]>
Commit | Line | Data |
---|---|---|
7d1a8e7a JG |
1 | /* Copyright (c) 2013 Nicira, Inc. |
2 | * | |
3 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
4 | * you may not use this file except in compliance with the License. | |
5 | * You may obtain a copy of the License at: | |
6 | * | |
7 | * http://www.apache.org/licenses/LICENSE-2.0 | |
8 | * | |
9 | * Unless required by applicable law or agreed to in writing, software | |
10 | * distributed under the License is distributed on an "AS IS" BASIS, | |
11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
12 | * See the License for the specific language governing permissions and | |
13 | * limitations under the License. */ | |
14 | ||
15 | #include <config.h> | |
16 | #include "tunnel.h" | |
17 | ||
18 | #include <errno.h> | |
19 | ||
20 | #include "ofproto/ofproto-provider.h" | |
21 | #include "byte-order.h" | |
22 | #include "dynamic-string.h" | |
23 | #include "hash.h" | |
24 | #include "hmap.h" | |
25 | #include "netdev-vport.h" | |
26 | #include "odp-util.h" | |
27 | #include "packets.h" | |
28 | #include "smap.h" | |
29 | #include "socket-util.h" | |
30 | #include "tunnel.h" | |
31 | #include "vlog.h" | |
32 | ||
7d1a8e7a JG |
33 | VLOG_DEFINE_THIS_MODULE(tunnel); |
34 | ||
35 | struct tnl_match { | |
36 | ovs_be64 in_key; | |
37 | ovs_be32 ip_src; | |
38 | ovs_be32 ip_dst; | |
39 | uint32_t odp_port; | |
09a0d2e7 | 40 | uint32_t skb_mark; |
7d1a8e7a | 41 | bool in_key_flow; |
0ad90c84 JR |
42 | bool ip_src_flow; |
43 | bool ip_dst_flow; | |
7d1a8e7a JG |
44 | }; |
45 | ||
46 | struct tnl_port { | |
47 | struct hmap_node match_node; | |
48 | ||
49 | const struct ofport *ofport; | |
50 | unsigned int netdev_seq; | |
51 | struct tnl_match match; | |
52 | }; | |
53 | ||
54 | static struct hmap tnl_match_map = HMAP_INITIALIZER(&tnl_match_map); | |
55 | ||
56 | /* Returned to callers when their ofport will never be used to receive or send | |
57 | * tunnel traffic. Alternatively, we could ask the caller to delete their | |
58 | * ofport, but this would be unclean in the reconfguration case. For the first | |
59 | * time, an ofproto provider would have to call ofproto_port_del() on itself.*/ | |
60 | static struct tnl_port void_tnl_port; | |
61 | ||
62 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
63 | static struct vlog_rate_limit dbg_rl = VLOG_RATE_LIMIT_INIT(60, 60); | |
64 | ||
65 | static struct tnl_port *tnl_find(struct tnl_match *); | |
66 | static struct tnl_port *tnl_find_exact(struct tnl_match *); | |
67 | static uint32_t tnl_hash(struct tnl_match *); | |
68 | static void tnl_match_fmt(const struct tnl_match *, struct ds *); | |
69 | static char *tnl_port_fmt(const struct tnl_port *); | |
70 | static void tnl_port_mod_log(const struct tnl_port *, const char *action); | |
71 | static const char *tnl_port_get_name(const struct tnl_port *); | |
72 | ||
73 | static struct tnl_port * | |
74 | tnl_port_add__(const struct ofport *ofport, uint32_t odp_port, | |
75 | bool warn) | |
76 | { | |
77 | const struct netdev_tunnel_config *cfg; | |
78 | struct tnl_port *existing_port; | |
79 | struct tnl_port *tnl_port; | |
80 | ||
81 | cfg = netdev_get_tunnel_config(ofport->netdev); | |
82 | ovs_assert(cfg); | |
83 | ||
84 | tnl_port = xzalloc(sizeof *tnl_port); | |
85 | tnl_port->ofport = ofport; | |
86 | tnl_port->netdev_seq = netdev_change_seq(tnl_port->ofport->netdev); | |
87 | ||
88 | tnl_port->match.in_key = cfg->in_key; | |
89 | tnl_port->match.ip_src = cfg->ip_src; | |
90 | tnl_port->match.ip_dst = cfg->ip_dst; | |
0ad90c84 JR |
91 | tnl_port->match.ip_src_flow = cfg->ip_src_flow; |
92 | tnl_port->match.ip_dst_flow = cfg->ip_dst_flow; | |
09a0d2e7 | 93 | tnl_port->match.skb_mark = cfg->ipsec ? IPSEC_MARK : 0; |
7d1a8e7a JG |
94 | tnl_port->match.in_key_flow = cfg->in_key_flow; |
95 | tnl_port->match.odp_port = odp_port; | |
96 | ||
97 | existing_port = tnl_find_exact(&tnl_port->match); | |
98 | if (existing_port) { | |
99 | if (warn) { | |
100 | struct ds ds = DS_EMPTY_INITIALIZER; | |
101 | tnl_match_fmt(&tnl_port->match, &ds); | |
102 | VLOG_WARN("%s: attempting to add tunnel port with same config as " | |
103 | "port '%s' (%s)", tnl_port_get_name(tnl_port), | |
104 | tnl_port_get_name(existing_port), ds_cstr(&ds)); | |
105 | ds_destroy(&ds); | |
106 | free(tnl_port); | |
107 | } | |
108 | return &void_tnl_port; | |
109 | } | |
110 | ||
111 | hmap_insert(&tnl_match_map, &tnl_port->match_node, | |
112 | tnl_hash(&tnl_port->match)); | |
113 | tnl_port_mod_log(tnl_port, "adding"); | |
114 | return tnl_port; | |
115 | } | |
116 | ||
117 | /* Adds 'ofport' to the module with datapath port number 'odp_port'. 'ofport's | |
118 | * must be added before they can be used by the module. 'ofport' must be a | |
119 | * tunnel. */ | |
120 | struct tnl_port * | |
121 | tnl_port_add(const struct ofport *ofport, uint32_t odp_port) | |
122 | { | |
123 | return tnl_port_add__(ofport, odp_port, true); | |
124 | } | |
125 | ||
126 | /* Checks if the tnl_port pointed to by 'tnl_portp' needs reconfiguration due | |
127 | * to changes in its netdev_tunnel_config. If it does, updates 'tnl_portp' to | |
128 | * point to a new tnl_port and returns true. Otherwise, returns false. | |
129 | * 'ofport' and 'odp_port' should be the same as would be passed to | |
130 | * tnl_port_add(). */ | |
131 | bool | |
132 | tnl_port_reconfigure(const struct ofport *ofport, uint32_t odp_port, | |
133 | struct tnl_port **tnl_portp) | |
134 | { | |
135 | struct tnl_port *tnl_port = *tnl_portp; | |
136 | ||
137 | if (tnl_port == &void_tnl_port) { | |
138 | *tnl_portp = tnl_port_add__(ofport, odp_port, false); | |
139 | return *tnl_portp != &void_tnl_port; | |
140 | } else if (tnl_port->ofport != ofport | |
141 | || tnl_port->match.odp_port != odp_port | |
142 | || tnl_port->netdev_seq != netdev_change_seq(ofport->netdev)) { | |
143 | VLOG_DBG("reconfiguring %s", tnl_port_get_name(tnl_port)); | |
144 | tnl_port_del(tnl_port); | |
145 | *tnl_portp = tnl_port_add(ofport, odp_port); | |
146 | return true; | |
147 | } | |
148 | return false; | |
149 | } | |
150 | ||
151 | /* Removes 'tnl_port' from the module. */ | |
152 | void | |
153 | tnl_port_del(struct tnl_port *tnl_port) | |
154 | { | |
155 | if (tnl_port && tnl_port != &void_tnl_port) { | |
156 | tnl_port_mod_log(tnl_port, "removing"); | |
157 | hmap_remove(&tnl_match_map, &tnl_port->match_node); | |
158 | free(tnl_port); | |
159 | } | |
160 | } | |
161 | ||
2301f7eb BP |
162 | /* Looks in the table of tunnels for a tunnel matching the metadata in 'flow'. |
163 | * Returns the 'ofport' corresponding to the new in_port, or a null pointer if | |
164 | * none is found. | |
7d1a8e7a JG |
165 | * |
166 | * Callers should verify that 'flow' needs to be received by calling | |
2301f7eb | 167 | * tnl_port_should_receive() before this function. */ |
7d1a8e7a | 168 | const struct ofport * |
2301f7eb | 169 | tnl_port_receive(const struct flow *flow) |
7d1a8e7a JG |
170 | { |
171 | char *pre_flow_str = NULL; | |
172 | struct tnl_port *tnl_port; | |
173 | struct tnl_match match; | |
174 | ||
175 | memset(&match, 0, sizeof match); | |
176 | match.odp_port = flow->in_port; | |
177 | match.ip_src = flow->tunnel.ip_dst; | |
178 | match.ip_dst = flow->tunnel.ip_src; | |
179 | match.in_key = flow->tunnel.tun_id; | |
09a0d2e7 | 180 | match.skb_mark = flow->skb_mark; |
7d1a8e7a JG |
181 | |
182 | tnl_port = tnl_find(&match); | |
183 | if (!tnl_port) { | |
184 | struct ds ds = DS_EMPTY_INITIALIZER; | |
185 | ||
186 | tnl_match_fmt(&match, &ds); | |
187 | VLOG_WARN_RL(&rl, "receive tunnel port not found (%s)", ds_cstr(&ds)); | |
188 | ds_destroy(&ds); | |
189 | return NULL; | |
190 | } | |
191 | ||
7d1a8e7a JG |
192 | if (!VLOG_DROP_DBG(&dbg_rl)) { |
193 | pre_flow_str = flow_to_string(flow); | |
194 | } | |
195 | ||
7d1a8e7a JG |
196 | if (pre_flow_str) { |
197 | char *post_flow_str = flow_to_string(flow); | |
198 | char *tnl_str = tnl_port_fmt(tnl_port); | |
199 | VLOG_DBG("flow received\n" | |
200 | "%s" | |
201 | " pre: %s\n" | |
202 | "post: %s", | |
203 | tnl_str, pre_flow_str, post_flow_str); | |
204 | free(tnl_str); | |
205 | free(pre_flow_str); | |
206 | free(post_flow_str); | |
207 | } | |
208 | return tnl_port->ofport; | |
209 | } | |
210 | ||
211 | /* Given that 'flow' should be output to the ofport corresponding to | |
212 | * 'tnl_port', updates 'flow''s tunnel headers and returns the actual datapath | |
213 | * port that the output should happen on. May return OVSP_NONE if the output | |
214 | * shouldn't occur. */ | |
215 | uint32_t | |
d4f4a9b2 JP |
216 | tnl_port_send(const struct tnl_port *tnl_port, struct flow *flow, |
217 | struct flow_wildcards *wc) | |
7d1a8e7a JG |
218 | { |
219 | const struct netdev_tunnel_config *cfg; | |
220 | char *pre_flow_str = NULL; | |
221 | ||
222 | if (tnl_port == &void_tnl_port) { | |
223 | return OVSP_NONE; | |
224 | } | |
225 | ||
226 | cfg = netdev_get_tunnel_config(tnl_port->ofport->netdev); | |
227 | ovs_assert(cfg); | |
228 | ||
229 | if (!VLOG_DROP_DBG(&dbg_rl)) { | |
230 | pre_flow_str = flow_to_string(flow); | |
231 | } | |
232 | ||
0ad90c84 JR |
233 | if (!cfg->ip_src_flow) { |
234 | flow->tunnel.ip_src = tnl_port->match.ip_src; | |
235 | } | |
236 | if (!cfg->ip_dst_flow) { | |
237 | flow->tunnel.ip_dst = tnl_port->match.ip_dst; | |
238 | } | |
09a0d2e7 | 239 | flow->skb_mark = tnl_port->match.skb_mark; |
7d1a8e7a JG |
240 | |
241 | if (!cfg->out_key_flow) { | |
242 | flow->tunnel.tun_id = cfg->out_key; | |
243 | } | |
244 | ||
245 | if (cfg->ttl_inherit && is_ip_any(flow)) { | |
d4f4a9b2 | 246 | wc->masks.nw_ttl = 0xff; |
7d1a8e7a JG |
247 | flow->tunnel.ip_ttl = flow->nw_ttl; |
248 | } else { | |
249 | flow->tunnel.ip_ttl = cfg->ttl; | |
250 | } | |
251 | ||
252 | if (cfg->tos_inherit && is_ip_any(flow)) { | |
d4f4a9b2 | 253 | wc->masks.nw_tos = 0xff; |
7d1a8e7a JG |
254 | flow->tunnel.ip_tos = flow->nw_tos & IP_DSCP_MASK; |
255 | } else { | |
d4f4a9b2 JP |
256 | /* ECN fields are always inherited. */ |
257 | wc->masks.nw_tos |= IP_ECN_MASK; | |
7d1a8e7a JG |
258 | flow->tunnel.ip_tos = cfg->tos; |
259 | } | |
260 | ||
261 | if ((flow->nw_tos & IP_ECN_MASK) == IP_ECN_CE) { | |
262 | flow->tunnel.ip_tos |= IP_ECN_ECT_0; | |
263 | } else { | |
264 | flow->tunnel.ip_tos |= flow->nw_tos & IP_ECN_MASK; | |
265 | } | |
266 | ||
267 | flow->tunnel.flags = (cfg->dont_fragment ? FLOW_TNL_F_DONT_FRAGMENT : 0) | |
268 | | (cfg->csum ? FLOW_TNL_F_CSUM : 0) | |
269 | | (cfg->out_key_present ? FLOW_TNL_F_KEY : 0); | |
270 | ||
271 | if (pre_flow_str) { | |
272 | char *post_flow_str = flow_to_string(flow); | |
273 | char *tnl_str = tnl_port_fmt(tnl_port); | |
274 | VLOG_DBG("flow sent\n" | |
275 | "%s" | |
276 | " pre: %s\n" | |
277 | "post: %s", | |
278 | tnl_str, pre_flow_str, post_flow_str); | |
279 | free(tnl_str); | |
280 | free(pre_flow_str); | |
281 | free(post_flow_str); | |
282 | } | |
283 | ||
284 | return tnl_port->match.odp_port; | |
285 | } | |
286 | ||
287 | static uint32_t | |
288 | tnl_hash(struct tnl_match *match) | |
289 | { | |
290 | BUILD_ASSERT_DECL(sizeof *match % sizeof(uint32_t) == 0); | |
291 | return hash_words((uint32_t *) match, sizeof *match / sizeof(uint32_t), 0); | |
292 | } | |
293 | ||
294 | static struct tnl_port * | |
295 | tnl_find_exact(struct tnl_match *match) | |
296 | { | |
297 | struct tnl_port *tnl_port; | |
298 | ||
299 | HMAP_FOR_EACH_WITH_HASH (tnl_port, match_node, tnl_hash(match), | |
300 | &tnl_match_map) { | |
301 | if (!memcmp(match, &tnl_port->match, sizeof *match)) { | |
302 | return tnl_port; | |
303 | } | |
304 | } | |
305 | return NULL; | |
306 | } | |
307 | ||
308 | static struct tnl_port * | |
309 | tnl_find(struct tnl_match *match_) | |
310 | { | |
311 | struct tnl_match match = *match_; | |
7d1a8e7a JG |
312 | struct tnl_port *tnl_port; |
313 | ||
314 | /* remote_ip, local_ip, in_key */ | |
85c9de19 PS |
315 | tnl_port = tnl_find_exact(&match); |
316 | if (tnl_port) { | |
317 | return tnl_port; | |
7d1a8e7a JG |
318 | } |
319 | ||
320 | /* remote_ip, in_key */ | |
321 | match.ip_src = 0; | |
322 | tnl_port = tnl_find_exact(&match); | |
323 | if (tnl_port) { | |
324 | return tnl_port; | |
325 | } | |
326 | match.ip_src = match_->ip_src; | |
327 | ||
328 | /* remote_ip, local_ip */ | |
85c9de19 PS |
329 | match.in_key = 0; |
330 | match.in_key_flow = true; | |
331 | tnl_port = tnl_find_exact(&match); | |
332 | if (tnl_port) { | |
333 | return tnl_port; | |
7d1a8e7a JG |
334 | } |
335 | ||
336 | /* remote_ip */ | |
337 | match.ip_src = 0; | |
7d1a8e7a JG |
338 | tnl_port = tnl_find_exact(&match); |
339 | if (tnl_port) { | |
340 | return tnl_port; | |
341 | } | |
7d1a8e7a | 342 | |
0ad90c84 JR |
343 | /* Flow-based remote */ |
344 | match.ip_dst = 0; | |
345 | match.ip_dst_flow = true; | |
346 | tnl_port = tnl_find_exact(&match); | |
347 | if (tnl_port) { | |
348 | return tnl_port; | |
349 | } | |
350 | ||
351 | /* Flow-based everything */ | |
352 | match.ip_src = 0; | |
353 | match.ip_src_flow = true; | |
354 | tnl_port = tnl_find_exact(&match); | |
355 | if (tnl_port) { | |
356 | return tnl_port; | |
357 | } | |
358 | ||
7d1a8e7a JG |
359 | return NULL; |
360 | } | |
361 | ||
362 | static void | |
363 | tnl_match_fmt(const struct tnl_match *match, struct ds *ds) | |
364 | { | |
0ad90c84 JR |
365 | if (!match->ip_dst_flow) { |
366 | ds_put_format(ds, IP_FMT"->"IP_FMT, IP_ARGS(match->ip_src), | |
367 | IP_ARGS(match->ip_dst)); | |
368 | } else if (!match->ip_src_flow) { | |
369 | ds_put_format(ds, IP_FMT"->flow", IP_ARGS(match->ip_src)); | |
370 | } else { | |
371 | ds_put_cstr(ds, "flow->flow"); | |
372 | } | |
7d1a8e7a | 373 | |
baa73637 EJ |
374 | if (match->in_key_flow) { |
375 | ds_put_cstr(ds, ", key=flow"); | |
376 | } else { | |
377 | ds_put_format(ds, ", key=%#"PRIx64, ntohll(match->in_key)); | |
7d1a8e7a JG |
378 | } |
379 | ||
380 | ds_put_format(ds, ", dp port=%"PRIu32, match->odp_port); | |
09a0d2e7 | 381 | ds_put_format(ds, ", skb mark=%"PRIu32, match->skb_mark); |
7d1a8e7a JG |
382 | } |
383 | ||
384 | static void | |
385 | tnl_port_mod_log(const struct tnl_port *tnl_port, const char *action) | |
386 | { | |
387 | if (VLOG_IS_DBG_ENABLED()) { | |
388 | struct ds ds = DS_EMPTY_INITIALIZER; | |
389 | ||
390 | tnl_match_fmt(&tnl_port->match, &ds); | |
74a99109 EJ |
391 | VLOG_INFO("%s tunnel port %s (%s)", action, |
392 | tnl_port_get_name(tnl_port), ds_cstr(&ds)); | |
7d1a8e7a JG |
393 | ds_destroy(&ds); |
394 | } | |
395 | } | |
396 | ||
397 | static char * | |
398 | tnl_port_fmt(const struct tnl_port *tnl_port) | |
399 | { | |
400 | const struct netdev_tunnel_config *cfg = | |
401 | netdev_get_tunnel_config(tnl_port->ofport->netdev); | |
402 | struct ds ds = DS_EMPTY_INITIALIZER; | |
403 | ||
404 | ds_put_format(&ds, "port %"PRIu32": %s (%s: ", tnl_port->match.odp_port, | |
405 | tnl_port_get_name(tnl_port), | |
406 | netdev_get_type(tnl_port->ofport->netdev)); | |
407 | tnl_match_fmt(&tnl_port->match, &ds); | |
408 | ||
409 | if (cfg->out_key != cfg->in_key || | |
410 | cfg->out_key_present != cfg->in_key_present || | |
411 | cfg->out_key_flow != cfg->in_key_flow) { | |
412 | ds_put_cstr(&ds, ", out_key="); | |
413 | if (!cfg->out_key_present) { | |
414 | ds_put_cstr(&ds, "none"); | |
415 | } else if (cfg->out_key_flow) { | |
416 | ds_put_cstr(&ds, "flow"); | |
417 | } else { | |
418 | ds_put_format(&ds, "%#"PRIx64, ntohll(cfg->out_key)); | |
419 | } | |
420 | } | |
421 | ||
422 | if (cfg->ttl_inherit) { | |
423 | ds_put_cstr(&ds, ", ttl=inherit"); | |
424 | } else { | |
425 | ds_put_format(&ds, ", ttl=%"PRIu8, cfg->ttl); | |
426 | } | |
427 | ||
428 | if (cfg->tos_inherit) { | |
429 | ds_put_cstr(&ds, ", tos=inherit"); | |
430 | } else if (cfg->tos) { | |
431 | ds_put_format(&ds, ", tos=%#"PRIx8, cfg->tos); | |
432 | } | |
433 | ||
434 | if (!cfg->dont_fragment) { | |
435 | ds_put_cstr(&ds, ", df=false"); | |
436 | } | |
437 | ||
438 | if (cfg->csum) { | |
439 | ds_put_cstr(&ds, ", csum=true"); | |
440 | } | |
441 | ||
442 | ds_put_cstr(&ds, ")\n"); | |
443 | ||
444 | return ds_steal_cstr(&ds); | |
445 | } | |
446 | ||
447 | static const char * | |
448 | tnl_port_get_name(const struct tnl_port *tnl_port) | |
449 | { | |
450 | return netdev_get_name(tnl_port->ofport->netdev); | |
451 | } |