN])
1303 return hash_bytes(mac, ETH_ADDR_LEN, 0) & BOND_MASK;
1306 static struct bond_entry *
1307 lookup_bond_entry(const struct port *port, const uint8_t mac[ETH_ADDR_LEN])
1309 return &port->bond_hash[bond_hash(mac)];
1313 bond_choose_iface(const struct port *port)
1316 for (i = 0; i < port->n_ifaces; i++) {
1317 if (port->ifaces[i]->enabled) {
1325 choose_output_iface(const struct port *port, const uint8_t *dl_src,
1326 uint16_t *dp_ifidx, tag_type *tags)
1328 struct iface *iface;
1330 assert(port->n_ifaces);
1331 if (port->n_ifaces == 1) {
1332 iface = port->ifaces[0];
1334 struct bond_entry *e = lookup_bond_entry(port, dl_src);
1335 if (e->iface_idx < 0 || e->iface_idx >= port->n_ifaces
1336 || !port->ifaces[e->iface_idx]->enabled) {
1337 /* XXX select interface properly. The current interface selection
1338 * is only good for testing the rebalancing code. */
1339 e->iface_idx = bond_choose_iface(port);
1340 if (e->iface_idx < 0) {
1341 *tags |= port->no_ifaces_tag;
1344 e->iface_tag = tag_create_random();
1346 *tags |= e->iface_tag;
1347 iface = port->ifaces[e->iface_idx];
1349 *dp_ifidx = iface->dp_ifidx;
1350 *tags |= iface->tag; /* Currently only used for bonding. */
1355 bond_link_status_update(struct iface *iface, bool carrier)
1357 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
1358 struct port *port = iface->port;
1360 if ((carrier == iface->enabled) == (iface->delay_expires == LLONG_MAX)) {
1361 /* Nothing to do. */
1364 VLOG_INFO_RL(&rl, "interface %s: carrier %s",
1365 iface->name, carrier ? "detected" : "dropped");
1366 if (carrier == iface->enabled) {
1367 iface->delay_expires = LLONG_MAX;
1368 VLOG_INFO_RL(&rl, "interface %s: will not be %s",
1369 iface->name, carrier ? "disabled" : "enabled");
1370 } else if (carrier && port->updelay && port->active_iface < 0) {
1371 iface->delay_expires = time_msec();
1372 VLOG_INFO_RL(&rl, "interface %s: skipping %d ms updelay since no "
1373 "other interface is up", iface->name, port->updelay);
1375 int delay = carrier ? port->updelay : port->downdelay;
1376 iface->delay_expires = time_msec() + delay;
1379 "interface %s: will be %s if it stays %s for %d ms",
1381 carrier ? "enabled" : "disabled",
1382 carrier ? "up" : "down",
1389 bond_choose_active_iface(struct port *port)
1391 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20);
1393 port->active_iface = bond_choose_iface(port);
1394 port->active_iface_tag = tag_create_random();
1395 if (port->active_iface >= 0) {
1396 VLOG_INFO_RL(&rl, "port %s: active interface is now %s",
1397 port->name, port->ifaces[port->active_iface]->name);
1399 VLOG_WARN_RL(&rl, "port %s: all ports disabled, no active interface",
1405 bond_enable_slave(struct iface *iface, bool enable)
1407 struct port *port = iface->port;
1408 struct bridge *br = port->bridge;
1410 iface->delay_expires = LLONG_MAX;
1411 if (enable == iface->enabled) {
1415 iface->enabled = enable;
1416 if (!iface->enabled) {
1417 VLOG_WARN("interface %s: disabled", iface->name);
1418 ofproto_revalidate(br->ofproto, iface->tag);
1419 if (iface->port_ifidx == port->active_iface) {
1420 ofproto_revalidate(br->ofproto,
1421 port->active_iface_tag);
1422 bond_choose_active_iface(port);
1424 bond_send_learning_packets(port);
1426 VLOG_WARN("interface %s: enabled", iface->name);
1427 if (port->active_iface < 0) {
1428 ofproto_revalidate(br->ofproto, port->no_ifaces_tag);
1429 bond_choose_active_iface(port);
1430 bond_send_learning_packets(port);
1432 iface->tag = tag_create_random();
1437 bond_run(struct bridge *br)
1441 for (i = 0; i < br->n_ports; i++) {
1442 struct port *port = br->ports[i];
1443 if (port->n_ifaces < 2) {
1446 for (j = 0; j < port->n_ifaces; j++) {
1447 struct iface *iface = port->ifaces[j];
1448 if (time_msec() >= iface->delay_expires) {
1449 bond_enable_slave(iface, !iface->enabled);
1456 bond_wait(struct bridge *br)
1460 for (i = 0; i < br->n_ports; i++) {
1461 struct port *port = br->ports[i];
1462 if (port->n_ifaces < 2) {
1465 for (j = 0; j < port->n_ifaces; j++) {
1466 struct iface *iface = port->ifaces[j];
1467 if (iface->delay_expires != LLONG_MAX) {
1468 poll_timer_wait(iface->delay_expires - time_msec());
1475 set_dst(struct dst *p, const flow_t *flow,
1476 const struct port *in_port, const struct port *out_port,
1481 * XXX This uses too many tags: any broadcast flow will get one tag per
1482 * destination port, and thus a broadcast on a switch of any size is likely
1483 * to have all tag bits set. We should figure out a way to be smarter.
1485 * This is OK when STP is disabled, because stp_state_tag is 0 then. */
1486 *tags |= out_port->stp_state_tag;
1487 if (!(out_port->stp_state & (STP_DISABLED | STP_FORWARDING))) {
1491 p->vlan = (out_port->vlan >= 0 ? OFP_VLAN_NONE
1492 : in_port->vlan >= 0 ? in_port->vlan
1493 : ntohs(flow->dl_vlan));
1494 return choose_output_iface(out_port, flow->dl_src, &p->dp_ifidx, tags);
1498 swap_dst(struct dst *p, struct dst *q)
1500 struct dst tmp = *p;
1505 /* Moves all the dsts with vlan == 'vlan' to the front of the 'n_dsts' in
1506 * 'dsts'. (This may help performance by reducing the number of VLAN changes
1507 * that we push to the datapath. We could in fact fully sort the array by
1508 * vlan, but in most cases there are at most two different vlan tags so that's
1509 * possibly overkill.) */
1511 partition_dsts(struct dst *dsts, size_t n_dsts, int vlan)
1513 struct dst *first = dsts;
1514 struct dst *last = dsts + n_dsts;
1516 while (first != last) {
1518 * - All dsts < first have vlan == 'vlan'.
1519 * - All dsts >= last have vlan != 'vlan'.
1520 * - first < last. */
1521 while (first->vlan == vlan) {
1522 if (++first == last) {
1527 /* Same invariants, plus one additional:
1528 * - first->vlan != vlan.
1530 while (last[-1].vlan != vlan) {
1531 if (--last == first) {
1536 /* Same invariants, plus one additional:
1537 * - last[-1].vlan == vlan.*/
1538 swap_dst(first++, --last);
1543 mirror_mask_ffs(mirror_mask_t mask)
1545 BUILD_ASSERT_DECL(sizeof(unsigned int) >= sizeof(mask));
1550 dst_is_duplicate(const struct dst *dsts, size_t n_dsts,
1551 const struct dst *test)
1554 for (i = 0; i < n_dsts; i++) {
1555 if (dsts[i].vlan == test->vlan && dsts[i].dp_ifidx == test->dp_ifidx) {
1563 port_trunks_vlan(const struct port *port, uint16_t vlan)
1565 return port->vlan < 0 && bitmap_is_set(port->trunks, vlan);
1569 port_includes_vlan(const struct port *port, uint16_t vlan)
1571 return vlan == port->vlan || port_trunks_vlan(port, vlan);
1575 compose_dsts(const struct bridge *br, const flow_t *flow, uint16_t vlan,
1576 const struct port *in_port, const struct port *out_port,
1577 struct dst dsts[], tag_type *tags)
1579 mirror_mask_t mirrors = in_port->src_mirrors;
1580 struct dst *dst = dsts;
1583 *tags |= in_port->stp_state_tag;
1584 if (out_port == FLOOD_PORT) {
1585 /* XXX use ODP_FLOOD if no vlans or bonding. */
1586 /* XXX even better, define each VLAN as a datapath port group */
1587 for (i = 0; i < br->n_ports; i++) {
1588 struct port *port = br->ports[i];
1589 if (port != in_port && port_includes_vlan(port, vlan)
1590 && !port->is_mirror_output_port
1591 && set_dst(dst, flow, in_port, port, tags)) {
1592 mirrors |= port->dst_mirrors;
1596 } else if (out_port && set_dst(dst, flow, in_port, out_port, tags)) {
1597 mirrors |= out_port->dst_mirrors;
1602 struct mirror *m = br->mirrors[mirror_mask_ffs(mirrors) - 1];
1603 if (!m->n_vlans || vlan_is_mirrored(m, vlan)) {
1605 if (set_dst(dst, flow, in_port, m->out_port, tags)
1606 && !dst_is_duplicate(dsts, dst - dsts, dst)) {
1610 for (i = 0; i < br->n_ports; i++) {
1611 struct port *port = br->ports[i];
1612 if (port_includes_vlan(port, m->out_vlan)
1613 && set_dst(dst, flow, in_port, port, tags)
1614 && !dst_is_duplicate(dsts, dst - dsts, dst))
1616 if (port->vlan < 0) {
1617 dst->vlan = m->out_vlan;
1619 if (dst->dp_ifidx == flow->in_port
1620 && dst->vlan == vlan) {
1621 /* Don't send out input port on same VLAN. */
1629 mirrors &= mirrors - 1;
1632 partition_dsts(dsts, dst - dsts, ntohs(flow->dl_vlan));
1637 print_dsts(const struct dst *dsts, size_t n)
1639 for (; n--; dsts++) {
1640 printf(">p%"PRIu16, dsts->dp_ifidx);
1641 if (dsts->vlan != OFP_VLAN_NONE) {
1642 printf("v%"PRIu16, dsts->vlan);
1648 compose_actions(struct bridge *br, const flow_t *flow, uint16_t vlan,
1649 const struct port *in_port, const struct port *out_port,
1650 tag_type *tags, struct odp_actions *actions)
1652 struct dst dsts[DP_MAX_PORTS * (MAX_MIRRORS + 1)];
1654 const struct dst *p;
1657 n_dsts = compose_dsts(br, flow, vlan, in_port, out_port, dsts, tags);
1659 cur_vlan = ntohs(flow->dl_vlan);
1660 for (p = dsts; p < &dsts[n_dsts]; p++) {
1661 union odp_action *a;
1662 if (p->vlan != cur_vlan) {
1663 if (p->vlan == OFP_VLAN_NONE) {
1664 odp_actions_add(actions, ODPAT_STRIP_VLAN);
1666 a = odp_actions_add(actions, ODPAT_SET_VLAN_VID);
1667 a->vlan_vid.vlan_vid = htons(p->vlan);
1671 a = odp_actions_add(actions, ODPAT_OUTPUT);
1672 a->output.port = p->dp_ifidx;
1677 is_bcast_arp_reply(const flow_t *flow, const struct ofpbuf *packet)
1679 struct arp_eth_header *arp = (struct arp_eth_header *) packet->data;
1680 return (flow->dl_type == htons(ETH_TYPE_ARP)
1681 && eth_addr_is_broadcast(flow->dl_dst)
1682 && packet->size >= sizeof(struct arp_eth_header)
1683 && arp->ar_op == ARP_OP_REQUEST);
1686 /* If the composed actions may be applied to any packet in the given 'flow',
1687 * returns true. Otherwise, the actions should only be applied to 'packet', or
1688 * not at all, if 'packet' was NULL. */
1690 process_flow(struct bridge *br, const flow_t *flow,
1691 const struct ofpbuf *packet, struct odp_actions *actions,
1694 struct iface *in_iface;
1695 struct port *in_port;
1696 struct port *out_port = NULL; /* By default, drop the packet/flow. */
1699 /* Find the interface and port structure for the received packet. */
1700 in_iface = iface_from_dp_ifidx(br, flow->in_port);
1702 /* No interface? Something fishy... */
1703 if (packet != NULL) {
1704 /* Odd. A few possible reasons here:
1706 * - We deleted an interface but there are still a few packets
1707 * queued up from it.
1709 * - Someone externally added an interface (e.g. with "ovs-dpctl
1710 * add-if") that we don't know about.
1712 * - Packet arrived on the local port but the local port is not
1713 * one of our bridge ports.
1715 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1717 VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown "
1718 "interface %"PRIu16, br->name, flow->in_port);
1721 /* Return without adding any actions, to drop packets on this flow. */
1724 in_port = in_iface->port;
1726 /* Figure out what VLAN this packet belongs to.
1728 * Note that dl_vlan of 0 and of OFP_VLAN_NONE both mean that the packet
1729 * belongs to VLAN 0, so we should treat both cases identically. (In the
1730 * former case, the packet has an 802.1Q header that specifies VLAN 0,
1731 * presumably to allow a priority to be specified. In the latter case, the
1732 * packet does not have any 802.1Q header.) */
1733 vlan = ntohs(flow->dl_vlan);
1734 if (vlan == OFP_VLAN_NONE) {
1737 if (in_port->vlan >= 0) {
1739 /* XXX support double tagging? */
1740 if (packet != NULL) {
1741 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1742 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %"PRIu16" tagged "
1743 "packet received on port %s configured with "
1744 "implicit VLAN %"PRIu16,
1745 br->name, ntohs(flow->dl_vlan),
1746 in_port->name, in_port->vlan);
1750 vlan = in_port->vlan;
1752 if (!port_includes_vlan(in_port, vlan)) {
1753 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1754 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
1755 "packet received on port %s not configured for "
1757 br->name, vlan, in_port->name, vlan);
1762 /* Drop frames for ports that STP wants entirely killed (both for
1763 * forwarding and for learning). Later, after we do learning, we'll drop
1764 * the frames that STP wants to do learning but not forwarding on. */
1765 if (in_port->stp_state & (STP_LISTENING | STP_BLOCKING)) {
1769 /* Drop frames for reserved multicast addresses. */
1770 if (eth_addr_is_reserved(flow->dl_dst)) {
1774 /* Drop frames on ports reserved for mirroring. */
1775 if (in_port->is_mirror_output_port) {
1776 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1777 VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port %s, "
1778 "which is reserved exclusively for mirroring",
1779 br->name, in_port->name);
1783 /* Multicast (and broadcast) packets on bonds need special attention, to
1784 * avoid receiving duplicates. */
1785 if (in_port->n_ifaces > 1 && eth_addr_is_multicast(flow->dl_dst)) {
1786 *tags |= in_port->active_iface_tag;
1787 if (in_port->active_iface != in_iface->port_ifidx) {
1788 /* Drop all multicast packets on inactive slaves. */
1791 /* Drop all multicast packets for which we have learned a different
1792 * input port, because we probably sent the packet on one slaves
1793 * and got it back on the active slave. Broadcast ARP replies are
1794 * an exception to this rule: the host has moved to another
1796 int src_idx = mac_learning_lookup(br->ml, flow->dl_src, vlan);
1797 if (src_idx != -1 && src_idx != in_port->port_idx) {
1799 if (!is_bcast_arp_reply(flow, packet)) {
1803 /* No way to know whether it's an ARP reply, because the
1804 * flow entry doesn't include enough information and we
1805 * don't have a packet. Punt. */
1813 out_port = FLOOD_PORT;
1817 /* Learn source MAC (but don't try to learn from revalidation). */
1819 tag_type rev_tag = mac_learning_learn(br->ml, flow->dl_src,
1820 vlan, in_port->port_idx);
1822 /* The log messages here could actually be useful in debugging,
1823 * so keep the rate limit relatively high. */
1824 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30,
1826 VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is "
1827 "on port %s in VLAN %d",
1828 br->name, ETH_ADDR_ARGS(flow->dl_src),
1829 in_port->name, vlan);
1830 ofproto_revalidate(br->ofproto, rev_tag);
1834 /* Determine output port. */
1835 out_port_idx = mac_learning_lookup_tag(br->ml, flow->dl_dst, vlan,
1837 if (out_port_idx >= 0 && out_port_idx < br->n_ports) {
1838 out_port = br->ports[out_port_idx];
1842 /* Don't send packets out their input ports. Don't forward frames that STP
1843 * wants us to discard. */
1844 if (in_port == out_port || in_port->stp_state == STP_LEARNING) {
1849 compose_actions(br, flow, vlan, in_port, out_port, tags, actions);
1852 * We send out only a single packet, instead of setting up a flow, if the
1853 * packet is an ARP directed to broadcast that arrived on a bonded
1854 * interface. In such a situation ARP requests and replies must be handled
1855 * differently, but OpenFlow unfortunately can't distinguish them.
1857 return (in_port->n_ifaces < 2
1858 || flow->dl_type != htons(ETH_TYPE_ARP)
1859 || !eth_addr_is_broadcast(flow->dl_dst));
1862 /* Careful: 'opp' is in host byte order and opp->port_no is an OFP port
1865 bridge_port_changed_ofhook_cb(enum ofp_port_reason reason,
1866 const struct ofp_phy_port *opp,
1869 struct bridge *br = br_;
1870 struct iface *iface;
1873 iface = iface_from_dp_ifidx(br, ofp_port_to_odp_port(opp->port_no));
1879 if (reason == OFPPR_DELETE) {
1880 VLOG_WARN("bridge %s: interface %s deleted unexpectedly",
1881 br->name, iface->name);
1882 iface_destroy(iface);
1883 if (!port->n_ifaces) {
1884 VLOG_WARN("bridge %s: port %s has no interfaces, dropping",
1885 br->name, port->name);
1891 memcpy(iface->mac, opp->hw_addr, ETH_ADDR_LEN);
1892 if (port->n_ifaces > 1) {
1893 bool up = !(opp->state & OFPPS_LINK_DOWN);
1894 bond_link_status_update(iface, up);
1895 port_update_bond_compat(port);
1901 bridge_normal_ofhook_cb(const flow_t *flow, const struct ofpbuf *packet,
1902 struct odp_actions *actions, tag_type *tags, void *br_)
1904 struct bridge *br = br_;
1907 if (flow->dl_type == htons(OFP_DL_TYPE_NOT_ETH_TYPE)
1908 && eth_addr_equals(flow->dl_dst, stp_eth_addr)) {
1909 brstp_receive(br, flow, payload);
1914 COVERAGE_INC(bridge_process_flow);
1915 return process_flow(br, flow, packet, actions, tags);
1919 bridge_account_flow_ofhook_cb(const flow_t *flow,
1920 const union odp_action *actions,
1921 size_t n_actions, unsigned long long int n_bytes,
1924 struct bridge *br = br_;
1925 const union odp_action *a;
1927 if (!br->has_bonded_ports) {
1931 for (a = actions; a < &actions[n_actions]; a++) {
1932 if (a->type == ODPAT_OUTPUT) {
1933 struct port *port = port_from_dp_ifidx(br, a->output.port);
1934 if (port && port->n_ifaces >= 2) {
1935 struct bond_entry *e = lookup_bond_entry(port, flow->dl_src);
1936 e->tx_bytes += n_bytes;
1943 bridge_account_checkpoint_ofhook_cb(void *br_)
1945 struct bridge *br = br_;
1948 if (!br->has_bonded_ports) {
1952 /* The current ofproto implementation calls this callback at least once a
1953 * second, so this timer implementation is sufficient. */
1954 if (time_msec() < br->bond_next_rebalance) {
1957 br->bond_next_rebalance = time_msec() + 10000;
1959 for (i = 0; i < br->n_ports; i++) {
1960 struct port *port = br->ports[i];
1961 if (port->n_ifaces > 1) {
1962 bond_rebalance_port(port);
1967 static struct ofhooks bridge_ofhooks = {
1968 bridge_port_changed_ofhook_cb,
1969 bridge_normal_ofhook_cb,
1970 bridge_account_flow_ofhook_cb,
1971 bridge_account_checkpoint_ofhook_cb,
1974 /* Bonding functions. */
1976 /* Statistics for a single interface on a bonded port, used for load-based
1977 * bond rebalancing. */
1978 struct slave_balance {
1979 struct iface *iface; /* The interface. */
1980 uint64_t tx_bytes; /* Sum of hashes[*]->tx_bytes. */
1982 /* All the "bond_entry"s that are assigned to this interface, in order of
1983 * increasing tx_bytes. */
1984 struct bond_entry **hashes;
1988 /* Sorts pointers to pointers to bond_entries in ascending order by the
1989 * interface to which they are assigned, and within a single interface in
1990 * ascending order of bytes transmitted. */
1992 compare_bond_entries(const void *a_, const void *b_)
1994 const struct bond_entry *const *ap = a_;
1995 const struct bond_entry *const *bp = b_;
1996 const struct bond_entry *a = *ap;
1997 const struct bond_entry *b = *bp;
1998 if (a->iface_idx != b->iface_idx) {
1999 return a->iface_idx > b->iface_idx ? 1 : -1;
2000 } else if (a->tx_bytes != b->tx_bytes) {
2001 return a->tx_bytes > b->tx_bytes ? 1 : -1;
2007 /* Sorts slave_balances so that enabled ports come first, and otherwise in
2008 * *descending* order by number of bytes transmitted. */
2010 compare_slave_balance(const void *a_, const void *b_)
2012 const struct slave_balance *a = a_;
2013 const struct slave_balance *b = b_;
2014 if (a->iface->enabled != b->iface->enabled) {
2015 return a->iface->enabled ? -1 : 1;
2016 } else if (a->tx_bytes != b->tx_bytes) {
2017 return a->tx_bytes > b->tx_bytes ? -1 : 1;
2024 swap_bals(struct slave_balance *a, struct slave_balance *b)
2026 struct slave_balance tmp = *a;
2031 /* Restores the 'n_bals' slave_balance structures in 'bals' to sorted order
2032 * given that 'p' (and only 'p') might be in the wrong location.
2034 * This function invalidates 'p', since it might now be in a different memory
2037 resort_bals(struct slave_balance *p,
2038 struct slave_balance bals[], size_t n_bals)
2041 for (; p > bals && p->tx_bytes > p[-1].tx_bytes; p--) {
2042 swap_bals(p, p - 1);
2044 for (; p < &bals[n_bals - 1] && p->tx_bytes < p[1].tx_bytes; p++) {
2045 swap_bals(p, p + 1);
2051 log_bals(const struct slave_balance *bals, size_t n_bals, struct port *port)
2053 if (VLOG_IS_DBG_ENABLED()) {
2054 struct ds ds = DS_EMPTY_INITIALIZER;
2055 const struct slave_balance *b;
2057 for (b = bals; b < bals + n_bals; b++) {
2061 ds_put_char(&ds, ',');
2063 ds_put_format(&ds, " %s %"PRIu64"kB",
2064 b->iface->name, b->tx_bytes / 1024);
2066 if (!b->iface->enabled) {
2067 ds_put_cstr(&ds, " (disabled)");
2069 if (b->n_hashes > 0) {
2070 ds_put_cstr(&ds, " (");
2071 for (i = 0; i < b->n_hashes; i++) {
2072 const struct bond_entry *e = b->hashes[i];
2074 ds_put_cstr(&ds, " + ");
2076 ds_put_format(&ds, "h%td: %"PRIu64"kB",
2077 e - port->bond_hash, e->tx_bytes / 1024);
2079 ds_put_cstr(&ds, ")");
2082 VLOG_DBG("bond %s:%s", port->name, ds_cstr(&ds));
2087 /* Shifts 'hash' from 'from' to 'to' within 'port'. */
2089 bond_shift_load(struct slave_balance *from, struct slave_balance *to,
2090 struct bond_entry *hash)
2092 struct port *port = from->iface->port;
2093 uint64_t delta = hash->tx_bytes;
2095 VLOG_INFO("bond %s: shift %"PRIu64"kB of load (with hash %td) "
2096 "from %s to %s (now carrying %"PRIu64"kB and "
2097 "%"PRIu64"kB load, respectively)",
2098 port->name, delta / 1024, hash - port->bond_hash,
2099 from->iface->name, to->iface->name,
2100 (from->tx_bytes - delta) / 1024,
2101 (to->tx_bytes + delta) / 1024);
2103 /* Delete element from from->hashes.
2105 * We don't bother to add the element to to->hashes because not only would
2106 * it require more work, the only purpose it would be to allow that hash to
2107 * be migrated to another slave in this rebalancing run, and there is no
2108 * point in doing that. */
2109 if (from->hashes[0] == hash) {
2112 int i = hash - from->hashes[0];
2113 memmove(from->hashes + i, from->hashes + i + 1,
2114 (from->n_hashes - (i + 1)) * sizeof *from->hashes);
2118 /* Shift load away from 'from' to 'to'. */
2119 from->tx_bytes -= delta;
2120 to->tx_bytes += delta;
2122 /* Arrange for flows to be revalidated. */
2123 ofproto_revalidate(port->bridge->ofproto, hash->iface_tag);
2124 hash->iface_idx = to->iface->port_ifidx;
2125 hash->iface_tag = tag_create_random();
2129 bond_rebalance_port(struct port *port)
2131 struct slave_balance bals[DP_MAX_PORTS];
2133 struct bond_entry *hashes[BOND_MASK + 1];
2134 struct slave_balance *b, *from, *to;
2135 struct bond_entry *e;
2138 /* Sets up 'bals' to describe each of the port's interfaces, sorted in
2139 * descending order of tx_bytes, so that bals[0] represents the most
2140 * heavily loaded slave and bals[n_bals - 1] represents the least heavily
2143 * The code is a bit tricky: to avoid dynamically allocating a 'hashes'
2144 * array for each slave_balance structure, we sort our local array of
2145 * hashes in order by slave, so that all of the hashes for a given slave
2146 * become contiguous in memory, and then we point each 'hashes' members of
2147 * a slave_balance structure to the start of a contiguous group. */
2148 n_bals = port->n_ifaces;
2149 for (b = bals; b < &bals[n_bals]; b++) {
2150 b->iface = port->ifaces[b - bals];
2155 for (i = 0; i <= BOND_MASK; i++) {
2156 hashes[i] = &port->bond_hash[i];
2158 qsort(hashes, BOND_MASK + 1, sizeof *hashes, compare_bond_entries);
2159 for (i = 0; i <= BOND_MASK; i++) {
2161 if (e->iface_idx >= 0 && e->iface_idx < port->n_ifaces) {
2162 b = &bals[e->iface_idx];
2163 b->tx_bytes += e->tx_bytes;
2165 b->hashes = &hashes[i];
2170 qsort(bals, n_bals, sizeof *bals, compare_slave_balance);
2171 log_bals(bals, n_bals, port);
2173 /* Discard slaves that aren't enabled (which were sorted to the back of the
2174 * array earlier). */
2175 while (!bals[n_bals - 1].iface->enabled) {
2182 /* Shift load from the most-loaded slaves to the least-loaded slaves. */
2183 to = &bals[n_bals - 1];
2184 for (from = bals; from < to; ) {
2185 uint64_t overload = from->tx_bytes - to->tx_bytes;
2186 if (overload < to->tx_bytes >> 5 || overload < 100000) {
2187 /* The extra load on 'from' (and all less-loaded slaves), compared
2188 * to that of 'to' (the least-loaded slave), is less than ~3%, or
2189 * it is less than ~1Mbps. No point in rebalancing. */
2191 } else if (from->n_hashes == 1) {
2192 /* 'from' only carries a single MAC hash, so we can't shift any
2193 * load away from it, even though we want to. */
2196 /* 'from' is carrying significantly more load than 'to', and that
2197 * load is split across at least two different hashes. Pick a hash
2198 * to migrate to 'to' (the least-loaded slave), given that doing so
2199 * must not cause 'to''s load to exceed 'from''s load.
2201 * The sort order we use means that we prefer to shift away the
2202 * smallest hashes instead of the biggest ones. There is little
2203 * reason behind this decision; we could use the opposite sort
2204 * order to shift away big hashes ahead of small ones. */
2207 for (i = 0; i < from->n_hashes; i++) {
2208 uint64_t delta = from->hashes[i]->tx_bytes;
2209 if (to->tx_bytes + delta < from->tx_bytes - delta) {
2213 if (i < from->n_hashes) {
2214 bond_shift_load(from, to, from->hashes[i]);
2216 /* Re-sort 'bals'. Note that this may make 'from' and 'to'
2217 * point to different slave_balance structures. It is only
2218 * valid to do these two operations in a row at all because we
2219 * know that 'from' will not move past 'to' and vice versa. */
2220 resort_bals(from, bals, n_bals);
2221 resort_bals(to, bals, n_bals);
2228 /* Implement exponentially weighted moving average. A weight of 1/2 causes
2229 * historical data to decay to <1% in 7 rebalancing runs. */
2230 for (e = &port->bond_hash[0]; e <= &port->bond_hash[BOND_MASK]; e++) {
2236 bond_send_learning_packets(struct port *port)
2238 struct bridge *br = port->bridge;
2239 struct mac_entry *e;
2240 struct ofpbuf packet;
2241 int error, n_packets, n_errors;
2243 if (!port->n_ifaces || port->active_iface < 0 || !br->ml) {
2247 ofpbuf_init(&packet, 128);
2248 error = n_packets = n_errors = 0;
2249 LIST_FOR_EACH (e, struct mac_entry, lru_node, &br->ml->lrus) {
2250 static const char s[] = "Open vSwitch Bond Failover";
2251 union ofp_action actions[2], *a;
2252 struct eth_header *eth;
2253 struct llc_snap_header *llc_snap;
2259 if (e->port == port->port_idx
2260 || !choose_output_iface(port, e->mac, &dp_ifidx, &tags)) {
2264 /* Compose packet to send. */
2265 ofpbuf_clear(&packet);
2266 eth = ofpbuf_put_zeros(&packet, ETH_HEADER_LEN);
2267 llc_snap = ofpbuf_put_zeros(&packet, LLC_SNAP_HEADER_LEN);
2268 ofpbuf_put(&packet, s, sizeof s); /* Includes null byte. */
2269 ofpbuf_put(&packet, e->mac, ETH_ADDR_LEN);
2271 memcpy(eth->eth_dst, eth_addr_broadcast, ETH_ADDR_LEN);
2272 memcpy(eth->eth_src, e->mac, ETH_ADDR_LEN);
2273 eth->eth_type = htons(packet.size - ETH_HEADER_LEN);
2275 llc_snap->llc.llc_dsap = LLC_DSAP_SNAP;
2276 llc_snap->llc.llc_ssap = LLC_SSAP_SNAP;
2277 llc_snap->llc.llc_cntl = LLC_CNTL_SNAP;
2278 memcpy(llc_snap->snap.snap_org, "\x00\x23\x20", 3);
2279 llc_snap->snap.snap_type = htons(0xf177); /* Random number. */
2281 /* Compose actions. */
2282 memset(actions, 0, sizeof actions);
2285 a->vlan_vid.type = htons(OFPAT_SET_VLAN_VID);
2286 a->vlan_vid.len = htons(sizeof *a);
2287 a->vlan_vid.vlan_vid = htons(e->vlan);
2290 a->output.type = htons(OFPAT_OUTPUT);
2291 a->output.len = htons(sizeof *a);
2292 a->output.port = htons(odp_port_to_ofp_port(dp_ifidx));
2297 flow_extract(&packet, ODPP_NONE, &flow);
2298 retval = ofproto_send_packet(br->ofproto, &flow, actions, a - actions,
2305 ofpbuf_uninit(&packet);
2308 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2309 VLOG_WARN_RL(&rl, "bond %s: %d errors sending %d gratuitous learning "
2310 "packets, last error was: %s",
2311 port->name, n_errors, n_packets, strerror(error));
2313 VLOG_DBG("bond %s: sent %d gratuitous learning packets",
2314 port->name, n_packets);
2318 /* Bonding unixctl user interface functions. */
2321 bond_unixctl_list(struct unixctl_conn *conn, const char *args UNUSED)
2323 struct ds ds = DS_EMPTY_INITIALIZER;
2324 const struct bridge *br;
2326 ds_put_cstr(&ds, "bridge\tbond\tslaves\n");
2328 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
2331 for (i = 0; i < br->n_ports; i++) {
2332 const struct port *port = br->ports[i];
2333 if (port->n_ifaces > 1) {
2336 ds_put_format(&ds, "%s\t%s\t", br->name, port->name);
2337 for (j = 0; j < port->n_ifaces; j++) {
2338 const struct iface *iface = port->ifaces[j];
2340 ds_put_cstr(&ds, ", ");
2342 ds_put_cstr(&ds, iface->name);
2344 ds_put_char(&ds, '\n');
2348 unixctl_command_reply(conn, 200, ds_cstr(&ds));
2352 static struct port *
2353 bond_find(const char *name)
2355 const struct bridge *br;
2357 LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
2360 for (i = 0; i < br->n_ports; i++) {
2361 struct port *port = br->ports[i];
2362 if (!strcmp(port->name, name) && port->n_ifaces > 1) {
2371 bond_unixctl_show(struct unixctl_conn *conn, const char *args)
2373 struct ds ds = DS_EMPTY_INITIALIZER;
2374 const struct port *port;
2377 port = bond_find(args);
2379 unixctl_command_reply(conn, 501, "no such bond");
2383 ds_put_format(&ds, "updelay: %d ms\n", port->updelay);
2384 ds_put_format(&ds, "downdelay: %d ms\n", port->downdelay);
2385 ds_put_format(&ds, "next rebalance: %lld ms\n",
2386 port->bridge->bond_next_rebalance - time_msec());
2387 for (j = 0; j < port->n_ifaces; j++) {
2388 const struct iface *iface = port->ifaces[j];
2389 struct bond_entry *be;
2392 ds_put_format(&ds, "slave %s: %s\n",
2393 iface->name, iface->enabled ? "enabled" : "disabled");
2394 if (j == port->active_iface) {
2395 ds_put_cstr(&ds, "\tactive slave\n");
2397 if (iface->delay_expires != LLONG_MAX) {
2398 ds_put_format(&ds, "\t%s expires in %lld ms\n",
2399 iface->enabled ? "downdelay" : "updelay",
2400 iface->delay_expires - time_msec());
2404 for (be = port->bond_hash; be <= &port->bond_hash[BOND_MASK]; be++) {
2405 int hash = be - port->bond_hash;
2406 struct mac_entry *me;
2408 if (be->iface_idx != j) {
2412 ds_put_format(&ds, "\thash %d: %lld kB load\n",
2413 hash, be->tx_bytes / 1024);
2416 if (!port->bridge->ml) {
2420 LIST_FOR_EACH (me, struct mac_entry, lru_node,
2421 &port->bridge->ml->lrus) {
2424 if (bond_hash(me->mac) == hash
2425 && me->port != port->port_idx
2426 && choose_output_iface(port, me->mac, &dp_ifidx, &tags)
2427 && dp_ifidx == iface->dp_ifidx)
2429 ds_put_format(&ds, "\t\t"ETH_ADDR_FMT"\n",
2430 ETH_ADDR_ARGS(me->mac));
2435 unixctl_command_reply(conn, 200, ds_cstr(&ds));
2440 bond_unixctl_migrate(struct unixctl_conn *conn, const char *args_)
2442 char *args = (char *) args_;
2443 char *save_ptr = NULL;
2444 char *bond_s, *hash_s, *slave_s;
2445 uint8_t mac[ETH_ADDR_LEN];
2447 struct iface *iface;
2448 struct bond_entry *entry;
2451 bond_s = strtok_r(args, " ", &save_ptr);
2452 hash_s = strtok_r(NULL, " ", &save_ptr);
2453 slave_s = strtok_r(NULL, " ", &save_ptr);
2455 unixctl_command_reply(conn, 501,
2456 "usage: bond/migrate BOND HASH SLAVE");
2460 port = bond_find(bond_s);
2462 unixctl_command_reply(conn, 501, "no such bond");
2466 if (sscanf(hash_s, ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))
2467 == ETH_ADDR_SCAN_COUNT) {
2468 hash = bond_hash(mac);
2469 } else if (strspn(hash_s, "0123456789") == strlen(hash_s)) {
2470 hash = atoi(hash_s) & BOND_MASK;
2472 unixctl_command_reply(conn, 501, "bad hash");
2476 iface = port_lookup_iface(port, slave_s);
2478 unixctl_command_reply(conn, 501, "no such slave");
2482 if (!iface->enabled) {
2483 unixctl_command_reply(conn, 501, "cannot migrate to disabled slave");
2487 entry = &port->bond_hash[hash];
2488 ofproto_revalidate(port->bridge->ofproto, entry->iface_tag);
2489 entry->iface_idx = iface->port_ifidx;
2490 entry->iface_tag = tag_create_random();
2491 unixctl_command_reply(conn, 200, "migrated");
2495 bond_unixctl_set_active_slave(struct unixctl_conn *conn, const char *args_)
2497 char *args = (char *) args_;
2498 char *save_ptr = NULL;
2499 char *bond_s, *slave_s;
2501 struct iface *iface;
2503 bond_s = strtok_r(args, " ", &save_ptr);
2504 slave_s = strtok_r(NULL, " ", &save_ptr);
2506 unixctl_command_reply(conn, 501,
2507 "usage: bond/set-active-slave BOND SLAVE");
2511 port = bond_find(bond_s);
2513 unixctl_command_reply(conn, 501, "no such bond");
2517 iface = port_lookup_iface(port, slave_s);
2519 unixctl_command_reply(conn, 501, "no such slave");
2523 if (!iface->enabled) {
2524 unixctl_command_reply(conn, 501, "cannot make disabled slave active");
2528 if (port->active_iface != iface->port_ifidx) {
2529 ofproto_revalidate(port->bridge->ofproto, port->active_iface_tag);
2530 port->active_iface = iface->port_ifidx;
2531 port->active_iface_tag = tag_create_random();
2532 VLOG_INFO("port %s: active interface is now %s",
2533 port->name, iface->name);
2534 bond_send_learning_packets(port);
2535 unixctl_command_reply(conn, 200, "done");
2537 unixctl_command_reply(conn, 200, "no change");
2542 enable_slave(struct unixctl_conn *conn, const char *args_, bool enable)
2544 char *args = (char *) args_;
2545 char *save_ptr = NULL;
2546 char *bond_s, *slave_s;
2548 struct iface *iface;
2550 bond_s = strtok_r(args, " ", &save_ptr);
2551 slave_s = strtok_r(NULL, " ", &save_ptr);
2553 unixctl_command_reply(conn, 501,
2554 "usage: bond/enable/disable-slave BOND SLAVE");
2558 port = bond_find(bond_s);
2560 unixctl_command_reply(conn, 501, "no such bond");
2564 iface = port_lookup_iface(port, slave_s);
2566 unixctl_command_reply(conn, 501, "no such slave");
2570 bond_enable_slave(iface, enable);
2571 unixctl_command_reply(conn, 501, enable ? "enabled" : "disabled");
2575 bond_unixctl_enable_slave(struct unixctl_conn *conn, const char *args)
2577 enable_slave(conn, args, true);
2581 bond_unixctl_disable_slave(struct unixctl_conn *conn, const char *args)
2583 enable_slave(conn, args, false);
2589 unixctl_command_register("bond/list", bond_unixctl_list);
2590 unixctl_command_register("bond/show", bond_unixctl_show);
2591 unixctl_command_register("bond/migrate", bond_unixctl_migrate);
2592 unixctl_command_register("bond/set-active-slave",
2593 bond_unixctl_set_active_slave);
2594 unixctl_command_register("bond/enable-slave", bond_unixctl_enable_slave);
2595 unixctl_command_register("bond/disable-slave", bond_unixctl_disable_slave);
2598 /* Port functions. */
2601 port_create(struct bridge *br, const char *name)
2605 port = xcalloc(1, sizeof *port);
2607 port->port_idx = br->n_ports;
2609 port->trunks = NULL;
2610 port->name = xstrdup(name);
2611 port->active_iface = -1;
2612 port->stp_state = STP_DISABLED;
2613 port->stp_state_tag = 0;
2615 if (br->n_ports >= br->allocated_ports) {
2616 br->ports = x2nrealloc(br->ports, &br->allocated_ports,
2619 br->ports[br->n_ports++] = port;
2621 VLOG_INFO("created port %s on bridge %s", port->name, br->name);
2626 port_reconfigure(struct port *port)
2628 bool bonded = cfg_has_section("bonding.%s", port->name);
2629 struct svec old_ifaces, new_ifaces;
2630 unsigned long *trunks;
2634 /* Collect old and new interfaces. */
2635 svec_init(&old_ifaces);
2636 svec_init(&new_ifaces);
2637 for (i = 0; i < port->n_ifaces; i++) {
2638 svec_add(&old_ifaces, port->ifaces[i]->name);
2640 svec_sort(&old_ifaces);
2642 cfg_get_all_keys(&new_ifaces, "bonding.%s.slave", port->name);
2643 if (!new_ifaces.n) {
2644 VLOG_ERR("port %s: no interfaces specified for bonded port",
2646 } else if (new_ifaces.n == 1) {
2647 VLOG_WARN("port %s: only 1 interface specified for bonded port",
2651 port->updelay = cfg_get_int(0, "bonding.%s.updelay", port->name);
2652 if (port->updelay < 0) {
2655 port->downdelay = cfg_get_int(0, "bonding.%s.downdelay", port->name);
2656 if (port->downdelay < 0) {
2657 port->downdelay = 0;
2660 svec_init(&new_ifaces);
2661 svec_add(&new_ifaces, port->name);
2664 /* Get rid of deleted interfaces and add new interfaces. */
2665 for (i = 0; i < port->n_ifaces; i++) {
2666 struct iface *iface = port->ifaces[i];
2667 if (!svec_contains(&new_ifaces, iface->name)) {
2668 iface_destroy(iface);
2673 for (i = 0; i < new_ifaces.n; i++) {
2674 const char *name = new_ifaces.names[i];
2675 if (!svec_contains(&old_ifaces, name)) {
2676 iface_create(port, name);
2682 if (cfg_has("vlan.%s.tag", port->name)) {
2684 vlan = cfg_get_vlan(0, "vlan.%s.tag", port->name);
2685 if (vlan >= 0 && vlan <= 4095) {
2686 VLOG_DBG("port %s: assigning VLAN tag %d", port->name, vlan);
2689 /* It's possible that bonded, VLAN-tagged ports make sense. Maybe
2690 * they even work as-is. But they have not been tested. */
2691 VLOG_WARN("port %s: VLAN tags not supported on bonded ports",
2695 if (port->vlan != vlan) {
2697 bridge_flush(port->bridge);
2700 /* Get trunked VLANs. */
2703 size_t n_trunks, n_errors;
2706 trunks = bitmap_allocate(4096);
2707 n_trunks = cfg_count("vlan.%s.trunks", port->name);
2709 for (i = 0; i < n_trunks; i++) {
2710 int trunk = cfg_get_vlan(i, "vlan.%s.trunks", port->name);
2712 bitmap_set1(trunks, trunk);
2718 VLOG_ERR("port %s: invalid values for %zu trunk VLANs",
2719 port->name, n_trunks);
2721 if (n_errors == n_trunks) {
2723 VLOG_ERR("port %s: no valid trunks, trunking all VLANs",
2726 bitmap_set_multiple(trunks, 0, 4096, 1);
2729 if (cfg_has("vlan.%s.trunks", port->name)) {
2730 VLOG_ERR("ignoring vlan.%s.trunks in favor of vlan.%s.vlan",
2731 port->name, port->name);
2735 ? port->trunks != NULL
2736 : port->trunks == NULL || !bitmap_equal(trunks, port->trunks, 4096)) {
2737 bridge_flush(port->bridge);
2739 bitmap_free(port->trunks);
2740 port->trunks = trunks;
2742 svec_destroy(&old_ifaces);
2743 svec_destroy(&new_ifaces);
2747 port_destroy(struct port *port)
2750 struct bridge *br = port->bridge;
2754 proc_net_compat_update_vlan(port->name, NULL, 0);
2756 for (i = 0; i < MAX_MIRRORS; i++) {
2757 struct mirror *m = br->mirrors[i];
2758 if (m && m->out_port == port) {
2763 while (port->n_ifaces > 0) {
2764 iface_destroy(port->ifaces[port->n_ifaces - 1]);
2767 del = br->ports[port->port_idx] = br->ports[--br->n_ports];
2768 del->port_idx = port->port_idx;
2771 bitmap_free(port->trunks);
2778 static struct port *
2779 port_from_dp_ifidx(const struct bridge *br, uint16_t dp_ifidx)
2781 struct iface *iface = iface_from_dp_ifidx(br, dp_ifidx);
2782 return iface ? iface->port : NULL;
2785 static struct port *
2786 port_lookup(const struct bridge *br, const char *name)
2790 for (i = 0; i < br->n_ports; i++) {
2791 struct port *port = br->ports[i];
2792 if (!strcmp(port->name, name)) {
2799 static struct iface *
2800 port_lookup_iface(const struct port *port, const char *name)
2804 for (j = 0; j < port->n_ifaces; j++) {
2805 struct iface *iface = port->ifaces[j];
2806 if (!strcmp(iface->name, name)) {
2814 port_update_bonding(struct port *port)
2816 if (port->n_ifaces < 2) {
2817 /* Not a bonded port. */
2818 if (port->bond_hash) {
2819 free(port->bond_hash);
2820 port->bond_hash = NULL;
2821 proc_net_compat_update_bond(port->name, NULL);
2824 if (!port->bond_hash) {
2827 port->bond_hash = xcalloc(BOND_MASK + 1, sizeof *port->bond_hash);
2828 for (i = 0; i <= BOND_MASK; i++) {
2829 struct bond_entry *e = &port->bond_hash[i];
2833 port->no_ifaces_tag = tag_create_random();
2834 bond_choose_active_iface(port);
2836 port_update_bond_compat(port);
2841 port_update_bond_compat(struct port *port)
2843 struct compat_bond bond;
2846 if (port->n_ifaces < 2) {
2851 bond.updelay = port->updelay;
2852 bond.downdelay = port->downdelay;
2853 bond.n_slaves = port->n_ifaces;
2854 bond.slaves = xmalloc(port->n_ifaces * sizeof *bond.slaves);
2855 for (i = 0; i < port->n_ifaces; i++) {
2856 struct iface *iface = port->ifaces[i];
2857 struct compat_bond_slave *slave = &bond.slaves[i];
2858 slave->name = iface->name;
2859 slave->up = ((iface->enabled && iface->delay_expires == LLONG_MAX) ||
2860 (!iface->enabled && iface->delay_expires != LLONG_MAX));
2864 memcpy(slave->mac, iface->mac, ETH_ADDR_LEN);
2866 proc_net_compat_update_bond(port->name, &bond);
2871 port_update_vlan_compat(struct port *port)
2873 struct bridge *br = port->bridge;
2874 char *vlandev_name = NULL;
2876 if (port->vlan > 0) {
2877 /* Figure out the name that the VLAN device should actually have, if it
2878 * existed. This takes some work because the VLAN device would not
2879 * have port->name in its name; rather, it would have the trunk port's
2880 * name, and 'port' would be attached to a bridge that also had the
2881 * VLAN device one of its ports. So we need to find a trunk port that
2882 * includes port->vlan.
2884 * There might be more than one candidate. This doesn't happen on
2885 * XenServer, so if it happens we just pick the first choice in
2886 * alphabetical order instead of creating multiple VLAN devices. */
2888 for (i = 0; i < br->n_ports; i++) {
2889 struct port *p = br->ports[i];
2890 if (port_trunks_vlan(p, port->vlan)
2892 && (!vlandev_name || strcmp(p->name, vlandev_name) <= 0))
2894 const uint8_t *ea = p->ifaces[0]->mac;
2895 if (!eth_addr_is_multicast(ea) &&
2896 !eth_addr_is_reserved(ea) &&
2897 !eth_addr_is_zero(ea)) {
2898 vlandev_name = p->name;
2903 proc_net_compat_update_vlan(port->name, vlandev_name, port->vlan);
2906 /* Interface functions. */
2909 iface_create(struct port *port, const char *name)
2911 struct iface *iface;
2913 iface = xcalloc(1, sizeof *iface);
2915 iface->port_ifidx = port->n_ifaces;
2916 iface->name = xstrdup(name);
2917 iface->dp_ifidx = -1;
2918 iface->tag = tag_create_random();
2919 iface->delay_expires = LLONG_MAX;
2921 netdev_nodev_get_etheraddr(name, iface->mac);
2922 netdev_nodev_get_carrier(name, &iface->enabled);
2924 if (port->n_ifaces >= port->allocated_ifaces) {
2925 port->ifaces = x2nrealloc(port->ifaces, &port->allocated_ifaces,
2926 sizeof *port->ifaces);
2928 port->ifaces[port->n_ifaces++] = iface;
2929 if (port->n_ifaces > 1) {
2930 port->bridge->has_bonded_ports = true;
2933 VLOG_DBG("attached network device %s to port %s", iface->name, port->name);
2935 port_update_bonding(port);
2936 bridge_flush(port->bridge);
2940 iface_destroy(struct iface *iface)
2943 struct port *port = iface->port;
2944 struct bridge *br = port->bridge;
2945 bool del_active = port->active_iface == iface->port_ifidx;
2948 if (iface->dp_ifidx >= 0) {
2949 port_array_set(&br->ifaces, iface->dp_ifidx, NULL);
2952 del = port->ifaces[iface->port_ifidx] = port->ifaces[--port->n_ifaces];
2953 del->port_ifidx = iface->port_ifidx;
2959 ofproto_revalidate(port->bridge->ofproto, port->active_iface_tag);
2960 bond_choose_active_iface(port);
2961 bond_send_learning_packets(port);
2964 port_update_bonding(port);
2965 bridge_flush(port->bridge);
2969 static struct iface *
2970 iface_lookup(const struct bridge *br, const char *name)
2974 for (i = 0; i < br->n_ports; i++) {
2975 struct port *port = br->ports[i];
2976 for (j = 0; j < port->n_ifaces; j++) {
2977 struct iface *iface = port->ifaces[j];
2978 if (!strcmp(iface->name, name)) {
2986 static struct iface *
2987 iface_from_dp_ifidx(const struct bridge *br, uint16_t dp_ifidx)
2989 return port_array_get(&br->ifaces, dp_ifidx);
2992 /* Port mirroring. */
2995 mirror_reconfigure(struct bridge *br)
2997 struct svec old_mirrors, new_mirrors;
3000 /* Collect old and new mirrors. */
3001 svec_init(&old_mirrors);
3002 svec_init(&new_mirrors);
3003 cfg_get_subsections(&new_mirrors, "mirror.%s", br->name);
3004 for (i = 0; i < MAX_MIRRORS; i++) {
3005 if (br->mirrors[i]) {
3006 svec_add(&old_mirrors, br->mirrors[i]->name);
3010 /* Get rid of deleted mirrors and add new mirrors. */
3011 svec_sort(&old_mirrors);
3012 assert(svec_is_unique(&old_mirrors));
3013 svec_sort(&new_mirrors);
3014 assert(svec_is_unique(&new_mirrors));
3015 for (i = 0; i < MAX_MIRRORS; i++) {
3016 struct mirror *m = br->mirrors[i];
3017 if (m && !svec_contains(&new_mirrors, m->name)) {
3021 for (i = 0; i < new_mirrors.n; i++) {
3022 const char *name = new_mirrors.names[i];
3023 if (!svec_contains(&old_mirrors, name)) {
3024 mirror_create(br, name);
3027 svec_destroy(&old_mirrors);
3028 svec_destroy(&new_mirrors);
3030 /* Reconfigure all mirrors. */
3031 for (i = 0; i < MAX_MIRRORS; i++) {
3032 if (br->mirrors[i]) {
3033 mirror_reconfigure_one(br->mirrors[i]);
3037 /* Update port reserved status. */
3038 for (i = 0; i < br->n_ports; i++) {
3039 br->ports[i]->is_mirror_output_port = false;
3041 for (i = 0; i < MAX_MIRRORS; i++) {
3042 struct mirror *m = br->mirrors[i];
3043 if (m && m->out_port) {
3044 m->out_port->is_mirror_output_port = true;
3050 mirror_create(struct bridge *br, const char *name)
3055 for (i = 0; ; i++) {
3056 if (i >= MAX_MIRRORS) {
3057 VLOG_WARN("bridge %s: maximum of %d port mirrors reached, "
3058 "cannot create %s", br->name, MAX_MIRRORS, name);
3061 if (!br->mirrors[i]) {
3066 VLOG_INFO("created port mirror %s on bridge %s", name, br->name);
3069 br->mirrors[i] = m = xcalloc(1, sizeof *m);
3072 m->name = xstrdup(name);
3073 svec_init(&m->src_ports);
3074 svec_init(&m->dst_ports);
3082 mirror_destroy(struct mirror *m)
3085 struct bridge *br = m->bridge;
3088 for (i = 0; i < br->n_ports; i++) {
3089 br->ports[i]->src_mirrors &= ~(MIRROR_MASK_C(1) << m->idx);
3090 br->ports[i]->dst_mirrors &= ~(MIRROR_MASK_C(1) << m->idx);
3093 svec_destroy(&m->src_ports);
3094 svec_destroy(&m->dst_ports);
3097 m->bridge->mirrors[m->idx] = NULL;
3105 prune_ports(struct mirror *m, struct svec *ports)
3110 svec_sort_unique(ports);
3113 for (i = 0; i < ports->n; i++) {
3114 const char *name = ports->names[i];
3115 if (port_lookup(m->bridge, name)) {
3116 svec_add(&tmp, name);
3118 VLOG_WARN("mirror.%s.%s: cannot match on nonexistent port %s",
3119 m->bridge->name, m->name, name);
3122 svec_swap(ports, &tmp);
3127 prune_vlans(struct mirror *m, struct svec *vlan_strings, int **vlans)
3131 /* This isn't perfect: it won't combine "0" and "00", and the textual sort
3132 * order won't give us numeric sort order. But that's good enough for what
3133 * we need right now. */
3134 svec_sort_unique(vlan_strings);
3136 *vlans = xmalloc(sizeof *vlans * vlan_strings->n);
3138 for (i = 0; i < vlan_strings->n; i++) {
3139 const char *name = vlan_strings->names[i];
3141 if (!str_to_int(name, 10, &vlan) || vlan < 0 || vlan > 4095) {
3142 VLOG_WARN("mirror.%s.%s.select.vlan: ignoring invalid VLAN %s",
3143 m->bridge->name, m->name, name);
3145 (*vlans)[n_vlans++] = vlan;
3152 vlan_is_mirrored(const struct mirror *m, int vlan)
3156 for (i = 0; i < m->n_vlans; i++) {
3157 if (m->vlans[i] == vlan) {
3165 port_trunks_any_mirrored_vlan(const struct mirror *m, const struct port *p)
3169 for (i = 0; i < m->n_vlans; i++) {
3170 if (port_trunks_vlan(p, m->vlans[i])) {
3178 mirror_reconfigure_one(struct mirror *m)
3180 char *pfx = xasprintf("mirror.%s.%s", m->bridge->name, m->name);
3181 struct svec src_ports, dst_ports, ports;
3182 struct svec vlan_strings;
3183 mirror_mask_t mirror_bit;
3184 const char *out_port_name;
3185 struct port *out_port;
3190 bool mirror_all_ports;
3192 /* Get output port. */
3193 out_port_name = cfg_get_key(0, "mirror.%s.%s.output.port",
3194 m->bridge->name, m->name);
3195 if (out_port_name) {
3196 out_port = port_lookup(m->bridge, out_port_name);
3198 VLOG_ERR("%s.output.port: bridge %s does not have a port "
3199 "named %s", pfx, m->bridge->name, out_port_name);
3206 if (cfg_has("%s.output.vlan", pfx)) {
3207 VLOG_ERR("%s.output.port and %s.output.vlan both specified; "
3208 "ignoring %s.output.vlan", pfx, pfx, pfx);
3210 } else if (cfg_has("%s.output.vlan", pfx)) {
3212 out_vlan = cfg_get_vlan(0, "%s.output.vlan", pfx);
3214 VLOG_ERR("%s: neither %s.output.port nor %s.output.vlan specified, "
3215 "but exactly one is required; disabling port mirror %s",
3216 pfx, pfx, pfx, pfx);
3222 /* Get all the ports, and drop duplicates and ports that don't exist. */
3223 svec_init(&src_ports);
3224 svec_init(&dst_ports);
3226 cfg_get_all_keys(&src_ports, "%s.select.src-port", pfx);
3227 cfg_get_all_keys(&dst_ports, "%s.select.dst-port", pfx);
3228 cfg_get_all_keys(&ports, "%s.select.port", pfx);
3229 svec_append(&src_ports, &ports);
3230 svec_append(&dst_ports, &ports);
3231 svec_destroy(&ports);
3232 prune_ports(m, &src_ports);
3233 prune_ports(m, &dst_ports);
3235 /* Get all the vlans, and drop duplicate and invalid vlans. */
3236 svec_init(&vlan_strings);
3237 cfg_get_all_keys(&vlan_strings, "%s.select.vlan", pfx);
3238 n_vlans = prune_vlans(m, &vlan_strings, &vlans);
3239 svec_destroy(&vlan_strings);
3241 /* Update mirror data. */
3242 if (!svec_equal(&m->src_ports, &src_ports)
3243 || !svec_equal(&m->dst_ports, &dst_ports)
3244 || m->n_vlans != n_vlans
3245 || memcmp(m->vlans, vlans, sizeof *vlans * n_vlans)
3246 || m->out_port != out_port
3247 || m->out_vlan != out_vlan) {
3248 bridge_flush(m->bridge);
3250 svec_swap(&m->src_ports, &src_ports);
3251 svec_swap(&m->dst_ports, &dst_ports);
3254 m->n_vlans = n_vlans;
3255 m->out_port = out_port;
3256 m->out_vlan = out_vlan;
3258 /* If no selection criteria have been given, mirror for all ports. */
3259 mirror_all_ports = (!m->src_ports.n) && (!m->dst_ports.n) && (!m->n_vlans);
3262 mirror_bit = MIRROR_MASK_C(1) << m->idx;
3263 for (i = 0; i < m->bridge->n_ports; i++) {
3264 struct port *port = m->bridge->ports[i];
3266 if (mirror_all_ports
3267 || svec_contains(&m->src_ports, port->name)
3270 ? port_trunks_any_mirrored_vlan(m, port)
3271 : vlan_is_mirrored(m, port->vlan)))) {
3272 port->src_mirrors |= mirror_bit;
3274 port->src_mirrors &= ~mirror_bit;
3277 if (mirror_all_ports || svec_contains(&m->dst_ports, port->name)) {
3278 port->dst_mirrors |= mirror_bit;
3280 port->dst_mirrors &= ~mirror_bit;
3285 svec_destroy(&src_ports);
3286 svec_destroy(&dst_ports);
3290 /* Spanning tree protocol. */
3292 static void brstp_update_port_state(struct port *);
3295 brstp_send_bpdu(struct ofpbuf *pkt, int port_no, void *br_)
3297 struct bridge *br = br_;
3298 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3299 struct iface *iface = iface_from_dp_ifidx(br, port_no);
3301 VLOG_WARN_RL(&rl, "%s: cannot send BPDU on unknown port %d",
3303 } else if (eth_addr_is_zero(iface->mac)) {
3304 VLOG_WARN_RL(&rl, "%s: cannot send BPDU on port %d with unknown MAC",
3307 union ofp_action action;
3308 struct eth_header *eth = pkt->l2;
3311 memcpy(eth->eth_src, iface->mac, ETH_ADDR_LEN);
3313 memset(&action, 0, sizeof action);
3314 action.type = htons(OFPAT_OUTPUT);
3315 action.output.len = htons(sizeof action);
3316 action.output.port = htons(port_no);
3318 flow_extract(pkt, ODPP_NONE, &flow);
3319 ofproto_send_packet(br->ofproto, &flow, &action, 1, pkt);
3325 brstp_reconfigure(struct bridge *br)
3329 if (!cfg_get_bool(0, "stp.%s.enabled", br->name)) {
3331 stp_destroy(br->stp);
3337 uint64_t bridge_address, bridge_id;
3338 int bridge_priority;
3340 bridge_address = cfg_get_mac(0, "stp.%s.address", br->name);
3341 if (!bridge_address) {
3343 bridge_address = (stp_get_bridge_id(br->stp)
3344 & ((UINT64_C(1) << 48) - 1));
3346 uint8_t mac[ETH_ADDR_LEN];
3347 eth_addr_random(mac);
3348 bridge_address = eth_addr_to_uint64(mac);
3352 if (cfg_is_valid(CFG_INT | CFG_REQUIRED, "stp.%s.priority",
3354 bridge_priority = cfg_get_int(0, "stp.%s.priority", br->name);
3356 bridge_priority = STP_DEFAULT_BRIDGE_PRIORITY;
3359 bridge_id = bridge_address | ((uint64_t) bridge_priority << 48);
3361 br->stp = stp_create(br->name, bridge_id, brstp_send_bpdu, br);
3362 br->stp_last_tick = time_msec();
3365 if (bridge_id != stp_get_bridge_id(br->stp)) {
3366 stp_set_bridge_id(br->stp, bridge_id);
3371 for (i = 0; i < br->n_ports; i++) {
3372 struct port *p = br->ports[i];
3374 struct stp_port *sp;
3375 int path_cost, priority;
3381 dp_ifidx = p->ifaces[0]->dp_ifidx;
3382 if (dp_ifidx < 0 || dp_ifidx >= STP_MAX_PORTS) {
3386 sp = stp_get_port(br->stp, dp_ifidx);
3387 enable = (!cfg_is_valid(CFG_BOOL | CFG_REQUIRED,
3388 "stp.%s.port.%s.enabled",
3390 || cfg_get_bool(0, "stp.%s.port.%s.enabled",
3391 br->name, p->name));
3392 if (p->is_mirror_output_port) {
3395 if (enable != (stp_port_get_state(sp) != STP_DISABLED)) {
3396 bridge_flush(br); /* Might not be necessary. */
3398 stp_port_enable(sp);
3400 stp_port_disable(sp);
3404 path_cost = cfg_get_int(0, "stp.%s.port.%s.path-cost",
3406 stp_port_set_path_cost(sp, path_cost ? path_cost : 19 /* XXX */);
3408 priority = (cfg_is_valid(CFG_INT | CFG_REQUIRED,
3409 "stp.%s.port.%s.priority",
3411 ? cfg_get_int(0, "stp.%s.port.%s.priority",
3413 : STP_DEFAULT_PORT_PRIORITY);
3414 stp_port_set_priority(sp, priority);
3417 brstp_adjust_timers(br);
3419 for (i = 0; i < br->n_ports; i++) {
3420 brstp_update_port_state(br->ports[i]);
3425 brstp_update_port_state(struct port *p)
3427 struct bridge *br = p->bridge;
3428 enum stp_state state;
3430 /* Figure out new state. */
3431 state = STP_DISABLED;
3432 if (br->stp && p->n_ifaces > 0) {
3433 int dp_ifidx = p->ifaces[0]->dp_ifidx;
3434 if (dp_ifidx >= 0 && dp_ifidx < STP_MAX_PORTS) {
3435 state = stp_port_get_state(stp_get_port(br->stp, dp_ifidx));
3440 if (p->stp_state != state) {
3441 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(10, 10);
3442 VLOG_INFO_RL(&rl, "port %s: STP state changed from %s to %s",
3443 p->name, stp_state_name(p->stp_state),
3444 stp_state_name(state));
3445 if (p->stp_state == STP_DISABLED) {
3448 ofproto_revalidate(p->bridge->ofproto, p->stp_state_tag);
3450 p->stp_state = state;
3451 p->stp_state_tag = (p->stp_state == STP_DISABLED ? 0
3452 : tag_create_random());
3457 brstp_adjust_timers(struct bridge *br)
3459 int hello_time = cfg_get_int(0, "stp.%s.hello-time", br->name);
3460 int max_age = cfg_get_int(0, "stp.%s.max-age", br->name);
3461 int forward_delay = cfg_get_int(0, "stp.%s.forward-delay", br->name);
3463 stp_set_hello_time(br->stp, hello_time ? hello_time : 2000);
3464 stp_set_max_age(br->stp, max_age ? max_age : 20000);
3465 stp_set_forward_delay(br->stp, forward_delay ? forward_delay : 15000);
3469 brstp_run(struct bridge *br)
3472 long long int now = time_msec();
3473 long long int elapsed = now - br->stp_last_tick;
3474 struct stp_port *sp;
3477 stp_tick(br->stp, MIN(INT_MAX, elapsed));
3478 br->stp_last_tick = now;
3480 while (stp_get_changed_port(br->stp, &sp)) {
3481 struct port *p = port_from_dp_ifidx(br, stp_port_no(sp));
3483 brstp_update_port_state(p);
3490 brstp_wait(struct bridge *br)
3493 poll_timer_wait(1000);
git://git.onelab.eu / sliver-openvswitch.git / blob