return true;
}
- /* Rules with priority higher than UINT16_MAX are set up by secchan itself
+ /* Rules with priority higher than UINT16_MAX are set up by ofproto itself
* (e.g. by in-band control) and are intentionally hidden from the
* controller. */
if (rule->cr.priority > UINT16_MAX) {
char *serial; /* Serial number. */
/* Datapath. */
- struct dpif dpif;
- struct dpifmon *dpifmon;
+ struct dpif *dpif;
+ struct netdev_monitor *netdev_monitor;
struct port_array ports; /* Index is ODP port nr; ofport->opp.port_no is
* OFP port nr. */
struct shash port_by_name;
static const struct ofhooks default_ofhooks;
-static uint64_t pick_datapath_id(struct dpif *, uint64_t fallback_dpid);
+static uint64_t pick_datapath_id(const struct ofproto *);
static uint64_t pick_fallback_dpid(void);
static void send_packet_in_miss(struct ofpbuf *, void *ofproto);
static void send_packet_in_action(struct ofpbuf *, void *ofproto);
ofproto_create(const char *datapath, const struct ofhooks *ofhooks, void *aux,
struct ofproto **ofprotop)
{
- struct dpifmon *dpifmon;
struct odp_stats stats;
struct ofproto *p;
- struct dpif dpif;
+ struct dpif *dpif;
int error;
*ofprotop = NULL;
VLOG_ERR("failed to open datapath %s: %s", datapath, strerror(error));
return error;
}
- error = dpif_get_dp_stats(&dpif, &stats);
+ error = dpif_get_dp_stats(dpif, &stats);
if (error) {
VLOG_ERR("failed to obtain stats for datapath %s: %s",
datapath, strerror(error));
- dpif_close(&dpif);
+ dpif_close(dpif);
return error;
}
- error = dpif_set_listen_mask(&dpif, ODPL_MISS | ODPL_ACTION);
+ error = dpif_recv_set_mask(dpif, ODPL_MISS | ODPL_ACTION);
if (error) {
VLOG_ERR("failed to listen on datapath %s: %s",
datapath, strerror(error));
- dpif_close(&dpif);
- return error;
- }
- dpif_flow_flush(&dpif);
- dpif_purge(&dpif);
-
- /* Start monitoring datapath ports for status changes. */
- error = dpifmon_create(datapath, &dpifmon);
- if (error) {
- VLOG_ERR("failed to starting monitoring datapath %s: %s",
- datapath, strerror(error));
- dpif_close(&dpif);
+ dpif_close(dpif);
return error;
}
+ dpif_flow_flush(dpif);
+ dpif_recv_purge(dpif);
/* Initialize settings. */
p = xcalloc(1, sizeof *p);
p->fallback_dpid = pick_fallback_dpid();
- p->datapath_id = pick_datapath_id(&dpif, p->fallback_dpid);
- VLOG_INFO("using datapath ID %012"PRIx64, p->datapath_id);
+ p->datapath_id = p->fallback_dpid;
p->manufacturer = xstrdup("Nicira Networks, Inc.");
p->hardware = xstrdup("Reference Implementation");
p->software = xstrdup(VERSION BUILDNR);
/* Initialize datapath. */
p->dpif = dpif;
- p->dpifmon = dpifmon;
+ p->netdev_monitor = netdev_monitor_create();
port_array_init(&p->ports);
shash_init(&p->port_by_name);
p->max_ports = stats.max_ports;
return error;
}
+ /* Pick final datapath ID. */
+ p->datapath_id = pick_datapath_id(p);
+ VLOG_INFO("using datapath ID %012"PRIx64, p->datapath_id);
+
*ofprotop = p;
return 0;
}
ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id)
{
uint64_t old_dpid = p->datapath_id;
- p->datapath_id = (datapath_id
- ? datapath_id
- : pick_datapath_id(&p->dpif, p->fallback_dpid));
+ p->datapath_id = datapath_id ? datapath_id : pick_datapath_id(p);
if (p->datapath_id != old_dpid) {
VLOG_INFO("datapath ID changed to %012"PRIx64, p->datapath_id);
rconn_reconnect(p->controller->rconn);
{
if (in_band != (p->in_band != NULL)) {
if (in_band) {
- in_band_create(p, &p->dpif, p->switch_status,
- p->controller->rconn, &p->in_band);
- return 0;
+ return in_band_create(p, p->dpif, p->switch_status,
+ p->controller->rconn, &p->in_band);
} else {
ofproto_set_discovery(p, false, NULL, true);
in_band_destroy(p->in_band);
return error;
}
error = discovery_create(re, update_resolv_conf,
- &p->dpif, p->switch_status,
+ p->dpif, p->switch_status,
&p->discovery);
if (error) {
return error;
ofconn_destroy(ofconn, p);
}
- dpif_close(&p->dpif);
- dpifmon_destroy(p->dpifmon);
+ dpif_close(p->dpif);
+ netdev_monitor_destroy(p->netdev_monitor);
PORT_ARRAY_FOR_EACH (ofport, &p->ports, port_no) {
ofport_free(ofport);
}
return error;
}
+static void
+process_port_change(struct ofproto *ofproto, int error, char *devname)
+{
+ if (error == ENOBUFS) {
+ reinit_ports(ofproto);
+ } else if (!error) {
+ update_port(ofproto, devname);
+ free(devname);
+ }
+}
+
int
ofproto_run1(struct ofproto *p)
{
struct ofpbuf *buf;
int error;
- error = dpif_recv(&p->dpif, &buf);
+ error = dpif_recv(p->dpif, &buf);
if (error) {
if (error == ENODEV) {
/* Someone destroyed the datapath behind our back. The caller
* better destroy us and give up, because we're just going to
* spin from here on out. */
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
- VLOG_ERR_RL(&rl, "dp%u: datapath was destroyed externally",
- dpif_id(&p->dpif));
+ VLOG_ERR_RL(&rl, "%s: datapath was destroyed externally",
+ dpif_name(p->dpif));
return ENODEV;
}
break;
handle_odp_msg(p, buf);
}
- while ((error = dpifmon_poll(p->dpifmon, &devname)) != EAGAIN) {
- if (error == ENOBUFS) {
- reinit_ports(p);
- } else if (!error) {
- update_port(p, devname);
- free(devname);
- }
+ while ((error = dpif_port_poll(p->dpif, &devname)) != EAGAIN) {
+ process_port_change(p, error, devname);
+ }
+ while ((error = netdev_monitor_poll(p->netdev_monitor,
+ &devname)) != EAGAIN) {
+ process_port_change(p, error, devname);
}
if (p->in_band) {
struct ofconn *ofconn;
size_t i;
- dpif_recv_wait(&p->dpif);
- dpifmon_wait(p->dpifmon);
+ dpif_recv_wait(p->dpif);
+ dpif_port_poll_wait(p->dpif);
+ netdev_monitor_poll_wait(p->netdev_monitor);
LIST_FOR_EACH (ofconn, struct ofconn, node, &p->all_conns) {
ofconn_wait(ofconn);
}
/* XXX Should we translate the dpif_execute() errno value into an OpenFlow
* error code? */
- dpif_execute(&p->dpif, flow->in_port, odp_actions.actions,
+ dpif_execute(p->dpif, flow->in_port, odp_actions.actions,
odp_actions.n_actions, packet);
return 0;
}
{
COVERAGE_INC(ofproto_flush);
classifier_for_each(&ofproto->cls, CLS_INC_ALL, destroy_rule, ofproto);
- dpif_flow_flush(&ofproto->dpif);
+ dpif_flow_flush(ofproto->dpif);
if (ofproto->in_band) {
in_band_flushed(ofproto->in_band);
}
PORT_ARRAY_FOR_EACH (ofport, &p->ports, port_no) {
svec_add (&devnames, (char *) ofport->opp.name);
}
- dpif_port_list(&p->dpif, &odp_ports, &n_odp_ports);
+ dpif_port_list(p->dpif, &odp_ports, &n_odp_ports);
for (i = 0; i < n_odp_ports; i++) {
svec_add (&devnames, odp_ports[i].devname);
}
ports[n_ports++] = port_no;
}
}
- dpif_port_group_set(&p->dpif, group, ports, n_ports);
+ dpif_port_group_set(p->dpif, group, ports, n_ports);
free(ports);
}
ofport = xmalloc(sizeof *ofport);
ofport->netdev = netdev;
ofport->opp.port_no = odp_port_to_ofp_port(odp_port->port);
- memcpy(ofport->opp.hw_addr, netdev_get_etheraddr(netdev), ETH_ALEN);
+ netdev_get_etheraddr(netdev, ofport->opp.hw_addr);
memcpy(ofport->opp.name, odp_port->devname,
MIN(sizeof ofport->opp.name, sizeof odp_port->devname));
ofport->opp.name[sizeof ofport->opp.name - 1] = '\0';
static void
ofport_install(struct ofproto *p, struct ofport *ofport)
{
+ netdev_monitor_add(p->netdev_monitor, ofport->netdev);
port_array_set(&p->ports, ofp_port_to_odp_port(ofport->opp.port_no),
ofport);
shash_add(&p->port_by_name, (char *) ofport->opp.name, ofport);
static void
ofport_remove(struct ofproto *p, struct ofport *ofport)
{
+ netdev_monitor_remove(p->netdev_monitor, ofport->netdev);
port_array_set(&p->ports, ofp_port_to_odp_port(ofport->opp.port_no), NULL);
shash_delete(&p->port_by_name,
shash_find(&p->port_by_name, (char *) ofport->opp.name));
COVERAGE_INC(ofproto_update_port);
/* Query the datapath for port information. */
- error = dpif_port_query_by_name(&p->dpif, devname, &odp_port);
+ error = dpif_port_query_by_name(p->dpif, devname, &odp_port);
/* Find the old ofport. */
old_ofport = shash_find_data(&p->port_by_name, devname);
size_t i;
int error;
- error = dpif_port_list(&p->dpif, &ports, &n_ports);
+ error = dpif_port_list(p->dpif, &ports, &n_ports);
if (error) {
return error;
}
}
/* Execute the ODP actions. */
- if (!dpif_execute(&ofproto->dpif, flow->in_port,
+ if (!dpif_execute(ofproto->dpif, flow->in_port,
actions, n_actions, packet)) {
struct odp_flow_stats stats;
flow_extract_stats(flow, packet, &stats);
put->flow.actions = rule->odp_actions;
put->flow.n_actions = rule->n_odp_actions;
put->flags = flags;
- return dpif_flow_put(&ofproto->dpif, put);
+ return dpif_flow_put(ofproto->dpif, put);
}
static void
&put)) {
rule->installed = true;
if (displaced_rule) {
- update_stats(p, rule, &put.flow.stats);
+ update_stats(p, displaced_rule, &put.flow.stats);
rule_post_uninstall(p, displaced_rule);
}
}
static void
rule_update_actions(struct ofproto *ofproto, struct rule *rule)
{
- bool actions_changed = rule_make_actions(ofproto, rule, NULL);
+ bool actions_changed;
+ uint16_t new_out_iface, old_out_iface;
+
+ old_out_iface = rule->nf_flow.output_iface;
+ actions_changed = rule_make_actions(ofproto, rule, NULL);
+
if (rule->may_install) {
if (rule->installed) {
if (actions_changed) {
- /* XXX should really do rule_post_uninstall() for the *old* set
- * of actions, and distinguish the old stats from the new. */
struct odp_flow_put put;
- do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY, &put);
+ do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY
+ | ODPPF_ZERO_STATS, &put);
+ update_stats(ofproto, rule, &put.flow.stats);
+
+ /* Temporarily set the old output iface so that NetFlow
+ * messages have the correct output interface for the old
+ * stats. */
+ new_out_iface = rule->nf_flow.output_iface;
+ rule->nf_flow.output_iface = old_out_iface;
+ rule_post_uninstall(ofproto, rule);
+ rule->nf_flow.output_iface = new_out_iface;
}
} else {
rule_install(ofproto, rule, NULL);
odp_flow.key = rule->cr.flow;
odp_flow.actions = NULL;
odp_flow.n_actions = 0;
- if (!dpif_flow_del(&p->dpif, &odp_flow)) {
+ if (!dpif_flow_del(p->dpif, &odp_flow)) {
update_stats(p, rule, &odp_flow.stats);
}
rule->installed = false;
bool drop_frags;
/* Figure out flags. */
- dpif_get_drop_frags(&p->dpif, &drop_frags);
+ dpif_get_drop_frags(p->dpif, &drop_frags);
flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL;
if (ofconn->send_flow_exp) {
flags |= OFPC_SEND_FLOW_EXP;
if (ofconn == p->controller) {
switch (flags & OFPC_FRAG_MASK) {
case OFPC_FRAG_NORMAL:
- dpif_set_drop_frags(&p->dpif, false);
+ dpif_set_drop_frags(p->dpif, false);
break;
case OFPC_FRAG_DROP:
- dpif_set_drop_frags(&p->dpif, true);
+ dpif_set_drop_frags(p->dpif, true);
break;
default:
VLOG_WARN_RL(&rl, "requested bad fragment mode (flags=%"PRIx16")",
oa->nw_addr.nw_addr = ia->nw_addr.nw_addr;
break;
+ case OFPAT_SET_NW_DST:
+ oa = odp_actions_add(ctx->out, ODPAT_SET_NW_DST);
+ oa->nw_addr.nw_addr = ia->nw_addr.nw_addr;
+ break;
+
case OFPAT_SET_TP_SRC:
oa = odp_actions_add(ctx->out, ODPAT_SET_TP_SRC);
oa->tp_port.tp_port = ia->tp_port.tp_port;
break;
+ case OFPAT_SET_TP_DST:
+ oa = odp_actions_add(ctx->out, ODPAT_SET_TP_DST);
+ oa->tp_port.tp_port = ia->tp_port.tp_port;
+ break;
+
case OFPAT_VENDOR:
xlate_nicira_action(ctx, (const struct nx_action_header *) ia);
break;
return error;
}
- dpif_execute(&p->dpif, flow.in_port, actions.actions, actions.n_actions,
+ dpif_execute(p->dpif, flow.in_port, actions.actions, actions.n_actions,
&payload);
ofpbuf_delete(buffer);
n_wild = classifier_count(&p->cls) - classifier_count_exact(&p->cls);
/* Hash table. */
- dpif_get_dp_stats(&p->dpif, &dpstats);
+ dpif_get_dp_stats(p->dpif, &dpstats);
ots = append_stats_reply(sizeof *ots, ofconn, &msg);
memset(ots, 0, sizeof *ots);
ots->table_id = TABLEID_HASH;
odp_flows[0].key = rule->cr.flow;
}
- if (!dpif_flow_get_multiple(&p->dpif, odp_flows, n_odp_flows)) {
+ packet_count = rule->packet_count;
+ byte_count = rule->byte_count;
+ if (!dpif_flow_get_multiple(p->dpif, odp_flows, n_odp_flows)) {
size_t i;
for (i = 0; i < n_odp_flows; i++) {
struct odp_flow *odp_flow = &odp_flows[i];
long long int used = msec_from_nsec(stats->used_sec, stats->used_nsec);
if (used > rule->used) {
rule->used = used;
+ if (rule->super && used > rule->super->used) {
+ rule->super->used = used;
+ }
netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, used);
}
}
memset(&action, 0, sizeof(action));
action.output.type = ODPAT_OUTPUT;
action.output.port = ODPP_LOCAL;
- dpif_execute(&p->dpif, flow.in_port, &action, 1, &payload);
+ dpif_execute(p->dpif, flow.in_port, &action, 1, &payload);
}
rule = lookup_valid_rule(p, &flow);
{
struct ofconn *ofconn;
struct ofconn *prev;
- struct ofpbuf *buf;
+ struct ofpbuf *buf = NULL;
/* We limit the maximum number of queued flow expirations it by accounting
* them under the counter for replies. That works because preventing
}
COVERAGE_INC(ofproto_expired);
+
+ /* Update stats. This code will be a no-op if the rule expired
+ * due to an idle timeout. */
if (rule->cr.wc.wildcards) {
- /* Update stats. (This code will be a no-op if the rule expired
- * due to an idle timeout, because in that case the rule has no
- * subrules left.) */
struct rule *subrule, *next;
LIST_FOR_EACH_SAFE (subrule, next, struct rule, list, &rule->list) {
rule_remove(p, subrule);
}
+ } else {
+ rule_uninstall(p, rule);
}
- send_flow_exp(p, rule, now,
- (now >= hard_expire
- ? OFPER_HARD_TIMEOUT : OFPER_IDLE_TIMEOUT));
+ if (!rule_is_hidden(rule)) {
+ send_flow_exp(p, rule, now,
+ (now >= hard_expire
+ ? OFPER_HARD_TIMEOUT : OFPER_IDLE_TIMEOUT));
+ }
rule_remove(p, rule);
}
if (rule->installed) {
odp_flow.key = rule->cr.flow;
odp_flow.flags = ODPFF_ZERO_TCP_FLAGS;
- dpif_flow_get(&ofproto->dpif, &odp_flow);
+ dpif_flow_get(ofproto->dpif, &odp_flow);
if (odp_flow.stats.n_packets) {
update_time(ofproto, rule, &odp_flow.stats);
size_t i;
int error;
- error = dpif_flow_list_all(&p->dpif, &flows, &n_flows);
+ error = dpif_flow_list_all(p->dpif, &flows, &n_flows);
if (error) {
return;
}
classifier_find_rule_exactly(&p->cls, &f->key, 0, UINT16_MAX));
if (!rule || !rule->installed) {
COVERAGE_INC(ofproto_unexpected_rule);
- dpif_flow_del(&p->dpif, f);
+ dpif_flow_del(p->dpif, f);
continue;
}
}
static uint64_t
-pick_datapath_id(struct dpif *dpif, uint64_t fallback_dpid)
+pick_datapath_id(const struct ofproto *ofproto)
{
- char local_name[IF_NAMESIZE];
- uint8_t ea[ETH_ADDR_LEN];
- int error;
+ const struct ofport *port;
- error = dpif_get_name(dpif, local_name, sizeof local_name);
- if (!error) {
- error = netdev_nodev_get_etheraddr(local_name, ea);
+ port = port_array_get(&ofproto->ports, ODPP_LOCAL);
+ if (port) {
+ uint8_t ea[ETH_ADDR_LEN];
+ int error;
+
+ error = netdev_get_etheraddr(port->netdev, ea);
if (!error) {
return eth_addr_to_uint64(ea);
}
VLOG_WARN("could not get MAC address for %s (%s)",
- local_name, strerror(error));
+ netdev_get_name(port->netdev), strerror(error));
}
-
- return fallback_dpid;
+ return ofproto->fallback_dpid;
}
static uint64_t
#include "odp-util.h"
#include "ofp-print.h"
#include "ofpbuf.h"
+#include "ofproto/netflow.h"
+#include "ofproto/ofproto.h"
#include "packets.h"
#include "poll-loop.h"
#include "port-array.h"
#include "proc-net-compat.h"
#include "process.h"
-#include "secchan/netflow.h"
-#include "secchan/ofproto.h"
#include "socket-util.h"
#include "stp.h"
#include "svec.h"
extern uint64_t mgmt_id;
struct iface {
+ /* These members are always valid. */
struct port *port; /* Containing port. */
size_t port_ifidx; /* Index within containing port. */
-
char *name; /* Host network device name. */
- int dp_ifidx; /* Index within kernel datapath. */
-
- uint8_t mac[ETH_ADDR_LEN]; /* Ethernet address (all zeros if unknowns). */
-
tag_type tag; /* Tag associated with this interface. */
- bool enabled; /* May be chosen for flows? */
long long delay_expires; /* Time after which 'enabled' may change. */
+
+ /* These members are valid only after bridge_reconfigure() causes them to
+ * be initialized.*/
+ int dp_ifidx; /* Index within kernel datapath. */
+ struct netdev *netdev; /* Network device. */
+ bool enabled; /* May be chosen for flows? */
};
#define BOND_MASK 0xff
struct ofproto *ofproto; /* OpenFlow switch. */
/* Kernel datapath information. */
- struct dpif dpif; /* Kernel datapath. */
+ struct dpif *dpif; /* Datapath. */
struct port_array ifaces; /* Indexed by kernel datapath port number. */
/* Bridge ports. */
static void bridge_flush(struct bridge *);
static void bridge_pick_local_hw_addr(struct bridge *,
uint8_t ea[ETH_ADDR_LEN],
- const char **devname);
+ struct iface **hw_addr_iface);
static uint64_t bridge_pick_datapath_id(struct bridge *,
const uint8_t bridge_ea[ETH_ADDR_LEN],
- const char *devname);
+ struct iface *hw_addr_iface);
+static struct iface *bridge_get_local_iface(struct bridge *);
static uint64_t dpid_from_hash(const void *, size_t nbytes);
static void bridge_unixctl_fdb_show(struct unixctl_conn *, const char *args);
uint16_t dp_ifidx);
static void port_update_bond_compat(struct port *);
static void port_update_vlan_compat(struct port *);
+static void port_update_bonding(struct port *);
static void mirror_create(struct bridge *, const char *name);
static void mirror_destroy(struct mirror *);
for (j = 0; j < port->n_ifaces; j++) {
struct iface *iface = port->ifaces[j];
if (iface->dp_ifidx < 0) {
- VLOG_ERR("%s interface not in dp%u, ignoring",
- iface->name, dpif_id(&br->dpif));
+ VLOG_ERR("%s interface not in datapath %s, ignoring",
+ iface->name, dpif_name(br->dpif));
} else {
if (iface->dp_ifidx != ODPP_LOCAL) {
svec_add(svec, iface->name);
void
bridge_init(void)
{
- int retval;
- int i;
-
- bond_init();
+ struct svec dpif_names;
+ size_t i;
unixctl_command_register("fdb/show", bridge_unixctl_fdb_show);
- for (i = 0; i < DP_MAX; i++) {
- struct dpif dpif;
- char devname[16];
+ svec_init(&dpif_names);
+ dp_enumerate(&dpif_names);
+ for (i = 0; i < dpif_names.n; i++) {
+ const char *dpif_name = dpif_names.names[i];
+ struct dpif *dpif;
+ int retval;
- sprintf(devname, "dp%d", i);
- retval = dpif_open(devname, &dpif);
+ retval = dpif_open(dpif_name, &dpif);
if (!retval) {
- char dpif_name[IF_NAMESIZE];
- if (dpif_get_name(&dpif, dpif_name, sizeof dpif_name)
- || !cfg_has("bridge.%s.port", dpif_name)) {
- dpif_delete(&dpif);
+ struct svec all_names;
+ size_t j;
+
+ svec_init(&all_names);
+ dpif_get_all_names(dpif, &all_names);
+ for (j = 0; j < all_names.n; j++) {
+ if (cfg_has("bridge.%s.port", all_names.names[j])) {
+ goto found;
+ }
}
- dpif_close(&dpif);
- } else if (retval != ENODEV) {
- VLOG_ERR("failed to delete datapath dp%d: %s",
- i, strerror(retval));
+ dpif_delete(dpif);
+ found:
+ svec_destroy(&all_names);
+ dpif_close(dpif);
}
}
+ svec_destroy(&dpif_names);
unixctl_command_register("bridge/dump-flows", bridge_unixctl_dump_flows);
+ bond_init();
bridge_reconfigure();
}
* the old certificate will still be trusted until vSwitch is
* restarted. We may want to address this in vconn's SSL library. */
if (config_string_change("ssl.ca-cert", &cacert_file)
- || (stat(cacert_file, &s) && errno == ENOENT)) {
+ || (cacert_file && stat(cacert_file, &s) && errno == ENOENT)) {
vconn_ssl_set_ca_cert_file(cacert_file,
cfg_get_bool(0, "ssl.bootstrap-ca-cert"));
}
}
#endif
+/* iterate_and_prune_ifaces() callback function that opens the network device
+ * for 'iface', if it is not already open, and retrieves the interface's MAC
+ * address and carrier status. */
+static bool
+init_iface_netdev(struct bridge *br UNUSED, struct iface *iface,
+ void *aux UNUSED)
+{
+ if (iface->netdev) {
+ return true;
+ } else if (!netdev_open(iface->name, NETDEV_ETH_TYPE_NONE,
+ &iface->netdev)) {
+ netdev_get_carrier(iface->netdev, &iface->enabled);
+ return true;
+ } else {
+ /* If the network device can't be opened, then we're not going to try
+ * to do anything with this interface. */
+ return false;
+ }
+}
+
+static bool
+check_iface_dp_ifidx(struct bridge *br, struct iface *iface, void *aux UNUSED)
+{
+ if (iface->dp_ifidx >= 0) {
+ VLOG_DBG("%s has interface %s on port %d",
+ dpif_name(br->dpif),
+ iface->name, iface->dp_ifidx);
+ return true;
+ } else {
+ VLOG_ERR("%s interface not in %s, dropping",
+ iface->name, dpif_name(br->dpif));
+ return false;
+ }
+}
+
+static bool
+set_iface_properties(struct bridge *br UNUSED, struct iface *iface,
+ void *aux UNUSED)
+{
+ int rate, burst;
+
+ /* Set policing attributes. */
+ rate = cfg_get_int(0, "port.%s.ingress.policing-rate", iface->name);
+ burst = cfg_get_int(0, "port.%s.ingress.policing-burst", iface->name);
+ netdev_set_policing(iface->netdev, rate, burst);
+
+ /* Set MAC address of internal interfaces other than the local
+ * interface. */
+ if (iface->dp_ifidx != ODPP_LOCAL
+ && iface_is_internal(br, iface->name)) {
+ iface_set_mac(iface);
+ }
+
+ return true;
+}
+
+/* Calls 'cb' for each interfaces in 'br', passing along the 'aux' argument.
+ * Deletes from 'br' all the interfaces for which 'cb' returns false, and then
+ * deletes from 'br' any ports that no longer have any interfaces. */
+static void
+iterate_and_prune_ifaces(struct bridge *br,
+ bool (*cb)(struct bridge *, struct iface *,
+ void *aux),
+ void *aux)
+{
+ size_t i, j;
+
+ for (i = 0; i < br->n_ports; ) {
+ struct port *port = br->ports[i];
+ for (j = 0; j < port->n_ifaces; ) {
+ struct iface *iface = port->ifaces[j];
+ if (cb(br, iface, aux)) {
+ j++;
+ } else {
+ iface_destroy(iface);
+ }
+ }
+
+ if (port->n_ifaces) {
+ i++;
+ } else {
+ VLOG_ERR("%s port has no interfaces, dropping", port->name);
+ port_destroy(port);
+ }
+ }
+}
+
void
bridge_reconfigure(void)
{
- struct svec old_br, new_br, raw_new_br;
+ struct svec old_br, new_br;
struct bridge *br, *next;
- size_t i, j;
+ size_t i;
COVERAGE_INC(bridge_reconfigure);
- /* Collect old bridges. */
+ /* Collect old and new bridges. */
svec_init(&old_br);
+ svec_init(&new_br);
LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
svec_add(&old_br, br->name);
}
-
- /* Collect new bridges. */
- svec_init(&raw_new_br);
- cfg_get_subsections(&raw_new_br, "bridge");
- svec_init(&new_br);
- for (i = 0; i < raw_new_br.n; i++) {
- const char *name = raw_new_br.names[i];
- if ((!strncmp(name, "dp", 2) && isdigit(name[2])) ||
- (!strncmp(name, "nl:", 3) && isdigit(name[3]))) {
- VLOG_ERR("%s is not a valid bridge name (bridges may not be "
- "named \"dp\" or \"nl:\" followed by a digit)", name);
- } else {
- svec_add(&new_br, name);
- }
- }
- svec_destroy(&raw_new_br);
+ cfg_get_subsections(&new_br, "bridge");
/* Get rid of deleted bridges and add new bridges. */
svec_sort(&old_br);
size_t n_dpif_ports;
struct svec want_ifaces;
- dpif_port_list(&br->dpif, &dpif_ports, &n_dpif_ports);
+ dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports);
bridge_get_all_ifaces(br, &want_ifaces);
for (i = 0; i < n_dpif_ports; i++) {
const struct odp_port *p = &dpif_ports[i];
if (!svec_contains(&want_ifaces, p->devname)
&& strcmp(p->devname, br->name)) {
- int retval = dpif_port_del(&br->dpif, p->port);
+ int retval = dpif_port_del(br->dpif, p->port);
if (retval) {
- VLOG_ERR("failed to remove %s interface from dp%u: %s",
- p->devname, dpif_id(&br->dpif), strerror(retval));
+ VLOG_ERR("failed to remove %s interface from %s: %s",
+ p->devname, dpif_name(br->dpif),
+ strerror(retval));
}
}
}
struct odp_port *dpif_ports;
size_t n_dpif_ports;
struct svec cur_ifaces, want_ifaces, add_ifaces;
- int next_port_no;
- dpif_port_list(&br->dpif, &dpif_ports, &n_dpif_ports);
+ dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports);
svec_init(&cur_ifaces);
for (i = 0; i < n_dpif_ports; i++) {
svec_add(&cur_ifaces, dpif_ports[i].devname);
bridge_get_all_ifaces(br, &want_ifaces);
svec_diff(&want_ifaces, &cur_ifaces, &add_ifaces, NULL, NULL);
- next_port_no = 1;
for (i = 0; i < add_ifaces.n; i++) {
const char *if_name = add_ifaces.names[i];
- for (;;) {
- bool internal;
- int error;
-
- /* Add to datapath. */
- internal = iface_is_internal(br, if_name);
- error = dpif_port_add(&br->dpif, if_name, next_port_no++,
- internal ? ODP_PORT_INTERNAL : 0);
- if (error != EEXIST) {
- if (next_port_no >= 256) {
- VLOG_ERR("ran out of valid port numbers on dp%u",
- dpif_id(&br->dpif));
- goto out;
- }
- if (error) {
- VLOG_ERR("failed to add %s interface to dp%u: %s",
- if_name, dpif_id(&br->dpif), strerror(error));
- }
- break;
- }
+ bool internal;
+ int error;
+
+ /* Add to datapath. */
+ internal = iface_is_internal(br, if_name);
+ error = dpif_port_add(br->dpif, if_name,
+ internal ? ODP_PORT_INTERNAL : 0, NULL);
+ if (error == EFBIG) {
+ VLOG_ERR("ran out of valid port numbers on %s",
+ dpif_name(br->dpif));
+ break;
+ } else if (error) {
+ VLOG_ERR("failed to add %s interface to %s: %s",
+ if_name, dpif_name(br->dpif), strerror(error));
}
}
- out:
svec_destroy(&cur_ifaces);
svec_destroy(&want_ifaces);
svec_destroy(&add_ifaces);
LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
uint8_t ea[8];
uint64_t dpid;
- struct iface *local_iface = NULL;
- const char *devname;
+ struct iface *local_iface;
+ struct iface *hw_addr_iface;
struct netflow_options nf_options;
bridge_fetch_dp_ifaces(br);
- for (i = 0; i < br->n_ports; ) {
- struct port *port = br->ports[i];
+ iterate_and_prune_ifaces(br, init_iface_netdev, NULL);
- for (j = 0; j < port->n_ifaces; ) {
- struct iface *iface = port->ifaces[j];
- if (iface->dp_ifidx < 0) {
- VLOG_ERR("%s interface not in dp%u, dropping",
- iface->name, dpif_id(&br->dpif));
- iface_destroy(iface);
- } else {
- if (iface->dp_ifidx == ODPP_LOCAL) {
- local_iface = iface;
- }
- VLOG_DBG("dp%u has interface %s on port %d",
- dpif_id(&br->dpif), iface->name, iface->dp_ifidx);
- j++;
- }
- }
- if (!port->n_ifaces) {
- VLOG_ERR("%s port has no interfaces, dropping", port->name);
- port_destroy(port);
- continue;
- }
- i++;
- }
+ iterate_and_prune_ifaces(br, check_iface_dp_ifidx, NULL);
/* Pick local port hardware address, datapath ID. */
- bridge_pick_local_hw_addr(br, ea, &devname);
+ bridge_pick_local_hw_addr(br, ea, &hw_addr_iface);
+ local_iface = bridge_get_local_iface(br);
if (local_iface) {
- int error = netdev_nodev_set_etheraddr(local_iface->name, ea);
+ int error = netdev_set_etheraddr(local_iface->netdev, ea);
if (error) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
VLOG_ERR_RL(&rl, "bridge %s: failed to set bridge "
}
}
- dpid = bridge_pick_datapath_id(br, ea, devname);
+ dpid = bridge_pick_datapath_id(br, ea, hw_addr_iface);
ofproto_set_datapath_id(br->ofproto, dpid);
/* Set NetFlow configuration on this bridge. */
memset(&nf_options, 0, sizeof nf_options);
- nf_options.engine_type = br->dpif.minor;
- nf_options.engine_id = br->dpif.minor;
+ dpif_get_netflow_ids(br->dpif, &nf_options.engine_type,
+ &nf_options.engine_id);
nf_options.active_timeout = -1;
if (cfg_has("netflow.%s.engine-type", br->name)) {
struct port *port = br->ports[i];
port_update_vlan_compat(port);
-
- for (j = 0; j < port->n_ifaces; j++) {
- struct iface *iface = port->ifaces[j];
- if (iface->dp_ifidx != ODPP_LOCAL
- && iface_is_internal(br, iface->name)) {
- iface_set_mac(iface);
- }
- }
+ port_update_bonding(port);
}
}
LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
brstp_reconfigure(br);
+ iterate_and_prune_ifaces(br, set_iface_properties, NULL);
}
}
static void
bridge_pick_local_hw_addr(struct bridge *br, uint8_t ea[ETH_ADDR_LEN],
- const char **devname)
+ struct iface **hw_addr_iface)
{
uint64_t requested_ea;
size_t i, j;
int error;
- *devname = NULL;
+ *hw_addr_iface = NULL;
/* Did the user request a particular MAC? */
requested_ea = cfg_get_mac(0, "bridge.%s.mac", br->name);
for (j = 0; j < port->n_ifaces; j++) {
struct iface *candidate = port->ifaces[j];
uint8_t candidate_ea[ETH_ADDR_LEN];
- if (!netdev_nodev_get_etheraddr(candidate->name, candidate_ea)
+ if (!netdev_get_etheraddr(candidate->netdev, candidate_ea)
&& eth_addr_equals(iface_ea, candidate_ea)) {
iface = candidate;
}
}
/* Grab MAC. */
- error = netdev_nodev_get_etheraddr(iface->name, iface_ea);
+ error = netdev_get_etheraddr(iface->netdev, iface_ea);
if (error) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
VLOG_ERR_RL(&rl, "failed to obtain Ethernet address of %s: %s",
memcmp(iface_ea, ea, ETH_ADDR_LEN) < 0)
{
memcpy(ea, iface_ea, ETH_ADDR_LEN);
- *devname = iface ? iface->name : NULL;
+ *hw_addr_iface = iface;
}
}
if (eth_addr_is_multicast(ea) || eth_addr_is_vif(ea)) {
memcpy(ea, br->default_ea, ETH_ADDR_LEN);
- *devname = NULL;
+ *hw_addr_iface = NULL;
VLOG_WARN("bridge %s: using default bridge Ethernet "
"address "ETH_ADDR_FMT, br->name, ETH_ADDR_ARGS(ea));
} else {
/* Choose and returns the datapath ID for bridge 'br' given that the bridge
* Ethernet address is 'bridge_ea'. If 'bridge_ea' is the Ethernet address of
- * a network device, then that network device's name must be passed in as
- * 'devname'; if 'bridge_ea' was derived some other way, then 'devname' must be
- * passed in as a null pointer. */
+ * an interface on 'br', then that interface must be passed in as
+ * 'hw_addr_iface'; if 'bridge_ea' was derived some other way, then
+ * 'hw_addr_iface' must be passed in as a null pointer. */
static uint64_t
bridge_pick_datapath_id(struct bridge *br,
const uint8_t bridge_ea[ETH_ADDR_LEN],
- const char *devname)
+ struct iface *hw_addr_iface)
{
/*
* The procedure for choosing a bridge MAC address will, in the most
return dpid;
}
- if (devname) {
+ if (hw_addr_iface) {
int vlan;
- if (!netdev_get_vlan_vid(devname, &vlan)) {
+ if (!netdev_get_vlan_vid(hw_addr_iface->netdev, &vlan)) {
/*
* A bridge whose MAC address is taken from a VLAN network device
* (that is, a network device created with vconfig(8) or similar
br->flush = true;
mac_learning_flush(br->ml);
}
+
+/* Returns the 'br' interface for the ODPP_LOCAL port, or null if 'br' has no
+ * such interface. */
+static struct iface *
+bridge_get_local_iface(struct bridge *br)
+{
+ size_t i, j;
+
+ for (i = 0; i < br->n_ports; i++) {
+ struct port *port = br->ports[i];
+ for (j = 0; j < port->n_ifaces; j++) {
+ struct iface *iface = port->ifaces[j];
+ if (iface->dp_ifidx == ODPP_LOCAL) {
+ return iface;
+ }
+ }
+ }
+
+ return NULL;
+}
\f
/* Bridge unixctl user interface functions. */
static void
br = xcalloc(1, sizeof *br);
error = dpif_create(name, &br->dpif);
- if (error == EEXIST) {
+ if (error == EEXIST || error == EBUSY) {
error = dpif_open(name, &br->dpif);
if (error) {
VLOG_ERR("datapath %s already exists but cannot be opened: %s",
free(br);
return NULL;
}
- dpif_flow_flush(&br->dpif);
+ dpif_flow_flush(br->dpif);
} else if (error) {
VLOG_ERR("failed to create datapath %s: %s", name, strerror(error));
free(br);
error = ofproto_create(name, &bridge_ofhooks, br, &br->ofproto);
if (error) {
VLOG_ERR("failed to create switch %s: %s", name, strerror(error));
- dpif_delete(&br->dpif);
- dpif_close(&br->dpif);
+ dpif_delete(br->dpif);
+ dpif_close(br->dpif);
free(br);
return NULL;
}
list_push_back(&all_bridges, &br->node);
- VLOG_INFO("created bridge %s on dp%u", br->name, dpif_id(&br->dpif));
+ VLOG_INFO("created bridge %s on %s", br->name, dpif_name(br->dpif));
return br;
}
port_destroy(br->ports[br->n_ports - 1]);
}
list_remove(&br->node);
- error = dpif_delete(&br->dpif);
+ error = dpif_delete(br->dpif);
if (error && error != ENOENT) {
- VLOG_ERR("failed to delete dp%u: %s",
- dpif_id(&br->dpif), strerror(error));
+ VLOG_ERR("failed to delete %s: %s",
+ dpif_name(br->dpif), strerror(error));
}
- dpif_close(&br->dpif);
+ dpif_close(br->dpif);
ofproto_destroy(br->ofproto);
free(br->controller);
mac_learning_destroy(br->ml);
return controller && controller[0] ? controller : NULL;
}
+static bool
+check_duplicate_ifaces(struct bridge *br, struct iface *iface, void *ifaces_)
+{
+ struct svec *ifaces = ifaces_;
+ if (!svec_contains(ifaces, iface->name)) {
+ svec_add(ifaces, iface->name);
+ svec_sort(ifaces);
+ return true;
+ } else {
+ VLOG_ERR("bridge %s: %s interface is on multiple ports, "
+ "removing from %s",
+ br->name, iface->name, iface->port->name);
+ return false;
+ }
+}
+
static void
bridge_reconfigure_one(struct bridge *br)
{
struct svec old_ports, new_ports, ifaces;
struct svec listeners, old_listeners;
struct svec snoops, old_snoops;
- size_t i, j;
+ size_t i;
/* Collect old ports. */
svec_init(&old_ports);
svec_init(&new_ports);
cfg_get_all_keys(&new_ports, "bridge.%s.port", br->name);
svec_sort(&new_ports);
- if (bridge_get_controller(br) && !svec_contains(&new_ports, br->name)) {
- svec_add(&new_ports, br->name);
- svec_sort(&new_ports);
+ if (bridge_get_controller(br)) {
+ char local_name[IF_NAMESIZE];
+ int error;
+
+ error = dpif_port_get_name(br->dpif, ODPP_LOCAL,
+ local_name, sizeof local_name);
+ if (!error && !svec_contains(&new_ports, local_name)) {
+ svec_add(&new_ports, local_name);
+ svec_sort(&new_ports);
+ }
}
if (!svec_is_unique(&new_ports)) {
VLOG_WARN("bridge %s: %s specified twice as bridge port",
/* Check and delete duplicate interfaces. */
svec_init(&ifaces);
- for (i = 0; i < br->n_ports; ) {
- struct port *port = br->ports[i];
- for (j = 0; j < port->n_ifaces; ) {
- struct iface *iface = port->ifaces[j];
- if (svec_contains(&ifaces, iface->name)) {
- VLOG_ERR("bridge %s: %s interface is on multiple ports, "
- "removing from %s",
- br->name, iface->name, port->name);
- iface_destroy(iface);
- } else {
- svec_add(&ifaces, iface->name);
- svec_sort(&ifaces);
- j++;
- }
- }
- if (!port->n_ifaces) {
- VLOG_ERR("%s port has no interfaces, dropping", port->name);
- port_destroy(port);
- } else {
- i++;
- }
- }
+ iterate_and_prune_ifaces(br, check_duplicate_ifaces, &ifaces);
svec_destroy(&ifaces);
/* Delete all flows if we're switching from connected to standalone or vice
cfg_get_string(0, "%s.accept-regex", pfx),
update_resolv_conf);
} else {
- struct netdev *netdev;
+ struct iface *local_iface;
bool in_band;
- int error;
in_band = (!cfg_is_valid(CFG_BOOL | CFG_REQUIRED,
"%s.in-band", pfx)
ofproto_set_discovery(br->ofproto, false, NULL, NULL);
ofproto_set_in_band(br->ofproto, in_band);
- error = netdev_open(br->name, NETDEV_ETH_TYPE_NONE, &netdev);
- if (!error) {
- if (cfg_is_valid(CFG_IP | CFG_REQUIRED, "%s.ip", pfx)) {
- struct in_addr ip, mask, gateway;
- ip.s_addr = cfg_get_ip(0, "%s.ip", pfx);
- mask.s_addr = cfg_get_ip(0, "%s.netmask", pfx);
- gateway.s_addr = cfg_get_ip(0, "%s.gateway", pfx);
-
- netdev_turn_flags_on(netdev, NETDEV_UP, true);
- if (!mask.s_addr) {
- mask.s_addr = guess_netmask(ip.s_addr);
- }
- if (!netdev_set_in4(netdev, ip, mask)) {
- VLOG_INFO("bridge %s: configured IP address "IP_FMT", "
- "netmask "IP_FMT,
- br->name, IP_ARGS(&ip.s_addr),
- IP_ARGS(&mask.s_addr));
- }
+ local_iface = bridge_get_local_iface(br);
+ if (local_iface
+ && cfg_is_valid(CFG_IP | CFG_REQUIRED, "%s.ip", pfx)) {
+ struct netdev *netdev = local_iface->netdev;
+ struct in_addr ip, mask, gateway;
+ ip.s_addr = cfg_get_ip(0, "%s.ip", pfx);
+ mask.s_addr = cfg_get_ip(0, "%s.netmask", pfx);
+ gateway.s_addr = cfg_get_ip(0, "%s.gateway", pfx);
+
+ netdev_turn_flags_on(netdev, NETDEV_UP, true);
+ if (!mask.s_addr) {
+ mask.s_addr = guess_netmask(ip.s_addr);
+ }
+ if (!netdev_set_in4(netdev, ip, mask)) {
+ VLOG_INFO("bridge %s: configured IP address "IP_FMT", "
+ "netmask "IP_FMT,
+ br->name, IP_ARGS(&ip.s_addr),
+ IP_ARGS(&mask.s_addr));
+ }
- if (gateway.s_addr) {
- if (!netdev_add_router(gateway)) {
- VLOG_INFO("bridge %s: configured gateway "IP_FMT,
- br->name, IP_ARGS(&gateway.s_addr));
- }
+ if (gateway.s_addr) {
+ if (!netdev_add_router(netdev, gateway)) {
+ VLOG_INFO("bridge %s: configured gateway "IP_FMT,
+ br->name, IP_ARGS(&gateway.s_addr));
}
}
- netdev_close(netdev);
}
}
}
port_array_clear(&br->ifaces);
- dpif_port_list(&br->dpif, &dpif_ports, &n_dpif_ports);
+ dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports);
for (i = 0; i < n_dpif_ports; i++) {
struct odp_port *p = &dpif_ports[i];
struct iface *iface = iface_lookup(br, p->devname);
if (iface) {
if (iface->dp_ifidx >= 0) {
- VLOG_WARN("dp%u reported interface %s twice",
- dpif_id(&br->dpif), p->devname);
+ VLOG_WARN("%s reported interface %s twice",
+ dpif_name(br->dpif), p->devname);
} else if (iface_from_dp_ifidx(br, p->port)) {
- VLOG_WARN("dp%u reported interface %"PRIu16" twice",
- dpif_id(&br->dpif), p->port);
+ VLOG_WARN("%s reported interface %"PRIu16" twice",
+ dpif_name(br->dpif), p->port);
} else {
port_array_set(&br->ifaces, p->port, iface);
iface->dp_ifidx = p->port;
}
}
+ /* Returns the effective vlan of a packet, taking into account both the
+ * 802.1Q header and implicitly tagged ports. A value of 0 indicates that
+ * the packet is untagged and -1 indicates it has an invalid header and
+ * should be dropped. */
+ static int flow_get_vlan(struct bridge *br, const flow_t *flow,
+ struct port *in_port, bool have_packet)
+ {
+ /* Note that dl_vlan of 0 and of OFP_VLAN_NONE both mean that the packet
+ * belongs to VLAN 0, so we should treat both cases identically. (In the
+ * former case, the packet has an 802.1Q header that specifies VLAN 0,
+ * presumably to allow a priority to be specified. In the latter case, the
+ * packet does not have any 802.1Q header.) */
+ int vlan = ntohs(flow->dl_vlan);
+ if (vlan == OFP_VLAN_NONE) {
+ vlan = 0;
+ }
+ if (in_port->vlan >= 0) {
+ if (vlan) {
+ /* XXX support double tagging? */
+ if (have_packet) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+ VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %"PRIu16" tagged "
+ "packet received on port %s configured with "
+ "implicit VLAN %"PRIu16,
+ br->name, ntohs(flow->dl_vlan),
+ in_port->name, in_port->vlan);
+ }
+ return -1;
+ }
+ vlan = in_port->vlan;
+ } else {
+ if (!port_includes_vlan(in_port, vlan)) {
+ if (have_packet) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+ VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
+ "packet received on port %s not configured for "
+ "trunking VLAN %d",
+ br->name, vlan, in_port->name, vlan);
+ }
+ return -1;
+ }
+ }
+
+ return vlan;
+ }
+
+ static void
+ update_learning_table(struct bridge *br, const flow_t *flow, int vlan,
+ struct port *in_port)
+ {
+ tag_type rev_tag = mac_learning_learn(br->ml, flow->dl_src,
+ vlan, in_port->port_idx);
+ if (rev_tag) {
+ /* The log messages here could actually be useful in debugging,
+ * so keep the rate limit relatively high. */
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30,
+ 300);
+ VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is "
+ "on port %s in VLAN %d",
+ br->name, ETH_ADDR_ARGS(flow->dl_src),
+ in_port->name, vlan);
+ ofproto_revalidate(br->ofproto, rev_tag);
+ }
+ }
+
static bool
is_bcast_arp_reply(const flow_t *flow)
{
return true;
}
in_port = in_iface->port;
-
- /* Figure out what VLAN this packet belongs to.
- *
- * Note that dl_vlan of 0 and of OFP_VLAN_NONE both mean that the packet
- * belongs to VLAN 0, so we should treat both cases identically. (In the
- * former case, the packet has an 802.1Q header that specifies VLAN 0,
- * presumably to allow a priority to be specified. In the latter case, the
- * packet does not have any 802.1Q header.) */
- vlan = ntohs(flow->dl_vlan);
- if (vlan == OFP_VLAN_NONE) {
- vlan = 0;
- }
- if (in_port->vlan >= 0) {
- if (vlan) {
- /* XXX support double tagging? */
- if (packet != NULL) {
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
- VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %"PRIu16" tagged "
- "packet received on port %s configured with "
- "implicit VLAN %"PRIu16,
- br->name, ntohs(flow->dl_vlan),
- in_port->name, in_port->vlan);
- }
- goto done;
- }
- vlan = in_port->vlan;
- } else {
- if (!port_includes_vlan(in_port, vlan)) {
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
- VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
- "packet received on port %s not configured for "
- "trunking VLAN %d",
- br->name, vlan, in_port->name, vlan);
- goto done;
- }
+ vlan = flow_get_vlan(br, flow, in_port, !!packet);
+ if (vlan < 0) {
+ goto done;
}
/* Drop frames for ports that STP wants entirely killed (both for
out_port = FLOOD_PORT;
/* Learn source MAC (but don't try to learn from revalidation). */
if (packet) {
- tag_type rev_tag = mac_learning_learn(br->ml, flow->dl_src,
- vlan, in_port->port_idx);
- if (rev_tag) {
- /* The log messages here could actually be useful in debugging,
- * so keep the rate limit relatively high. */
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30,
- 300);
- VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is "
- "on port %s in VLAN %d",
- br->name, ETH_ADDR_ARGS(flow->dl_src),
- in_port->name, vlan);
- ofproto_revalidate(br->ofproto, rev_tag);
- }
+ update_learning_table(br, flow, vlan, in_port);
}
/* Determine output port. */
tags);
if (out_port_idx >= 0 && out_port_idx < br->n_ports) {
out_port = br->ports[out_port_idx];
- } else if (!packet) {
+ } else if (!packet && !eth_addr_is_multicast(flow->dl_dst)) {
/* If we are revalidating but don't have a learning entry then
- * eject the flow. Installing a flow that floods packets will
- * prevent us from seeing future packets and learning properly. */
+ * eject the flow. Installing a flow that floods packets opens
+ * up a window of time where we could learn from a packet reflected
+ * on a bond and blackhole packets before the learning table is
+ * updated to reflect the correct port. */
return false;
}
bridge_flush(br);
} else {
- memcpy(iface->mac, opp->hw_addr, ETH_ADDR_LEN);
if (port->n_ifaces > 1) {
bool up = !(opp->state & OFPPS_LINK_DOWN);
bond_link_status_update(iface, up);
void *br_)
{
struct bridge *br = br_;
+ struct port *in_port;
const union odp_action *a;
+ /* Feed information from the active flows back into the learning table
+ * to ensure that table is always in sync with what is actually flowing
+ * through the datapath. */
+ in_port = port_from_dp_ifidx(br, flow->in_port);
+ if (in_port) {
+ int vlan = flow_get_vlan(br, flow, in_port, false);
+ if (vlan >= 0) {
+ update_learning_table(br, flow, vlan, in_port);
+ }
+ }
+
if (!br->has_bonded_ports) {
return;
}
for (a = actions; a < &actions[n_actions]; a++) {
if (a->type == ODPAT_OUTPUT) {
- struct port *port = port_from_dp_ifidx(br, a->output.port);
- if (port && port->n_ifaces >= 2) {
- struct bond_entry *e = lookup_bond_entry(port, flow->dl_src);
+ struct port *out_port = port_from_dp_ifidx(br, a->output.port);
+ if (out_port && out_port->n_ifaces >= 2) {
+ struct bond_entry *e = lookup_bond_entry(out_port,
+ flow->dl_src);
e->tx_bytes += n_bytes;
}
}
enable_slave(conn, args, false);
}
+static void
+bond_unixctl_hash(struct unixctl_conn *conn, const char *args)
+{
+ uint8_t mac[ETH_ADDR_LEN];
+ uint8_t hash;
+ char *hash_cstr;
+
+ if (sscanf(args, ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))
+ == ETH_ADDR_SCAN_COUNT) {
+ hash = bond_hash(mac);
+
+ hash_cstr = xasprintf("%u", hash);
+ unixctl_command_reply(conn, 200, hash_cstr);
+ free(hash_cstr);
+ } else {
+ unixctl_command_reply(conn, 501, "invalid mac");
+ }
+}
+
static void
bond_init(void)
{
bond_unixctl_set_active_slave);
unixctl_command_register("bond/enable-slave", bond_unixctl_enable_slave);
unixctl_command_register("bond/disable-slave", bond_unixctl_disable_slave);
+ unixctl_command_register("bond/hash", bond_unixctl_hash);
}
\f
/* Port functions. */
if (slave->up) {
bond.up = true;
}
- memcpy(slave->mac, iface->mac, ETH_ADDR_LEN);
+ netdev_get_etheraddr(iface->netdev, slave->mac);
}
if (cfg_get_bool(0, "bonding.%s.fake-iface", port->name)) {
&& p->n_ifaces
&& (!vlandev_name || strcmp(p->name, vlandev_name) <= 0))
{
- const uint8_t *ea = p->ifaces[0]->mac;
+ uint8_t ea[ETH_ADDR_LEN];
+ netdev_get_etheraddr(p->ifaces[0]->netdev, ea);
if (!eth_addr_is_multicast(ea) &&
!eth_addr_is_reserved(ea) &&
!eth_addr_is_zero(ea)) {
iface->dp_ifidx = -1;
iface->tag = tag_create_random();
iface->delay_expires = LLONG_MAX;
-
- if (!cfg_get_bool(0, "iface.%s.internal", iface->name)) {
- netdev_nodev_get_etheraddr(name, iface->mac);
- netdev_nodev_get_carrier(name, &iface->enabled);
- } else {
- /* Internal interfaces are created later by the call to dpif_port_add()
- * in bridge_reconfigure(). Until then, we can't obtain any
- * information about them. (There's no real value in doing so, anyway,
- * because the 'mac' and 'enabled' values are only used for interfaces
- * that are bond slaves, and it doesn't normally make sense to bond an
- * internal interface.) */
- }
+ iface->netdev = NULL;
if (port->n_ifaces >= port->allocated_ifaces) {
port->ifaces = x2nrealloc(port->ifaces, &port->allocated_ifaces,
VLOG_DBG("attached network device %s to port %s", iface->name, port->name);
- port_update_bonding(port);
bridge_flush(port->bridge);
}
del = port->ifaces[iface->port_ifidx] = port->ifaces[--port->n_ifaces];
del->port_ifidx = iface->port_ifidx;
+ netdev_close(iface->netdev);
free(iface->name);
free(iface);
bond_send_learning_packets(port);
}
- port_update_bonding(port);
bridge_flush(port->bridge);
}
}
VLOG_ERR("ignoring iface.%s.mac; use bridge.%s.mac instead",
iface->name, iface->name);
} else {
- int error = netdev_nodev_set_etheraddr(iface->name, ea);
+ int error = netdev_set_etheraddr(iface->netdev, ea);
if (error) {
VLOG_ERR("interface %s: setting MAC failed (%s)",
iface->name, strerror(error));
int vlan = cfg_get_vlan(i, "vlan.%s.disable-learning", br->name);
if (vlan >= 0) {
bitmap_set1(rspan_vlans, vlan);
+ VLOG_INFO("bridge %s: disabling learning on vlan %d\n",
+ br->name, vlan);
} else {
VLOG_ERR("bridge %s: invalid value '%s' for learning disabled "
"VLAN", br->name,
if (!iface) {
VLOG_WARN_RL(&rl, "%s: cannot send BPDU on unknown port %d",
br->name, port_no);
- } else if (eth_addr_is_zero(iface->mac)) {
- VLOG_WARN_RL(&rl, "%s: cannot send BPDU on port %d with unknown MAC",
- br->name, port_no);
} else {
- union ofp_action action;
struct eth_header *eth = pkt->l2;
- flow_t flow;
- memcpy(eth->eth_src, iface->mac, ETH_ADDR_LEN);
+ netdev_get_etheraddr(iface->netdev, eth->eth_src);
+ if (eth_addr_is_zero(eth->eth_src)) {
+ VLOG_WARN_RL(&rl, "%s: cannot send BPDU on port %d "
+ "with unknown MAC", br->name, port_no);
+ } else {
+ union ofp_action action;
+ flow_t flow;
- memset(&action, 0, sizeof action);
- action.type = htons(OFPAT_OUTPUT);
- action.output.len = htons(sizeof action);
- action.output.port = htons(port_no);
+ memset(&action, 0, sizeof action);
+ action.type = htons(OFPAT_OUTPUT);
+ action.output.len = htons(sizeof action);
+ action.output.port = htons(port_no);
- flow_extract(pkt, ODPP_NONE, &flow);
- ofproto_send_packet(br->ofproto, &flow, &action, 1, pkt);
+ flow_extract(pkt, ODPP_NONE, &flow);
+ ofproto_send_packet(br->ofproto, &flow, &action, 1, pkt);
+ }
}
ofpbuf_delete(pkt);
}
git://git.onelab.eu / sliver-openvswitch.git / commitdiff