]> git.proxmox.com Git - mirror_ovs.git/blame - ofproto/ofproto-dpif-ipfix.c
projects / mirror_ovs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'dpdk_merge' of https://github.com/istokes/ovs into HEAD
[mirror_ovs.git] / ofproto / ofproto-dpif-ipfix.c
CommitLineData
29089a54 1/*
642c824b 2 * Copyright (c) 2012, 2013, 2014, 2015, 2016, 2017 Nicira, Inc.
29089a54
RL		 3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <config.h>
18#include "ofproto-dpif-ipfix.h"
978427a5 19#include <sys/time.h>
29089a54
RL		 20#include "byte-order.h"
21#include "collectors.h"
22#include "flow.h"
23#include "hash.h"
ee89ea7b 24#include "openvswitch/hmap.h"
f4248336 25#include "netdev.h"
b19bab5b 26#include "openvswitch/list.h"
64c96779 27#include "openvswitch/ofpbuf.h"
29089a54 28#include "ofproto.h"
8b7ea2d4 29#include "ofproto-dpif.h"
cf62fa4c 30#include "dp-packet.h"
29089a54 31#include "packets.h"
fd016ae3 32#include "openvswitch/poll-loop.h"
29089a54
RL		 33#include "sset.h"
34#include "util.h"
35#include "timeval.h"
e6211adc 36#include "openvswitch/vlog.h"
29089a54
RL		 37
38VLOG_DEFINE_THIS_MODULE(ipfix);
39
40static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
626ace7b 41static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER;
29089a54 42
d564c4bb
PS		 43/* This variable represents a number of exporters that have been created
44 * throughout OvS lifecycle. It's used to identify Exporting Process. Since
45 * it's NOT decreased when exporter is destroyed, it will eventually overflow.
46 * Considering the maximum value it can hold and the fact that Exporting
47 * Process may be re-started with a different ID, this shouldn't be a problem.
48 */
49static uint32_t exporter_total_count;
50
29089a54
RL		 51/* Cf. IETF RFC 5101 Section 10.3.4. */
52#define IPFIX_DEFAULT_COLLECTOR_PORT 4739
53
47946ac5
WZ		 54/* Cf. IETF RFC 5881 Setion 8. */
55#define BFD_CONTROL_DEST_PORT 3784
56#define BFD_ECHO_DEST_PORT 3785
57
fb8f22c1
BY		 58enum ipfix_sampled_packet_type {
59 IPFIX_SAMPLED_PKT_UNKNOWN = 0x00,
60 IPFIX_SAMPLED_PKT_IPV4_OK = 0x01,
61 IPFIX_SAMPLED_PKT_IPV6_OK = 0x02,
62 IPFIX_SAMPLED_PKT_IPV4_ERROR = 0x03,
63 IPFIX_SAMPLED_PKT_IPV6_ERROR = 0x04,
64 IPFIX_SAMPLED_PKT_OTHERS = 0x05
65};
66
8b7ea2d4
WZ		 67/* The standard layer2SegmentId (ID 351) element is included in vDS to send
68 * the VxLAN tunnel's VNI. It is 64-bit long, the most significant byte is
69 * used to indicate the type of tunnel (0x01 = VxLAN, 0x02 = GRE) and the three
70 * least significant bytes hold the value of the layer 2 overlay network
71 * segment identifier: a 24-bit VxLAN tunnel's VNI or a 24-bit GRE tunnel's
99e7b077
PS		 72 * TNI. This is not compatible with STT, as implemented in OVS, as
73 * its tunnel IDs is 64-bit.
8b7ea2d4
WZ		 74 *
75 * Two new enterprise information elements are defined which are similar to
76 * laryerSegmentId but support 64-bit IDs:
77 * tunnelType (ID 891) and tunnelKey (ID 892).
78 *
79 * The enum dpif_ipfix_tunnel_type is to declare the types supported in the
80 * tunnelType element.
81 * The number of ipfix tunnel types includes two reserverd types: 0x04 and 0x06.
82 */
83enum dpif_ipfix_tunnel_type {
84 DPIF_IPFIX_TUNNEL_UNKNOWN = 0x00,
85 DPIF_IPFIX_TUNNEL_VXLAN = 0x01,
86 DPIF_IPFIX_TUNNEL_GRE = 0x02,
87 DPIF_IPFIX_TUNNEL_LISP = 0x03,
4237026e 88 DPIF_IPFIX_TUNNEL_STT = 0x04,
8b7ea2d4
WZ		 89 DPIF_IPFIX_TUNNEL_GENEVE = 0x07,
90 NUM_DPIF_IPFIX_TUNNEL
91};
92
fb8f22c1
BY		 93typedef struct ofputil_ipfix_stats ofproto_ipfix_stats;
94
fe520682 95struct dpif_ipfix_global_stats {
564230b6
PS		 96 uint64_t dropped_packet_total_count;
97 uint64_t dropped_octet_total_count;
fe520682 98 uint64_t packet_total_count;
99 uint64_t octet_total_count;
100 uint64_t octet_total_sum_of_squares;
101 uint64_t layer2_octet_total_count;
0b4f83e2
PS		 102 uint64_t tcp_ack_total_count;
103 uint64_t tcp_fin_total_count;
104 uint64_t tcp_psh_total_count;
105 uint64_t tcp_rst_total_count;
106 uint64_t tcp_syn_total_count;
107 uint64_t tcp_urg_total_count;
ebfe9a21
PS		 108 uint64_t post_mcast_packet_total_count;
109 uint64_t post_mcast_octet_total_count;
110 uint64_t in_ucast_packet_total_count;
111 uint64_t in_mcast_packet_total_count;
112 uint64_t in_bcast_packet_total_count;
113 uint64_t out_ucast_packet_total_count;
114 uint64_t out_bcast_packet_total_count;
fe520682 115};
116
8b7ea2d4
WZ		 117struct dpif_ipfix_port {
118 struct hmap_node hmap_node; /* In struct dpif_ipfix's "tunnel_ports" hmap. */
119 struct ofport *ofport; /* To retrieve port stats. */
120 odp_port_t odp_port;
121 enum dpif_ipfix_tunnel_type tunnel_type;
122 uint8_t tunnel_key_length;
123};
124
29089a54 125struct dpif_ipfix_exporter {
d564c4bb 126 uint32_t exporter_id; /* Exporting Process identifier */
29089a54
RL		 127 struct collectors *collectors;
128 uint32_t seq_number;
129 time_t last_template_set_time;
978427a5 130 struct hmap cache_flow_key_map; /* ipfix_flow_cache_entry. */
ca6ba700 131 struct ovs_list cache_flow_start_timestamp_list; /* ipfix_flow_cache_entry. */
978427a5
RL		 132 uint32_t cache_active_timeout; /* In seconds. */
133 uint32_t cache_max_flows;
c97320eb
WZ		 134 char *virtual_obs_id;
135 uint8_t virtual_obs_len;
fb8f22c1 136
fe520682 137 ofproto_ipfix_stats ofproto_stats;
138 struct dpif_ipfix_global_stats ipfix_global_stats;
29089a54
RL		 139};
140
141struct dpif_ipfix_bridge_exporter {
142 struct dpif_ipfix_exporter exporter;
143 struct ofproto_ipfix_bridge_exporter_options *options;
144 uint32_t probability;
145};
146
147struct dpif_ipfix_flow_exporter {
148 struct dpif_ipfix_exporter exporter;
149 struct ofproto_ipfix_flow_exporter_options *options;
150};
151
152struct dpif_ipfix_flow_exporter_map_node {
153 struct hmap_node node;
154 struct dpif_ipfix_flow_exporter exporter;
155};
156
157struct dpif_ipfix {
158 struct dpif_ipfix_bridge_exporter bridge_exporter;
978427a5 159 struct hmap flow_exporter_map; /* dpif_ipfix_flow_exporter_map_node. */
8b7ea2d4
WZ		 160 struct hmap tunnel_ports; /* Contains "struct dpif_ipfix_port"s.
161 * It makes tunnel port lookups faster in
162 * sampling upcalls. */
37bec3d3 163 struct ovs_refcount ref_cnt;
29089a54
RL		 164};
165
166#define IPFIX_VERSION 0x000a
167
168/* When using UDP, IPFIX Template Records must be re-sent regularly.
169 * The standard default interval is 10 minutes (600 seconds).
170 * Cf. IETF RFC 5101 Section 10.3.6. */
171#define IPFIX_TEMPLATE_INTERVAL 600
172
173/* Cf. IETF RFC 5101 Section 3.1. */
13b6bae6 174OVS_PACKED(
29089a54
RL		 175struct ipfix_header {
176 ovs_be16 version; /* IPFIX_VERSION. */
177 ovs_be16 length; /* Length in bytes including this header. */
178 ovs_be32 export_time; /* Seconds since the epoch. */
179 ovs_be32 seq_number; /* Message sequence number. */
180 ovs_be32 obs_domain_id; /* Observation Domain ID. */
13b6bae6 181});
29089a54
RL		 182BUILD_ASSERT_DECL(sizeof(struct ipfix_header) == 16);
183
184#define IPFIX_SET_ID_TEMPLATE 2
185#define IPFIX_SET_ID_OPTION_TEMPLATE 3
186
d564c4bb
PS		 187enum ipfix_options_template {
188 IPFIX_OPTIONS_TEMPLATE_EXPORTER_STATS = 0,
189 NUM_IPFIX_OPTIONS_TEMPLATE
190};
191
29089a54 192/* Cf. IETF RFC 5101 Section 3.3.2. */
13b6bae6 193OVS_PACKED(
29089a54
RL		 194struct ipfix_set_header {
195 ovs_be16 set_id; /* IPFIX_SET_ID_* or valid template ID for Data Sets. */
196 ovs_be16 length; /* Length of the set in bytes including header. */
13b6bae6 197});
29089a54
RL		 198BUILD_ASSERT_DECL(sizeof(struct ipfix_set_header) == 4);
199
200/* Alternatives for templates at each layer. A template is defined by
201 * a combination of one value for each layer. */
202enum ipfix_proto_l2 {
203 IPFIX_PROTO_L2_ETH = 0, /* No VLAN. */
204 IPFIX_PROTO_L2_VLAN,
205 NUM_IPFIX_PROTO_L2
206};
207enum ipfix_proto_l3 {
208 IPFIX_PROTO_L3_UNKNOWN = 0,
209 IPFIX_PROTO_L3_IPV4,
210 IPFIX_PROTO_L3_IPV6,
211 NUM_IPFIX_PROTO_L3
212};
213enum ipfix_proto_l4 {
214 IPFIX_PROTO_L4_UNKNOWN = 0,
0b4f83e2
PS		 215 IPFIX_PROTO_L4_TCP,
216 IPFIX_PROTO_L4_UDP,
217 IPFIX_PROTO_L4_SCTP,
f51e8ccb 218 IPFIX_PROTO_L4_ICMP,
29089a54
RL		 219 NUM_IPFIX_PROTO_L4
220};
8b7ea2d4
WZ		 221enum ipfix_proto_tunnel {
222 IPFIX_PROTO_NOT_TUNNELED = 0,
223 IPFIX_PROTO_TUNNELED, /* Support gre, lisp and vxlan. */
224 NUM_IPFIX_PROTO_TUNNEL
225};
29089a54
RL		 226
227/* Any Template ID > 255 is usable for Template Records. */
228#define IPFIX_TEMPLATE_ID_MIN 256
229
230/* Cf. IETF RFC 5101 Section 3.4.1. */
13b6bae6 231OVS_PACKED(
29089a54
RL		 232struct ipfix_template_record_header {
233 ovs_be16 template_id;
234 ovs_be16 field_count;
13b6bae6 235});
29089a54
RL		 236BUILD_ASSERT_DECL(sizeof(struct ipfix_template_record_header) == 4);
237
d564c4bb
PS		 238/* Cf. IETF RFC 5101 Section 3.4.2.2. */
239OVS_PACKED(
240struct ipfix_options_template_record_header {
241 ovs_be16 template_id; /* Template ID of Data Set is within 256-65535
242 range. */
243 ovs_be16 field_count; /* Number of all fields in this Options
244 * Template Record, including the Scope
245 * Fields. */
246 ovs_be16 scope_field_count; /* Number of scope fields. The number MUST BE
247 * greater than 0. */
248});
249BUILD_ASSERT_DECL(sizeof(struct ipfix_options_template_record_header) == 6);
250
251
29089a54 252enum ipfix_entity_id {
8b7ea2d4 253/* standard IPFIX elements */
29089a54
RL		 254#define IPFIX_ENTITY(ENUM, ID, SIZE, NAME) IPFIX_ENTITY_ID_##ENUM = ID,
255#include "ofproto/ipfix-entities.def"
8b7ea2d4
WZ		 256/* non-standard IPFIX elements */
257#define IPFIX_SET_ENTERPRISE(v) (((v) | 0x8000))
258#define IPFIX_ENTERPRISE_ENTITY(ENUM, ID, SIZE, NAME, ENTERPRISE) \
259 IPFIX_ENTITY_ID_##ENUM = IPFIX_SET_ENTERPRISE(ID),
260#include "ofproto/ipfix-enterprise-entities.def"
29089a54
RL		 261};
262
263enum ipfix_entity_size {
8b7ea2d4 264/* standard IPFIX elements */
29089a54
RL		 265#define IPFIX_ENTITY(ENUM, ID, SIZE, NAME) IPFIX_ENTITY_SIZE_##ENUM = SIZE,
266#include "ofproto/ipfix-entities.def"
8b7ea2d4
WZ		 267/* non-standard IPFIX elements */
268#define IPFIX_ENTERPRISE_ENTITY(ENUM, ID, SIZE, NAME, ENTERPRISE) \
269 IPFIX_ENTITY_SIZE_##ENUM = SIZE,
270#include "ofproto/ipfix-enterprise-entities.def"
271};
272
273enum ipfix_entity_enterprise {
274/* standard IPFIX elements */
275#define IPFIX_ENTITY(ENUM, ID, SIZE, NAME) IPFIX_ENTITY_ENTERPRISE_##ENUM = 0,
276#include "ofproto/ipfix-entities.def"
277/* non-standard IPFIX elements */
278#define IPFIX_ENTERPRISE_ENTITY(ENUM, ID, SIZE, NAME, ENTERPRISE) \
279 IPFIX_ENTITY_ENTERPRISE_##ENUM = ENTERPRISE,
280#include "ofproto/ipfix-enterprise-entities.def"
29089a54
RL		 281};
282
13b6bae6 283OVS_PACKED(
29089a54
RL		 284struct ipfix_template_field_specifier {
285 ovs_be16 element_id; /* IPFIX_ENTITY_ID_*. */
8b7ea2d4
WZ		 286 ovs_be16 field_length; /* Length of the field's value, in bytes.
287 * For Variable-Length element, it should be 65535.
288 */
289 ovs_be32 enterprise; /* Enterprise number */
13b6bae6 290});
8b7ea2d4
WZ		 291BUILD_ASSERT_DECL(sizeof(struct ipfix_template_field_specifier) == 8);
292
293/* Cf. IETF RFC 5102 Section 5.11.6. */
294enum ipfix_flow_direction {
295 INGRESS_FLOW = 0x00,
296 EGRESS_FLOW = 0x01
297};
29089a54 298
978427a5 299/* Part of data record flow key for common metadata and Ethernet entities. */
13b6bae6 300OVS_PACKED(
978427a5 301struct ipfix_data_record_flow_key_common {
29089a54 302 ovs_be32 observation_point_id; /* OBSERVATION_POINT_ID */
8b7ea2d4 303 uint8_t flow_direction; /* FLOW_DIRECTION */
74ff3298
JR		 304 struct eth_addr source_mac_address; /* SOURCE_MAC_ADDRESS */
305 struct eth_addr destination_mac_address; /* DESTINATION_MAC_ADDRESS */
29089a54 306 ovs_be16 ethernet_type; /* ETHERNET_TYPE */
29089a54 307 uint8_t ethernet_header_length; /* ETHERNET_HEADER_LENGTH */
13b6bae6 308});
8b7ea2d4 309BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_common) == 20);
29089a54 310
978427a5 311/* Part of data record flow key for VLAN entities. */
13b6bae6 312OVS_PACKED(
978427a5 313struct ipfix_data_record_flow_key_vlan {
29089a54
RL		 314 ovs_be16 vlan_id; /* VLAN_ID */
315 ovs_be16 dot1q_vlan_id; /* DOT1Q_VLAN_ID */
316 uint8_t dot1q_priority; /* DOT1Q_PRIORITY */
13b6bae6 317});
978427a5 318BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_vlan) == 5);
29089a54 319
978427a5
RL		 320/* Part of data record flow key for IP entities. */
321/* XXX: Replace IP_TTL with MINIMUM_TTL and MAXIMUM_TTL? */
13b6bae6 322OVS_PACKED(
978427a5 323struct ipfix_data_record_flow_key_ip {
29089a54
RL		 324 uint8_t ip_version; /* IP_VERSION */
325 uint8_t ip_ttl; /* IP_TTL */
326 uint8_t protocol_identifier; /* PROTOCOL_IDENTIFIER */
327 uint8_t ip_diff_serv_code_point; /* IP_DIFF_SERV_CODE_POINT */
328 uint8_t ip_precedence; /* IP_PRECEDENCE */
329 uint8_t ip_class_of_service; /* IP_CLASS_OF_SERVICE */
13b6bae6 330});
978427a5 331BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ip) == 6);
29089a54 332
978427a5 333/* Part of data record flow key for IPv4 entities. */
13b6bae6 334OVS_PACKED(
978427a5 335struct ipfix_data_record_flow_key_ipv4 {
29089a54
RL		 336 ovs_be32 source_ipv4_address; /* SOURCE_IPV4_ADDRESS */
337 ovs_be32 destination_ipv4_address; /* DESTINATION_IPV4_ADDRESS */
13b6bae6 338});
978427a5 339BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ipv4) == 8);
29089a54 340
978427a5 341/* Part of data record flow key for IPv6 entities. */
13b6bae6 342OVS_PACKED(
978427a5 343struct ipfix_data_record_flow_key_ipv6 {
29089a54
RL		 344 uint8_t source_ipv6_address[16]; /* SOURCE_IPV6_ADDRESS */
345 uint8_t destination_ipv6_address[16]; /* DESTINATION_IPV6_ADDRESS */
346 ovs_be32 flow_label_ipv6; /* FLOW_LABEL_IPV6 */
13b6bae6 347});
978427a5 348BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ipv6) == 36);
29089a54 349
f51e8ccb 350/* Part of data record flow key for TCP/UDP/SCTP entities. */
13b6bae6 351OVS_PACKED(
f51e8ccb 352struct ipfix_data_record_flow_key_transport {
29089a54
RL		 353 ovs_be16 source_transport_port; /* SOURCE_TRANSPORT_PORT */
354 ovs_be16 destination_transport_port; /* DESTINATION_TRANSPORT_PORT */
13b6bae6 355});
f51e8ccb
RL		 356BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_transport) == 4);
357
358/* Part of data record flow key for ICMP entities. */
359OVS_PACKED(
360struct ipfix_data_record_flow_key_icmp {
361 uint8_t icmp_type; /* ICMP_TYPE_IPV4 / ICMP_TYPE_IPV6 */
362 uint8_t icmp_code; /* ICMP_CODE_IPV4 / ICMP_CODE_IPV6 */
363});
364BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_icmp) == 2);
978427a5 365
8b7ea2d4
WZ		 366static uint8_t tunnel_protocol[NUM_DPIF_IPFIX_TUNNEL] = {
367 0, /* reserved */
368 IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_VXLAN */
369 IPPROTO_GRE, /* DPIF_IPFIX_TUNNEL_GRE */
370 IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_LISP*/
4237026e 371 IPPROTO_TCP, /* DPIF_IPFIX_TUNNEL_STT*/
8b7ea2d4
WZ		 372 0 , /* reserved */
373 IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_GENEVE*/
374};
375
376OVS_PACKED(
377struct ipfix_data_record_flow_key_tunnel {
378 ovs_be32 tunnel_source_ipv4_address; /* TUNNEL_SOURCE_IPV4_ADDRESS */
379 ovs_be32 tunnel_destination_ipv4_address; /* TUNNEL_DESTINATION_IPV4_ADDRESS */
380 uint8_t tunnel_protocol_identifier; /* TUNNEL_PROTOCOL_IDENTIFIER */
381 ovs_be16 tunnel_source_transport_port; /* TUNNEL_SOURCE_TRANSPORT_PORT */
382 ovs_be16 tunnel_destination_transport_port; /* TUNNEL_DESTINATION_TRANSPORT_PORT */
383 uint8_t tunnel_type; /* TUNNEL_TYPE */
384 uint8_t tunnel_key_length; /* length of TUNNEL_KEY */
385 uint8_t tunnel_key[]; /* data of TUNNEL_KEY */
386});
387BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_tunnel) == 15);
388
978427a5
RL		 389/* Cf. IETF RFC 5102 Section 5.11.3. */
390enum ipfix_flow_end_reason {
391 IDLE_TIMEOUT = 0x01,
392 ACTIVE_TIMEOUT = 0x02,
393 END_OF_FLOW_DETECTED = 0x03,
394 FORCED_END = 0x04,
395 LACK_OF_RESOURCES = 0x05
396};
397
d564c4bb
PS		 398/* Exporting Process Reliability Statistics data record. */
399OVS_PACKED(
400struct ipfix_data_record_exporter_stats {
401 /* Scope Fields */
402 ovs_be32 exporting_process_id; /* EXPORTING_PROCESS_ID */
403
404 /* Fields */
405 ovs_be64 not_sent_packet_total_count; /* NOT_SENT_PACKET_TOTAL_COUNT */
406});
407BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_exporter_stats) == 12);
408
978427a5
RL		 409/* Part of data record for common aggregated elements. */
410OVS_PACKED(
411struct ipfix_data_record_aggregated_common {
412 ovs_be32 flow_start_delta_microseconds; /* FLOW_START_DELTA_MICROSECONDS */
413 ovs_be32 flow_end_delta_microseconds; /* FLOW_END_DELTA_MICROSECONDS */
564230b6
PS		 414 ovs_be64 dropped_packet_delta_count; /* DROPPED_PACKET_DELTA_COUNT */
415 ovs_be64 dropped_packet_total_count; /* DROPPED_PACKET_TOTAL_COUNT */
978427a5 416 ovs_be64 packet_delta_count; /* PACKET_DELTA_COUNT */
0b4f83e2 417 ovs_be64 packet_total_count; /* PACKET_TOTAL_COUNT */
ebfe9a21
PS		 418 /* INGRESS_UNICAST_PACKET_TOTAL_COUNT */
419 ovs_be64 in_ucast_packet_total_count;
420 /* INGRESS_MULTICAST_PACKET_TOTAL_COUNT */
421 ovs_be64 in_mcast_packet_total_count;
422 /* INGRESS_BROADCAST_PACKET_TOTAL_COUNT */
423 ovs_be64 in_bcast_packet_total_count;
424 /* EGRESS_UNICAST_PACKET_TOTAL_COUNT */
425 ovs_be64 out_ucast_packet_total_count;
426 /* EGRESS_BROADCAST_PACKET_TOTAL_COUNT */
427 ovs_be64 out_bcast_packet_total_count;
428 ovs_be64 post_mcast_packet_delta_count; /* POST_MCAST_PACKET_DELTA_COUNT */
429 ovs_be64 post_mcast_packet_total_count; /* POST_MCAST_PACKET_TOTAL_COUNT */
978427a5 430 ovs_be64 layer2_octet_delta_count; /* LAYER2_OCTET_DELTA_COUNT */
0b4f83e2 431 ovs_be64 layer2_octet_total_count; /* LAYER2_OCTET_TOTAL_COUNT */
978427a5
RL		 432 uint8_t flow_end_reason; /* FLOW_END_REASON */
433});
564230b6 434BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_common) == 113);
978427a5
RL		 435
436/* Part of data record for IP aggregated elements. */
437OVS_PACKED(
438struct ipfix_data_record_aggregated_ip {
564230b6
PS		 439 ovs_be64 dropped_octet_delta_count; /* DROPPED_OCTET_DELTA_COUNT */
440 ovs_be64 dropped_octet_total_count; /* DROPPED_OCTET_TOTAL_COUNT */
f51e8ccb 441 ovs_be64 octet_delta_count; /* OCTET_DELTA_COUNT */
fe520682 442 ovs_be64 octet_total_count; /* OCTET_TOTAL_COUNT */
978427a5 443 ovs_be64 octet_delta_sum_of_squares; /* OCTET_DELTA_SUM_OF_SQUARES */
fe520682 444 ovs_be64 octet_total_sum_of_squares; /* OCTET_TOTAL_SUM_OF_SQUARES */
978427a5
RL		 445 ovs_be64 minimum_ip_total_length; /* MINIMUM_IP_TOTAL_LENGTH */
446 ovs_be64 maximum_ip_total_length; /* MAXIMUM_IP_TOTAL_LENGTH */
ebfe9a21
PS		 447 ovs_be64 post_mcast_octet_delta_count; /* POST_MCAST_OCTET_DELTA_COUNT */
448 ovs_be64 post_mcast_octet_total_count; /* POST_MCAST_OCTET_TOTAL_COUNT */
978427a5 449});
564230b6 450BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_ip) == 80);
978427a5 451
0b4f83e2
PS		 452/* Part of data record for TCP aggregated elements. */
453OVS_PACKED(
454struct ipfix_data_record_aggregated_tcp {
455 ovs_be64 tcp_ack_total_count; /* TCP_ACK_TOTAL_COUNT */
456 ovs_be64 tcp_fin_total_count; /* TCP_FIN_TOTAL_COUNT */
457 ovs_be64 tcp_psh_total_count; /* TCP_PSH_TOTAL_COUNT */
458 ovs_be64 tcp_rst_total_count; /* TCP_RST_TOTAL_COUNT */
459 ovs_be64 tcp_syn_total_count; /* TCP_SYN_TOTAL_COUNT */
460 ovs_be64 tcp_urg_total_count; /* TCP_URG_TOTAL_COUNT */
461});
462BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_tcp) == 48);
463
c97320eb
WZ		 464/*
465 * Refer to RFC 7011, the length of Variable length element is 0~65535:
466 * In most case, it should be less than 255 octets:
467 * 0 1 2 3
468 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
469 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
470 * | Length (< 255)| Information Element |
471 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
472 * | ... continuing as needed |
473 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
474 *
475 * When it is greater than or equeal to 255 octets:
476 * 0 1 2 3
477 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
478 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
479 * | 255 | Length (0 to 65535) | IE |
480 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
481 * | ... continuing as needed |
482 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
483 *
484 *
485 * Now, only the virtual_obs_id whose length < 255 is implemented.
486 */
487
488#define IPFIX_VIRTUAL_OBS_MAX_LEN 254
489
8b7ea2d4
WZ		 490/*
491 * support tunnel key for:
492 * VxLAN: 24-bit VIN,
99e7b077 493 * GRE: 32-bit key,
8b7ea2d4 494 * LISP: 24-bit instance ID
4237026e 495 * STT: 64-bit key
8b7ea2d4
WZ		 496 */
497#define MAX_TUNNEL_KEY_LEN 8
498
f51e8ccb
RL		 499#define MAX_FLOW_KEY_LEN \
500 (sizeof(struct ipfix_data_record_flow_key_common) \
501 + sizeof(struct ipfix_data_record_flow_key_vlan) \
502 + sizeof(struct ipfix_data_record_flow_key_ip) \
503 + MAX(sizeof(struct ipfix_data_record_flow_key_ipv4), \
504 sizeof(struct ipfix_data_record_flow_key_ipv6)) \
505 + MAX(sizeof(struct ipfix_data_record_flow_key_icmp), \
8b7ea2d4
WZ		 506 sizeof(struct ipfix_data_record_flow_key_transport)) \
507 + sizeof(struct ipfix_data_record_flow_key_tunnel) \
508 + MAX_TUNNEL_KEY_LEN)
978427a5
RL		 509
510#define MAX_DATA_RECORD_LEN \
511 (MAX_FLOW_KEY_LEN \
512 + sizeof(struct ipfix_data_record_aggregated_common) \
0b4f83e2
PS		 513 + sizeof(struct ipfix_data_record_aggregated_ip) \
514 + sizeof(struct ipfix_data_record_aggregated_tcp))
978427a5 515
d564c4bb
PS		 516#define MAX_OPTIONS_DATA_RECORD_LEN \
517 (sizeof(struct ipfix_data_record_exporter_stats))
518
519
978427a5
RL		 520/* Max length of a data set. To simplify the implementation, each
521 * data record is sent in a separate data set, so each data set
522 * contains at most one data record. */
d564c4bb
PS		 523#define MAX_DATA_SET_LEN \
524 (sizeof(struct ipfix_set_header) \
525 + MAX(MAX_DATA_RECORD_LEN, \
526 MAX_OPTIONS_DATA_RECORD_LEN))
978427a5 527
8b7ea2d4 528/* Max length of an IPFIX message. Arbitrarily set to accommodate low
978427a5
RL		 529 * MTU. */
530#define MAX_MESSAGE_LEN 1024
531
532/* Cache structures. */
533
534/* Flow key. */
535struct ipfix_flow_key {
536 uint32_t obs_domain_id;
537 uint16_t template_id;
538 size_t flow_key_msg_part_size;
539 uint64_t flow_key_msg_part[DIV_ROUND_UP(MAX_FLOW_KEY_LEN, 8)];
540};
541
542/* Flow cache entry. */
543struct ipfix_flow_cache_entry {
544 struct hmap_node flow_key_map_node;
ca6ba700 545 struct ovs_list cache_flow_start_timestamp_list_node;
978427a5
RL		 546 struct ipfix_flow_key flow_key;
547 /* Common aggregated elements. */
548 uint64_t flow_start_timestamp_usec;
549 uint64_t flow_end_timestamp_usec;
564230b6
PS		 550 uint64_t dropped_packet_delta_count;
551 uint64_t dropped_packet_total_count;
978427a5 552 uint64_t packet_delta_count;
fe520682 553 uint64_t packet_total_count;
ebfe9a21
PS		 554 uint64_t in_ucast_packet_total_count;
555 uint64_t in_mcast_packet_total_count;
556 uint64_t in_bcast_packet_total_count;
557 uint64_t out_ucast_packet_total_count;
558 uint64_t out_bcast_packet_total_count;
559 uint64_t post_mcast_packet_total_count;
560 uint64_t post_mcast_packet_delta_count;
561 uint64_t post_mcast_octet_total_count;
562 uint64_t post_mcast_octet_delta_count;
978427a5 563 uint64_t layer2_octet_delta_count;
fe520682 564 uint64_t layer2_octet_total_count;
564230b6
PS		 565 uint64_t dropped_octet_delta_count;
566 uint64_t dropped_octet_total_count;
f51e8ccb 567 uint64_t octet_delta_count;
fe520682 568 uint64_t octet_total_count;
978427a5 569 uint64_t octet_delta_sum_of_squares; /* 0 if not IP. */
fe520682 570 uint64_t octet_total_sum_of_squares; /* 0 if not IP. */
978427a5
RL		 571 uint16_t minimum_ip_total_length; /* 0 if not IP. */
572 uint16_t maximum_ip_total_length; /* 0 if not IP. */
0b4f83e2
PS		 573 uint64_t tcp_packet_delta_count;
574 uint64_t tcp_ack_total_count;
575 uint64_t tcp_fin_total_count;
576 uint64_t tcp_psh_total_count;
577 uint64_t tcp_rst_total_count;
578 uint64_t tcp_syn_total_count;
579 uint64_t tcp_urg_total_count;
978427a5
RL		 580};
581
582static void dpif_ipfix_cache_expire(struct dpif_ipfix_exporter *, bool,
583 const uint64_t, const uint32_t);
584
585static void get_export_time_now(uint64_t *, uint32_t *);
586
587static void dpif_ipfix_cache_expire_now(struct dpif_ipfix_exporter *, bool);
29089a54
RL		 588
589static bool
590ofproto_ipfix_bridge_exporter_options_equal(
591 const struct ofproto_ipfix_bridge_exporter_options *a,
592 const struct ofproto_ipfix_bridge_exporter_options *b)
593{
594 return (a->obs_domain_id == b->obs_domain_id
595 && a->obs_point_id == b->obs_point_id
596 && a->sampling_rate == b->sampling_rate
978427a5
RL		 597 && a->cache_active_timeout == b->cache_active_timeout
598 && a->cache_max_flows == b->cache_max_flows
8b7ea2d4
WZ		 599 && a->enable_tunnel_sampling == b->enable_tunnel_sampling
600 && a->enable_input_sampling == b->enable_input_sampling
601 && a->enable_output_sampling == b->enable_output_sampling
c97320eb
WZ		 602 && sset_equals(&a->targets, &b->targets)
603 && nullable_string_is_equal(a->virtual_obs_id, b->virtual_obs_id));
29089a54
RL		 604}
605
606static struct ofproto_ipfix_bridge_exporter_options *
607ofproto_ipfix_bridge_exporter_options_clone(
608 const struct ofproto_ipfix_bridge_exporter_options *old)
609{
610 struct ofproto_ipfix_bridge_exporter_options *new =
611 xmemdup(old, sizeof *old);
612 sset_clone(&new->targets, &old->targets);
c97320eb 613 new->virtual_obs_id = nullable_xstrdup(old->virtual_obs_id);
29089a54
RL		 614 return new;
615}
616
617static void
618ofproto_ipfix_bridge_exporter_options_destroy(
619 struct ofproto_ipfix_bridge_exporter_options *options)
620{
621 if (options) {
622 sset_destroy(&options->targets);
c97320eb 623 free(options->virtual_obs_id);
29089a54
RL		 624 free(options);
625 }
626}
627
628static bool
629ofproto_ipfix_flow_exporter_options_equal(
630 const struct ofproto_ipfix_flow_exporter_options *a,
631 const struct ofproto_ipfix_flow_exporter_options *b)
632{
633 return (a->collector_set_id == b->collector_set_id
978427a5
RL		 634 && a->cache_active_timeout == b->cache_active_timeout
635 && a->cache_max_flows == b->cache_max_flows
f69f713b 636 && a->enable_tunnel_sampling == b->enable_tunnel_sampling
c97320eb
WZ		 637 && sset_equals(&a->targets, &b->targets)
638 && nullable_string_is_equal(a->virtual_obs_id, b->virtual_obs_id));
29089a54
RL		 639}
640
641static struct ofproto_ipfix_flow_exporter_options *
642ofproto_ipfix_flow_exporter_options_clone(
643 const struct ofproto_ipfix_flow_exporter_options *old)
644{
645 struct ofproto_ipfix_flow_exporter_options *new =
646 xmemdup(old, sizeof *old);
647 sset_clone(&new->targets, &old->targets);
c97320eb 648 new->virtual_obs_id = nullable_xstrdup(old->virtual_obs_id);
29089a54
RL		 649 return new;
650}
651
652static void
653ofproto_ipfix_flow_exporter_options_destroy(
654 struct ofproto_ipfix_flow_exporter_options *options)
655{
656 if (options) {
657 sset_destroy(&options->targets);
c97320eb 658 free(options->virtual_obs_id);
29089a54
RL		 659 free(options);
660 }
661}
662
978427a5
RL		 663static void
664dpif_ipfix_exporter_init(struct dpif_ipfix_exporter *exporter)
665{
d564c4bb 666 exporter->exporter_id = ++exporter_total_count;
978427a5
RL		 667 exporter->collectors = NULL;
668 exporter->seq_number = 1;
d1b97f99 669 exporter->last_template_set_time = 0;
978427a5 670 hmap_init(&exporter->cache_flow_key_map);
417e7e66 671 ovs_list_init(&exporter->cache_flow_start_timestamp_list);
978427a5
RL		 672 exporter->cache_active_timeout = 0;
673 exporter->cache_max_flows = 0;
c97320eb
WZ		 674 exporter->virtual_obs_id = NULL;
675 exporter->virtual_obs_len = 0;
fe520682 676
677 memset(&exporter->ipfix_global_stats, 0,
678 sizeof(struct dpif_ipfix_global_stats));
978427a5
RL		 679}
680
29089a54
RL		 681static void
682dpif_ipfix_exporter_clear(struct dpif_ipfix_exporter *exporter)
683{
978427a5
RL		 684 /* Flush the cache with flow end reason "forced end." */
685 dpif_ipfix_cache_expire_now(exporter, true);
686
29089a54 687 collectors_destroy(exporter->collectors);
d564c4bb 688 exporter->exporter_id = 0;
29089a54
RL		 689 exporter->collectors = NULL;
690 exporter->seq_number = 1;
d1b97f99 691 exporter->last_template_set_time = 0;
978427a5
RL		 692 exporter->cache_active_timeout = 0;
693 exporter->cache_max_flows = 0;
c97320eb
WZ		 694 free(exporter->virtual_obs_id);
695 exporter->virtual_obs_id = NULL;
696 exporter->virtual_obs_len = 0;
fe520682 697
698 memset(&exporter->ipfix_global_stats, 0,
699 sizeof(struct dpif_ipfix_global_stats));
978427a5
RL		 700}
701
702static void
703dpif_ipfix_exporter_destroy(struct dpif_ipfix_exporter *exporter)
704{
705 dpif_ipfix_exporter_clear(exporter);
706 hmap_destroy(&exporter->cache_flow_key_map);
29089a54
RL		 707}
708
709static bool
710dpif_ipfix_exporter_set_options(struct dpif_ipfix_exporter *exporter,
978427a5
RL		 711 const struct sset *targets,
712 const uint32_t cache_active_timeout,
c97320eb
WZ		 713 const uint32_t cache_max_flows,
714 const char *virtual_obs_id)
29089a54 715{
c97320eb 716 size_t virtual_obs_len;
29089a54
RL		 717 collectors_destroy(exporter->collectors);
718 collectors_create(targets, IPFIX_DEFAULT_COLLECTOR_PORT,
719 &exporter->collectors);
720 if (exporter->collectors == NULL) {
721 VLOG_WARN_RL(&rl, "no collectors could be initialized, "
722 "IPFIX exporter disabled");
723 dpif_ipfix_exporter_clear(exporter);
724 return false;
725 }
978427a5
RL		 726 exporter->cache_active_timeout = cache_active_timeout;
727 exporter->cache_max_flows = cache_max_flows;
c97320eb
WZ		 728 virtual_obs_len = virtual_obs_id ? strlen(virtual_obs_id) : 0;
729 if (virtual_obs_len > IPFIX_VIRTUAL_OBS_MAX_LEN) {
730 VLOG_WARN_RL(&rl, "Virtual obsevation ID too long (%d bytes), "
731 "should not be longer than %d bytes.",
732 exporter->virtual_obs_len, IPFIX_VIRTUAL_OBS_MAX_LEN);
733 dpif_ipfix_exporter_clear(exporter);
734 return false;
735 }
736 exporter->virtual_obs_len = virtual_obs_len;
737 exporter->virtual_obs_id = nullable_xstrdup(virtual_obs_id);
29089a54
RL		 738 return true;
739}
740
8b7ea2d4
WZ		 741static struct dpif_ipfix_port *
742dpif_ipfix_find_port(const struct dpif_ipfix *di,
743 odp_port_t odp_port) OVS_REQUIRES(mutex)
744{
745 struct dpif_ipfix_port *dip;
746
747 HMAP_FOR_EACH_IN_BUCKET (dip, hmap_node, hash_odp_port(odp_port),
748 &di->tunnel_ports) {
749 if (dip->odp_port == odp_port) {
750 return dip;
751 }
752 }
753 return NULL;
754}
755
756static void
757dpif_ipfix_del_port(struct dpif_ipfix *di,
758 struct dpif_ipfix_port *dip)
759 OVS_REQUIRES(mutex)
760{
761 hmap_remove(&di->tunnel_ports, &dip->hmap_node);
762 free(dip);
763}
764
765void
766dpif_ipfix_add_tunnel_port(struct dpif_ipfix *di, struct ofport *ofport,
767 odp_port_t odp_port) OVS_EXCLUDED(mutex)
768{
769 struct dpif_ipfix_port *dip;
770 const char *type;
771
772 ovs_mutex_lock(&mutex);
773 dip = dpif_ipfix_find_port(di, odp_port);
774 if (dip) {
775 dpif_ipfix_del_port(di, dip);
776 }
777
778 type = netdev_get_type(ofport->netdev);
779 if (type == NULL) {
780 goto out;
781 }
782
783 /* Add to table of tunnel ports. */
784 dip = xmalloc(sizeof *dip);
785 dip->ofport = ofport;
786 dip->odp_port = odp_port;
787 if (strcmp(type, "gre") == 0) {
788 /* 32-bit key gre */
789 dip->tunnel_type = DPIF_IPFIX_TUNNEL_GRE;
790 dip->tunnel_key_length = 4;
8b7ea2d4
WZ		 791 } else if (strcmp(type, "vxlan") == 0) {
792 dip->tunnel_type = DPIF_IPFIX_TUNNEL_VXLAN;
793 dip->tunnel_key_length = 3;
794 } else if (strcmp(type, "lisp") == 0) {
795 dip->tunnel_type = DPIF_IPFIX_TUNNEL_LISP;
796 dip->tunnel_key_length = 3;
797 } else if (strcmp(type, "geneve") == 0) {
798 dip->tunnel_type = DPIF_IPFIX_TUNNEL_GENEVE;
799 dip->tunnel_key_length = 3;
4237026e
PS		 800 } else if (strcmp(type, "stt") == 0) {
801 dip->tunnel_type = DPIF_IPFIX_TUNNEL_STT;
802 dip->tunnel_key_length = 8;
8b7ea2d4
WZ		 803 } else {
804 free(dip);
805 goto out;
806 }
807 hmap_insert(&di->tunnel_ports, &dip->hmap_node, hash_odp_port(odp_port));
808
809out:
810 ovs_mutex_unlock(&mutex);
811}
812
813void
814dpif_ipfix_del_tunnel_port(struct dpif_ipfix *di, odp_port_t odp_port)
815 OVS_EXCLUDED(mutex)
816{
817 struct dpif_ipfix_port *dip;
818 ovs_mutex_lock(&mutex);
819 dip = dpif_ipfix_find_port(di, odp_port);
820 if (dip) {
821 dpif_ipfix_del_port(di, dip);
822 }
823 ovs_mutex_unlock(&mutex);
824}
825
826bool
827dpif_ipfix_get_tunnel_port(const struct dpif_ipfix *di, odp_port_t odp_port)
828 OVS_EXCLUDED(mutex)
829{
830 struct dpif_ipfix_port *dip;
831 ovs_mutex_lock(&mutex);
832 dip = dpif_ipfix_find_port(di, odp_port);
833 ovs_mutex_unlock(&mutex);
834 return dip != NULL;
835}
836
978427a5
RL		 837static void
838dpif_ipfix_bridge_exporter_init(struct dpif_ipfix_bridge_exporter *exporter)
839{
840 dpif_ipfix_exporter_init(&exporter->exporter);
841 exporter->options = NULL;
842 exporter->probability = 0;
843}
844
29089a54
RL		 845static void
846dpif_ipfix_bridge_exporter_clear(struct dpif_ipfix_bridge_exporter *exporter)
847{
848 dpif_ipfix_exporter_clear(&exporter->exporter);
849 ofproto_ipfix_bridge_exporter_options_destroy(exporter->options);
850 exporter->options = NULL;
851 exporter->probability = 0;
852}
853
978427a5
RL		 854static void
855dpif_ipfix_bridge_exporter_destroy(struct dpif_ipfix_bridge_exporter *exporter)
856{
857 dpif_ipfix_bridge_exporter_clear(exporter);
858 dpif_ipfix_exporter_destroy(&exporter->exporter);
859}
860
29089a54
RL		 861static void
862dpif_ipfix_bridge_exporter_set_options(
863 struct dpif_ipfix_bridge_exporter *exporter,
864 const struct ofproto_ipfix_bridge_exporter_options *options)
865{
866 bool options_changed;
867
868 if (!options || sset_is_empty(&options->targets)) {
869 /* No point in doing any work if there are no targets. */
870 dpif_ipfix_bridge_exporter_clear(exporter);
871 return;
872 }
873
874 options_changed = (
875 !exporter->options
876 || !ofproto_ipfix_bridge_exporter_options_equal(
877 options, exporter->options));
878
879 /* Configure collectors if options have changed or if we're
880 * shortchanged in collectors (which indicates that opening one or
881 * more of the configured collectors failed, so that we should
882 * retry). */
883 if (options_changed
884 || collectors_count(exporter->exporter.collectors)
885 < sset_count(&options->targets)) {
978427a5
RL		 886 if (!dpif_ipfix_exporter_set_options(
887 &exporter->exporter, &options->targets,
c97320eb
WZ		 888 options->cache_active_timeout, options->cache_max_flows,
889 options->virtual_obs_id)) {
29089a54
RL		 890 return;
891 }
892 }
893
894 /* Avoid reconfiguring if options didn't change. */
895 if (!options_changed) {
896 return;
897 }
898
899 ofproto_ipfix_bridge_exporter_options_destroy(exporter->options);
900 exporter->options = ofproto_ipfix_bridge_exporter_options_clone(options);
901 exporter->probability =
902 MAX(1, UINT32_MAX / exporter->options->sampling_rate);
978427a5
RL		 903
904 /* Run over the cache as some entries might have expired after
905 * changing the timeouts. */
906 dpif_ipfix_cache_expire_now(&exporter->exporter, false);
29089a54
RL		 907}
908
909static struct dpif_ipfix_flow_exporter_map_node*
910dpif_ipfix_find_flow_exporter_map_node(
911 const struct dpif_ipfix *di, const uint32_t collector_set_id)
978427a5 912 OVS_REQUIRES(mutex)
29089a54
RL		 913{
914 struct dpif_ipfix_flow_exporter_map_node *exporter_node;
915
916 HMAP_FOR_EACH_WITH_HASH (exporter_node, node,
917 hash_int(collector_set_id, 0),
918 &di->flow_exporter_map) {
919 if (exporter_node->exporter.options->collector_set_id
920 == collector_set_id) {
921 return exporter_node;
922 }
923 }
924
925 return NULL;
926}
927
978427a5
RL		 928static void
929dpif_ipfix_flow_exporter_init(struct dpif_ipfix_flow_exporter *exporter)
930{
931 dpif_ipfix_exporter_init(&exporter->exporter);
932 exporter->options = NULL;
933}
934
29089a54
RL		 935static void
936dpif_ipfix_flow_exporter_clear(struct dpif_ipfix_flow_exporter *exporter)
937{
938 dpif_ipfix_exporter_clear(&exporter->exporter);
939 ofproto_ipfix_flow_exporter_options_destroy(exporter->options);
940 exporter->options = NULL;
941}
942
978427a5
RL		 943static void
944dpif_ipfix_flow_exporter_destroy(struct dpif_ipfix_flow_exporter *exporter)
945{
946 dpif_ipfix_flow_exporter_clear(exporter);
947 dpif_ipfix_exporter_destroy(&exporter->exporter);
948}
949
29089a54
RL		 950static bool
951dpif_ipfix_flow_exporter_set_options(
952 struct dpif_ipfix_flow_exporter *exporter,
953 const struct ofproto_ipfix_flow_exporter_options *options)
954{
955 bool options_changed;
956
957 if (sset_is_empty(&options->targets)) {
958 /* No point in doing any work if there are no targets. */
959 dpif_ipfix_flow_exporter_clear(exporter);
960 return true;
961 }
962
963 options_changed = (
964 !exporter->options
965 || !ofproto_ipfix_flow_exporter_options_equal(
966 options, exporter->options));
967
968 /* Configure collectors if options have changed or if we're
969 * shortchanged in collectors (which indicates that opening one or
970 * more of the configured collectors failed, so that we should
971 * retry). */
972 if (options_changed
973 || collectors_count(exporter->exporter.collectors)
974 < sset_count(&options->targets)) {
978427a5
RL		 975 if (!dpif_ipfix_exporter_set_options(
976 &exporter->exporter, &options->targets,
c97320eb
WZ		 977 options->cache_active_timeout, options->cache_max_flows,
978 options->virtual_obs_id)) {
29089a54
RL		 979 return false;
980 }
981 }
982
983 /* Avoid reconfiguring if options didn't change. */
984 if (!options_changed) {
985 return true;
986 }
987
988 ofproto_ipfix_flow_exporter_options_destroy(exporter->options);
989 exporter->options = ofproto_ipfix_flow_exporter_options_clone(options);
990
978427a5
RL		 991 /* Run over the cache as some entries might have expired after
992 * changing the timeouts. */
993 dpif_ipfix_cache_expire_now(&exporter->exporter, false);
994
29089a54
RL		 995 return true;
996}
997
cbef684c
BP		 998static void
999remove_flow_exporter(struct dpif_ipfix *di,
1000 struct dpif_ipfix_flow_exporter_map_node *node)
1001{
1002 hmap_remove(&di->flow_exporter_map, &node->node);
1003 dpif_ipfix_flow_exporter_destroy(&node->exporter);
1004 free(node);
1005}
1006
29089a54
RL		 1007void
1008dpif_ipfix_set_options(
1009 struct dpif_ipfix *di,
1010 const struct ofproto_ipfix_bridge_exporter_options *bridge_exporter_options,
1011 const struct ofproto_ipfix_flow_exporter_options *flow_exporters_options,
626ace7b 1012 size_t n_flow_exporters_options) OVS_EXCLUDED(mutex)
29089a54
RL		 1013{
1014 int i;
1015 struct ofproto_ipfix_flow_exporter_options *options;
1016 struct dpif_ipfix_flow_exporter_map_node *node, *next;
29089a54 1017
626ace7b 1018 ovs_mutex_lock(&mutex);
29089a54
RL		 1019 dpif_ipfix_bridge_exporter_set_options(&di->bridge_exporter,
1020 bridge_exporter_options);
1021
1022 /* Add new flow exporters and update current flow exporters. */
1023 options = (struct ofproto_ipfix_flow_exporter_options *)
1024 flow_exporters_options;
1025 for (i = 0; i < n_flow_exporters_options; i++) {
1026 node = dpif_ipfix_find_flow_exporter_map_node(
1027 di, options->collector_set_id);
1028 if (!node) {
1029 node = xzalloc(sizeof *node);
978427a5 1030 dpif_ipfix_flow_exporter_init(&node->exporter);
29089a54
RL		 1031 hmap_insert(&di->flow_exporter_map, &node->node,
1032 hash_int(options->collector_set_id, 0));
1033 }
1034 if (!dpif_ipfix_flow_exporter_set_options(&node->exporter, options)) {
cbef684c 1035 remove_flow_exporter(di, node);
29089a54
RL		 1036 }
1037 options++;
1038 }
1039
29089a54 1040 /* Remove dropped flow exporters, if any needs to be removed. */
cbef684c
BP		 1041 HMAP_FOR_EACH_SAFE (node, next, node, &di->flow_exporter_map) {
1042 /* This is slow but doesn't take any extra memory, and
1043 * this table is not supposed to contain many rows anyway. */
1044 options = (struct ofproto_ipfix_flow_exporter_options *)
1045 flow_exporters_options;
1046 for (i = 0; i < n_flow_exporters_options; i++) {
1047 if (node->exporter.options->collector_set_id
1048 == options->collector_set_id) {
1049 break;
29089a54 1050 }
cbef684c
BP		 1051 options++;
1052 }
1053 if (i == n_flow_exporters_options) { // Not found.
1054 remove_flow_exporter(di, node);
29089a54
RL		 1055 }
1056 }
1057
626ace7b 1058 ovs_mutex_unlock(&mutex);
29089a54
RL		 1059}
1060
1061struct dpif_ipfix *
1062dpif_ipfix_create(void)
1063{
1064 struct dpif_ipfix *di;
1065 di = xzalloc(sizeof *di);
978427a5 1066 dpif_ipfix_bridge_exporter_init(&di->bridge_exporter);
29089a54 1067 hmap_init(&di->flow_exporter_map);
8b7ea2d4 1068 hmap_init(&di->tunnel_ports);
37bec3d3 1069 ovs_refcount_init(&di->ref_cnt);
d857c8aa
EJ		 1070 return di;
1071}
1072
1073struct dpif_ipfix *
1074dpif_ipfix_ref(const struct dpif_ipfix *di_)
1075{
1076 struct dpif_ipfix *di = CONST_CAST(struct dpif_ipfix *, di_);
1077 if (di) {
37bec3d3 1078 ovs_refcount_ref(&di->ref_cnt);
d857c8aa 1079 }
29089a54
RL		 1080 return di;
1081}
1082
1083uint32_t
1084dpif_ipfix_get_bridge_exporter_probability(const struct dpif_ipfix *di)
626ace7b 1085 OVS_EXCLUDED(mutex)
29089a54 1086{
626ace7b
EJ		 1087 uint32_t ret;
1088 ovs_mutex_lock(&mutex);
1089 ret = di->bridge_exporter.probability;
1090 ovs_mutex_unlock(&mutex);
1091 return ret;
29089a54
RL		 1092}
1093
8b7ea2d4
WZ		 1094bool
1095dpif_ipfix_get_bridge_exporter_input_sampling(const struct dpif_ipfix *di)
1096 OVS_EXCLUDED(mutex)
1097{
f7a8b4d4 1098 bool ret = false;
8b7ea2d4
WZ		 1099 ovs_mutex_lock(&mutex);
1100 if (di->bridge_exporter.options) {
1101 ret = di->bridge_exporter.options->enable_input_sampling;
1102 }
1103 ovs_mutex_unlock(&mutex);
1104 return ret;
1105}
1106
1107bool
1108dpif_ipfix_get_bridge_exporter_output_sampling(const struct dpif_ipfix *di)
1109 OVS_EXCLUDED(mutex)
1110{
f7a8b4d4 1111 bool ret = false;
8b7ea2d4
WZ		 1112 ovs_mutex_lock(&mutex);
1113 if (di->bridge_exporter.options) {
1114 ret = di->bridge_exporter.options->enable_output_sampling;
1115 }
1116 ovs_mutex_unlock(&mutex);
1117 return ret;
1118}
1119
1120bool
1121dpif_ipfix_get_bridge_exporter_tunnel_sampling(const struct dpif_ipfix *di)
1122 OVS_EXCLUDED(mutex)
1123{
1124 bool ret = false;
1125 ovs_mutex_lock(&mutex);
1126 if (di->bridge_exporter.options) {
1127 ret = di->bridge_exporter.options->enable_tunnel_sampling;
1128 }
1129 ovs_mutex_unlock(&mutex);
1130 return ret;
1131}
1132
f69f713b
BY		 1133bool
1134dpif_ipfix_get_flow_exporter_tunnel_sampling(const struct dpif_ipfix *di,
1135 const uint32_t collector_set_id)
1136 OVS_EXCLUDED(mutex)
1137{
1138 ovs_mutex_lock(&mutex);
1139 struct dpif_ipfix_flow_exporter_map_node *node
1140 = dpif_ipfix_find_flow_exporter_map_node(di, collector_set_id);
1141 bool ret = (node
1142 && node->exporter.options
1143 && node->exporter.options->enable_tunnel_sampling);
1144 ovs_mutex_unlock(&mutex);
1145
1146 return ret;
1147}
1148
29089a54 1149static void
bd3950dd 1150dpif_ipfix_clear(struct dpif_ipfix *di) OVS_REQUIRES(mutex)
29089a54 1151{
4ec3d7c7 1152 struct dpif_ipfix_flow_exporter_map_node *exp_node;
8b7ea2d4 1153 struct dpif_ipfix_port *dip, *next;
29089a54
RL		 1154
1155 dpif_ipfix_bridge_exporter_clear(&di->bridge_exporter);
1156
4ec3d7c7 1157 HMAP_FOR_EACH_POP (exp_node, node, &di->flow_exporter_map) {
978427a5
RL		 1158 dpif_ipfix_flow_exporter_destroy(&exp_node->exporter);
1159 free(exp_node);
29089a54 1160 }
8b7ea2d4
WZ		 1161
1162 HMAP_FOR_EACH_SAFE (dip, next, hmap_node, &di->tunnel_ports) {
1163 dpif_ipfix_del_port(di, dip);
1164 }
29089a54
RL		 1165}
1166
1167void
626ace7b 1168dpif_ipfix_unref(struct dpif_ipfix *di) OVS_EXCLUDED(mutex)
29089a54 1169{
24f83812 1170 if (di && ovs_refcount_unref_relaxed(&di->ref_cnt) == 1) {
626ace7b 1171 ovs_mutex_lock(&mutex);
29089a54 1172 dpif_ipfix_clear(di);
978427a5 1173 dpif_ipfix_bridge_exporter_destroy(&di->bridge_exporter);
29089a54 1174 hmap_destroy(&di->flow_exporter_map);
8b7ea2d4 1175 hmap_destroy(&di->tunnel_ports);
29089a54 1176 free(di);
626ace7b 1177 ovs_mutex_unlock(&mutex);
29089a54
RL		 1178 }
1179}
1180
1181static void
978427a5 1182ipfix_init_header(uint32_t export_time_sec, uint32_t seq_number,
cf62fa4c 1183 uint32_t obs_domain_id, struct dp_packet *msg)
29089a54
RL		 1184{
1185 struct ipfix_header *hdr;
1186
cf62fa4c 1187 hdr = dp_packet_put_zeros(msg, sizeof *hdr);
29089a54
RL		 1188 hdr->version = htons(IPFIX_VERSION);
1189 hdr->length = htons(sizeof *hdr); /* Updated in ipfix_send_msg. */
978427a5 1190 hdr->export_time = htonl(export_time_sec);
29089a54
RL		 1191 hdr->seq_number = htonl(seq_number);
1192 hdr->obs_domain_id = htonl(obs_domain_id);
1193}
1194
fb8f22c1 1195static size_t
cf62fa4c 1196ipfix_send_msg(const struct collectors *collectors, struct dp_packet *msg)
29089a54
RL		 1197{
1198 struct ipfix_header *hdr;
fb8f22c1 1199 size_t tx_errors;
29089a54
RL		 1200
1201 /* Adjust the length in the header. */
cf62fa4c
PS		 1202 hdr = dp_packet_data(msg);
1203 hdr->length = htons(dp_packet_size(msg));
29089a54 1204
fb8f22c1
BY		 1205 tx_errors = collectors_send(collectors,
1206 dp_packet_data(msg), dp_packet_size(msg));
cf62fa4c 1207 dp_packet_set_size(msg, 0);
fb8f22c1
BY		 1208
1209 return tx_errors;
29089a54
RL		 1210}
1211
1212static uint16_t
1213ipfix_get_template_id(enum ipfix_proto_l2 l2, enum ipfix_proto_l3 l3,
8b7ea2d4 1214 enum ipfix_proto_l4 l4, enum ipfix_proto_tunnel tunnel)
29089a54
RL		 1215{
1216 uint16_t template_id;
1217 template_id = l2;
1218 template_id = template_id * NUM_IPFIX_PROTO_L3 + l3;
1219 template_id = template_id * NUM_IPFIX_PROTO_L4 + l4;
8b7ea2d4 1220 template_id = template_id * NUM_IPFIX_PROTO_TUNNEL + tunnel;
29089a54
RL		 1221 return IPFIX_TEMPLATE_ID_MIN + template_id;
1222}
1223
d564c4bb
PS		 1224static uint16_t
1225ipfix_get_options_template_id(enum ipfix_options_template opt_tmpl_type)
1226{
1227 /* Check what is the maximum possible Template ID for Template Record and
1228 * use it as a base number for Template ID in Options Template Record. */
1229 uint16_t max_tmpl_id = ipfix_get_template_id(NUM_IPFIX_PROTO_L2,
1230 NUM_IPFIX_PROTO_L3,
1231 NUM_IPFIX_PROTO_L4,
1232 NUM_IPFIX_PROTO_TUNNEL);
1233
1234 return max_tmpl_id + opt_tmpl_type;
1235}
1236
1237
29089a54
RL		 1238static void
1239ipfix_define_template_entity(enum ipfix_entity_id id,
8b7ea2d4
WZ		 1240 enum ipfix_entity_size size,
1241 enum ipfix_entity_enterprise enterprise,
cf62fa4c 1242 struct dp_packet *msg)
29089a54
RL		 1243{
1244 struct ipfix_template_field_specifier *field;
8b7ea2d4 1245 size_t field_size;
29089a54 1246
8b7ea2d4
WZ		 1247 if (enterprise) {
1248 field_size = sizeof *field;
1249 } else {
1250 /* No enterprise number */
1251 field_size = sizeof *field - sizeof(ovs_be32);
1252 }
cf62fa4c 1253 field = dp_packet_put_zeros(msg, field_size);
29089a54 1254 field->element_id = htons(id);
8b7ea2d4
WZ		 1255 if (size) {
1256 field->field_length = htons(size);
1257 } else {
1258 /* RFC 5101, Section 7. Variable-Length Information Element */
1259 field->field_length = OVS_BE16_MAX;
1260 }
1261 if (enterprise) {
1262 field->enterprise = htonl(enterprise);
1263 }
1264
29089a54
RL		 1265}
1266
d564c4bb
PS		 1267#define DEF(ID) \
1268{ \
1269 ipfix_define_template_entity(IPFIX_ENTITY_ID_##ID, \
1270 IPFIX_ENTITY_SIZE_##ID, \
1271 IPFIX_ENTITY_ENTERPRISE_##ID, msg); \
1272 count++; \
1273}
1274
1275/* Defines The Exporting Process Reliability Statistics Options Template
1276 * fields, including scope fields. Updates 'scope_field_count' and
1277 * 'field_count' in Options Template Record Header. */
1278static uint16_t
1279ipfix_def_exporter_options_template_fields(size_t opt_tmpl_hdr_offset,
1280 struct dp_packet *msg)
1281{
1282 uint16_t count = 0;
1283 struct ipfix_options_template_record_header *opt_tmpl_hdr;
1284
1285 /* 1. Scope Fields Specifiers */
1286 DEF(EXPORTING_PROCESS_ID);
1287
1288 /* Update 'scope_field_count' in options template header. */
1289 opt_tmpl_hdr = (struct ipfix_options_template_record_header *)
1290 ((uint8_t *)dp_packet_data(msg) + opt_tmpl_hdr_offset);
1291 opt_tmpl_hdr->scope_field_count = htons(count);
1292
1293 /* 2. Fields Specifiers */
1294 DEF(NOT_SENT_PACKET_TOTAL_COUNT);
1295
1296 /* Update 'field_count' in options template header. */
09a21284 1297 opt_tmpl_hdr = (struct ipfix_options_template_record_header *)
d564c4bb
PS		 1298 ((uint8_t *)dp_packet_data(msg) + opt_tmpl_hdr_offset);
1299 opt_tmpl_hdr->field_count = htons(count);
1300
1301 return count;
1302}
1303
1304static uint16_t
1305ipfix_def_options_template_fields(enum ipfix_options_template opt_tmpl_type,
1306 size_t opt_tmpl_hdr_offset,
1307 struct dp_packet *msg)
1308{
1309 switch (opt_tmpl_type) {
1310 case IPFIX_OPTIONS_TEMPLATE_EXPORTER_STATS:
1311 return ipfix_def_exporter_options_template_fields(opt_tmpl_hdr_offset,
1312 msg);
1313 break;
1314 case NUM_IPFIX_OPTIONS_TEMPLATE:
1315 default:
1316 OVS_NOT_REACHED();
d564c4bb
PS		 1317 }
1318
1319 return 0;
1320}
1321
1322/* Defines fields in Template Record. Updates 'field_count' in Template Record
1323 * Header. */
29089a54
RL		 1324static uint16_t
1325ipfix_define_template_fields(enum ipfix_proto_l2 l2, enum ipfix_proto_l3 l3,
8b7ea2d4 1326 enum ipfix_proto_l4 l4, enum ipfix_proto_tunnel tunnel,
d564c4bb 1327 bool virtual_obs_id_set, size_t tmpl_hdr_offset,
cf62fa4c 1328 struct dp_packet *msg)
29089a54 1329{
29089a54 1330
d564c4bb
PS		 1331 struct ipfix_template_record_header *tmpl_hdr;
1332 uint16_t count = 0;
29089a54 1333
978427a5
RL		 1334 /* 1. Flow key. */
1335
29089a54 1336 DEF(OBSERVATION_POINT_ID);
8b7ea2d4 1337 DEF(FLOW_DIRECTION);
29089a54
RL		 1338
1339 /* Common Ethernet entities. */
1340 DEF(SOURCE_MAC_ADDRESS);
1341 DEF(DESTINATION_MAC_ADDRESS);
1342 DEF(ETHERNET_TYPE);
29089a54
RL		 1343 DEF(ETHERNET_HEADER_LENGTH);
1344
1345 if (l2 == IPFIX_PROTO_L2_VLAN) {
1346 DEF(VLAN_ID);
1347 DEF(DOT1Q_VLAN_ID);
1348 DEF(DOT1Q_PRIORITY);
1349 }
1350
1351 if (l3 != IPFIX_PROTO_L3_UNKNOWN) {
1352 DEF(IP_VERSION);
1353 DEF(IP_TTL);
1354 DEF(PROTOCOL_IDENTIFIER);
1355 DEF(IP_DIFF_SERV_CODE_POINT);
1356 DEF(IP_PRECEDENCE);
1357 DEF(IP_CLASS_OF_SERVICE);
1358
1359 if (l3 == IPFIX_PROTO_L3_IPV4) {
1360 DEF(SOURCE_IPV4_ADDRESS);
1361 DEF(DESTINATION_IPV4_ADDRESS);
0b4f83e2
PS		 1362 if (l4 == IPFIX_PROTO_L4_TCP
1363 || l4 == IPFIX_PROTO_L4_UDP
1364 || l4 == IPFIX_PROTO_L4_SCTP) {
f51e8ccb
RL		 1365 DEF(SOURCE_TRANSPORT_PORT);
1366 DEF(DESTINATION_TRANSPORT_PORT);
1367 } else if (l4 == IPFIX_PROTO_L4_ICMP) {
1368 DEF(ICMP_TYPE_IPV4);
1369 DEF(ICMP_CODE_IPV4);
1370 }
29089a54
RL		 1371 } else { /* l3 == IPFIX_PROTO_L3_IPV6 */
1372 DEF(SOURCE_IPV6_ADDRESS);
1373 DEF(DESTINATION_IPV6_ADDRESS);
1374 DEF(FLOW_LABEL_IPV6);
0b4f83e2
PS		 1375 if (l4 == IPFIX_PROTO_L4_TCP
1376 || l4 == IPFIX_PROTO_L4_UDP
1377 || l4 == IPFIX_PROTO_L4_SCTP) {
f51e8ccb
RL		 1378 DEF(SOURCE_TRANSPORT_PORT);
1379 DEF(DESTINATION_TRANSPORT_PORT);
1380 } else if (l4 == IPFIX_PROTO_L4_ICMP) {
1381 DEF(ICMP_TYPE_IPV6);
1382 DEF(ICMP_CODE_IPV6);
1383 }
29089a54
RL		 1384 }
1385 }
1386
8b7ea2d4
WZ		 1387 if (tunnel != IPFIX_PROTO_NOT_TUNNELED) {
1388 DEF(TUNNEL_SOURCE_IPV4_ADDRESS);
1389 DEF(TUNNEL_DESTINATION_IPV4_ADDRESS);
1390 DEF(TUNNEL_PROTOCOL_IDENTIFIER);
1391 DEF(TUNNEL_SOURCE_TRANSPORT_PORT);
1392 DEF(TUNNEL_DESTINATION_TRANSPORT_PORT);
1393 DEF(TUNNEL_TYPE);
1394 DEF(TUNNEL_KEY);
1395 }
1396
c97320eb
WZ		 1397 /* 2. Virtual observation ID, which is not a part of flow key. */
1398 if (virtual_obs_id_set) {
1399 DEF(VIRTUAL_OBS_ID);
1400 }
1401
1402 /* 3. Flow aggregated data. */
978427a5
RL		 1403
1404 DEF(FLOW_START_DELTA_MICROSECONDS);
1405 DEF(FLOW_END_DELTA_MICROSECONDS);
564230b6
PS		 1406 DEF(DROPPED_PACKET_DELTA_COUNT);
1407 DEF(DROPPED_PACKET_TOTAL_COUNT);
978427a5 1408 DEF(PACKET_DELTA_COUNT);
fe520682 1409 DEF(PACKET_TOTAL_COUNT);
ebfe9a21
PS		 1410 DEF(INGRESS_UNICAST_PACKET_TOTAL_COUNT);
1411 DEF(INGRESS_MULTICAST_PACKET_TOTAL_COUNT);
1412 DEF(INGRESS_BROADCAST_PACKET_TOTAL_COUNT);
1413 DEF(EGRESS_UNICAST_PACKET_TOTAL_COUNT);
1414 DEF(EGRESS_BROADCAST_PACKET_TOTAL_COUNT);
1415 DEF(POST_MCAST_PACKET_DELTA_COUNT);
1416 DEF(POST_MCAST_PACKET_TOTAL_COUNT);
978427a5 1417 DEF(LAYER2_OCTET_DELTA_COUNT);
fe520682 1418 DEF(LAYER2_OCTET_TOTAL_COUNT);
978427a5
RL		 1419 DEF(FLOW_END_REASON);
1420
1421 if (l3 != IPFIX_PROTO_L3_UNKNOWN) {
564230b6
PS		 1422 DEF(DROPPED_OCTET_DELTA_COUNT);
1423 DEF(DROPPED_OCTET_TOTAL_COUNT);
f51e8ccb 1424 DEF(OCTET_DELTA_COUNT);
fe520682 1425 DEF(OCTET_TOTAL_COUNT);
978427a5 1426 DEF(OCTET_DELTA_SUM_OF_SQUARES);
fe520682 1427 DEF(OCTET_TOTAL_SUM_OF_SQUARES);
978427a5
RL		 1428 DEF(MINIMUM_IP_TOTAL_LENGTH);
1429 DEF(MAXIMUM_IP_TOTAL_LENGTH);
ebfe9a21
PS		 1430 DEF(POST_MCAST_OCTET_DELTA_COUNT);
1431 DEF(POST_MCAST_OCTET_TOTAL_COUNT);
978427a5 1432 }
0b4f83e2
PS		 1433
1434 if (l4 == IPFIX_PROTO_L4_TCP) {
1435 DEF(TCP_ACK_TOTAL_COUNT);
1436 DEF(TCP_FIN_TOTAL_COUNT);
1437 DEF(TCP_PSH_TOTAL_COUNT);
1438 DEF(TCP_RST_TOTAL_COUNT);
1439 DEF(TCP_SYN_TOTAL_COUNT);
1440 DEF(TCP_URG_TOTAL_COUNT);
1441 }
d564c4bb
PS		 1442
1443 /* Update 'field_count' in template header. */
1444 tmpl_hdr = (struct ipfix_template_record_header *)
1445 ((uint8_t *)dp_packet_data(msg) + tmpl_hdr_offset);
1446 tmpl_hdr->field_count = htons(count);
29089a54
RL		 1447
1448 return count;
1449}
1450
d564c4bb
PS		 1451#undef DEF
1452
29089a54 1453static void
642c824b 1454ipfix_init_template_msg(uint32_t export_time_sec,
8b7ea2d4 1455 uint32_t seq_number, uint32_t obs_domain_id,
d564c4bb
PS		 1456 uint16_t set_id, struct dp_packet *msg,
1457 size_t *set_hdr_offset)
8b7ea2d4
WZ		 1458{
1459 struct ipfix_set_header *set_hdr;
1460
642c824b 1461 dp_packet_clear(msg);
8b7ea2d4
WZ		 1462
1463 ipfix_init_header(export_time_sec, seq_number, obs_domain_id, msg);
cf62fa4c 1464 *set_hdr_offset = dp_packet_size(msg);
8b7ea2d4 1465
d564c4bb 1466 /* Add a Set Header. */
cf62fa4c 1467 set_hdr = dp_packet_put_zeros(msg, sizeof *set_hdr);
d564c4bb 1468 set_hdr->set_id = htons(set_id);
8b7ea2d4
WZ		 1469}
1470
fb8f22c1 1471static size_t
8b7ea2d4 1472ipfix_send_template_msg(const struct collectors *collectors,
cf62fa4c 1473 struct dp_packet *msg, size_t set_hdr_offset)
8b7ea2d4
WZ		 1474{
1475 struct ipfix_set_header *set_hdr;
fb8f22c1 1476 size_t tx_errors;
8b7ea2d4
WZ		 1477
1478 /* Send template message. */
1479 set_hdr = (struct ipfix_set_header*)
cf62fa4c
PS		 1480 ((uint8_t*)dp_packet_data(msg) + set_hdr_offset);
1481 set_hdr->length = htons(dp_packet_size(msg) - set_hdr_offset);
8b7ea2d4 1482
fb8f22c1 1483 tx_errors = ipfix_send_msg(collectors, msg);
8b7ea2d4 1484
fb8f22c1 1485 return tx_errors;
8b7ea2d4
WZ		 1486}
1487
d564c4bb
PS		 1488static void
1489ipfix_add_options_template_record(enum ipfix_options_template opt_tmpl_type,
1490 struct dp_packet *msg)
1491{
1492 struct ipfix_options_template_record_header *opt_tmpl_hdr;
1493 size_t opt_tmpl_hdr_offset;
1494
1495 opt_tmpl_hdr_offset = dp_packet_size(msg);
1496 opt_tmpl_hdr = dp_packet_put_zeros(msg, sizeof *opt_tmpl_hdr);
1497 opt_tmpl_hdr->template_id =
1498 htons(ipfix_get_options_template_id(opt_tmpl_type));
1499 ipfix_def_options_template_fields(opt_tmpl_type, opt_tmpl_hdr_offset, msg);
1500}
1501
1502static void
1503ipfix_send_options_template_msgs(struct dpif_ipfix_exporter *exporter,
1504 uint32_t export_time_sec,
1505 uint32_t obs_domain_id,
1506 struct dp_packet *msg)
1507{
1508 size_t set_hdr_offset;
1509 size_t tx_packets = 0;
1510 size_t tx_errors = 0, error_pkts;
1511 enum ipfix_options_template opt_tmpl_type;
1512
1513 ipfix_init_template_msg(export_time_sec, exporter->seq_number,
1514 obs_domain_id, IPFIX_SET_ID_OPTION_TEMPLATE, msg,
1515 &set_hdr_offset);
1516
1517 for (opt_tmpl_type = 0; opt_tmpl_type < NUM_IPFIX_OPTIONS_TEMPLATE;
1518 ++opt_tmpl_type) {
1519 if (dp_packet_size(msg) >= MAX_MESSAGE_LEN) {
1520 /* Send template message. */
1521 error_pkts = ipfix_send_template_msg(exporter->collectors, msg,
1522 set_hdr_offset);
1523 tx_errors += error_pkts;
1524 tx_packets += collectors_count(exporter->collectors) - error_pkts;
1525
1526 /* Reinitialize the template msg. */
1527 ipfix_init_template_msg(export_time_sec, exporter->seq_number,
1528 obs_domain_id,
1529 IPFIX_SET_ID_OPTION_TEMPLATE,
1530 msg,
1531 &set_hdr_offset);
1532 }
1533
1534 ipfix_add_options_template_record(opt_tmpl_type, msg);
1535 }
1536
1537 error_pkts = ipfix_send_template_msg(exporter->collectors, msg,
1538 set_hdr_offset);
1539 tx_errors += error_pkts;
1540 tx_packets += collectors_count(exporter->collectors) - error_pkts;
1541 exporter->ofproto_stats.tx_pkts += tx_packets;
1542 exporter->ofproto_stats.tx_errors += tx_errors;
1543}
1544
8b7ea2d4
WZ		 1545static void
1546ipfix_send_template_msgs(struct dpif_ipfix_exporter *exporter,
1547 uint32_t export_time_sec, uint32_t obs_domain_id)
29089a54 1548{
978427a5 1549 uint64_t msg_stub[DIV_ROUND_UP(MAX_MESSAGE_LEN, 8)];
cf62fa4c 1550 struct dp_packet msg;
642c824b
BP		 1551 dp_packet_use_stub(&msg, msg_stub, sizeof msg_stub);
1552
fb8f22c1 1553 size_t set_hdr_offset, tmpl_hdr_offset, error_pkts;
29089a54 1554 struct ipfix_template_record_header *tmpl_hdr;
fb8f22c1
BY		 1555 size_t tx_packets = 0;
1556 size_t tx_errors = 0;
29089a54
RL		 1557 enum ipfix_proto_l2 l2;
1558 enum ipfix_proto_l3 l3;
1559 enum ipfix_proto_l4 l4;
8b7ea2d4 1560 enum ipfix_proto_tunnel tunnel;
29089a54 1561
642c824b 1562 ipfix_init_template_msg(export_time_sec, exporter->seq_number,
d564c4bb
PS		 1563 obs_domain_id, IPFIX_SET_ID_TEMPLATE, &msg,
1564 &set_hdr_offset);
29089a54
RL		 1565 /* Define one template for each possible combination of
1566 * protocols. */
1567 for (l2 = 0; l2 < NUM_IPFIX_PROTO_L2; l2++) {
1568 for (l3 = 0; l3 < NUM_IPFIX_PROTO_L3; l3++) {
1569 for (l4 = 0; l4 < NUM_IPFIX_PROTO_L4; l4++) {
1570 if (l3 == IPFIX_PROTO_L3_UNKNOWN &&
1571 l4 != IPFIX_PROTO_L4_UNKNOWN) {
1572 continue;
1573 }
8b7ea2d4
WZ		 1574 for (tunnel = 0; tunnel < NUM_IPFIX_PROTO_TUNNEL; tunnel++) {
1575 /* When the size of the template packet reaches
1576 * MAX_MESSAGE_LEN(1024), send it out.
1577 * And then reinitialize the msg to construct a new
1578 * packet for the following templates.
1579 */
cf62fa4c 1580 if (dp_packet_size(&msg) >= MAX_MESSAGE_LEN) {
8b7ea2d4 1581 /* Send template message. */
fb8f22c1
BY		 1582 error_pkts = ipfix_send_template_msg(exporter->collectors,
1583 &msg, set_hdr_offset);
1584 tx_errors += error_pkts;
1585 tx_packets += collectors_count(exporter->collectors) - error_pkts;
8b7ea2d4
WZ		 1586
1587 /* Reinitialize the template msg. */
642c824b 1588 ipfix_init_template_msg(export_time_sec,
8b7ea2d4 1589 exporter->seq_number,
d564c4bb
PS		 1590 obs_domain_id,
1591 IPFIX_SET_ID_TEMPLATE,
1592 &msg,
8b7ea2d4
WZ		 1593 &set_hdr_offset);
1594 }
1595
cf62fa4c
PS		 1596 tmpl_hdr_offset = dp_packet_size(&msg);
1597 tmpl_hdr = dp_packet_put_zeros(&msg, sizeof *tmpl_hdr);
8b7ea2d4
WZ		 1598 tmpl_hdr->template_id = htons(
1599 ipfix_get_template_id(l2, l3, l4, tunnel));
d564c4bb 1600 ipfix_define_template_fields(
c97320eb 1601 l2, l3, l4, tunnel, exporter->virtual_obs_id != NULL,
d564c4bb 1602 tmpl_hdr_offset, &msg);
8b7ea2d4 1603 }
29089a54
RL		 1604 }
1605 }
1606 }
1607
8b7ea2d4 1608 /* Send template message. */
fb8f22c1
BY		 1609 error_pkts = ipfix_send_template_msg(exporter->collectors, &msg, set_hdr_offset);
1610 tx_errors += error_pkts;
1611 tx_packets += collectors_count(exporter->collectors) - error_pkts;
1612
fe520682 1613 exporter->ofproto_stats.tx_pkts += tx_packets;
1614 exporter->ofproto_stats.tx_errors += tx_errors;
29089a54 1615
fbd683d0 1616 /* XXX: Add Options Template Sets, at least to define a Flow Keys
29089a54
RL		 1617 * Option Template. */
1618
d564c4bb
PS		 1619 /* At the moment only a single Options Template Set is used, which contains
1620 * Exporting Process Statistics. It means that there is no specific
1621 * Observation Domain ID relevant for the entire IPFIX message and it
1622 * should be set to 0. */
1623 ipfix_send_options_template_msgs(exporter, export_time_sec, 0U, &msg);
1624
642c824b 1625 dp_packet_uninit(&msg);
29089a54
RL		 1626}
1627
978427a5
RL		 1628static inline uint32_t
1629ipfix_hash_flow_key(const struct ipfix_flow_key *flow_key, uint32_t basis)
1630{
1631 uint32_t hash;
1632 hash = hash_int(flow_key->obs_domain_id, basis);
1633 hash = hash_int(flow_key->template_id, hash);
1634 hash = hash_bytes(flow_key->flow_key_msg_part,
1635 flow_key->flow_key_msg_part_size, hash);
1636 return hash;
1637}
1638
1639static bool
1640ipfix_flow_key_equal(const struct ipfix_flow_key *a,
1641 const struct ipfix_flow_key *b)
1642{
1643 /* The template ID determines the flow key size, so not need to
1644 * compare it. */
1645 return (a->obs_domain_id == b->obs_domain_id
1646 && a->template_id == b->template_id
1647 && memcmp(a->flow_key_msg_part, b->flow_key_msg_part,
1648 a->flow_key_msg_part_size) == 0);
1649}
1650
1651static struct ipfix_flow_cache_entry*
1652ipfix_cache_find_entry(const struct dpif_ipfix_exporter *exporter,
1653 const struct ipfix_flow_key *flow_key)
1654{
1655 struct ipfix_flow_cache_entry *entry;
1656
1657 HMAP_FOR_EACH_WITH_HASH (entry, flow_key_map_node,
1658 ipfix_hash_flow_key(flow_key, 0),
1659 &exporter->cache_flow_key_map) {
1660 if (ipfix_flow_key_equal(&entry->flow_key, flow_key)) {
1661 return entry;
1662 }
1663 }
1664
1665 return NULL;
1666}
1667
1668static bool
1669ipfix_cache_next_timeout_msec(const struct dpif_ipfix_exporter *exporter,
1670 long long int *next_timeout_msec)
1671{
1672 struct ipfix_flow_cache_entry *entry;
1673
1674 LIST_FOR_EACH (entry, cache_flow_start_timestamp_list_node,
1675 &exporter->cache_flow_start_timestamp_list) {
1676 *next_timeout_msec = entry->flow_start_timestamp_usec / 1000LL
1677 + 1000LL * exporter->cache_active_timeout;
1678 return true;
1679 }
1680
1681 return false;
1682}
1683
1684static void
1685ipfix_cache_aggregate_entries(struct ipfix_flow_cache_entry *from_entry,
1686 struct ipfix_flow_cache_entry *to_entry)
1687{
1688 uint64_t *to_start, *to_end, *from_start, *from_end;
1689 uint16_t *to_min_len, *to_max_len, *from_min_len, *from_max_len;
1690
1691 to_start = &to_entry->flow_start_timestamp_usec;
1692 to_end = &to_entry->flow_end_timestamp_usec;
1693 from_start = &from_entry->flow_start_timestamp_usec;
1694 from_end = &from_entry->flow_end_timestamp_usec;
1695
1696 if (*to_start > *from_start) {
1697 *to_start = *from_start;
1698 }
1699 if (*to_end < *from_end) {
1700 *to_end = *from_end;
1701 }
1702
564230b6
PS		 1703
1704 to_entry->dropped_packet_delta_count +=
1705 from_entry->dropped_packet_delta_count;
978427a5
RL		 1706 to_entry->packet_delta_count += from_entry->packet_delta_count;
1707 to_entry->layer2_octet_delta_count += from_entry->layer2_octet_delta_count;
1708
564230b6
PS		 1709 to_entry->dropped_packet_total_count =
1710 from_entry->dropped_packet_total_count;
fe520682 1711 to_entry->packet_total_count = from_entry->packet_total_count;
ebfe9a21
PS		 1712 to_entry->in_ucast_packet_total_count =
1713 from_entry->in_ucast_packet_total_count;
1714 to_entry->in_mcast_packet_total_count =
1715 from_entry->in_mcast_packet_total_count;
1716 to_entry->in_bcast_packet_total_count =
1717 from_entry->in_bcast_packet_total_count;
1718 to_entry->out_ucast_packet_total_count =
1719 from_entry->out_ucast_packet_total_count;
1720 to_entry->out_bcast_packet_total_count =
1721 from_entry->out_bcast_packet_total_count;
fe520682 1722 to_entry->layer2_octet_total_count = from_entry->layer2_octet_total_count;
ebfe9a21
PS		 1723 to_entry->post_mcast_packet_delta_count +=
1724 from_entry->post_mcast_packet_delta_count;
1725 to_entry->post_mcast_octet_delta_count +=
1726 from_entry->post_mcast_octet_delta_count;
fe520682 1727
564230b6
PS		 1728 to_entry->dropped_octet_delta_count +=
1729 from_entry->dropped_octet_delta_count;
f51e8ccb 1730 to_entry->octet_delta_count += from_entry->octet_delta_count;
978427a5
RL		 1731 to_entry->octet_delta_sum_of_squares +=
1732 from_entry->octet_delta_sum_of_squares;
1733
564230b6
PS		 1734 to_entry->dropped_octet_total_count =
1735 from_entry->dropped_octet_total_count;
fe520682 1736 to_entry->octet_total_count = from_entry->octet_total_count;
1737 to_entry->octet_total_sum_of_squares =
1738 from_entry->octet_total_sum_of_squares;
1739
ebfe9a21
PS		 1740 to_entry->post_mcast_packet_total_count =
1741 from_entry->post_mcast_packet_total_count;
1742 to_entry->post_mcast_octet_total_count =
1743 from_entry->post_mcast_octet_total_count;
1744
978427a5
RL		 1745 to_min_len = &to_entry->minimum_ip_total_length;
1746 to_max_len = &to_entry->maximum_ip_total_length;
1747 from_min_len = &from_entry->minimum_ip_total_length;
1748 from_max_len = &from_entry->maximum_ip_total_length;
1749
1750 if (!*to_min_len || (*from_min_len && *to_min_len > *from_min_len)) {
1751 *to_min_len = *from_min_len;
1752 }
1753 if (*to_max_len < *from_max_len) {
1754 *to_max_len = *from_max_len;
1755 }
0b4f83e2
PS		 1756
1757 to_entry->tcp_packet_delta_count += from_entry->tcp_packet_delta_count;
1758 to_entry->tcp_ack_total_count = from_entry->tcp_ack_total_count;
1759 to_entry->tcp_fin_total_count = from_entry->tcp_fin_total_count;
1760 to_entry->tcp_psh_total_count = from_entry->tcp_psh_total_count;
1761 to_entry->tcp_rst_total_count = from_entry->tcp_rst_total_count;
1762 to_entry->tcp_syn_total_count = from_entry->tcp_syn_total_count;
1763 to_entry->tcp_urg_total_count = from_entry->tcp_urg_total_count;
978427a5
RL		 1764}
1765
fb8f22c1
BY		 1766/* Get statistics */
1767static void
1768ipfix_get_stats__(const struct dpif_ipfix_exporter *exporter,
1769 ofproto_ipfix_stats *stats)
1770{
1771 memset(stats, 0xff, sizeof *stats);
1772
1773 if (!exporter) {
1774 return;
1775 }
1776
fe520682 1777 *stats = exporter->ofproto_stats;
fb8f22c1
BY		 1778}
1779
1780static void
1781ipfix_get_bridge_stats(const struct dpif_ipfix_bridge_exporter *exporter,
1782 ofproto_ipfix_stats *stats)
1783{
1784 ipfix_get_stats__(&exporter->exporter, stats);
1785}
1786
1787static void
1788ipfix_get_flow_stats(const struct dpif_ipfix_flow_exporter *exporter,
1789 ofproto_ipfix_stats *stats)
1790{
1791 ipfix_get_stats__(&exporter->exporter, stats);
1792 stats->collector_set_id = exporter->options->collector_set_id;
1793}
1794
1795int
1796dpif_ipfix_get_stats(const struct dpif_ipfix *di,
1797 bool bridge_ipfix,
1798 struct ovs_list *replies)
1799 OVS_EXCLUDED(mutex)
1800{
1801 struct dpif_ipfix_flow_exporter_map_node *flow_exporter_node;
1802 struct ofputil_ipfix_stats ois;
1803
1804 ovs_mutex_lock(&mutex);
1805 if (bridge_ipfix) {
1806 if (!di->bridge_exporter.options) {
1807 ovs_mutex_unlock(&mutex);
1808 return OFPERR_NXST_NOT_CONFIGURED;
1809 }
1810
1811 ipfix_get_bridge_stats(&di->bridge_exporter, &ois);
1812 ofputil_append_ipfix_stat(replies, &ois);
1813 } else {
1814 if (hmap_count(&di->flow_exporter_map) == 0) {
1815 ovs_mutex_unlock(&mutex);
1816 return OFPERR_NXST_NOT_CONFIGURED;
1817 }
1818
1819 HMAP_FOR_EACH (flow_exporter_node, node,
1820 &di->flow_exporter_map) {
1821 ipfix_get_flow_stats(&flow_exporter_node->exporter, &ois);
1822 ofputil_append_ipfix_stat(replies, &ois);
1823 }
1824 }
1825 ovs_mutex_unlock(&mutex);
1826
1827 return 0;
1828}
1829
1830/* Update partial ipfix stats */
1831static void
1832ipfix_update_stats(struct dpif_ipfix_exporter *exporter,
1833 bool new_flow,
1834 size_t current_flows,
1835 enum ipfix_sampled_packet_type sampled_pkt_type)
1836{
1837 if (new_flow) {
fe520682 1838 exporter->ofproto_stats.total_flows++;
1839 exporter->ofproto_stats.current_flows = current_flows;
fb8f22c1 1840 }
fe520682 1841 exporter->ofproto_stats.pkts++;
fb8f22c1
BY		 1842
1843 switch (sampled_pkt_type) {
1844 case IPFIX_SAMPLED_PKT_IPV4_OK:
fe520682 1845 exporter->ofproto_stats.ipv4_pkts++;
fb8f22c1
BY		 1846 break;
1847 case IPFIX_SAMPLED_PKT_IPV6_OK:
fe520682 1848 exporter->ofproto_stats.ipv6_pkts++;
fb8f22c1
BY		 1849 break;
1850 case IPFIX_SAMPLED_PKT_IPV4_ERROR:
fe520682 1851 exporter->ofproto_stats.ipv4_error_pkts++;
1852 exporter->ofproto_stats.error_pkts++;
fb8f22c1
BY		 1853 break;
1854 case IPFIX_SAMPLED_PKT_IPV6_ERROR:
fe520682 1855 exporter->ofproto_stats.ipv6_error_pkts++;
1856 exporter->ofproto_stats.error_pkts++;
fb8f22c1
BY		 1857 break;
1858 case IPFIX_SAMPLED_PKT_UNKNOWN:
fe520682 1859 exporter->ofproto_stats.error_pkts++;
fb8f22c1
BY		 1860 break;
1861 case IPFIX_SAMPLED_PKT_OTHERS:
1862 default:
1863 break;
1864 }
1865}
1866
f88ee3a5
BP		 1867/* Returns the current time in the form used by IPFIX (microseconds since the
1868 * epoch). */
1869static uint64_t
1870ipfix_now(void)
1871{
1872 return time_wall_msec() * 1000ULL;
1873}
1874
978427a5
RL		 1875/* Add an entry into a flow cache. The entry is either aggregated into
1876 * an existing entry with the same flow key and free()d, or it is
fb8f22c1 1877 * inserted into the cache. And IPFIX stats will be updated */
978427a5
RL		 1878static void
1879ipfix_cache_update(struct dpif_ipfix_exporter *exporter,
fb8f22c1
BY		 1880 struct ipfix_flow_cache_entry *entry,
1881 enum ipfix_sampled_packet_type sampled_pkt_type)
978427a5
RL		 1882{
1883 struct ipfix_flow_cache_entry *old_entry;
fb8f22c1 1884 size_t current_flows = 0;
978427a5
RL		 1885
1886 old_entry = ipfix_cache_find_entry(exporter, &entry->flow_key);
1887
1888 if (old_entry == NULL) {
1889 hmap_insert(&exporter->cache_flow_key_map, &entry->flow_key_map_node,
1890 ipfix_hash_flow_key(&entry->flow_key, 0));
1891
1892 /* As the latest entry added into the cache, it should
1893 * logically have the highest flow_start_timestamp_usec, so
1894 * append it at the tail. */
417e7e66 1895 ovs_list_push_back(&exporter->cache_flow_start_timestamp_list,
978427a5
RL		 1896 &entry->cache_flow_start_timestamp_list_node);
1897
1898 /* Enforce exporter->cache_max_flows limit. */
fb8f22c1
BY		 1899 current_flows = hmap_count(&exporter->cache_flow_key_map);
1900 ipfix_update_stats(exporter, true, current_flows, sampled_pkt_type);
1901 if (current_flows > exporter->cache_max_flows) {
978427a5
RL		 1902 dpif_ipfix_cache_expire_now(exporter, false);
1903 }
1904 } else {
1905 ipfix_cache_aggregate_entries(entry, old_entry);
1906 free(entry);
fb8f22c1 1907 ipfix_update_stats(exporter, false, current_flows, sampled_pkt_type);
978427a5
RL		 1908 }
1909}
1910
fb8f22c1 1911static enum ipfix_sampled_packet_type
978427a5 1912ipfix_cache_entry_init(struct ipfix_flow_cache_entry *entry,
cf62fa4c 1913 const struct dp_packet *packet, const struct flow *flow,
978427a5 1914 uint64_t packet_delta_count, uint32_t obs_domain_id,
8b7ea2d4 1915 uint32_t obs_point_id, odp_port_t output_odp_port,
4930ea56 1916 enum nx_action_sample_direction direction,
8b7ea2d4 1917 const struct dpif_ipfix_port *tunnel_port,
fe520682 1918 const struct flow_tnl *tunnel_key,
564230b6
PS		 1919 struct dpif_ipfix_global_stats *stats,
1920 const struct dpif_ipfix_actions *ipfix_actions)
29089a54 1921{
978427a5 1922 struct ipfix_flow_key *flow_key;
cf62fa4c 1923 struct dp_packet msg;
29089a54
RL		 1924 enum ipfix_proto_l2 l2;
1925 enum ipfix_proto_l3 l3;
1926 enum ipfix_proto_l4 l4;
8b7ea2d4 1927 enum ipfix_proto_tunnel tunnel = IPFIX_PROTO_NOT_TUNNELED;
fb8f22c1 1928 enum ipfix_sampled_packet_type sampled_pkt_type = IPFIX_SAMPLED_PKT_UNKNOWN;
978427a5
RL		 1929 uint8_t ethernet_header_length;
1930 uint16_t ethernet_total_length;
ebfe9a21
PS		 1931 bool is_multicast = false;
1932 bool is_broadcast = false;
29089a54 1933
978427a5 1934 flow_key = &entry->flow_key;
cf62fa4c
PS		 1935 dp_packet_use_stub(&msg, flow_key->flow_key_msg_part,
1936 sizeof flow_key->flow_key_msg_part);
29089a54
RL		 1937
1938 /* Choose the right template ID matching the protocols in the
1939 * sampled packet. */
f0fb825a 1940 l2 = (flow->vlans[0].tci == 0) ? IPFIX_PROTO_L2_ETH : IPFIX_PROTO_L2_VLAN;
29089a54
RL		 1941
1942 switch(ntohs(flow->dl_type)) {
1943 case ETH_TYPE_IP:
1944 l3 = IPFIX_PROTO_L3_IPV4;
0b4f83e2 1945 sampled_pkt_type = IPFIX_SAMPLED_PKT_IPV4_OK;
f51e8ccb
RL		 1946 switch(flow->nw_proto) {
1947 case IPPROTO_TCP:
0b4f83e2
PS		 1948 l4 = IPFIX_PROTO_L4_TCP;
1949 break;
f51e8ccb 1950 case IPPROTO_UDP:
0b4f83e2
PS		 1951 l4 = IPFIX_PROTO_L4_UDP;
1952 break;
f51e8ccb 1953 case IPPROTO_SCTP:
0b4f83e2 1954 l4 = IPFIX_PROTO_L4_SCTP;
f51e8ccb
RL		 1955 break;
1956 case IPPROTO_ICMP:
1957 l4 = IPFIX_PROTO_L4_ICMP;
1958 break;
1959 default:
1960 l4 = IPFIX_PROTO_L4_UNKNOWN;
fb8f22c1 1961 sampled_pkt_type = IPFIX_SAMPLED_PKT_IPV4_ERROR;
f51e8ccb 1962 }
29089a54
RL		 1963 break;
1964 case ETH_TYPE_IPV6:
1965 l3 = IPFIX_PROTO_L3_IPV6;
0b4f83e2 1966 sampled_pkt_type = IPFIX_SAMPLED_PKT_IPV6_OK;
29089a54 1967 switch(flow->nw_proto) {
f51e8ccb 1968 case IPPROTO_TCP:
0b4f83e2
PS		 1969 l4 = IPFIX_PROTO_L4_TCP;
1970 break;
f51e8ccb 1971 case IPPROTO_UDP:
0b4f83e2
PS		 1972 l4 = IPFIX_PROTO_L4_UDP;
1973 break;
f51e8ccb 1974 case IPPROTO_SCTP:
0b4f83e2 1975 l4 = IPFIX_PROTO_L4_SCTP;
f51e8ccb
RL		 1976 break;
1977 case IPPROTO_ICMPV6:
1978 l4 = IPFIX_PROTO_L4_ICMP;
29089a54 1979 break;
f51e8ccb
RL		 1980 default:
1981 l4 = IPFIX_PROTO_L4_UNKNOWN;
fb8f22c1 1982 sampled_pkt_type = IPFIX_SAMPLED_PKT_IPV6_ERROR;
29089a54 1983 }
f51e8ccb
RL		 1984 break;
1985 default:
1986 l3 = IPFIX_PROTO_L3_UNKNOWN;
1987 l4 = IPFIX_PROTO_L4_UNKNOWN;
fb8f22c1 1988 sampled_pkt_type = IPFIX_SAMPLED_PKT_OTHERS;
29089a54
RL		 1989 }
1990
8b7ea2d4
WZ		 1991 if (tunnel_port && tunnel_key) {
1992 tunnel = IPFIX_PROTO_TUNNELED;
1993 }
1994
978427a5 1995 flow_key->obs_domain_id = obs_domain_id;
8b7ea2d4 1996 flow_key->template_id = ipfix_get_template_id(l2, l3, l4, tunnel);
29089a54
RL		 1997
1998 /* The fields defined in the ipfix_data_record_* structs and sent
1999 * below must match exactly the templates defined in
2000 * ipfix_define_template_fields. */
2001
978427a5
RL		 2002 ethernet_header_length = (l2 == IPFIX_PROTO_L2_VLAN)
2003 ? VLAN_ETH_HEADER_LEN : ETH_HEADER_LEN;
cf62fa4c 2004 ethernet_total_length = dp_packet_size(packet);
978427a5 2005
ebfe9a21
PS		 2006 uint8_t flow_direction =
2007 (direction == NX_ACTION_SAMPLE_INGRESS ? INGRESS_FLOW
2008 : direction == NX_ACTION_SAMPLE_EGRESS ? EGRESS_FLOW
2009 : output_odp_port == ODPP_NONE ? INGRESS_FLOW : EGRESS_FLOW);
2010
29089a54
RL		 2011 /* Common Ethernet entities. */
2012 {
978427a5 2013 struct ipfix_data_record_flow_key_common *data_common;
29089a54 2014
cf62fa4c 2015 data_common = dp_packet_put_zeros(&msg, sizeof *data_common);
29089a54 2016 data_common->observation_point_id = htonl(obs_point_id);
ebfe9a21 2017 data_common->flow_direction = flow_direction;
74ff3298
JR		 2018 data_common->source_mac_address = flow->dl_src;
2019 data_common->destination_mac_address = flow->dl_dst;
29089a54 2020 data_common->ethernet_type = flow->dl_type;
29089a54
RL		 2021 data_common->ethernet_header_length = ethernet_header_length;
2022 }
2023
2024 if (l2 == IPFIX_PROTO_L2_VLAN) {
978427a5 2025 struct ipfix_data_record_flow_key_vlan *data_vlan;
f0fb825a
EG		 2026 uint16_t vlan_id = vlan_tci_to_vid(flow->vlans[0].tci);
2027 uint8_t priority = vlan_tci_to_pcp(flow->vlans[0].tci);
29089a54 2028
cf62fa4c 2029 data_vlan = dp_packet_put_zeros(&msg, sizeof *data_vlan);
29089a54
RL		 2030 data_vlan->vlan_id = htons(vlan_id);
2031 data_vlan->dot1q_vlan_id = htons(vlan_id);
2032 data_vlan->dot1q_priority = priority;
2033 }
2034
2035 if (l3 != IPFIX_PROTO_L3_UNKNOWN) {
978427a5 2036 struct ipfix_data_record_flow_key_ip *data_ip;
29089a54 2037
cf62fa4c 2038 data_ip = dp_packet_put_zeros(&msg, sizeof *data_ip);
29089a54
RL		 2039 data_ip->ip_version = (l3 == IPFIX_PROTO_L3_IPV4) ? 4 : 6;
2040 data_ip->ip_ttl = flow->nw_ttl;
2041 data_ip->protocol_identifier = flow->nw_proto;
2042 data_ip->ip_diff_serv_code_point = flow->nw_tos >> 2;
2043 data_ip->ip_precedence = flow->nw_tos >> 5;
2044 data_ip->ip_class_of_service = flow->nw_tos;
2045
2046 if (l3 == IPFIX_PROTO_L3_IPV4) {
978427a5 2047 struct ipfix_data_record_flow_key_ipv4 *data_ipv4;
f51e8ccb 2048
cf62fa4c 2049 data_ipv4 = dp_packet_put_zeros(&msg, sizeof *data_ipv4);
29089a54
RL		 2050 data_ipv4->source_ipv4_address = flow->nw_src;
2051 data_ipv4->destination_ipv4_address = flow->nw_dst;
2052 } else { /* l3 == IPFIX_PROTO_L3_IPV6 */
978427a5 2053 struct ipfix_data_record_flow_key_ipv6 *data_ipv6;
29089a54 2054
cf62fa4c 2055 data_ipv6 = dp_packet_put_zeros(&msg, sizeof *data_ipv6);
29089a54
RL		 2056 memcpy(data_ipv6->source_ipv6_address, &flow->ipv6_src,
2057 sizeof flow->ipv6_src);
2058 memcpy(data_ipv6->destination_ipv6_address, &flow->ipv6_dst,
2059 sizeof flow->ipv6_dst);
2060 data_ipv6->flow_label_ipv6 = flow->ipv6_label;
2061 }
2062 }
2063
0b4f83e2
PS		 2064 if (l4 == IPFIX_PROTO_L4_TCP
2065 || l4 == IPFIX_PROTO_L4_UDP
2066 || l4 == IPFIX_PROTO_L4_SCTP) {
f51e8ccb
RL		 2067 struct ipfix_data_record_flow_key_transport *data_transport;
2068
cf62fa4c 2069 data_transport = dp_packet_put_zeros(&msg, sizeof *data_transport);
f51e8ccb
RL		 2070 data_transport->source_transport_port = flow->tp_src;
2071 data_transport->destination_transport_port = flow->tp_dst;
2072 } else if (l4 == IPFIX_PROTO_L4_ICMP) {
2073 struct ipfix_data_record_flow_key_icmp *data_icmp;
29089a54 2074
cf62fa4c 2075 data_icmp = dp_packet_put_zeros(&msg, sizeof *data_icmp);
f51e8ccb
RL		 2076 data_icmp->icmp_type = ntohs(flow->tp_src) & 0xff;
2077 data_icmp->icmp_code = ntohs(flow->tp_dst) & 0xff;
29089a54
RL		 2078 }
2079
8b7ea2d4
WZ		 2080 if (tunnel == IPFIX_PROTO_TUNNELED) {
2081 struct ipfix_data_record_flow_key_tunnel *data_tunnel;
2082 const uint8_t *tun_id;
2083
cf62fa4c 2084 data_tunnel = dp_packet_put_zeros(&msg, sizeof *data_tunnel +
8b7ea2d4
WZ		 2085 tunnel_port->tunnel_key_length);
2086 data_tunnel->tunnel_source_ipv4_address = tunnel_key->ip_src;
2087 data_tunnel->tunnel_destination_ipv4_address = tunnel_key->ip_dst;
2088 /* The tunnel_protocol_identifier is from tunnel_proto array, which
2089 * contains protocol_identifiers of each tunnel type.
8b7ea2d4
WZ		 2090 */
2091 data_tunnel->tunnel_protocol_identifier =
2092 tunnel_protocol[tunnel_port->tunnel_type];
2093 data_tunnel->tunnel_source_transport_port = tunnel_key->tp_src;
2094 data_tunnel->tunnel_destination_transport_port = tunnel_key->tp_dst;
2095 data_tunnel->tunnel_type = tunnel_port->tunnel_type;
2096 data_tunnel->tunnel_key_length = tunnel_port->tunnel_key_length;
2097 /* tun_id is in network order, and tunnel key is in low bits. */
2098 tun_id = (const uint8_t *) &tunnel_key->tun_id;
2099 memcpy(data_tunnel->tunnel_key,
2100 &tun_id[8 - tunnel_port->tunnel_key_length],
2101 tunnel_port->tunnel_key_length);
2102 }
2103
cf62fa4c 2104 flow_key->flow_key_msg_part_size = dp_packet_size(&msg);
978427a5 2105
ebfe9a21
PS		 2106 if (eth_addr_is_broadcast(flow->dl_dst)) {
2107 is_broadcast = true;
2108 } else if (eth_addr_is_multicast(flow->dl_dst)) {
2109 is_multicast = true;
2110 }
2111
978427a5 2112 {
978427a5
RL		 2113 uint64_t layer2_octet_delta_count;
2114
2115 /* Calculate the total matched octet count by considering as
2116 * an approximation that all matched packets have the same
2117 * length. */
2118 layer2_octet_delta_count = packet_delta_count * ethernet_total_length;
2119
f88ee3a5 2120 entry->flow_end_timestamp_usec = ipfix_now();
978427a5 2121 entry->flow_start_timestamp_usec = entry->flow_end_timestamp_usec;
564230b6
PS		 2122
2123 if (ipfix_actions && ipfix_actions->output_action) {
2124 entry->dropped_packet_delta_count = 0;
2125 } else {
2126 entry->dropped_packet_delta_count = packet_delta_count;
2127 }
2128
978427a5
RL		 2129 entry->packet_delta_count = packet_delta_count;
2130 entry->layer2_octet_delta_count = layer2_octet_delta_count;
fe520682 2131
564230b6 2132 stats->dropped_packet_total_count += entry->dropped_packet_delta_count;
fe520682 2133 stats->packet_total_count += packet_delta_count;
2134 stats->layer2_octet_total_count += layer2_octet_delta_count;
ebfe9a21
PS		 2135
2136 entry->post_mcast_packet_delta_count = 0;
2137 if (is_broadcast) {
2138 if (flow_direction == INGRESS_FLOW) {
2139 stats->in_bcast_packet_total_count += packet_delta_count;
2140 } else if (flow_direction == EGRESS_FLOW) {
2141 stats->out_bcast_packet_total_count += packet_delta_count;
2142 }
2143 } else if (is_multicast) {
2144 if (flow_direction == INGRESS_FLOW) {
2145 stats->in_mcast_packet_total_count += packet_delta_count;
2146 } else if (flow_direction == EGRESS_FLOW) {
2147 entry->post_mcast_packet_delta_count = packet_delta_count;
2148 stats->post_mcast_packet_total_count += packet_delta_count;
2149 }
2150 } else {
2151 if (flow_direction == INGRESS_FLOW) {
2152 stats->in_ucast_packet_total_count += packet_delta_count;
2153 } else if (flow_direction == EGRESS_FLOW) {
2154 stats->out_ucast_packet_total_count += packet_delta_count;
2155 }
2156 }
2157
564230b6 2158 entry->dropped_packet_total_count = stats->dropped_packet_total_count;
fe520682 2159 entry->packet_total_count = stats->packet_total_count;
ebfe9a21
PS		 2160 entry->in_ucast_packet_total_count =
2161 stats->in_ucast_packet_total_count;
2162 entry->in_mcast_packet_total_count =
2163 stats->in_mcast_packet_total_count;
2164 entry->in_bcast_packet_total_count =
2165 stats->in_bcast_packet_total_count;
2166 entry->out_ucast_packet_total_count =
2167 stats->out_ucast_packet_total_count;
2168 entry->out_bcast_packet_total_count =
2169 stats->out_bcast_packet_total_count;
2170 entry->post_mcast_packet_total_count =
2171 stats->post_mcast_packet_total_count;
fe520682 2172 entry->layer2_octet_total_count = stats->layer2_octet_total_count;
978427a5
RL		 2173 }
2174
2175 if (l3 != IPFIX_PROTO_L3_UNKNOWN) {
2176 uint16_t ip_total_length =
2177 ethernet_total_length - ethernet_header_length;
f51e8ccb
RL		 2178 uint64_t octet_delta_count;
2179
2180 /* Calculate the total matched octet count by considering as
2181 * an approximation that all matched packets have the same
2182 * length. */
2183 octet_delta_count = packet_delta_count * ip_total_length;
978427a5 2184
564230b6
PS		 2185 if (ipfix_actions && ipfix_actions->output_action) {
2186 entry->dropped_octet_delta_count = 0;
2187 } else {
2188 entry->dropped_octet_delta_count = octet_delta_count;
2189 }
2190
f51e8ccb
RL		 2191 entry->octet_delta_count = octet_delta_count;
2192 entry->octet_delta_sum_of_squares = octet_delta_count * ip_total_length;
978427a5
RL		 2193 entry->minimum_ip_total_length = ip_total_length;
2194 entry->maximum_ip_total_length = ip_total_length;
fe520682 2195
564230b6 2196 stats->dropped_octet_total_count += entry->dropped_octet_delta_count;
fe520682 2197 stats->octet_total_count += octet_delta_count;
2198 stats->octet_total_sum_of_squares += entry->octet_delta_sum_of_squares;
fe520682 2199
ebfe9a21
PS		 2200 if (is_multicast && flow_direction == EGRESS_FLOW) {
2201 entry->post_mcast_octet_delta_count = octet_delta_count;
2202 stats->post_mcast_octet_total_count += octet_delta_count;
2203 } else {
2204 entry->post_mcast_octet_delta_count = 0;
2205 }
978427a5
RL		 2206 } else {
2207 entry->octet_delta_sum_of_squares = 0;
2208 entry->minimum_ip_total_length = 0;
2209 entry->maximum_ip_total_length = 0;
2210 }
fb8f22c1 2211
564230b6 2212 entry->dropped_octet_total_count = stats->dropped_octet_total_count;
0b4f83e2
PS		 2213 entry->octet_total_sum_of_squares = stats->octet_total_sum_of_squares;
2214 entry->octet_total_count = stats->octet_total_count;
ebfe9a21
PS		 2215 entry->post_mcast_octet_total_count =
2216 stats->post_mcast_octet_total_count;
0b4f83e2
PS		 2217
2218 if (l4 == IPFIX_PROTO_L4_TCP) {
2219 uint16_t tcp_flags = ntohs(flow->tcp_flags);
2220 entry->tcp_packet_delta_count = packet_delta_count;
2221
2222 if (tcp_flags & TCP_ACK) {
2223 stats->tcp_ack_total_count += packet_delta_count;
2224 }
2225 if (tcp_flags & TCP_FIN) {
2226 stats->tcp_fin_total_count += packet_delta_count;
2227 }
2228 if (tcp_flags & TCP_PSH) {
2229 stats->tcp_psh_total_count += packet_delta_count;
2230 }
2231 if (tcp_flags & TCP_RST) {
2232 stats->tcp_rst_total_count += packet_delta_count;
2233 }
2234 if (tcp_flags & TCP_SYN) {
2235 stats->tcp_syn_total_count += packet_delta_count;
2236 }
2237 if (tcp_flags & TCP_URG) {
2238 stats->tcp_urg_total_count += packet_delta_count;
2239 }
2240 } else {
2241 entry->tcp_packet_delta_count = 0;
2242 }
2243
2244 entry->tcp_ack_total_count = stats->tcp_ack_total_count;
2245 entry->tcp_fin_total_count = stats->tcp_fin_total_count;
2246 entry->tcp_psh_total_count = stats->tcp_psh_total_count;
2247 entry->tcp_rst_total_count = stats->tcp_rst_total_count;
2248 entry->tcp_syn_total_count = stats->tcp_syn_total_count;
2249 entry->tcp_urg_total_count = stats->tcp_urg_total_count;
2250
fb8f22c1 2251 return sampled_pkt_type;
978427a5
RL		 2252}
2253
2254/* Send each single data record in its own data set, to simplify the
2255 * implementation by avoiding having to group record by template ID
2256 * before sending. */
2257static void
2258ipfix_put_data_set(uint32_t export_time_sec,
2259 struct ipfix_flow_cache_entry *entry,
2260 enum ipfix_flow_end_reason flow_end_reason,
c97320eb
WZ		 2261 const char *virtual_obs_id,
2262 uint8_t virtual_obs_len,
cf62fa4c 2263 struct dp_packet *msg)
978427a5
RL		 2264{
2265 size_t set_hdr_offset;
2266 struct ipfix_set_header *set_hdr;
2267
cf62fa4c 2268 set_hdr_offset = dp_packet_size(msg);
978427a5
RL		 2269
2270 /* Put a Data Set. */
cf62fa4c 2271 set_hdr = dp_packet_put_zeros(msg, sizeof *set_hdr);
978427a5
RL		 2272 set_hdr->set_id = htons(entry->flow_key.template_id);
2273
2274 /* Copy the flow key part of the data record. */
cf62fa4c 2275 dp_packet_put(msg, entry->flow_key.flow_key_msg_part,
978427a5
RL		 2276 entry->flow_key.flow_key_msg_part_size);
2277
c97320eb
WZ		 2278 /* Export virtual observation ID. */
2279 if (virtual_obs_id) {
2280 dp_packet_put(msg, &virtual_obs_len, sizeof(virtual_obs_len));
2281 dp_packet_put(msg, virtual_obs_id, virtual_obs_len);
2282 }
2283
978427a5
RL		 2284 /* Put the non-key part of the data record. */
2285
2286 {
2287 struct ipfix_data_record_aggregated_common *data_aggregated_common;
2288 uint64_t export_time_usec, flow_start_delta_usec, flow_end_delta_usec;
2289
2290 /* Calculate the negative deltas relative to the export time
2291 * in seconds sent in the header, not the exact export
2292 * time. */
2293 export_time_usec = 1000000LL * export_time_sec;
2294 flow_start_delta_usec = export_time_usec
2295 - entry->flow_start_timestamp_usec;
2296 flow_end_delta_usec = export_time_usec
2297 - entry->flow_end_timestamp_usec;
2298
cf62fa4c 2299 data_aggregated_common = dp_packet_put_zeros(
978427a5
RL		 2300 msg, sizeof *data_aggregated_common);
2301 data_aggregated_common->flow_start_delta_microseconds = htonl(
2302 flow_start_delta_usec);
2303 data_aggregated_common->flow_end_delta_microseconds = htonl(
2304 flow_end_delta_usec);
564230b6
PS		 2305 data_aggregated_common->dropped_packet_delta_count = htonll(
2306 entry->dropped_packet_delta_count);
2307 data_aggregated_common->dropped_packet_total_count = htonll(
2308 entry->dropped_packet_total_count);
978427a5
RL		 2309 data_aggregated_common->packet_delta_count = htonll(
2310 entry->packet_delta_count);
fe520682 2311 data_aggregated_common->packet_total_count = htonll(
2312 entry->packet_total_count);
ebfe9a21
PS		 2313 data_aggregated_common->in_ucast_packet_total_count = htonll(
2314 entry->in_ucast_packet_total_count);
2315 data_aggregated_common->in_mcast_packet_total_count = htonll(
2316 entry->in_mcast_packet_total_count);
2317 data_aggregated_common->in_bcast_packet_total_count = htonll(
2318 entry->in_bcast_packet_total_count);
2319 data_aggregated_common->out_ucast_packet_total_count = htonll(
2320 entry->out_ucast_packet_total_count);
2321 data_aggregated_common->out_bcast_packet_total_count = htonll(
2322 entry->out_bcast_packet_total_count);
978427a5
RL		 2323 data_aggregated_common->layer2_octet_delta_count = htonll(
2324 entry->layer2_octet_delta_count);
fe520682 2325 data_aggregated_common->layer2_octet_total_count = htonll(
2326 entry->layer2_octet_total_count);
978427a5 2327 data_aggregated_common->flow_end_reason = flow_end_reason;
ebfe9a21
PS		 2328 data_aggregated_common->post_mcast_packet_delta_count = htonll(
2329 entry->post_mcast_packet_delta_count);
2330 data_aggregated_common->post_mcast_packet_total_count = htonll(
2331 entry->post_mcast_packet_total_count);
978427a5
RL		 2332 }
2333
2334 if (entry->octet_delta_sum_of_squares) { /* IP packet. */
2335 struct ipfix_data_record_aggregated_ip *data_aggregated_ip;
2336
cf62fa4c 2337 data_aggregated_ip = dp_packet_put_zeros(
978427a5 2338 msg, sizeof *data_aggregated_ip);
564230b6
PS		 2339 data_aggregated_ip->dropped_octet_delta_count = htonll(
2340 entry->dropped_octet_delta_count);
2341 data_aggregated_ip->dropped_octet_total_count = htonll(
2342 entry->dropped_octet_total_count);
f51e8ccb
RL		 2343 data_aggregated_ip->octet_delta_count = htonll(
2344 entry->octet_delta_count);
fe520682 2345 data_aggregated_ip->octet_total_count = htonll(
2346 entry->octet_total_count);
978427a5
RL		 2347 data_aggregated_ip->octet_delta_sum_of_squares = htonll(
2348 entry->octet_delta_sum_of_squares);
fe520682 2349 data_aggregated_ip->octet_total_sum_of_squares = htonll(
2350 entry->octet_total_sum_of_squares);
978427a5
RL		 2351 data_aggregated_ip->minimum_ip_total_length = htonll(
2352 entry->minimum_ip_total_length);
2353 data_aggregated_ip->maximum_ip_total_length = htonll(
2354 entry->maximum_ip_total_length);
ebfe9a21
PS		 2355 data_aggregated_ip->post_mcast_octet_delta_count = htonll(
2356 entry->post_mcast_octet_delta_count);
2357 data_aggregated_ip->post_mcast_octet_total_count = htonll(
2358 entry->post_mcast_octet_total_count);
978427a5 2359 }
29089a54 2360
0b4f83e2
PS		 2361 if (entry->tcp_packet_delta_count) {
2362 struct ipfix_data_record_aggregated_tcp *data_aggregated_tcp;
2363
2364 data_aggregated_tcp = dp_packet_put_zeros(
2365 msg, sizeof *data_aggregated_tcp);
2366 data_aggregated_tcp->tcp_ack_total_count = htonll(
2367 entry->tcp_ack_total_count);
2368 data_aggregated_tcp->tcp_fin_total_count = htonll(
2369 entry->tcp_fin_total_count);
2370 data_aggregated_tcp->tcp_psh_total_count = htonll(
2371 entry->tcp_psh_total_count);
2372 data_aggregated_tcp->tcp_rst_total_count = htonll(
2373 entry->tcp_rst_total_count);
2374 data_aggregated_tcp->tcp_syn_total_count = htonll(
2375 entry->tcp_syn_total_count);
2376 data_aggregated_tcp->tcp_urg_total_count = htonll(
2377 entry->tcp_urg_total_count);
2378 }
2379
cf62fa4c
PS		 2380 set_hdr = (struct ipfix_set_header*)((uint8_t*)dp_packet_data(msg) + set_hdr_offset);
2381 set_hdr->length = htons(dp_packet_size(msg) - set_hdr_offset);
978427a5
RL		 2382}
2383
d564c4bb
PS		 2384static void
2385ipfix_put_exporter_data_set(uint32_t exporting_process_id,
2386 const ofproto_ipfix_stats *ofproto_stats,
2387 struct dp_packet *msg)
2388{
2389 size_t set_hdr_offset;
2390 struct ipfix_set_header *set_hdr;
2391
2392 set_hdr_offset = dp_packet_size(msg);
2393
2394 /* Put a Data Set. */
2395 set_hdr = dp_packet_put_zeros(msg, sizeof *set_hdr);
2396 set_hdr->set_id = htons(
2397 ipfix_get_options_template_id(IPFIX_OPTIONS_TEMPLATE_EXPORTER_STATS));
2398
2399 {
2400 struct ipfix_data_record_exporter_stats *data_exporter_stats;
2401
2402 data_exporter_stats = dp_packet_put_zeros(
2403 msg, sizeof *data_exporter_stats);
2404
2405 data_exporter_stats->exporting_process_id =
2406 htonl(exporting_process_id);
2407 data_exporter_stats->not_sent_packet_total_count = htonll(
2408 ofproto_stats->tx_errors);
2409 }
2410
2411 set_hdr = (struct ipfix_set_header *)
2412 ((uint8_t *)dp_packet_data(msg) + set_hdr_offset);
2413 set_hdr->length = htons(dp_packet_size(msg) - set_hdr_offset);
2414}
2415
2416/* Send an IPFIX message with a single data set containing Exporting Process
2417 * Reliability Statistics. */
2418static void
2419ipfix_send_exporter_data_msg(struct dpif_ipfix_exporter *exporter,
2420 uint32_t export_time_sec)
2421{
2422 uint64_t msg_stub[DIV_ROUND_UP(MAX_MESSAGE_LEN, 8)];
2423 struct dp_packet msg;
2424 size_t tx_errors;
2425
2426 dp_packet_use_stub(&msg, msg_stub, sizeof msg_stub);
2427
2428 /* In case of Exporting Process Statistics, Observation Domain ID should
2429 * be set to 0. */
2430 ipfix_init_header(export_time_sec, exporter->seq_number++, 0U, &msg);
2431 ipfix_put_exporter_data_set(exporter->exporter_id,
2432 &exporter->ofproto_stats, &msg);
2433 tx_errors = ipfix_send_msg(exporter->collectors, &msg);
2434
2435 dp_packet_uninit(&msg);
2436
2437 exporter->ofproto_stats.tx_pkts +=
2438 collectors_count(exporter->collectors) - tx_errors;
2439 exporter->ofproto_stats.tx_errors += tx_errors;
2440}
2441
978427a5
RL		 2442/* Send an IPFIX message with a single data record. */
2443static void
2444ipfix_send_data_msg(struct dpif_ipfix_exporter *exporter,
2445 uint32_t export_time_sec,
2446 struct ipfix_flow_cache_entry *entry,
2447 enum ipfix_flow_end_reason flow_end_reason)
2448{
2449 uint64_t msg_stub[DIV_ROUND_UP(MAX_MESSAGE_LEN, 8)];
cf62fa4c 2450 struct dp_packet msg;
fb8f22c1
BY		 2451 size_t tx_errors;
2452
cf62fa4c 2453 dp_packet_use_stub(&msg, msg_stub, sizeof msg_stub);
978427a5
RL		 2454
2455 ipfix_init_header(export_time_sec, exporter->seq_number++,
2456 entry->flow_key.obs_domain_id, &msg);
c97320eb
WZ		 2457 ipfix_put_data_set(export_time_sec, entry, flow_end_reason,
2458 exporter->virtual_obs_id, exporter->virtual_obs_len,
2459 &msg);
fb8f22c1 2460 tx_errors = ipfix_send_msg(exporter->collectors, &msg);
29089a54 2461
cf62fa4c 2462 dp_packet_uninit(&msg);
fb8f22c1 2463
fe520682 2464 exporter->ofproto_stats.current_flows--;
2465 exporter->ofproto_stats.tx_pkts +=
2466 collectors_count(exporter->collectors) - tx_errors;
2467 exporter->ofproto_stats.tx_errors += tx_errors;
29089a54
RL		 2468}
2469
2470static void
2471dpif_ipfix_sample(struct dpif_ipfix_exporter *exporter,
cf62fa4c 2472 const struct dp_packet *packet, const struct flow *flow,
29089a54 2473 uint64_t packet_delta_count, uint32_t obs_domain_id,
8b7ea2d4 2474 uint32_t obs_point_id, odp_port_t output_odp_port,
4930ea56 2475 enum nx_action_sample_direction direction,
8b7ea2d4 2476 const struct dpif_ipfix_port *tunnel_port,
564230b6
PS		 2477 const struct flow_tnl *tunnel_key,
2478 const struct dpif_ipfix_actions *ipfix_actions)
29089a54 2479{
978427a5 2480 struct ipfix_flow_cache_entry *entry;
fb8f22c1 2481 enum ipfix_sampled_packet_type sampled_packet_type;
29089a54 2482
978427a5
RL		 2483 /* Create a flow cache entry from the sample. */
2484 entry = xmalloc(sizeof *entry);
fe520682 2485 sampled_packet_type =
2486 ipfix_cache_entry_init(entry, packet,
2487 flow, packet_delta_count,
2488 obs_domain_id, obs_point_id,
2489 output_odp_port, direction,
2490 tunnel_port, tunnel_key,
564230b6
PS		 2491 &exporter->ipfix_global_stats,
2492 ipfix_actions);
fe520682 2493
fb8f22c1 2494 ipfix_cache_update(exporter, entry, sampled_packet_type);
29089a54
RL		 2495}
2496
7b85919c
JS		 2497static bool
2498bridge_exporter_enabled(struct dpif_ipfix *di)
2499{
2500 return di->bridge_exporter.probability > 0;
2501}
2502
29089a54 2503void
cf62fa4c 2504dpif_ipfix_bridge_sample(struct dpif_ipfix *di, const struct dp_packet *packet,
8b7ea2d4
WZ		 2505 const struct flow *flow,
2506 odp_port_t input_odp_port, odp_port_t output_odp_port,
564230b6
PS		 2507 const struct flow_tnl *output_tunnel_key,
2508 const struct dpif_ipfix_actions *ipfix_actions)
8b7ea2d4 2509 OVS_EXCLUDED(mutex)
29089a54 2510{
626ace7b 2511 uint64_t packet_delta_count;
8b7ea2d4
WZ		 2512 const struct flow_tnl *tunnel_key = NULL;
2513 struct dpif_ipfix_port * tunnel_port = NULL;
626ace7b
EJ		 2514
2515 ovs_mutex_lock(&mutex);
a2abbcba
JS		 2516 if (!bridge_exporter_enabled(di)) {
2517 ovs_mutex_unlock(&mutex);
2518 return;
2519 }
47946ac5
WZ		 2520
2521 /* Skip BFD packets:
2522 * Bidirectional Forwarding Detection(BFD) packets are for monitoring
2523 * the tunnel link status and consumed by ovs itself. No need to
2524 * smaple them.
2525 * CF IETF RFC 5881, BFD control packet is the UDP packet with
2526 * destination port 3784, and BFD echo packet is the UDP packet with
2527 * destination port 3785.
2528 */
2529 if (is_ip_any(flow) &&
2530 flow->nw_proto == IPPROTO_UDP &&
2531 (flow->tp_dst == htons(BFD_CONTROL_DEST_PORT) ||
2532 flow->tp_dst == htons(BFD_ECHO_DEST_PORT))) {
2533 ovs_mutex_unlock(&mutex);
2534 return;
2535 }
2536
29089a54
RL		 2537 /* Use the sampling probability as an approximation of the number
2538 * of matched packets. */
626ace7b 2539 packet_delta_count = UINT32_MAX / di->bridge_exporter.probability;
8b7ea2d4
WZ		 2540 if (di->bridge_exporter.options->enable_tunnel_sampling) {
2541 if (output_odp_port == ODPP_NONE && flow->tunnel.ip_dst) {
2542 /* Input tunnel. */
2543 tunnel_key = &flow->tunnel;
2544 tunnel_port = dpif_ipfix_find_port(di, input_odp_port);
2545 }
2546 if (output_odp_port != ODPP_NONE && output_tunnel_key) {
2547 /* Output tunnel, output_tunnel_key must be valid. */
2548 tunnel_key = output_tunnel_key;
2549 tunnel_port = dpif_ipfix_find_port(di, output_odp_port);
2550 }
2551 }
47946ac5 2552
29089a54
RL		 2553 dpif_ipfix_sample(&di->bridge_exporter.exporter, packet, flow,
2554 packet_delta_count,
2555 di->bridge_exporter.options->obs_domain_id,
8b7ea2d4 2556 di->bridge_exporter.options->obs_point_id,
4930ea56 2557 output_odp_port, NX_ACTION_SAMPLE_DEFAULT,
564230b6 2558 tunnel_port, tunnel_key, ipfix_actions);
626ace7b 2559 ovs_mutex_unlock(&mutex);
29089a54
RL		 2560}
2561
2562void
cf62fa4c 2563dpif_ipfix_flow_sample(struct dpif_ipfix *di, const struct dp_packet *packet,
f69f713b
BY		 2564 const struct flow *flow,
2565 const union user_action_cookie *cookie,
2566 odp_port_t input_odp_port,
564230b6
PS		 2567 const struct flow_tnl *output_tunnel_key,
2568 const struct dpif_ipfix_actions *ipfix_actions)
f69f713b 2569 OVS_EXCLUDED(mutex)
29089a54
RL		 2570{
2571 struct dpif_ipfix_flow_exporter_map_node *node;
f69f713b
BY		 2572 const struct flow_tnl *tunnel_key = NULL;
2573 struct dpif_ipfix_port * tunnel_port = NULL;
2574 odp_port_t output_odp_port = cookie->flow_sample.output_odp_port;
2575 uint32_t collector_set_id = cookie->flow_sample.collector_set_id;
2576 uint16_t probability = cookie->flow_sample.probability;
2577
29089a54
RL		 2578 /* Use the sampling probability as an approximation of the number
2579 * of matched packets. */
2580 uint64_t packet_delta_count = USHRT_MAX / probability;
2581
626ace7b 2582 ovs_mutex_lock(&mutex);
29089a54 2583 node = dpif_ipfix_find_flow_exporter_map_node(di, collector_set_id);
626ace7b 2584 if (node) {
f69f713b
BY		 2585 if (node->exporter.options->enable_tunnel_sampling) {
2586 if (output_odp_port == ODPP_NONE && flow->tunnel.ip_dst) {
2587 /* Input tunnel. */
2588 tunnel_key = &flow->tunnel;
2589 tunnel_port = dpif_ipfix_find_port(di, input_odp_port);
2590 }
2591 if (output_odp_port != ODPP_NONE && output_tunnel_key) {
2592 /* Output tunnel, output_tunnel_key must be valid. */
2593 tunnel_key = output_tunnel_key;
2594 tunnel_port = dpif_ipfix_find_port(di, output_odp_port);
2595 }
2596 }
2597
626ace7b 2598 dpif_ipfix_sample(&node->exporter.exporter, packet, flow,
f69f713b
BY		 2599 packet_delta_count,
2600 cookie->flow_sample.obs_domain_id,
2601 cookie->flow_sample.obs_point_id,
4930ea56 2602 output_odp_port, cookie->flow_sample.direction,
564230b6 2603 tunnel_port, tunnel_key, ipfix_actions);
29089a54 2604 }
626ace7b 2605 ovs_mutex_unlock(&mutex);
29089a54 2606}
978427a5
RL		 2607
2608static void
2609dpif_ipfix_cache_expire(struct dpif_ipfix_exporter *exporter,
2610 bool forced_end, const uint64_t export_time_usec,
2611 const uint32_t export_time_sec)
2612{
2613 struct ipfix_flow_cache_entry *entry, *next_entry;
2614 uint64_t max_flow_start_timestamp_usec;
2615 bool template_msg_sent = false;
2616 enum ipfix_flow_end_reason flow_end_reason;
2617
417e7e66 2618 if (ovs_list_is_empty(&exporter->cache_flow_start_timestamp_list)) {
978427a5
RL		 2619 return;
2620 }
2621
2622 max_flow_start_timestamp_usec = export_time_usec -
2623 1000000LL * exporter->cache_active_timeout;
2624
2625 LIST_FOR_EACH_SAFE (entry, next_entry, cache_flow_start_timestamp_list_node,
2626 &exporter->cache_flow_start_timestamp_list) {
2627 if (forced_end) {
2628 flow_end_reason = FORCED_END;
2629 } else if (entry->flow_start_timestamp_usec
2630 <= max_flow_start_timestamp_usec) {
2631 flow_end_reason = ACTIVE_TIMEOUT;
2632 } else if (hmap_count(&exporter->cache_flow_key_map)
2633 > exporter->cache_max_flows) {
2634 /* Enforce exporter->cache_max_flows. */
2635 flow_end_reason = LACK_OF_RESOURCES;
2636 } else {
2637 /* Remaining flows haven't expired yet. */
2638 break;
2639 }
2640
417e7e66 2641 ovs_list_remove(&entry->cache_flow_start_timestamp_list_node);
978427a5
RL		 2642 hmap_remove(&exporter->cache_flow_key_map,
2643 &entry->flow_key_map_node);
2644
d564c4bb
PS		 2645 /* XXX: Make frequency of the (Options) Template and Exporter Process
2646 * Statistics transmission configurable.
2647 * Cf. IETF RFC 5101 Section 4.3. and 10.3.6. */
978427a5
RL		 2648 if (!template_msg_sent
2649 && (exporter->last_template_set_time + IPFIX_TEMPLATE_INTERVAL)
2650 <= export_time_sec) {
8b7ea2d4
WZ		 2651 ipfix_send_template_msgs(exporter, export_time_sec,
2652 entry->flow_key.obs_domain_id);
978427a5
RL		 2653 exporter->last_template_set_time = export_time_sec;
2654 template_msg_sent = true;
d564c4bb
PS		 2655
2656 /* Send Exporter Process Statistics. */
2657 ipfix_send_exporter_data_msg(exporter, export_time_sec);
978427a5
RL		 2658 }
2659
2660 /* XXX: Group multiple data records for the same obs domain id
2661 * into the same message. */
2662 ipfix_send_data_msg(exporter, export_time_sec, entry, flow_end_reason);
2663 free(entry);
2664 }
2665}
2666
2667static void
2668get_export_time_now(uint64_t *export_time_usec, uint32_t *export_time_sec)
2669{
f88ee3a5 2670 *export_time_usec = ipfix_now();
978427a5
RL		 2671
2672 /* The IPFIX start and end deltas are negative deltas relative to
2673 * the export time, so set the export time 1 second off to
2674 * calculate those deltas. */
f88ee3a5 2675 *export_time_sec = DIV_ROUND_UP(*export_time_usec, 1000000);
978427a5
RL		 2676}
2677
2678static void
2679dpif_ipfix_cache_expire_now(struct dpif_ipfix_exporter *exporter,
2680 bool forced_end)
2681{
2682 uint64_t export_time_usec;
2683 uint32_t export_time_sec;
2684
2685 get_export_time_now(&export_time_usec, &export_time_sec);
2686 dpif_ipfix_cache_expire(exporter, forced_end, export_time_usec,
2687 export_time_sec);
2688}
2689
2690void
2691dpif_ipfix_run(struct dpif_ipfix *di) OVS_EXCLUDED(mutex)
2692{
2693 uint64_t export_time_usec;
2694 uint32_t export_time_sec;
2695 struct dpif_ipfix_flow_exporter_map_node *flow_exporter_node;
2696
2697 ovs_mutex_lock(&mutex);
2698 get_export_time_now(&export_time_usec, &export_time_sec);
7b85919c 2699 if (bridge_exporter_enabled(di)) {
978427a5
RL		 2700 dpif_ipfix_cache_expire(
2701 &di->bridge_exporter.exporter, false, export_time_usec,
2702 export_time_sec);
2703 }
2704 HMAP_FOR_EACH (flow_exporter_node, node, &di->flow_exporter_map) {
2705 dpif_ipfix_cache_expire(
2706 &flow_exporter_node->exporter.exporter, false, export_time_usec,
2707 export_time_sec);
2708 }
2709 ovs_mutex_unlock(&mutex);
2710}
2711
2712void
2713dpif_ipfix_wait(struct dpif_ipfix *di) OVS_EXCLUDED(mutex)
2714{
2715 long long int next_timeout_msec = LLONG_MAX;
2716 struct dpif_ipfix_flow_exporter_map_node *flow_exporter_node;
2717
2718 ovs_mutex_lock(&mutex);
7b85919c 2719 if (bridge_exporter_enabled(di)) {
978427a5
RL		 2720 if (ipfix_cache_next_timeout_msec(
2721 &di->bridge_exporter.exporter, &next_timeout_msec)) {
2722 poll_timer_wait_until(next_timeout_msec);
2723 }
2724 }
2725 HMAP_FOR_EACH (flow_exporter_node, node, &di->flow_exporter_map) {
2726 if (ipfix_cache_next_timeout_msec(
2727 &flow_exporter_node->exporter.exporter, &next_timeout_msec)) {
2728 poll_timer_wait_until(next_timeout_msec);
2729 }
2730 }
2731 ovs_mutex_unlock(&mutex);
2732}
564230b6
PS		 2733
2734static void
2735dpif_ipfix_read_sample_actions(const struct flow *flow,
2736 const struct nlattr *actions,
2737 size_t actions_len,
2738 struct dpif_ipfix_actions *ipfix_actions)
2739{
2740 const struct nlattr *a;
2741 unsigned int left;
2742 uint32_t probability = 0;
2743 struct dpif_ipfix_actions sample_actions = {0};
2744
2745 if (actions_len == 0) {
2746 return;
2747 }
2748
2749 NL_ATTR_FOR_EACH (a, left, actions, actions_len) {
2750
2751 enum ovs_sample_attr type = nl_attr_type(a);
2752 switch (type) {
2753 case OVS_SAMPLE_ATTR_PROBABILITY:
2754 probability = nl_attr_get_u32(a);
2755 break;
2756
2757 case OVS_SAMPLE_ATTR_ACTIONS:
2758 dpif_ipfix_read_actions(flow, nl_attr_get(a), nl_attr_get_size(a),
2759 &sample_actions);
2760 break;
2761
2762 case OVS_SAMPLE_ATTR_UNSPEC:
2763 case __OVS_SAMPLE_ATTR_MAX:
2764 default:
2765 OVS_NOT_REACHED();
2766 }
2767 }
2768
2769 /* An output action inside sample action is truly an output if the sampling
2770 * probability is set to 100% */
2771 if (probability == UINT32_MAX && sample_actions.output_action == true) {
2772 ipfix_actions->output_action = true;
2773 }
2774}
2775
2776void
2777dpif_ipfix_read_actions(const struct flow *flow,
2778 const struct nlattr *actions,
2779 size_t actions_len,
2780 struct dpif_ipfix_actions *ipfix_actions)
2781{
2782 const struct nlattr *a;
2783 unsigned int left;
2784
2785 if (actions_len == 0) {
2786 return;
2787 }
2788
2789 NL_ATTR_FOR_EACH (a, left, actions, actions_len) {
2790 enum ovs_action_attr type = nl_attr_type(a);
2791 switch (type) {
2792 case OVS_ACTION_ATTR_OUTPUT:
2793 ipfix_actions->output_action = true;
2794 break;
2795 case OVS_ACTION_ATTR_SAMPLE:
2796 dpif_ipfix_read_sample_actions(flow, nl_attr_get(a),
2797 nl_attr_get_size(a), ipfix_actions);
2798 break;
2799 case OVS_ACTION_ATTR_CLONE:
2800 dpif_ipfix_read_actions(flow, nl_attr_get(a), nl_attr_get_size(a),
2801 ipfix_actions);
2802 break;
2803
2804 /* OVS_ACTION_ATTR_USERSPACE and OVS_ACTION_ATTR_RECIRC actions can
2805 * yield absolutely any kind of behavior. Let's assume that flow drops
2806 * the packet if there isn't another clear OVS_ACTION_ATTR_OUTPUT
2807 * action associated with packet */
2808 case OVS_ACTION_ATTR_USERSPACE:
2809 case OVS_ACTION_ATTR_RECIRC:
2810
2811 case OVS_ACTION_ATTR_TUNNEL_POP:
2812 case OVS_ACTION_ATTR_TUNNEL_PUSH:
2813 case OVS_ACTION_ATTR_TRUNC:
2814 case OVS_ACTION_ATTR_HASH:
2815 case OVS_ACTION_ATTR_CT:
2816 case OVS_ACTION_ATTR_METER:
2817 case OVS_ACTION_ATTR_SET_MASKED:
2818 case OVS_ACTION_ATTR_SET:
2819 case OVS_ACTION_ATTR_PUSH_VLAN:
2820 case OVS_ACTION_ATTR_POP_VLAN:
2821 case OVS_ACTION_ATTR_PUSH_MPLS:
2822 case OVS_ACTION_ATTR_POP_MPLS:
2823 case OVS_ACTION_ATTR_PUSH_ETH:
2824 case OVS_ACTION_ATTR_POP_ETH:
1fc11c59
JS		 2825 case OVS_ACTION_ATTR_ENCAP_NSH:
2826 case OVS_ACTION_ATTR_DECAP_NSH:
564230b6
PS		 2827 case OVS_ACTION_ATTR_UNSPEC:
2828 case __OVS_ACTION_ATTR_MAX:
2829 default:
2830 break;
2831 }
2832 }
2833}
openvswitch mirror