vswitchd: Don't act as learning switch in secure mode with no controllers

Don't act as a learning switch when the fail-mode is "secure" and no
controllers are defined.  This allows the bridge to come up in a state
where it won't pass any traffic until a controller has told it to do so.

diff --git a/ofproto/ofproto.c b/ofproto/ofproto.c
index 69004bc..52e4fe3 100644 (file)
--- a/ofproto/ofproto.c
+++ b/ofproto/ofproto.c
@@ -889,6 +889,12 @@ ofproto_has_controller(const struct ofproto *ofproto)
     return !hmap_is_empty(&ofproto->controllers);
 }
 
+enum ofproto_fail_mode
+ofproto_get_fail_mode(const struct ofproto *p)
+{
+    return p->fail_mode;
+}
+
 void
 ofproto_get_listeners(const struct ofproto *ofproto, struct svec *listeners)
 {

diff --git a/ofproto/ofproto.h b/ofproto/ofproto.h
index 56c54f5..507c565 100644 (file)
--- a/ofproto/ofproto.h
+++ b/ofproto/ofproto.h
@@ -121,6 +121,7 @@ int ofproto_set_stp(struct ofproto *, bool enable_stp);
 /* Configuration querying. */
 uint64_t ofproto_get_datapath_id(const struct ofproto *);
 bool ofproto_has_controller(const struct ofproto *);
+enum ofproto_fail_mode ofproto_get_fail_mode(const struct ofproto *);
 void ofproto_get_listeners(const struct ofproto *, struct svec *);
 void ofproto_get_snoops(const struct ofproto *, struct svec *);
 void ofproto_get_all_flows(struct ofproto *p, struct ds *);

diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
index 507c70c..12bad0b 100644 (file)
--- a/vswitchd/bridge.c
+++ b/vswitchd/bridge.c
@@ -1497,6 +1497,10 @@ bridge_reconfigure_one(struct bridge *br)
                 || !strcmp(br->cfg->fail_mode, "standalone")
                     ? OFPROTO_FAIL_STANDALONE
                     : OFPROTO_FAIL_SECURE;
+    if ((ofproto_get_fail_mode(br->ofproto) != fail_mode)
+            && !ofproto_has_controller(br->ofproto)) {
+        ofproto_flush_flows(br->ofproto);
+    }
     ofproto_set_fail_mode(br->ofproto, fail_mode);
 
     /* Delete all flows if we're switching from connected to standalone or vice
@@ -1552,14 +1556,19 @@ bridge_reconfigure_remotes(struct bridge *br,
         /* Clear out controllers. */
         ofproto_set_controllers(br->ofproto, NULL, 0);
 
-        /* Set up a flow that matches every packet and directs them to
-         * OFPP_NORMAL (which goes to us). */
-        memset(&action, 0, sizeof action);
-        action.type = htons(OFPAT_OUTPUT);
-        action.output.len = htons(sizeof action);
-        action.output.port = htons(OFPP_NORMAL);
-        memset(&flow, 0, sizeof flow);
-        ofproto_add_flow(br->ofproto, &flow, OVSFW_ALL, 0, &action, 1, 0);
+        /* If there are no controllers and the bridge is in standalone
+         * mode, set up a flow that matches every packet and directs
+         * them to OFPP_NORMAL (which goes to us).  Otherwise, the
+         * switch is in secure mode and we won't pass any traffic until
+         * a controller has been defined and it tells us to do so. */
+        if (ofproto_get_fail_mode(br->ofproto) == OFPROTO_FAIL_STANDALONE) {
+            memset(&action, 0, sizeof action);
+            action.type = htons(OFPAT_OUTPUT);
+            action.output.len = htons(sizeof action);
+            action.output.port = htons(OFPP_NORMAL);
+            memset(&flow, 0, sizeof flow);
+            ofproto_add_flow(br->ofproto, &flow, OVSFW_ALL, 0, &action, 1, 0);
+        }
     } else {
         struct ofproto_controller *ocs;
         size_t i;

diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index f5e010b..af85477 100644 (file)
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -151,8 +151,9 @@
               standalone behavior.</dd>
             <dt><code>secure</code></dt>
             <dd>Open vSwitch will not set up flows on its own when the
-              controller connection fails.  It will continue retry
-              connecting to the controller forever.</dd>
+              controller connection fails or when no controllers are
+              defined.  The bridge will continue to retry connecting to
+              any defined controllers forever.</dd>
           </dl>
         </p>
         <p>If this value is unset, the default is implementation-specific.</p>