]> git.proxmox.com Git - mirror_ovs.git/blob - ofproto/ofproto-dpif-ipfix.c
projects / mirror_ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ofproto-dpif-ipfix: add support for per-flow drop counters
[mirror_ovs.git] / ofproto / ofproto-dpif-ipfix.c
1 /*
2 * Copyright (c) 2012, 2013, 2014, 2015, 2016, 2017 Nicira, Inc.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <config.h>
18 #include "ofproto-dpif-ipfix.h"
19 #include <sys/time.h>
20 #include "byte-order.h"
21 #include "collectors.h"
22 #include "flow.h"
23 #include "hash.h"
24 #include "openvswitch/hmap.h"
25 #include "netdev.h"
26 #include "openvswitch/list.h"
27 #include "openvswitch/ofpbuf.h"
28 #include "ofproto.h"
29 #include "ofproto-dpif.h"
30 #include "dp-packet.h"
31 #include "packets.h"
32 #include "poll-loop.h"
33 #include "sset.h"
34 #include "util.h"
35 #include "timeval.h"
36 #include "openvswitch/vlog.h"
37
38 VLOG_DEFINE_THIS_MODULE(ipfix);
39
40 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
41 static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER;
42
43 /* This variable represents a number of exporters that have been created
44 * throughout OvS lifecycle. It's used to identify Exporting Process. Since
45 * it's NOT decreased when exporter is destroyed, it will eventually overflow.
46 * Considering the maximum value it can hold and the fact that Exporting
47 * Process may be re-started with a different ID, this shouldn't be a problem.
48 */
49 static uint32_t exporter_total_count;
50
51 /* Cf. IETF RFC 5101 Section 10.3.4. */
52 #define IPFIX_DEFAULT_COLLECTOR_PORT 4739
53
54 /* Cf. IETF RFC 5881 Setion 8. */
55 #define BFD_CONTROL_DEST_PORT 3784
56 #define BFD_ECHO_DEST_PORT 3785
57
58 enum ipfix_sampled_packet_type {
59 IPFIX_SAMPLED_PKT_UNKNOWN = 0x00,
60 IPFIX_SAMPLED_PKT_IPV4_OK = 0x01,
61 IPFIX_SAMPLED_PKT_IPV6_OK = 0x02,
62 IPFIX_SAMPLED_PKT_IPV4_ERROR = 0x03,
63 IPFIX_SAMPLED_PKT_IPV6_ERROR = 0x04,
64 IPFIX_SAMPLED_PKT_OTHERS = 0x05
65 };
66
67 /* The standard layer2SegmentId (ID 351) element is included in vDS to send
68 * the VxLAN tunnel's VNI. It is 64-bit long, the most significant byte is
69 * used to indicate the type of tunnel (0x01 = VxLAN, 0x02 = GRE) and the three
70 * least significant bytes hold the value of the layer 2 overlay network
71 * segment identifier: a 24-bit VxLAN tunnel's VNI or a 24-bit GRE tunnel's
72 * TNI. This is not compatible with STT, as implemented in OVS, as
73 * its tunnel IDs is 64-bit.
74 *
75 * Two new enterprise information elements are defined which are similar to
76 * laryerSegmentId but support 64-bit IDs:
77 * tunnelType (ID 891) and tunnelKey (ID 892).
78 *
79 * The enum dpif_ipfix_tunnel_type is to declare the types supported in the
80 * tunnelType element.
81 * The number of ipfix tunnel types includes two reserverd types: 0x04 and 0x06.
82 */
83 enum dpif_ipfix_tunnel_type {
84 DPIF_IPFIX_TUNNEL_UNKNOWN = 0x00,
85 DPIF_IPFIX_TUNNEL_VXLAN = 0x01,
86 DPIF_IPFIX_TUNNEL_GRE = 0x02,
87 DPIF_IPFIX_TUNNEL_LISP = 0x03,
88 DPIF_IPFIX_TUNNEL_STT = 0x04,
89 DPIF_IPFIX_TUNNEL_GENEVE = 0x07,
90 NUM_DPIF_IPFIX_TUNNEL
91 };
92
93 typedef struct ofputil_ipfix_stats ofproto_ipfix_stats;
94
95 struct dpif_ipfix_global_stats {
96 uint64_t dropped_packet_total_count;
97 uint64_t dropped_octet_total_count;
98 uint64_t packet_total_count;
99 uint64_t octet_total_count;
100 uint64_t octet_total_sum_of_squares;
101 uint64_t layer2_octet_total_count;
102 uint64_t tcp_ack_total_count;
103 uint64_t tcp_fin_total_count;
104 uint64_t tcp_psh_total_count;
105 uint64_t tcp_rst_total_count;
106 uint64_t tcp_syn_total_count;
107 uint64_t tcp_urg_total_count;
108 uint64_t post_mcast_packet_total_count;
109 uint64_t post_mcast_octet_total_count;
110 uint64_t in_ucast_packet_total_count;
111 uint64_t in_mcast_packet_total_count;
112 uint64_t in_bcast_packet_total_count;
113 uint64_t out_ucast_packet_total_count;
114 uint64_t out_bcast_packet_total_count;
115 };
116
117 struct dpif_ipfix_port {
118 struct hmap_node hmap_node; /* In struct dpif_ipfix's "tunnel_ports" hmap. */
119 struct ofport *ofport; /* To retrieve port stats. */
120 odp_port_t odp_port;
121 enum dpif_ipfix_tunnel_type tunnel_type;
122 uint8_t tunnel_key_length;
123 };
124
125 struct dpif_ipfix_exporter {
126 uint32_t exporter_id; /* Exporting Process identifier */
127 struct collectors *collectors;
128 uint32_t seq_number;
129 time_t last_template_set_time;
130 struct hmap cache_flow_key_map; /* ipfix_flow_cache_entry. */
131 struct ovs_list cache_flow_start_timestamp_list; /* ipfix_flow_cache_entry. */
132 uint32_t cache_active_timeout; /* In seconds. */
133 uint32_t cache_max_flows;
134 char *virtual_obs_id;
135 uint8_t virtual_obs_len;
136
137 ofproto_ipfix_stats ofproto_stats;
138 struct dpif_ipfix_global_stats ipfix_global_stats;
139 };
140
141 struct dpif_ipfix_bridge_exporter {
142 struct dpif_ipfix_exporter exporter;
143 struct ofproto_ipfix_bridge_exporter_options *options;
144 uint32_t probability;
145 };
146
147 struct dpif_ipfix_flow_exporter {
148 struct dpif_ipfix_exporter exporter;
149 struct ofproto_ipfix_flow_exporter_options *options;
150 };
151
152 struct dpif_ipfix_flow_exporter_map_node {
153 struct hmap_node node;
154 struct dpif_ipfix_flow_exporter exporter;
155 };
156
157 struct dpif_ipfix {
158 struct dpif_ipfix_bridge_exporter bridge_exporter;
159 struct hmap flow_exporter_map; /* dpif_ipfix_flow_exporter_map_node. */
160 struct hmap tunnel_ports; /* Contains "struct dpif_ipfix_port"s.
161 * It makes tunnel port lookups faster in
162 * sampling upcalls. */
163 struct ovs_refcount ref_cnt;
164 };
165
166 #define IPFIX_VERSION 0x000a
167
168 /* When using UDP, IPFIX Template Records must be re-sent regularly.
169 * The standard default interval is 10 minutes (600 seconds).
170 * Cf. IETF RFC 5101 Section 10.3.6. */
171 #define IPFIX_TEMPLATE_INTERVAL 600
172
173 /* Cf. IETF RFC 5101 Section 3.1. */
174 OVS_PACKED(
175 struct ipfix_header {
176 ovs_be16 version; /* IPFIX_VERSION. */
177 ovs_be16 length; /* Length in bytes including this header. */
178 ovs_be32 export_time; /* Seconds since the epoch. */
179 ovs_be32 seq_number; /* Message sequence number. */
180 ovs_be32 obs_domain_id; /* Observation Domain ID. */
181 });
182 BUILD_ASSERT_DECL(sizeof(struct ipfix_header) == 16);
183
184 #define IPFIX_SET_ID_TEMPLATE 2
185 #define IPFIX_SET_ID_OPTION_TEMPLATE 3
186
187 enum ipfix_options_template {
188 IPFIX_OPTIONS_TEMPLATE_EXPORTER_STATS = 0,
189 NUM_IPFIX_OPTIONS_TEMPLATE
190 };
191
192 /* Cf. IETF RFC 5101 Section 3.3.2. */
193 OVS_PACKED(
194 struct ipfix_set_header {
195 ovs_be16 set_id; /* IPFIX_SET_ID_* or valid template ID for Data Sets. */
196 ovs_be16 length; /* Length of the set in bytes including header. */
197 });
198 BUILD_ASSERT_DECL(sizeof(struct ipfix_set_header) == 4);
199
200 /* Alternatives for templates at each layer. A template is defined by
201 * a combination of one value for each layer. */
202 enum ipfix_proto_l2 {
203 IPFIX_PROTO_L2_ETH = 0, /* No VLAN. */
204 IPFIX_PROTO_L2_VLAN,
205 NUM_IPFIX_PROTO_L2
206 };
207 enum ipfix_proto_l3 {
208 IPFIX_PROTO_L3_UNKNOWN = 0,
209 IPFIX_PROTO_L3_IPV4,
210 IPFIX_PROTO_L3_IPV6,
211 NUM_IPFIX_PROTO_L3
212 };
213 enum ipfix_proto_l4 {
214 IPFIX_PROTO_L4_UNKNOWN = 0,
215 IPFIX_PROTO_L4_TCP,
216 IPFIX_PROTO_L4_UDP,
217 IPFIX_PROTO_L4_SCTP,
218 IPFIX_PROTO_L4_ICMP,
219 NUM_IPFIX_PROTO_L4
220 };
221 enum ipfix_proto_tunnel {
222 IPFIX_PROTO_NOT_TUNNELED = 0,
223 IPFIX_PROTO_TUNNELED, /* Support gre, lisp and vxlan. */
224 NUM_IPFIX_PROTO_TUNNEL
225 };
226
227 /* Any Template ID > 255 is usable for Template Records. */
228 #define IPFIX_TEMPLATE_ID_MIN 256
229
230 /* Cf. IETF RFC 5101 Section 3.4.1. */
231 OVS_PACKED(
232 struct ipfix_template_record_header {
233 ovs_be16 template_id;
234 ovs_be16 field_count;
235 });
236 BUILD_ASSERT_DECL(sizeof(struct ipfix_template_record_header) == 4);
237
238 /* Cf. IETF RFC 5101 Section 3.4.2.2. */
239 OVS_PACKED(
240 struct ipfix_options_template_record_header {
241 ovs_be16 template_id; /* Template ID of Data Set is within 256-65535
242 range. */
243 ovs_be16 field_count; /* Number of all fields in this Options
244 * Template Record, including the Scope
245 * Fields. */
246 ovs_be16 scope_field_count; /* Number of scope fields. The number MUST BE
247 * greater than 0. */
248 });
249 BUILD_ASSERT_DECL(sizeof(struct ipfix_options_template_record_header) == 6);
250
251
252 enum ipfix_entity_id {
253 /* standard IPFIX elements */
254 #define IPFIX_ENTITY(ENUM, ID, SIZE, NAME) IPFIX_ENTITY_ID_##ENUM = ID,
255 #include "ofproto/ipfix-entities.def"
256 /* non-standard IPFIX elements */
257 #define IPFIX_SET_ENTERPRISE(v) (((v) | 0x8000))
258 #define IPFIX_ENTERPRISE_ENTITY(ENUM, ID, SIZE, NAME, ENTERPRISE) \
259 IPFIX_ENTITY_ID_##ENUM = IPFIX_SET_ENTERPRISE(ID),
260 #include "ofproto/ipfix-enterprise-entities.def"
261 };
262
263 enum ipfix_entity_size {
264 /* standard IPFIX elements */
265 #define IPFIX_ENTITY(ENUM, ID, SIZE, NAME) IPFIX_ENTITY_SIZE_##ENUM = SIZE,
266 #include "ofproto/ipfix-entities.def"
267 /* non-standard IPFIX elements */
268 #define IPFIX_ENTERPRISE_ENTITY(ENUM, ID, SIZE, NAME, ENTERPRISE) \
269 IPFIX_ENTITY_SIZE_##ENUM = SIZE,
270 #include "ofproto/ipfix-enterprise-entities.def"
271 };
272
273 enum ipfix_entity_enterprise {
274 /* standard IPFIX elements */
275 #define IPFIX_ENTITY(ENUM, ID, SIZE, NAME) IPFIX_ENTITY_ENTERPRISE_##ENUM = 0,
276 #include "ofproto/ipfix-entities.def"
277 /* non-standard IPFIX elements */
278 #define IPFIX_ENTERPRISE_ENTITY(ENUM, ID, SIZE, NAME, ENTERPRISE) \
279 IPFIX_ENTITY_ENTERPRISE_##ENUM = ENTERPRISE,
280 #include "ofproto/ipfix-enterprise-entities.def"
281 };
282
283 OVS_PACKED(
284 struct ipfix_template_field_specifier {
285 ovs_be16 element_id; /* IPFIX_ENTITY_ID_*. */
286 ovs_be16 field_length; /* Length of the field's value, in bytes.
287 * For Variable-Length element, it should be 65535.
288 */
289 ovs_be32 enterprise; /* Enterprise number */
290 });
291 BUILD_ASSERT_DECL(sizeof(struct ipfix_template_field_specifier) == 8);
292
293 /* Cf. IETF RFC 5102 Section 5.11.6. */
294 enum ipfix_flow_direction {
295 INGRESS_FLOW = 0x00,
296 EGRESS_FLOW = 0x01
297 };
298
299 /* Part of data record flow key for common metadata and Ethernet entities. */
300 OVS_PACKED(
301 struct ipfix_data_record_flow_key_common {
302 ovs_be32 observation_point_id; /* OBSERVATION_POINT_ID */
303 uint8_t flow_direction; /* FLOW_DIRECTION */
304 struct eth_addr source_mac_address; /* SOURCE_MAC_ADDRESS */
305 struct eth_addr destination_mac_address; /* DESTINATION_MAC_ADDRESS */
306 ovs_be16 ethernet_type; /* ETHERNET_TYPE */
307 uint8_t ethernet_header_length; /* ETHERNET_HEADER_LENGTH */
308 });
309 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_common) == 20);
310
311 /* Part of data record flow key for VLAN entities. */
312 OVS_PACKED(
313 struct ipfix_data_record_flow_key_vlan {
314 ovs_be16 vlan_id; /* VLAN_ID */
315 ovs_be16 dot1q_vlan_id; /* DOT1Q_VLAN_ID */
316 uint8_t dot1q_priority; /* DOT1Q_PRIORITY */
317 });
318 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_vlan) == 5);
319
320 /* Part of data record flow key for IP entities. */
321 /* XXX: Replace IP_TTL with MINIMUM_TTL and MAXIMUM_TTL? */
322 OVS_PACKED(
323 struct ipfix_data_record_flow_key_ip {
324 uint8_t ip_version; /* IP_VERSION */
325 uint8_t ip_ttl; /* IP_TTL */
326 uint8_t protocol_identifier; /* PROTOCOL_IDENTIFIER */
327 uint8_t ip_diff_serv_code_point; /* IP_DIFF_SERV_CODE_POINT */
328 uint8_t ip_precedence; /* IP_PRECEDENCE */
329 uint8_t ip_class_of_service; /* IP_CLASS_OF_SERVICE */
330 });
331 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ip) == 6);
332
333 /* Part of data record flow key for IPv4 entities. */
334 OVS_PACKED(
335 struct ipfix_data_record_flow_key_ipv4 {
336 ovs_be32 source_ipv4_address; /* SOURCE_IPV4_ADDRESS */
337 ovs_be32 destination_ipv4_address; /* DESTINATION_IPV4_ADDRESS */
338 });
339 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ipv4) == 8);
340
341 /* Part of data record flow key for IPv6 entities. */
342 OVS_PACKED(
343 struct ipfix_data_record_flow_key_ipv6 {
344 uint8_t source_ipv6_address[16]; /* SOURCE_IPV6_ADDRESS */
345 uint8_t destination_ipv6_address[16]; /* DESTINATION_IPV6_ADDRESS */
346 ovs_be32 flow_label_ipv6; /* FLOW_LABEL_IPV6 */
347 });
348 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ipv6) == 36);
349
350 /* Part of data record flow key for TCP/UDP/SCTP entities. */
351 OVS_PACKED(
352 struct ipfix_data_record_flow_key_transport {
353 ovs_be16 source_transport_port; /* SOURCE_TRANSPORT_PORT */
354 ovs_be16 destination_transport_port; /* DESTINATION_TRANSPORT_PORT */
355 });
356 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_transport) == 4);
357
358 /* Part of data record flow key for ICMP entities. */
359 OVS_PACKED(
360 struct ipfix_data_record_flow_key_icmp {
361 uint8_t icmp_type; /* ICMP_TYPE_IPV4 / ICMP_TYPE_IPV6 */
362 uint8_t icmp_code; /* ICMP_CODE_IPV4 / ICMP_CODE_IPV6 */
363 });
364 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_icmp) == 2);
365
366 static uint8_t tunnel_protocol[NUM_DPIF_IPFIX_TUNNEL] = {
367 0, /* reserved */
368 IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_VXLAN */
369 IPPROTO_GRE, /* DPIF_IPFIX_TUNNEL_GRE */
370 IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_LISP*/
371 IPPROTO_TCP, /* DPIF_IPFIX_TUNNEL_STT*/
372 0 , /* reserved */
373 IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_GENEVE*/
374 };
375
376 OVS_PACKED(
377 struct ipfix_data_record_flow_key_tunnel {
378 ovs_be32 tunnel_source_ipv4_address; /* TUNNEL_SOURCE_IPV4_ADDRESS */
379 ovs_be32 tunnel_destination_ipv4_address; /* TUNNEL_DESTINATION_IPV4_ADDRESS */
380 uint8_t tunnel_protocol_identifier; /* TUNNEL_PROTOCOL_IDENTIFIER */
381 ovs_be16 tunnel_source_transport_port; /* TUNNEL_SOURCE_TRANSPORT_PORT */
382 ovs_be16 tunnel_destination_transport_port; /* TUNNEL_DESTINATION_TRANSPORT_PORT */
383 uint8_t tunnel_type; /* TUNNEL_TYPE */
384 uint8_t tunnel_key_length; /* length of TUNNEL_KEY */
385 uint8_t tunnel_key[]; /* data of TUNNEL_KEY */
386 });
387 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_tunnel) == 15);
388
389 /* Cf. IETF RFC 5102 Section 5.11.3. */
390 enum ipfix_flow_end_reason {
391 IDLE_TIMEOUT = 0x01,
392 ACTIVE_TIMEOUT = 0x02,
393 END_OF_FLOW_DETECTED = 0x03,
394 FORCED_END = 0x04,
395 LACK_OF_RESOURCES = 0x05
396 };
397
398 /* Exporting Process Reliability Statistics data record. */
399 OVS_PACKED(
400 struct ipfix_data_record_exporter_stats {
401 /* Scope Fields */
402 ovs_be32 exporting_process_id; /* EXPORTING_PROCESS_ID */
403
404 /* Fields */
405 ovs_be64 not_sent_packet_total_count; /* NOT_SENT_PACKET_TOTAL_COUNT */
406 });
407 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_exporter_stats) == 12);
408
409 /* Part of data record for common aggregated elements. */
410 OVS_PACKED(
411 struct ipfix_data_record_aggregated_common {
412 ovs_be32 flow_start_delta_microseconds; /* FLOW_START_DELTA_MICROSECONDS */
413 ovs_be32 flow_end_delta_microseconds; /* FLOW_END_DELTA_MICROSECONDS */
414 ovs_be64 dropped_packet_delta_count; /* DROPPED_PACKET_DELTA_COUNT */
415 ovs_be64 dropped_packet_total_count; /* DROPPED_PACKET_TOTAL_COUNT */
416 ovs_be64 packet_delta_count; /* PACKET_DELTA_COUNT */
417 ovs_be64 packet_total_count; /* PACKET_TOTAL_COUNT */
418 /* INGRESS_UNICAST_PACKET_TOTAL_COUNT */
419 ovs_be64 in_ucast_packet_total_count;
420 /* INGRESS_MULTICAST_PACKET_TOTAL_COUNT */
421 ovs_be64 in_mcast_packet_total_count;
422 /* INGRESS_BROADCAST_PACKET_TOTAL_COUNT */
423 ovs_be64 in_bcast_packet_total_count;
424 /* EGRESS_UNICAST_PACKET_TOTAL_COUNT */
425 ovs_be64 out_ucast_packet_total_count;
426 /* EGRESS_BROADCAST_PACKET_TOTAL_COUNT */
427 ovs_be64 out_bcast_packet_total_count;
428 ovs_be64 post_mcast_packet_delta_count; /* POST_MCAST_PACKET_DELTA_COUNT */
429 ovs_be64 post_mcast_packet_total_count; /* POST_MCAST_PACKET_TOTAL_COUNT */
430 ovs_be64 layer2_octet_delta_count; /* LAYER2_OCTET_DELTA_COUNT */
431 ovs_be64 layer2_octet_total_count; /* LAYER2_OCTET_TOTAL_COUNT */
432 uint8_t flow_end_reason; /* FLOW_END_REASON */
433 });
434 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_common) == 113);
435
436 /* Part of data record for IP aggregated elements. */
437 OVS_PACKED(
438 struct ipfix_data_record_aggregated_ip {
439 ovs_be64 dropped_octet_delta_count; /* DROPPED_OCTET_DELTA_COUNT */
440 ovs_be64 dropped_octet_total_count; /* DROPPED_OCTET_TOTAL_COUNT */
441 ovs_be64 octet_delta_count; /* OCTET_DELTA_COUNT */
442 ovs_be64 octet_total_count; /* OCTET_TOTAL_COUNT */
443 ovs_be64 octet_delta_sum_of_squares; /* OCTET_DELTA_SUM_OF_SQUARES */
444 ovs_be64 octet_total_sum_of_squares; /* OCTET_TOTAL_SUM_OF_SQUARES */
445 ovs_be64 minimum_ip_total_length; /* MINIMUM_IP_TOTAL_LENGTH */
446 ovs_be64 maximum_ip_total_length; /* MAXIMUM_IP_TOTAL_LENGTH */
447 ovs_be64 post_mcast_octet_delta_count; /* POST_MCAST_OCTET_DELTA_COUNT */
448 ovs_be64 post_mcast_octet_total_count; /* POST_MCAST_OCTET_TOTAL_COUNT */
449 });
450 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_ip) == 80);
451
452 /* Part of data record for TCP aggregated elements. */
453 OVS_PACKED(
454 struct ipfix_data_record_aggregated_tcp {
455 ovs_be64 tcp_ack_total_count; /* TCP_ACK_TOTAL_COUNT */
456 ovs_be64 tcp_fin_total_count; /* TCP_FIN_TOTAL_COUNT */
457 ovs_be64 tcp_psh_total_count; /* TCP_PSH_TOTAL_COUNT */
458 ovs_be64 tcp_rst_total_count; /* TCP_RST_TOTAL_COUNT */
459 ovs_be64 tcp_syn_total_count; /* TCP_SYN_TOTAL_COUNT */
460 ovs_be64 tcp_urg_total_count; /* TCP_URG_TOTAL_COUNT */
461 });
462 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_tcp) == 48);
463
464 /*
465 * Refer to RFC 7011, the length of Variable length element is 0~65535:
466 * In most case, it should be less than 255 octets:
467 * 0 1 2 3
468 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
469 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
470 * | Length (< 255)| Information Element |
471 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
472 * | ... continuing as needed |
473 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
474 *
475 * When it is greater than or equeal to 255 octets:
476 * 0 1 2 3
477 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
478 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
479 * | 255 | Length (0 to 65535) | IE |
480 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
481 * | ... continuing as needed |
482 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
483 *
484 *
485 * Now, only the virtual_obs_id whose length < 255 is implemented.
486 */
487
488 #define IPFIX_VIRTUAL_OBS_MAX_LEN 254
489
490 /*
491 * support tunnel key for:
492 * VxLAN: 24-bit VIN,
493 * GRE: 32-bit key,
494 * LISP: 24-bit instance ID
495 * STT: 64-bit key
496 */
497 #define MAX_TUNNEL_KEY_LEN 8
498
499 #define MAX_FLOW_KEY_LEN \
500 (sizeof(struct ipfix_data_record_flow_key_common) \
501 + sizeof(struct ipfix_data_record_flow_key_vlan) \
502 + sizeof(struct ipfix_data_record_flow_key_ip) \
503 + MAX(sizeof(struct ipfix_data_record_flow_key_ipv4), \
504 sizeof(struct ipfix_data_record_flow_key_ipv6)) \
505 + MAX(sizeof(struct ipfix_data_record_flow_key_icmp), \
506 sizeof(struct ipfix_data_record_flow_key_transport)) \
507 + sizeof(struct ipfix_data_record_flow_key_tunnel) \
508 + MAX_TUNNEL_KEY_LEN)
509
510 #define MAX_DATA_RECORD_LEN \
511 (MAX_FLOW_KEY_LEN \
512 + sizeof(struct ipfix_data_record_aggregated_common) \
513 + sizeof(struct ipfix_data_record_aggregated_ip) \
514 + sizeof(struct ipfix_data_record_aggregated_tcp))
515
516 #define MAX_OPTIONS_DATA_RECORD_LEN \
517 (sizeof(struct ipfix_data_record_exporter_stats))
518
519
520 /* Max length of a data set. To simplify the implementation, each
521 * data record is sent in a separate data set, so each data set
522 * contains at most one data record. */
523 #define MAX_DATA_SET_LEN \
524 (sizeof(struct ipfix_set_header) \
525 + MAX(MAX_DATA_RECORD_LEN, \
526 MAX_OPTIONS_DATA_RECORD_LEN))
527
528 /* Max length of an IPFIX message. Arbitrarily set to accommodate low
529 * MTU. */
530 #define MAX_MESSAGE_LEN 1024
531
532 /* Cache structures. */
533
534 /* Flow key. */
535 struct ipfix_flow_key {
536 uint32_t obs_domain_id;
537 uint16_t template_id;
538 size_t flow_key_msg_part_size;
539 uint64_t flow_key_msg_part[DIV_ROUND_UP(MAX_FLOW_KEY_LEN, 8)];
540 };
541
542 /* Flow cache entry. */
543 struct ipfix_flow_cache_entry {
544 struct hmap_node flow_key_map_node;
545 struct ovs_list cache_flow_start_timestamp_list_node;
546 struct ipfix_flow_key flow_key;
547 /* Common aggregated elements. */
548 uint64_t flow_start_timestamp_usec;
549 uint64_t flow_end_timestamp_usec;
550 uint64_t dropped_packet_delta_count;
551 uint64_t dropped_packet_total_count;
552 uint64_t packet_delta_count;
553 uint64_t packet_total_count;
554 uint64_t in_ucast_packet_total_count;
555 uint64_t in_mcast_packet_total_count;
556 uint64_t in_bcast_packet_total_count;
557 uint64_t out_ucast_packet_total_count;
558 uint64_t out_bcast_packet_total_count;
559 uint64_t post_mcast_packet_total_count;
560 uint64_t post_mcast_packet_delta_count;
561 uint64_t post_mcast_octet_total_count;
562 uint64_t post_mcast_octet_delta_count;
563 uint64_t layer2_octet_delta_count;
564 uint64_t layer2_octet_total_count;
565 uint64_t dropped_octet_delta_count;
566 uint64_t dropped_octet_total_count;
567 uint64_t octet_delta_count;
568 uint64_t octet_total_count;
569 uint64_t octet_delta_sum_of_squares; /* 0 if not IP. */
570 uint64_t octet_total_sum_of_squares; /* 0 if not IP. */
571 uint16_t minimum_ip_total_length; /* 0 if not IP. */
572 uint16_t maximum_ip_total_length; /* 0 if not IP. */
573 uint64_t tcp_packet_delta_count;
574 uint64_t tcp_ack_total_count;
575 uint64_t tcp_fin_total_count;
576 uint64_t tcp_psh_total_count;
577 uint64_t tcp_rst_total_count;
578 uint64_t tcp_syn_total_count;
579 uint64_t tcp_urg_total_count;
580 };
581
582 static void dpif_ipfix_cache_expire(struct dpif_ipfix_exporter *, bool,
583 const uint64_t, const uint32_t);
584
585 static void get_export_time_now(uint64_t *, uint32_t *);
586
587 static void dpif_ipfix_cache_expire_now(struct dpif_ipfix_exporter *, bool);
588
589 static bool
590 ofproto_ipfix_bridge_exporter_options_equal(
591 const struct ofproto_ipfix_bridge_exporter_options *a,
592 const struct ofproto_ipfix_bridge_exporter_options *b)
593 {
594 return (a->obs_domain_id == b->obs_domain_id
595 && a->obs_point_id == b->obs_point_id
596 && a->sampling_rate == b->sampling_rate
597 && a->cache_active_timeout == b->cache_active_timeout
598 && a->cache_max_flows == b->cache_max_flows
599 && a->enable_tunnel_sampling == b->enable_tunnel_sampling
600 && a->enable_input_sampling == b->enable_input_sampling
601 && a->enable_output_sampling == b->enable_output_sampling
602 && sset_equals(&a->targets, &b->targets)
603 && nullable_string_is_equal(a->virtual_obs_id, b->virtual_obs_id));
604 }
605
606 static struct ofproto_ipfix_bridge_exporter_options *
607 ofproto_ipfix_bridge_exporter_options_clone(
608 const struct ofproto_ipfix_bridge_exporter_options *old)
609 {
610 struct ofproto_ipfix_bridge_exporter_options *new =
611 xmemdup(old, sizeof *old);
612 sset_clone(&new->targets, &old->targets);
613 new->virtual_obs_id = nullable_xstrdup(old->virtual_obs_id);
614 return new;
615 }
616
617 static void
618 ofproto_ipfix_bridge_exporter_options_destroy(
619 struct ofproto_ipfix_bridge_exporter_options *options)
620 {
621 if (options) {
622 sset_destroy(&options->targets);
623 free(options->virtual_obs_id);
624 free(options);
625 }
626 }
627
628 static bool
629 ofproto_ipfix_flow_exporter_options_equal(
630 const struct ofproto_ipfix_flow_exporter_options *a,
631 const struct ofproto_ipfix_flow_exporter_options *b)
632 {
633 return (a->collector_set_id == b->collector_set_id
634 && a->cache_active_timeout == b->cache_active_timeout
635 && a->cache_max_flows == b->cache_max_flows
636 && a->enable_tunnel_sampling == b->enable_tunnel_sampling
637 && sset_equals(&a->targets, &b->targets)
638 && nullable_string_is_equal(a->virtual_obs_id, b->virtual_obs_id));
639 }
640
641 static struct ofproto_ipfix_flow_exporter_options *
642 ofproto_ipfix_flow_exporter_options_clone(
643 const struct ofproto_ipfix_flow_exporter_options *old)
644 {
645 struct ofproto_ipfix_flow_exporter_options *new =
646 xmemdup(old, sizeof *old);
647 sset_clone(&new->targets, &old->targets);
648 new->virtual_obs_id = nullable_xstrdup(old->virtual_obs_id);
649 return new;
650 }
651
652 static void
653 ofproto_ipfix_flow_exporter_options_destroy(
654 struct ofproto_ipfix_flow_exporter_options *options)
655 {
656 if (options) {
657 sset_destroy(&options->targets);
658 free(options->virtual_obs_id);
659 free(options);
660 }
661 }
662
663 static void
664 dpif_ipfix_exporter_init(struct dpif_ipfix_exporter *exporter)
665 {
666 exporter->exporter_id = ++exporter_total_count;
667 exporter->collectors = NULL;
668 exporter->seq_number = 1;
669 exporter->last_template_set_time = 0;
670 hmap_init(&exporter->cache_flow_key_map);
671 ovs_list_init(&exporter->cache_flow_start_timestamp_list);
672 exporter->cache_active_timeout = 0;
673 exporter->cache_max_flows = 0;
674 exporter->virtual_obs_id = NULL;
675 exporter->virtual_obs_len = 0;
676
677 memset(&exporter->ipfix_global_stats, 0,
678 sizeof(struct dpif_ipfix_global_stats));
679 }
680
681 static void
682 dpif_ipfix_exporter_clear(struct dpif_ipfix_exporter *exporter)
683 {
684 /* Flush the cache with flow end reason "forced end." */
685 dpif_ipfix_cache_expire_now(exporter, true);
686
687 collectors_destroy(exporter->collectors);
688 exporter->exporter_id = 0;
689 exporter->collectors = NULL;
690 exporter->seq_number = 1;
691 exporter->last_template_set_time = 0;
692 exporter->cache_active_timeout = 0;
693 exporter->cache_max_flows = 0;
694 free(exporter->virtual_obs_id);
695 exporter->virtual_obs_id = NULL;
696 exporter->virtual_obs_len = 0;
697
698 memset(&exporter->ipfix_global_stats, 0,
699 sizeof(struct dpif_ipfix_global_stats));
700 }
701
702 static void
703 dpif_ipfix_exporter_destroy(struct dpif_ipfix_exporter *exporter)
704 {
705 dpif_ipfix_exporter_clear(exporter);
706 hmap_destroy(&exporter->cache_flow_key_map);
707 }
708
709 static bool
710 dpif_ipfix_exporter_set_options(struct dpif_ipfix_exporter *exporter,
711 const struct sset *targets,
712 const uint32_t cache_active_timeout,
713 const uint32_t cache_max_flows,
714 const char *virtual_obs_id)
715 {
716 size_t virtual_obs_len;
717 collectors_destroy(exporter->collectors);
718 collectors_create(targets, IPFIX_DEFAULT_COLLECTOR_PORT,
719 &exporter->collectors);
720 if (exporter->collectors == NULL) {
721 VLOG_WARN_RL(&rl, "no collectors could be initialized, "
722 "IPFIX exporter disabled");
723 dpif_ipfix_exporter_clear(exporter);
724 return false;
725 }
726 exporter->cache_active_timeout = cache_active_timeout;
727 exporter->cache_max_flows = cache_max_flows;
728 virtual_obs_len = virtual_obs_id ? strlen(virtual_obs_id) : 0;
729 if (virtual_obs_len > IPFIX_VIRTUAL_OBS_MAX_LEN) {
730 VLOG_WARN_RL(&rl, "Virtual obsevation ID too long (%d bytes), "
731 "should not be longer than %d bytes.",
732 exporter->virtual_obs_len, IPFIX_VIRTUAL_OBS_MAX_LEN);
733 dpif_ipfix_exporter_clear(exporter);
734 return false;
735 }
736 exporter->virtual_obs_len = virtual_obs_len;
737 exporter->virtual_obs_id = nullable_xstrdup(virtual_obs_id);
738 return true;
739 }
740
741 static struct dpif_ipfix_port *
742 dpif_ipfix_find_port(const struct dpif_ipfix *di,
743 odp_port_t odp_port) OVS_REQUIRES(mutex)
744 {
745 struct dpif_ipfix_port *dip;
746
747 HMAP_FOR_EACH_IN_BUCKET (dip, hmap_node, hash_odp_port(odp_port),
748 &di->tunnel_ports) {
749 if (dip->odp_port == odp_port) {
750 return dip;
751 }
752 }
753 return NULL;
754 }
755
756 static void
757 dpif_ipfix_del_port(struct dpif_ipfix *di,
758 struct dpif_ipfix_port *dip)
759 OVS_REQUIRES(mutex)
760 {
761 hmap_remove(&di->tunnel_ports, &dip->hmap_node);
762 free(dip);
763 }
764
765 void
766 dpif_ipfix_add_tunnel_port(struct dpif_ipfix *di, struct ofport *ofport,
767 odp_port_t odp_port) OVS_EXCLUDED(mutex)
768 {
769 struct dpif_ipfix_port *dip;
770 const char *type;
771
772 ovs_mutex_lock(&mutex);
773 dip = dpif_ipfix_find_port(di, odp_port);
774 if (dip) {
775 dpif_ipfix_del_port(di, dip);
776 }
777
778 type = netdev_get_type(ofport->netdev);
779 if (type == NULL) {
780 goto out;
781 }
782
783 /* Add to table of tunnel ports. */
784 dip = xmalloc(sizeof *dip);
785 dip->ofport = ofport;
786 dip->odp_port = odp_port;
787 if (strcmp(type, "gre") == 0) {
788 /* 32-bit key gre */
789 dip->tunnel_type = DPIF_IPFIX_TUNNEL_GRE;
790 dip->tunnel_key_length = 4;
791 } else if (strcmp(type, "vxlan") == 0) {
792 dip->tunnel_type = DPIF_IPFIX_TUNNEL_VXLAN;
793 dip->tunnel_key_length = 3;
794 } else if (strcmp(type, "lisp") == 0) {
795 dip->tunnel_type = DPIF_IPFIX_TUNNEL_LISP;
796 dip->tunnel_key_length = 3;
797 } else if (strcmp(type, "geneve") == 0) {
798 dip->tunnel_type = DPIF_IPFIX_TUNNEL_GENEVE;
799 dip->tunnel_key_length = 3;
800 } else if (strcmp(type, "stt") == 0) {
801 dip->tunnel_type = DPIF_IPFIX_TUNNEL_STT;
802 dip->tunnel_key_length = 8;
803 } else {
804 free(dip);
805 goto out;
806 }
807 hmap_insert(&di->tunnel_ports, &dip->hmap_node, hash_odp_port(odp_port));
808
809 out:
810 ovs_mutex_unlock(&mutex);
811 }
812
813 void
814 dpif_ipfix_del_tunnel_port(struct dpif_ipfix *di, odp_port_t odp_port)
815 OVS_EXCLUDED(mutex)
816 {
817 struct dpif_ipfix_port *dip;
818 ovs_mutex_lock(&mutex);
819 dip = dpif_ipfix_find_port(di, odp_port);
820 if (dip) {
821 dpif_ipfix_del_port(di, dip);
822 }
823 ovs_mutex_unlock(&mutex);
824 }
825
826 bool
827 dpif_ipfix_get_tunnel_port(const struct dpif_ipfix *di, odp_port_t odp_port)
828 OVS_EXCLUDED(mutex)
829 {
830 struct dpif_ipfix_port *dip;
831 ovs_mutex_lock(&mutex);
832 dip = dpif_ipfix_find_port(di, odp_port);
833 ovs_mutex_unlock(&mutex);
834 return dip != NULL;
835 }
836
837 static void
838 dpif_ipfix_bridge_exporter_init(struct dpif_ipfix_bridge_exporter *exporter)
839 {
840 dpif_ipfix_exporter_init(&exporter->exporter);
841 exporter->options = NULL;
842 exporter->probability = 0;
843 }
844
845 static void
846 dpif_ipfix_bridge_exporter_clear(struct dpif_ipfix_bridge_exporter *exporter)
847 {
848 dpif_ipfix_exporter_clear(&exporter->exporter);
849 ofproto_ipfix_bridge_exporter_options_destroy(exporter->options);
850 exporter->options = NULL;
851 exporter->probability = 0;
852 }
853
854 static void
855 dpif_ipfix_bridge_exporter_destroy(struct dpif_ipfix_bridge_exporter *exporter)
856 {
857 dpif_ipfix_bridge_exporter_clear(exporter);
858 dpif_ipfix_exporter_destroy(&exporter->exporter);
859 }
860
861 static void
862 dpif_ipfix_bridge_exporter_set_options(
863 struct dpif_ipfix_bridge_exporter *exporter,
864 const struct ofproto_ipfix_bridge_exporter_options *options)
865 {
866 bool options_changed;
867
868 if (!options || sset_is_empty(&options->targets)) {
869 /* No point in doing any work if there are no targets. */
870 dpif_ipfix_bridge_exporter_clear(exporter);
871 return;
872 }
873
874 options_changed = (
875 !exporter->options
876 || !ofproto_ipfix_bridge_exporter_options_equal(
877 options, exporter->options));
878
879 /* Configure collectors if options have changed or if we're
880 * shortchanged in collectors (which indicates that opening one or
881 * more of the configured collectors failed, so that we should
882 * retry). */
883 if (options_changed
884 || collectors_count(exporter->exporter.collectors)
885 < sset_count(&options->targets)) {
886 if (!dpif_ipfix_exporter_set_options(
887 &exporter->exporter, &options->targets,
888 options->cache_active_timeout, options->cache_max_flows,
889 options->virtual_obs_id)) {
890 return;
891 }
892 }
893
894 /* Avoid reconfiguring if options didn't change. */
895 if (!options_changed) {
896 return;
897 }
898
899 ofproto_ipfix_bridge_exporter_options_destroy(exporter->options);
900 exporter->options = ofproto_ipfix_bridge_exporter_options_clone(options);
901 exporter->probability =
902 MAX(1, UINT32_MAX / exporter->options->sampling_rate);
903
904 /* Run over the cache as some entries might have expired after
905 * changing the timeouts. */
906 dpif_ipfix_cache_expire_now(&exporter->exporter, false);
907 }
908
909 static struct dpif_ipfix_flow_exporter_map_node*
910 dpif_ipfix_find_flow_exporter_map_node(
911 const struct dpif_ipfix *di, const uint32_t collector_set_id)
912 OVS_REQUIRES(mutex)
913 {
914 struct dpif_ipfix_flow_exporter_map_node *exporter_node;
915
916 HMAP_FOR_EACH_WITH_HASH (exporter_node, node,
917 hash_int(collector_set_id, 0),
918 &di->flow_exporter_map) {
919 if (exporter_node->exporter.options->collector_set_id
920 == collector_set_id) {
921 return exporter_node;
922 }
923 }
924
925 return NULL;
926 }
927
928 static void
929 dpif_ipfix_flow_exporter_init(struct dpif_ipfix_flow_exporter *exporter)
930 {
931 dpif_ipfix_exporter_init(&exporter->exporter);
932 exporter->options = NULL;
933 }
934
935 static void
936 dpif_ipfix_flow_exporter_clear(struct dpif_ipfix_flow_exporter *exporter)
937 {
938 dpif_ipfix_exporter_clear(&exporter->exporter);
939 ofproto_ipfix_flow_exporter_options_destroy(exporter->options);
940 exporter->options = NULL;
941 }
942
943 static void
944 dpif_ipfix_flow_exporter_destroy(struct dpif_ipfix_flow_exporter *exporter)
945 {
946 dpif_ipfix_flow_exporter_clear(exporter);
947 dpif_ipfix_exporter_destroy(&exporter->exporter);
948 }
949
950 static bool
951 dpif_ipfix_flow_exporter_set_options(
952 struct dpif_ipfix_flow_exporter *exporter,
953 const struct ofproto_ipfix_flow_exporter_options *options)
954 {
955 bool options_changed;
956
957 if (sset_is_empty(&options->targets)) {
958 /* No point in doing any work if there are no targets. */
959 dpif_ipfix_flow_exporter_clear(exporter);
960 return true;
961 }
962
963 options_changed = (
964 !exporter->options
965 || !ofproto_ipfix_flow_exporter_options_equal(
966 options, exporter->options));
967
968 /* Configure collectors if options have changed or if we're
969 * shortchanged in collectors (which indicates that opening one or
970 * more of the configured collectors failed, so that we should
971 * retry). */
972 if (options_changed
973 || collectors_count(exporter->exporter.collectors)
974 < sset_count(&options->targets)) {
975 if (!dpif_ipfix_exporter_set_options(
976 &exporter->exporter, &options->targets,
977 options->cache_active_timeout, options->cache_max_flows,
978 options->virtual_obs_id)) {
979 return false;
980 }
981 }
982
983 /* Avoid reconfiguring if options didn't change. */
984 if (!options_changed) {
985 return true;
986 }
987
988 ofproto_ipfix_flow_exporter_options_destroy(exporter->options);
989 exporter->options = ofproto_ipfix_flow_exporter_options_clone(options);
990
991 /* Run over the cache as some entries might have expired after
992 * changing the timeouts. */
993 dpif_ipfix_cache_expire_now(&exporter->exporter, false);
994
995 return true;
996 }
997
998 static void
999 remove_flow_exporter(struct dpif_ipfix *di,
1000 struct dpif_ipfix_flow_exporter_map_node *node)
1001 {
1002 hmap_remove(&di->flow_exporter_map, &node->node);
1003 dpif_ipfix_flow_exporter_destroy(&node->exporter);
1004 free(node);
1005 }
1006
1007 void
1008 dpif_ipfix_set_options(
1009 struct dpif_ipfix *di,
1010 const struct ofproto_ipfix_bridge_exporter_options *bridge_exporter_options,
1011 const struct ofproto_ipfix_flow_exporter_options *flow_exporters_options,
1012 size_t n_flow_exporters_options) OVS_EXCLUDED(mutex)
1013 {
1014 int i;
1015 struct ofproto_ipfix_flow_exporter_options *options;
1016 struct dpif_ipfix_flow_exporter_map_node *node, *next;
1017
1018 ovs_mutex_lock(&mutex);
1019 dpif_ipfix_bridge_exporter_set_options(&di->bridge_exporter,
1020 bridge_exporter_options);
1021
1022 /* Add new flow exporters and update current flow exporters. */
1023 options = (struct ofproto_ipfix_flow_exporter_options *)
1024 flow_exporters_options;
1025 for (i = 0; i < n_flow_exporters_options; i++) {
1026 node = dpif_ipfix_find_flow_exporter_map_node(
1027 di, options->collector_set_id);
1028 if (!node) {
1029 node = xzalloc(sizeof *node);
1030 dpif_ipfix_flow_exporter_init(&node->exporter);
1031 hmap_insert(&di->flow_exporter_map, &node->node,
1032 hash_int(options->collector_set_id, 0));
1033 }
1034 if (!dpif_ipfix_flow_exporter_set_options(&node->exporter, options)) {
1035 remove_flow_exporter(di, node);
1036 }
1037 options++;
1038 }
1039
1040 /* Remove dropped flow exporters, if any needs to be removed. */
1041 HMAP_FOR_EACH_SAFE (node, next, node, &di->flow_exporter_map) {
1042 /* This is slow but doesn't take any extra memory, and
1043 * this table is not supposed to contain many rows anyway. */
1044 options = (struct ofproto_ipfix_flow_exporter_options *)
1045 flow_exporters_options;
1046 for (i = 0; i < n_flow_exporters_options; i++) {
1047 if (node->exporter.options->collector_set_id
1048 == options->collector_set_id) {
1049 break;
1050 }
1051 options++;
1052 }
1053 if (i == n_flow_exporters_options) { // Not found.
1054 remove_flow_exporter(di, node);
1055 }
1056 }
1057
1058 ovs_mutex_unlock(&mutex);
1059 }
1060
1061 struct dpif_ipfix *
1062 dpif_ipfix_create(void)
1063 {
1064 struct dpif_ipfix *di;
1065 di = xzalloc(sizeof *di);
1066 dpif_ipfix_bridge_exporter_init(&di->bridge_exporter);
1067 hmap_init(&di->flow_exporter_map);
1068 hmap_init(&di->tunnel_ports);
1069 ovs_refcount_init(&di->ref_cnt);
1070 return di;
1071 }
1072
1073 struct dpif_ipfix *
1074 dpif_ipfix_ref(const struct dpif_ipfix *di_)
1075 {
1076 struct dpif_ipfix *di = CONST_CAST(struct dpif_ipfix *, di_);
1077 if (di) {
1078 ovs_refcount_ref(&di->ref_cnt);
1079 }
1080 return di;
1081 }
1082
1083 uint32_t
1084 dpif_ipfix_get_bridge_exporter_probability(const struct dpif_ipfix *di)
1085 OVS_EXCLUDED(mutex)
1086 {
1087 uint32_t ret;
1088 ovs_mutex_lock(&mutex);
1089 ret = di->bridge_exporter.probability;
1090 ovs_mutex_unlock(&mutex);
1091 return ret;
1092 }
1093
1094 bool
1095 dpif_ipfix_get_bridge_exporter_input_sampling(const struct dpif_ipfix *di)
1096 OVS_EXCLUDED(mutex)
1097 {
1098 bool ret = false;
1099 ovs_mutex_lock(&mutex);
1100 if (di->bridge_exporter.options) {
1101 ret = di->bridge_exporter.options->enable_input_sampling;
1102 }
1103 ovs_mutex_unlock(&mutex);
1104 return ret;
1105 }
1106
1107 bool
1108 dpif_ipfix_get_bridge_exporter_output_sampling(const struct dpif_ipfix *di)
1109 OVS_EXCLUDED(mutex)
1110 {
1111 bool ret = false;
1112 ovs_mutex_lock(&mutex);
1113 if (di->bridge_exporter.options) {
1114 ret = di->bridge_exporter.options->enable_output_sampling;
1115 }
1116 ovs_mutex_unlock(&mutex);
1117 return ret;
1118 }
1119
1120 bool
1121 dpif_ipfix_get_bridge_exporter_tunnel_sampling(const struct dpif_ipfix *di)
1122 OVS_EXCLUDED(mutex)
1123 {
1124 bool ret = false;
1125 ovs_mutex_lock(&mutex);
1126 if (di->bridge_exporter.options) {
1127 ret = di->bridge_exporter.options->enable_tunnel_sampling;
1128 }
1129 ovs_mutex_unlock(&mutex);
1130 return ret;
1131 }
1132
1133 bool
1134 dpif_ipfix_get_flow_exporter_tunnel_sampling(const struct dpif_ipfix *di,
1135 const uint32_t collector_set_id)
1136 OVS_EXCLUDED(mutex)
1137 {
1138 ovs_mutex_lock(&mutex);
1139 struct dpif_ipfix_flow_exporter_map_node *node
1140 = dpif_ipfix_find_flow_exporter_map_node(di, collector_set_id);
1141 bool ret = (node
1142 && node->exporter.options
1143 && node->exporter.options->enable_tunnel_sampling);
1144 ovs_mutex_unlock(&mutex);
1145
1146 return ret;
1147 }
1148
1149 static void
1150 dpif_ipfix_clear(struct dpif_ipfix *di) OVS_REQUIRES(mutex)
1151 {
1152 struct dpif_ipfix_flow_exporter_map_node *exp_node;
1153 struct dpif_ipfix_port *dip, *next;
1154
1155 dpif_ipfix_bridge_exporter_clear(&di->bridge_exporter);
1156
1157 HMAP_FOR_EACH_POP (exp_node, node, &di->flow_exporter_map) {
1158 dpif_ipfix_flow_exporter_destroy(&exp_node->exporter);
1159 free(exp_node);
1160 }
1161
1162 HMAP_FOR_EACH_SAFE (dip, next, hmap_node, &di->tunnel_ports) {
1163 dpif_ipfix_del_port(di, dip);
1164 }
1165 }
1166
1167 void
1168 dpif_ipfix_unref(struct dpif_ipfix *di) OVS_EXCLUDED(mutex)
1169 {
1170 if (di && ovs_refcount_unref_relaxed(&di->ref_cnt) == 1) {
1171 ovs_mutex_lock(&mutex);
1172 dpif_ipfix_clear(di);
1173 dpif_ipfix_bridge_exporter_destroy(&di->bridge_exporter);
1174 hmap_destroy(&di->flow_exporter_map);
1175 hmap_destroy(&di->tunnel_ports);
1176 free(di);
1177 ovs_mutex_unlock(&mutex);
1178 }
1179 }
1180
1181 static void
1182 ipfix_init_header(uint32_t export_time_sec, uint32_t seq_number,
1183 uint32_t obs_domain_id, struct dp_packet *msg)
1184 {
1185 struct ipfix_header *hdr;
1186
1187 hdr = dp_packet_put_zeros(msg, sizeof *hdr);
1188 hdr->version = htons(IPFIX_VERSION);
1189 hdr->length = htons(sizeof *hdr); /* Updated in ipfix_send_msg. */
1190 hdr->export_time = htonl(export_time_sec);
1191 hdr->seq_number = htonl(seq_number);
1192 hdr->obs_domain_id = htonl(obs_domain_id);
1193 }
1194
1195 static size_t
1196 ipfix_send_msg(const struct collectors *collectors, struct dp_packet *msg)
1197 {
1198 struct ipfix_header *hdr;
1199 size_t tx_errors;
1200
1201 /* Adjust the length in the header. */
1202 hdr = dp_packet_data(msg);
1203 hdr->length = htons(dp_packet_size(msg));
1204
1205 tx_errors = collectors_send(collectors,
1206 dp_packet_data(msg), dp_packet_size(msg));
1207 dp_packet_set_size(msg, 0);
1208
1209 return tx_errors;
1210 }
1211
1212 static uint16_t
1213 ipfix_get_template_id(enum ipfix_proto_l2 l2, enum ipfix_proto_l3 l3,
1214 enum ipfix_proto_l4 l4, enum ipfix_proto_tunnel tunnel)
1215 {
1216 uint16_t template_id;
1217 template_id = l2;
1218 template_id = template_id * NUM_IPFIX_PROTO_L3 + l3;
1219 template_id = template_id * NUM_IPFIX_PROTO_L4 + l4;
1220 template_id = template_id * NUM_IPFIX_PROTO_TUNNEL + tunnel;
1221 return IPFIX_TEMPLATE_ID_MIN + template_id;
1222 }
1223
1224 static uint16_t
1225 ipfix_get_options_template_id(enum ipfix_options_template opt_tmpl_type)
1226 {
1227 /* Check what is the maximum possible Template ID for Template Record and
1228 * use it as a base number for Template ID in Options Template Record. */
1229 uint16_t max_tmpl_id = ipfix_get_template_id(NUM_IPFIX_PROTO_L2,
1230 NUM_IPFIX_PROTO_L3,
1231 NUM_IPFIX_PROTO_L4,
1232 NUM_IPFIX_PROTO_TUNNEL);
1233
1234 return max_tmpl_id + opt_tmpl_type;
1235 }
1236
1237
1238 static void
1239 ipfix_define_template_entity(enum ipfix_entity_id id,
1240 enum ipfix_entity_size size,
1241 enum ipfix_entity_enterprise enterprise,
1242 struct dp_packet *msg)
1243 {
1244 struct ipfix_template_field_specifier *field;
1245 size_t field_size;
1246
1247 if (enterprise) {
1248 field_size = sizeof *field;
1249 } else {
1250 /* No enterprise number */
1251 field_size = sizeof *field - sizeof(ovs_be32);
1252 }
1253 field = dp_packet_put_zeros(msg, field_size);
1254 field->element_id = htons(id);
1255 if (size) {
1256 field->field_length = htons(size);
1257 } else {
1258 /* RFC 5101, Section 7. Variable-Length Information Element */
1259 field->field_length = OVS_BE16_MAX;
1260 }
1261 if (enterprise) {
1262 field->enterprise = htonl(enterprise);
1263 }
1264
1265 }
1266
1267 #define DEF(ID) \
1268 { \
1269 ipfix_define_template_entity(IPFIX_ENTITY_ID_##ID, \
1270 IPFIX_ENTITY_SIZE_##ID, \
1271 IPFIX_ENTITY_ENTERPRISE_##ID, msg); \
1272 count++; \
1273 }
1274
1275 /* Defines The Exporting Process Reliability Statistics Options Template
1276 * fields, including scope fields. Updates 'scope_field_count' and
1277 * 'field_count' in Options Template Record Header. */
1278 static uint16_t
1279 ipfix_def_exporter_options_template_fields(size_t opt_tmpl_hdr_offset,
1280 struct dp_packet *msg)
1281 {
1282 uint16_t count = 0;
1283 struct ipfix_options_template_record_header *opt_tmpl_hdr;
1284
1285 /* 1. Scope Fields Specifiers */
1286 DEF(EXPORTING_PROCESS_ID);
1287
1288 /* Update 'scope_field_count' in options template header. */
1289 opt_tmpl_hdr = (struct ipfix_options_template_record_header *)
1290 ((uint8_t *)dp_packet_data(msg) + opt_tmpl_hdr_offset);
1291 opt_tmpl_hdr->scope_field_count = htons(count);
1292
1293 /* 2. Fields Specifiers */
1294 DEF(NOT_SENT_PACKET_TOTAL_COUNT);
1295
1296 /* Update 'field_count' in options template header. */
1297 opt_tmpl_hdr= (struct ipfix_options_template_record_header *)
1298 ((uint8_t *)dp_packet_data(msg) + opt_tmpl_hdr_offset);
1299 opt_tmpl_hdr->field_count = htons(count);
1300
1301 return count;
1302 }
1303
1304 static uint16_t
1305 ipfix_def_options_template_fields(enum ipfix_options_template opt_tmpl_type,
1306 size_t opt_tmpl_hdr_offset,
1307 struct dp_packet *msg)
1308 {
1309 switch (opt_tmpl_type) {
1310 case IPFIX_OPTIONS_TEMPLATE_EXPORTER_STATS:
1311 return ipfix_def_exporter_options_template_fields(opt_tmpl_hdr_offset,
1312 msg);
1313 break;
1314 case NUM_IPFIX_OPTIONS_TEMPLATE:
1315 default:
1316 OVS_NOT_REACHED();
1317 break;
1318 }
1319
1320 return 0;
1321 }
1322
1323 /* Defines fields in Template Record. Updates 'field_count' in Template Record
1324 * Header. */
1325 static uint16_t
1326 ipfix_define_template_fields(enum ipfix_proto_l2 l2, enum ipfix_proto_l3 l3,
1327 enum ipfix_proto_l4 l4, enum ipfix_proto_tunnel tunnel,
1328 bool virtual_obs_id_set, size_t tmpl_hdr_offset,
1329 struct dp_packet *msg)
1330 {
1331
1332 struct ipfix_template_record_header *tmpl_hdr;
1333 uint16_t count = 0;
1334
1335 /* 1. Flow key. */
1336
1337 DEF(OBSERVATION_POINT_ID);
1338 DEF(FLOW_DIRECTION);
1339
1340 /* Common Ethernet entities. */
1341 DEF(SOURCE_MAC_ADDRESS);
1342 DEF(DESTINATION_MAC_ADDRESS);
1343 DEF(ETHERNET_TYPE);
1344 DEF(ETHERNET_HEADER_LENGTH);
1345
1346 if (l2 == IPFIX_PROTO_L2_VLAN) {
1347 DEF(VLAN_ID);
1348 DEF(DOT1Q_VLAN_ID);
1349 DEF(DOT1Q_PRIORITY);
1350 }
1351
1352 if (l3 != IPFIX_PROTO_L3_UNKNOWN) {
1353 DEF(IP_VERSION);
1354 DEF(IP_TTL);
1355 DEF(PROTOCOL_IDENTIFIER);
1356 DEF(IP_DIFF_SERV_CODE_POINT);
1357 DEF(IP_PRECEDENCE);
1358 DEF(IP_CLASS_OF_SERVICE);
1359
1360 if (l3 == IPFIX_PROTO_L3_IPV4) {
1361 DEF(SOURCE_IPV4_ADDRESS);
1362 DEF(DESTINATION_IPV4_ADDRESS);
1363 if (l4 == IPFIX_PROTO_L4_TCP
1364 || l4 == IPFIX_PROTO_L4_UDP
1365 || l4 == IPFIX_PROTO_L4_SCTP) {
1366 DEF(SOURCE_TRANSPORT_PORT);
1367 DEF(DESTINATION_TRANSPORT_PORT);
1368 } else if (l4 == IPFIX_PROTO_L4_ICMP) {
1369 DEF(ICMP_TYPE_IPV4);
1370 DEF(ICMP_CODE_IPV4);
1371 }
1372 } else { /* l3 == IPFIX_PROTO_L3_IPV6 */
1373 DEF(SOURCE_IPV6_ADDRESS);
1374 DEF(DESTINATION_IPV6_ADDRESS);
1375 DEF(FLOW_LABEL_IPV6);
1376 if (l4 == IPFIX_PROTO_L4_TCP
1377 || l4 == IPFIX_PROTO_L4_UDP
1378 || l4 == IPFIX_PROTO_L4_SCTP) {
1379 DEF(SOURCE_TRANSPORT_PORT);
1380 DEF(DESTINATION_TRANSPORT_PORT);
1381 } else if (l4 == IPFIX_PROTO_L4_ICMP) {
1382 DEF(ICMP_TYPE_IPV6);
1383 DEF(ICMP_CODE_IPV6);
1384 }
1385 }
1386 }
1387
1388 if (tunnel != IPFIX_PROTO_NOT_TUNNELED) {
1389 DEF(TUNNEL_SOURCE_IPV4_ADDRESS);
1390 DEF(TUNNEL_DESTINATION_IPV4_ADDRESS);
1391 DEF(TUNNEL_PROTOCOL_IDENTIFIER);
1392 DEF(TUNNEL_SOURCE_TRANSPORT_PORT);
1393 DEF(TUNNEL_DESTINATION_TRANSPORT_PORT);
1394 DEF(TUNNEL_TYPE);
1395 DEF(TUNNEL_KEY);
1396 }
1397
1398 /* 2. Virtual observation ID, which is not a part of flow key. */
1399 if (virtual_obs_id_set) {
1400 DEF(VIRTUAL_OBS_ID);
1401 }
1402
1403 /* 3. Flow aggregated data. */
1404
1405 DEF(FLOW_START_DELTA_MICROSECONDS);
1406 DEF(FLOW_END_DELTA_MICROSECONDS);
1407 DEF(DROPPED_PACKET_DELTA_COUNT);
1408 DEF(DROPPED_PACKET_TOTAL_COUNT);
1409 DEF(PACKET_DELTA_COUNT);
1410 DEF(PACKET_TOTAL_COUNT);
1411 DEF(INGRESS_UNICAST_PACKET_TOTAL_COUNT);
1412 DEF(INGRESS_MULTICAST_PACKET_TOTAL_COUNT);
1413 DEF(INGRESS_BROADCAST_PACKET_TOTAL_COUNT);
1414 DEF(EGRESS_UNICAST_PACKET_TOTAL_COUNT);
1415 DEF(EGRESS_BROADCAST_PACKET_TOTAL_COUNT);
1416 DEF(POST_MCAST_PACKET_DELTA_COUNT);
1417 DEF(POST_MCAST_PACKET_TOTAL_COUNT);
1418 DEF(LAYER2_OCTET_DELTA_COUNT);
1419 DEF(LAYER2_OCTET_TOTAL_COUNT);
1420 DEF(FLOW_END_REASON);
1421
1422 if (l3 != IPFIX_PROTO_L3_UNKNOWN) {
1423 DEF(DROPPED_OCTET_DELTA_COUNT);
1424 DEF(DROPPED_OCTET_TOTAL_COUNT);
1425 DEF(OCTET_DELTA_COUNT);
1426 DEF(OCTET_TOTAL_COUNT);
1427 DEF(OCTET_DELTA_SUM_OF_SQUARES);
1428 DEF(OCTET_TOTAL_SUM_OF_SQUARES);
1429 DEF(MINIMUM_IP_TOTAL_LENGTH);
1430 DEF(MAXIMUM_IP_TOTAL_LENGTH);
1431 DEF(POST_MCAST_OCTET_DELTA_COUNT);
1432 DEF(POST_MCAST_OCTET_TOTAL_COUNT);
1433 }
1434
1435 if (l4 == IPFIX_PROTO_L4_TCP) {
1436 DEF(TCP_ACK_TOTAL_COUNT);
1437 DEF(TCP_FIN_TOTAL_COUNT);
1438 DEF(TCP_PSH_TOTAL_COUNT);
1439 DEF(TCP_RST_TOTAL_COUNT);
1440 DEF(TCP_SYN_TOTAL_COUNT);
1441 DEF(TCP_URG_TOTAL_COUNT);
1442 }
1443
1444 /* Update 'field_count' in template header. */
1445 tmpl_hdr = (struct ipfix_template_record_header *)
1446 ((uint8_t *)dp_packet_data(msg) + tmpl_hdr_offset);
1447 tmpl_hdr->field_count = htons(count);
1448
1449 return count;
1450 }
1451
1452 #undef DEF
1453
1454 static void
1455 ipfix_init_template_msg(uint32_t export_time_sec,
1456 uint32_t seq_number, uint32_t obs_domain_id,
1457 uint16_t set_id, struct dp_packet *msg,
1458 size_t *set_hdr_offset)
1459 {
1460 struct ipfix_set_header *set_hdr;
1461
1462 dp_packet_clear(msg);
1463
1464 ipfix_init_header(export_time_sec, seq_number, obs_domain_id, msg);
1465 *set_hdr_offset = dp_packet_size(msg);
1466
1467 /* Add a Set Header. */
1468 set_hdr = dp_packet_put_zeros(msg, sizeof *set_hdr);
1469 set_hdr->set_id = htons(set_id);
1470 }
1471
1472 static size_t
1473 ipfix_send_template_msg(const struct collectors *collectors,
1474 struct dp_packet *msg, size_t set_hdr_offset)
1475 {
1476 struct ipfix_set_header *set_hdr;
1477 size_t tx_errors;
1478
1479 /* Send template message. */
1480 set_hdr = (struct ipfix_set_header*)
1481 ((uint8_t*)dp_packet_data(msg) + set_hdr_offset);
1482 set_hdr->length = htons(dp_packet_size(msg) - set_hdr_offset);
1483
1484 tx_errors = ipfix_send_msg(collectors, msg);
1485
1486 return tx_errors;
1487 }
1488
1489 static void
1490 ipfix_add_options_template_record(enum ipfix_options_template opt_tmpl_type,
1491 struct dp_packet *msg)
1492 {
1493 struct ipfix_options_template_record_header *opt_tmpl_hdr;
1494 size_t opt_tmpl_hdr_offset;
1495
1496 opt_tmpl_hdr_offset = dp_packet_size(msg);
1497 opt_tmpl_hdr = dp_packet_put_zeros(msg, sizeof *opt_tmpl_hdr);
1498 opt_tmpl_hdr->template_id =
1499 htons(ipfix_get_options_template_id(opt_tmpl_type));
1500 ipfix_def_options_template_fields(opt_tmpl_type, opt_tmpl_hdr_offset, msg);
1501 }
1502
1503 static void
1504 ipfix_send_options_template_msgs(struct dpif_ipfix_exporter *exporter,
1505 uint32_t export_time_sec,
1506 uint32_t obs_domain_id,
1507 struct dp_packet *msg)
1508 {
1509 size_t set_hdr_offset;
1510 size_t tx_packets = 0;
1511 size_t tx_errors = 0, error_pkts;
1512 enum ipfix_options_template opt_tmpl_type;
1513
1514 ipfix_init_template_msg(export_time_sec, exporter->seq_number,
1515 obs_domain_id, IPFIX_SET_ID_OPTION_TEMPLATE, msg,
1516 &set_hdr_offset);
1517
1518 for (opt_tmpl_type = 0; opt_tmpl_type < NUM_IPFIX_OPTIONS_TEMPLATE;
1519 ++opt_tmpl_type) {
1520 if (dp_packet_size(msg) >= MAX_MESSAGE_LEN) {
1521 /* Send template message. */
1522 error_pkts = ipfix_send_template_msg(exporter->collectors, msg,
1523 set_hdr_offset);
1524 tx_errors += error_pkts;
1525 tx_packets += collectors_count(exporter->collectors) - error_pkts;
1526
1527 /* Reinitialize the template msg. */
1528 ipfix_init_template_msg(export_time_sec, exporter->seq_number,
1529 obs_domain_id,
1530 IPFIX_SET_ID_OPTION_TEMPLATE,
1531 msg,
1532 &set_hdr_offset);
1533 }
1534
1535 ipfix_add_options_template_record(opt_tmpl_type, msg);
1536 }
1537
1538 error_pkts = ipfix_send_template_msg(exporter->collectors, msg,
1539 set_hdr_offset);
1540 tx_errors += error_pkts;
1541 tx_packets += collectors_count(exporter->collectors) - error_pkts;
1542 exporter->ofproto_stats.tx_pkts += tx_packets;
1543 exporter->ofproto_stats.tx_errors += tx_errors;
1544 }
1545
1546 static void
1547 ipfix_send_template_msgs(struct dpif_ipfix_exporter *exporter,
1548 uint32_t export_time_sec, uint32_t obs_domain_id)
1549 {
1550 uint64_t msg_stub[DIV_ROUND_UP(MAX_MESSAGE_LEN, 8)];
1551 struct dp_packet msg;
1552 dp_packet_use_stub(&msg, msg_stub, sizeof msg_stub);
1553
1554 size_t set_hdr_offset, tmpl_hdr_offset, error_pkts;
1555 struct ipfix_template_record_header *tmpl_hdr;
1556 size_t tx_packets = 0;
1557 size_t tx_errors = 0;
1558 enum ipfix_proto_l2 l2;
1559 enum ipfix_proto_l3 l3;
1560 enum ipfix_proto_l4 l4;
1561 enum ipfix_proto_tunnel tunnel;
1562
1563 ipfix_init_template_msg(export_time_sec, exporter->seq_number,
1564 obs_domain_id, IPFIX_SET_ID_TEMPLATE, &msg,
1565 &set_hdr_offset);
1566 /* Define one template for each possible combination of
1567 * protocols. */
1568 for (l2 = 0; l2 < NUM_IPFIX_PROTO_L2; l2++) {
1569 for (l3 = 0; l3 < NUM_IPFIX_PROTO_L3; l3++) {
1570 for (l4 = 0; l4 < NUM_IPFIX_PROTO_L4; l4++) {
1571 if (l3 == IPFIX_PROTO_L3_UNKNOWN &&
1572 l4 != IPFIX_PROTO_L4_UNKNOWN) {
1573 continue;
1574 }
1575 for (tunnel = 0; tunnel < NUM_IPFIX_PROTO_TUNNEL; tunnel++) {
1576 /* When the size of the template packet reaches
1577 * MAX_MESSAGE_LEN(1024), send it out.
1578 * And then reinitialize the msg to construct a new
1579 * packet for the following templates.
1580 */
1581 if (dp_packet_size(&msg) >= MAX_MESSAGE_LEN) {
1582 /* Send template message. */
1583 error_pkts = ipfix_send_template_msg(exporter->collectors,
1584 &msg, set_hdr_offset);
1585 tx_errors += error_pkts;
1586 tx_packets += collectors_count(exporter->collectors) - error_pkts;
1587
1588 /* Reinitialize the template msg. */
1589 ipfix_init_template_msg(export_time_sec,
1590 exporter->seq_number,
1591 obs_domain_id,
1592 IPFIX_SET_ID_TEMPLATE,
1593 &msg,
1594 &set_hdr_offset);
1595 }
1596
1597 tmpl_hdr_offset = dp_packet_size(&msg);
1598 tmpl_hdr = dp_packet_put_zeros(&msg, sizeof *tmpl_hdr);
1599 tmpl_hdr->template_id = htons(
1600 ipfix_get_template_id(l2, l3, l4, tunnel));
1601 ipfix_define_template_fields(
1602 l2, l3, l4, tunnel, exporter->virtual_obs_id != NULL,
1603 tmpl_hdr_offset, &msg);
1604 }
1605 }
1606 }
1607 }
1608
1609 /* Send template message. */
1610 error_pkts = ipfix_send_template_msg(exporter->collectors, &msg, set_hdr_offset);
1611 tx_errors += error_pkts;
1612 tx_packets += collectors_count(exporter->collectors) - error_pkts;
1613
1614 exporter->ofproto_stats.tx_pkts += tx_packets;
1615 exporter->ofproto_stats.tx_errors += tx_errors;
1616
1617 /* XXX: Add Options Template Sets, at least to define a Flow Keys
1618 * Option Template. */
1619
1620 /* At the moment only a single Options Template Set is used, which contains
1621 * Exporting Process Statistics. It means that there is no specific
1622 * Observation Domain ID relevant for the entire IPFIX message and it
1623 * should be set to 0. */
1624 ipfix_send_options_template_msgs(exporter, export_time_sec, 0U, &msg);
1625
1626 dp_packet_uninit(&msg);
1627 }
1628
1629 static inline uint32_t
1630 ipfix_hash_flow_key(const struct ipfix_flow_key *flow_key, uint32_t basis)
1631 {
1632 uint32_t hash;
1633 hash = hash_int(flow_key->obs_domain_id, basis);
1634 hash = hash_int(flow_key->template_id, hash);
1635 hash = hash_bytes(flow_key->flow_key_msg_part,
1636 flow_key->flow_key_msg_part_size, hash);
1637 return hash;
1638 }
1639
1640 static bool
1641 ipfix_flow_key_equal(const struct ipfix_flow_key *a,
1642 const struct ipfix_flow_key *b)
1643 {
1644 /* The template ID determines the flow key size, so not need to
1645 * compare it. */
1646 return (a->obs_domain_id == b->obs_domain_id
1647 && a->template_id == b->template_id
1648 && memcmp(a->flow_key_msg_part, b->flow_key_msg_part,
1649 a->flow_key_msg_part_size) == 0);
1650 }
1651
1652 static struct ipfix_flow_cache_entry*
1653 ipfix_cache_find_entry(const struct dpif_ipfix_exporter *exporter,
1654 const struct ipfix_flow_key *flow_key)
1655 {
1656 struct ipfix_flow_cache_entry *entry;
1657
1658 HMAP_FOR_EACH_WITH_HASH (entry, flow_key_map_node,
1659 ipfix_hash_flow_key(flow_key, 0),
1660 &exporter->cache_flow_key_map) {
1661 if (ipfix_flow_key_equal(&entry->flow_key, flow_key)) {
1662 return entry;
1663 }
1664 }
1665
1666 return NULL;
1667 }
1668
1669 static bool
1670 ipfix_cache_next_timeout_msec(const struct dpif_ipfix_exporter *exporter,
1671 long long int *next_timeout_msec)
1672 {
1673 struct ipfix_flow_cache_entry *entry;
1674
1675 LIST_FOR_EACH (entry, cache_flow_start_timestamp_list_node,
1676 &exporter->cache_flow_start_timestamp_list) {
1677 *next_timeout_msec = entry->flow_start_timestamp_usec / 1000LL
1678 + 1000LL * exporter->cache_active_timeout;
1679 return true;
1680 }
1681
1682 return false;
1683 }
1684
1685 static void
1686 ipfix_cache_aggregate_entries(struct ipfix_flow_cache_entry *from_entry,
1687 struct ipfix_flow_cache_entry *to_entry)
1688 {
1689 uint64_t *to_start, *to_end, *from_start, *from_end;
1690 uint16_t *to_min_len, *to_max_len, *from_min_len, *from_max_len;
1691
1692 to_start = &to_entry->flow_start_timestamp_usec;
1693 to_end = &to_entry->flow_end_timestamp_usec;
1694 from_start = &from_entry->flow_start_timestamp_usec;
1695 from_end = &from_entry->flow_end_timestamp_usec;
1696
1697 if (*to_start > *from_start) {
1698 *to_start = *from_start;
1699 }
1700 if (*to_end < *from_end) {
1701 *to_end = *from_end;
1702 }
1703
1704
1705 to_entry->dropped_packet_delta_count +=
1706 from_entry->dropped_packet_delta_count;
1707 to_entry->packet_delta_count += from_entry->packet_delta_count;
1708 to_entry->layer2_octet_delta_count += from_entry->layer2_octet_delta_count;
1709
1710 to_entry->dropped_packet_total_count =
1711 from_entry->dropped_packet_total_count;
1712 to_entry->packet_total_count = from_entry->packet_total_count;
1713 to_entry->in_ucast_packet_total_count =
1714 from_entry->in_ucast_packet_total_count;
1715 to_entry->in_mcast_packet_total_count =
1716 from_entry->in_mcast_packet_total_count;
1717 to_entry->in_bcast_packet_total_count =
1718 from_entry->in_bcast_packet_total_count;
1719 to_entry->out_ucast_packet_total_count =
1720 from_entry->out_ucast_packet_total_count;
1721 to_entry->out_bcast_packet_total_count =
1722 from_entry->out_bcast_packet_total_count;
1723 to_entry->layer2_octet_total_count = from_entry->layer2_octet_total_count;
1724 to_entry->post_mcast_packet_delta_count +=
1725 from_entry->post_mcast_packet_delta_count;
1726 to_entry->post_mcast_octet_delta_count +=
1727 from_entry->post_mcast_octet_delta_count;
1728
1729 to_entry->dropped_octet_delta_count +=
1730 from_entry->dropped_octet_delta_count;
1731 to_entry->octet_delta_count += from_entry->octet_delta_count;
1732 to_entry->octet_delta_sum_of_squares +=
1733 from_entry->octet_delta_sum_of_squares;
1734
1735 to_entry->dropped_octet_total_count =
1736 from_entry->dropped_octet_total_count;
1737 to_entry->octet_total_count = from_entry->octet_total_count;
1738 to_entry->octet_total_sum_of_squares =
1739 from_entry->octet_total_sum_of_squares;
1740
1741 to_entry->post_mcast_packet_total_count =
1742 from_entry->post_mcast_packet_total_count;
1743 to_entry->post_mcast_octet_total_count =
1744 from_entry->post_mcast_octet_total_count;
1745
1746 to_min_len = &to_entry->minimum_ip_total_length;
1747 to_max_len = &to_entry->maximum_ip_total_length;
1748 from_min_len = &from_entry->minimum_ip_total_length;
1749 from_max_len = &from_entry->maximum_ip_total_length;
1750
1751 if (!*to_min_len || (*from_min_len && *to_min_len > *from_min_len)) {
1752 *to_min_len = *from_min_len;
1753 }
1754 if (*to_max_len < *from_max_len) {
1755 *to_max_len = *from_max_len;
1756 }
1757
1758 to_entry->tcp_packet_delta_count += from_entry->tcp_packet_delta_count;
1759 to_entry->tcp_ack_total_count = from_entry->tcp_ack_total_count;
1760 to_entry->tcp_fin_total_count = from_entry->tcp_fin_total_count;
1761 to_entry->tcp_psh_total_count = from_entry->tcp_psh_total_count;
1762 to_entry->tcp_rst_total_count = from_entry->tcp_rst_total_count;
1763 to_entry->tcp_syn_total_count = from_entry->tcp_syn_total_count;
1764 to_entry->tcp_urg_total_count = from_entry->tcp_urg_total_count;
1765 }
1766
1767 /* Get statistics */
1768 static void
1769 ipfix_get_stats__(const struct dpif_ipfix_exporter *exporter,
1770 ofproto_ipfix_stats *stats)
1771 {
1772 memset(stats, 0xff, sizeof *stats);
1773
1774 if (!exporter) {
1775 return;
1776 }
1777
1778 *stats = exporter->ofproto_stats;
1779 }
1780
1781 static void
1782 ipfix_get_bridge_stats(const struct dpif_ipfix_bridge_exporter *exporter,
1783 ofproto_ipfix_stats *stats)
1784 {
1785 ipfix_get_stats__(&exporter->exporter, stats);
1786 }
1787
1788 static void
1789 ipfix_get_flow_stats(const struct dpif_ipfix_flow_exporter *exporter,
1790 ofproto_ipfix_stats *stats)
1791 {
1792 ipfix_get_stats__(&exporter->exporter, stats);
1793 stats->collector_set_id = exporter->options->collector_set_id;
1794 }
1795
1796 int
1797 dpif_ipfix_get_stats(const struct dpif_ipfix *di,
1798 bool bridge_ipfix,
1799 struct ovs_list *replies)
1800 OVS_EXCLUDED(mutex)
1801 {
1802 struct dpif_ipfix_flow_exporter_map_node *flow_exporter_node;
1803 struct ofputil_ipfix_stats ois;
1804
1805 ovs_mutex_lock(&mutex);
1806 if (bridge_ipfix) {
1807 if (!di->bridge_exporter.options) {
1808 ovs_mutex_unlock(&mutex);
1809 return OFPERR_NXST_NOT_CONFIGURED;
1810 }
1811
1812 ipfix_get_bridge_stats(&di->bridge_exporter, &ois);
1813 ofputil_append_ipfix_stat(replies, &ois);
1814 } else {
1815 if (hmap_count(&di->flow_exporter_map) == 0) {
1816 ovs_mutex_unlock(&mutex);
1817 return OFPERR_NXST_NOT_CONFIGURED;
1818 }
1819
1820 HMAP_FOR_EACH (flow_exporter_node, node,
1821 &di->flow_exporter_map) {
1822 ipfix_get_flow_stats(&flow_exporter_node->exporter, &ois);
1823 ofputil_append_ipfix_stat(replies, &ois);
1824 }
1825 }
1826 ovs_mutex_unlock(&mutex);
1827
1828 return 0;
1829 }
1830
1831 /* Update partial ipfix stats */
1832 static void
1833 ipfix_update_stats(struct dpif_ipfix_exporter *exporter,
1834 bool new_flow,
1835 size_t current_flows,
1836 enum ipfix_sampled_packet_type sampled_pkt_type)
1837 {
1838 if (new_flow) {
1839 exporter->ofproto_stats.total_flows++;
1840 exporter->ofproto_stats.current_flows = current_flows;
1841 }
1842 exporter->ofproto_stats.pkts++;
1843
1844 switch (sampled_pkt_type) {
1845 case IPFIX_SAMPLED_PKT_IPV4_OK:
1846 exporter->ofproto_stats.ipv4_pkts++;
1847 break;
1848 case IPFIX_SAMPLED_PKT_IPV6_OK:
1849 exporter->ofproto_stats.ipv6_pkts++;
1850 break;
1851 case IPFIX_SAMPLED_PKT_IPV4_ERROR:
1852 exporter->ofproto_stats.ipv4_error_pkts++;
1853 exporter->ofproto_stats.error_pkts++;
1854 break;
1855 case IPFIX_SAMPLED_PKT_IPV6_ERROR:
1856 exporter->ofproto_stats.ipv6_error_pkts++;
1857 exporter->ofproto_stats.error_pkts++;
1858 break;
1859 case IPFIX_SAMPLED_PKT_UNKNOWN:
1860 exporter->ofproto_stats.error_pkts++;
1861 break;
1862 case IPFIX_SAMPLED_PKT_OTHERS:
1863 default:
1864 break;
1865 }
1866 }
1867
1868 /* Add an entry into a flow cache. The entry is either aggregated into
1869 * an existing entry with the same flow key and free()d, or it is
1870 * inserted into the cache. And IPFIX stats will be updated */
1871 static void
1872 ipfix_cache_update(struct dpif_ipfix_exporter *exporter,
1873 struct ipfix_flow_cache_entry *entry,
1874 enum ipfix_sampled_packet_type sampled_pkt_type)
1875 {
1876 struct ipfix_flow_cache_entry *old_entry;
1877 size_t current_flows = 0;
1878
1879 old_entry = ipfix_cache_find_entry(exporter, &entry->flow_key);
1880
1881 if (old_entry == NULL) {
1882 hmap_insert(&exporter->cache_flow_key_map, &entry->flow_key_map_node,
1883 ipfix_hash_flow_key(&entry->flow_key, 0));
1884
1885 /* As the latest entry added into the cache, it should
1886 * logically have the highest flow_start_timestamp_usec, so
1887 * append it at the tail. */
1888 ovs_list_push_back(&exporter->cache_flow_start_timestamp_list,
1889 &entry->cache_flow_start_timestamp_list_node);
1890
1891 /* Enforce exporter->cache_max_flows limit. */
1892 current_flows = hmap_count(&exporter->cache_flow_key_map);
1893 ipfix_update_stats(exporter, true, current_flows, sampled_pkt_type);
1894 if (current_flows > exporter->cache_max_flows) {
1895 dpif_ipfix_cache_expire_now(exporter, false);
1896 }
1897 } else {
1898 ipfix_cache_aggregate_entries(entry, old_entry);
1899 free(entry);
1900 ipfix_update_stats(exporter, false, current_flows, sampled_pkt_type);
1901 }
1902 }
1903
1904 static enum ipfix_sampled_packet_type
1905 ipfix_cache_entry_init(struct ipfix_flow_cache_entry *entry,
1906 const struct dp_packet *packet, const struct flow *flow,
1907 uint64_t packet_delta_count, uint32_t obs_domain_id,
1908 uint32_t obs_point_id, odp_port_t output_odp_port,
1909 enum nx_action_sample_direction direction,
1910 const struct dpif_ipfix_port *tunnel_port,
1911 const struct flow_tnl *tunnel_key,
1912 struct dpif_ipfix_global_stats *stats,
1913 const struct dpif_ipfix_actions *ipfix_actions)
1914 {
1915 struct ipfix_flow_key *flow_key;
1916 struct dp_packet msg;
1917 enum ipfix_proto_l2 l2;
1918 enum ipfix_proto_l3 l3;
1919 enum ipfix_proto_l4 l4;
1920 enum ipfix_proto_tunnel tunnel = IPFIX_PROTO_NOT_TUNNELED;
1921 enum ipfix_sampled_packet_type sampled_pkt_type = IPFIX_SAMPLED_PKT_UNKNOWN;
1922 uint8_t ethernet_header_length;
1923 uint16_t ethernet_total_length;
1924 bool is_multicast = false;
1925 bool is_broadcast = false;
1926
1927 flow_key = &entry->flow_key;
1928 dp_packet_use_stub(&msg, flow_key->flow_key_msg_part,
1929 sizeof flow_key->flow_key_msg_part);
1930
1931 /* Choose the right template ID matching the protocols in the
1932 * sampled packet. */
1933 l2 = (flow->vlans[0].tci == 0) ? IPFIX_PROTO_L2_ETH : IPFIX_PROTO_L2_VLAN;
1934
1935 switch(ntohs(flow->dl_type)) {
1936 case ETH_TYPE_IP:
1937 l3 = IPFIX_PROTO_L3_IPV4;
1938 sampled_pkt_type = IPFIX_SAMPLED_PKT_IPV4_OK;
1939 switch(flow->nw_proto) {
1940 case IPPROTO_TCP:
1941 l4 = IPFIX_PROTO_L4_TCP;
1942 break;
1943 case IPPROTO_UDP:
1944 l4 = IPFIX_PROTO_L4_UDP;
1945 break;
1946 case IPPROTO_SCTP:
1947 l4 = IPFIX_PROTO_L4_SCTP;
1948 break;
1949 case IPPROTO_ICMP:
1950 l4 = IPFIX_PROTO_L4_ICMP;
1951 break;
1952 default:
1953 l4 = IPFIX_PROTO_L4_UNKNOWN;
1954 sampled_pkt_type = IPFIX_SAMPLED_PKT_IPV4_ERROR;
1955 }
1956 break;
1957 case ETH_TYPE_IPV6:
1958 l3 = IPFIX_PROTO_L3_IPV6;
1959 sampled_pkt_type = IPFIX_SAMPLED_PKT_IPV6_OK;
1960 switch(flow->nw_proto) {
1961 case IPPROTO_TCP:
1962 l4 = IPFIX_PROTO_L4_TCP;
1963 break;
1964 case IPPROTO_UDP:
1965 l4 = IPFIX_PROTO_L4_UDP;
1966 break;
1967 case IPPROTO_SCTP:
1968 l4 = IPFIX_PROTO_L4_SCTP;
1969 break;
1970 case IPPROTO_ICMPV6:
1971 l4 = IPFIX_PROTO_L4_ICMP;
1972 break;
1973 default:
1974 l4 = IPFIX_PROTO_L4_UNKNOWN;
1975 sampled_pkt_type = IPFIX_SAMPLED_PKT_IPV6_ERROR;
1976 }
1977 break;
1978 default:
1979 l3 = IPFIX_PROTO_L3_UNKNOWN;
1980 l4 = IPFIX_PROTO_L4_UNKNOWN;
1981 sampled_pkt_type = IPFIX_SAMPLED_PKT_OTHERS;
1982 }
1983
1984 if (tunnel_port && tunnel_key) {
1985 tunnel = IPFIX_PROTO_TUNNELED;
1986 }
1987
1988 flow_key->obs_domain_id = obs_domain_id;
1989 flow_key->template_id = ipfix_get_template_id(l2, l3, l4, tunnel);
1990
1991 /* The fields defined in the ipfix_data_record_* structs and sent
1992 * below must match exactly the templates defined in
1993 * ipfix_define_template_fields. */
1994
1995 ethernet_header_length = (l2 == IPFIX_PROTO_L2_VLAN)
1996 ? VLAN_ETH_HEADER_LEN : ETH_HEADER_LEN;
1997 ethernet_total_length = dp_packet_size(packet);
1998
1999 uint8_t flow_direction =
2000 (direction == NX_ACTION_SAMPLE_INGRESS ? INGRESS_FLOW
2001 : direction == NX_ACTION_SAMPLE_EGRESS ? EGRESS_FLOW
2002 : output_odp_port == ODPP_NONE ? INGRESS_FLOW : EGRESS_FLOW);
2003
2004 /* Common Ethernet entities. */
2005 {
2006 struct ipfix_data_record_flow_key_common *data_common;
2007
2008 data_common = dp_packet_put_zeros(&msg, sizeof *data_common);
2009 data_common->observation_point_id = htonl(obs_point_id);
2010 data_common->flow_direction = flow_direction;
2011 data_common->source_mac_address = flow->dl_src;
2012 data_common->destination_mac_address = flow->dl_dst;
2013 data_common->ethernet_type = flow->dl_type;
2014 data_common->ethernet_header_length = ethernet_header_length;
2015 }
2016
2017 if (l2 == IPFIX_PROTO_L2_VLAN) {
2018 struct ipfix_data_record_flow_key_vlan *data_vlan;
2019 uint16_t vlan_id = vlan_tci_to_vid(flow->vlans[0].tci);
2020 uint8_t priority = vlan_tci_to_pcp(flow->vlans[0].tci);
2021
2022 data_vlan = dp_packet_put_zeros(&msg, sizeof *data_vlan);
2023 data_vlan->vlan_id = htons(vlan_id);
2024 data_vlan->dot1q_vlan_id = htons(vlan_id);
2025 data_vlan->dot1q_priority = priority;
2026 }
2027
2028 if (l3 != IPFIX_PROTO_L3_UNKNOWN) {
2029 struct ipfix_data_record_flow_key_ip *data_ip;
2030
2031 data_ip = dp_packet_put_zeros(&msg, sizeof *data_ip);
2032 data_ip->ip_version = (l3 == IPFIX_PROTO_L3_IPV4) ? 4 : 6;
2033 data_ip->ip_ttl = flow->nw_ttl;
2034 data_ip->protocol_identifier = flow->nw_proto;
2035 data_ip->ip_diff_serv_code_point = flow->nw_tos >> 2;
2036 data_ip->ip_precedence = flow->nw_tos >> 5;
2037 data_ip->ip_class_of_service = flow->nw_tos;
2038
2039 if (l3 == IPFIX_PROTO_L3_IPV4) {
2040 struct ipfix_data_record_flow_key_ipv4 *data_ipv4;
2041
2042 data_ipv4 = dp_packet_put_zeros(&msg, sizeof *data_ipv4);
2043 data_ipv4->source_ipv4_address = flow->nw_src;
2044 data_ipv4->destination_ipv4_address = flow->nw_dst;
2045 } else { /* l3 == IPFIX_PROTO_L3_IPV6 */
2046 struct ipfix_data_record_flow_key_ipv6 *data_ipv6;
2047
2048 data_ipv6 = dp_packet_put_zeros(&msg, sizeof *data_ipv6);
2049 memcpy(data_ipv6->source_ipv6_address, &flow->ipv6_src,
2050 sizeof flow->ipv6_src);
2051 memcpy(data_ipv6->destination_ipv6_address, &flow->ipv6_dst,
2052 sizeof flow->ipv6_dst);
2053 data_ipv6->flow_label_ipv6 = flow->ipv6_label;
2054 }
2055 }
2056
2057 if (l4 == IPFIX_PROTO_L4_TCP
2058 || l4 == IPFIX_PROTO_L4_UDP
2059 || l4 == IPFIX_PROTO_L4_SCTP) {
2060 struct ipfix_data_record_flow_key_transport *data_transport;
2061
2062 data_transport = dp_packet_put_zeros(&msg, sizeof *data_transport);
2063 data_transport->source_transport_port = flow->tp_src;
2064 data_transport->destination_transport_port = flow->tp_dst;
2065 } else if (l4 == IPFIX_PROTO_L4_ICMP) {
2066 struct ipfix_data_record_flow_key_icmp *data_icmp;
2067
2068 data_icmp = dp_packet_put_zeros(&msg, sizeof *data_icmp);
2069 data_icmp->icmp_type = ntohs(flow->tp_src) & 0xff;
2070 data_icmp->icmp_code = ntohs(flow->tp_dst) & 0xff;
2071 }
2072
2073 if (tunnel == IPFIX_PROTO_TUNNELED) {
2074 struct ipfix_data_record_flow_key_tunnel *data_tunnel;
2075 const uint8_t *tun_id;
2076
2077 data_tunnel = dp_packet_put_zeros(&msg, sizeof *data_tunnel +
2078 tunnel_port->tunnel_key_length);
2079 data_tunnel->tunnel_source_ipv4_address = tunnel_key->ip_src;
2080 data_tunnel->tunnel_destination_ipv4_address = tunnel_key->ip_dst;
2081 /* The tunnel_protocol_identifier is from tunnel_proto array, which
2082 * contains protocol_identifiers of each tunnel type.
2083 */
2084 data_tunnel->tunnel_protocol_identifier =
2085 tunnel_protocol[tunnel_port->tunnel_type];
2086 data_tunnel->tunnel_source_transport_port = tunnel_key->tp_src;
2087 data_tunnel->tunnel_destination_transport_port = tunnel_key->tp_dst;
2088 data_tunnel->tunnel_type = tunnel_port->tunnel_type;
2089 data_tunnel->tunnel_key_length = tunnel_port->tunnel_key_length;
2090 /* tun_id is in network order, and tunnel key is in low bits. */
2091 tun_id = (const uint8_t *) &tunnel_key->tun_id;
2092 memcpy(data_tunnel->tunnel_key,
2093 &tun_id[8 - tunnel_port->tunnel_key_length],
2094 tunnel_port->tunnel_key_length);
2095 }
2096
2097 flow_key->flow_key_msg_part_size = dp_packet_size(&msg);
2098
2099 if (eth_addr_is_broadcast(flow->dl_dst)) {
2100 is_broadcast = true;
2101 } else if (eth_addr_is_multicast(flow->dl_dst)) {
2102 is_multicast = true;
2103 }
2104
2105 {
2106 struct timeval now;
2107 uint64_t layer2_octet_delta_count;
2108
2109 /* Calculate the total matched octet count by considering as
2110 * an approximation that all matched packets have the same
2111 * length. */
2112 layer2_octet_delta_count = packet_delta_count * ethernet_total_length;
2113
2114 xgettimeofday(&now);
2115 entry->flow_end_timestamp_usec = now.tv_usec + 1000000LL * now.tv_sec;
2116 entry->flow_start_timestamp_usec = entry->flow_end_timestamp_usec;
2117
2118 if (ipfix_actions && ipfix_actions->output_action) {
2119 entry->dropped_packet_delta_count = 0;
2120 } else {
2121 entry->dropped_packet_delta_count = packet_delta_count;
2122 }
2123
2124 entry->packet_delta_count = packet_delta_count;
2125 entry->layer2_octet_delta_count = layer2_octet_delta_count;
2126
2127 stats->dropped_packet_total_count += entry->dropped_packet_delta_count;
2128 stats->packet_total_count += packet_delta_count;
2129 stats->layer2_octet_total_count += layer2_octet_delta_count;
2130
2131 entry->post_mcast_packet_delta_count = 0;
2132 if (is_broadcast) {
2133 if (flow_direction == INGRESS_FLOW) {
2134 stats->in_bcast_packet_total_count += packet_delta_count;
2135 } else if (flow_direction == EGRESS_FLOW) {
2136 stats->out_bcast_packet_total_count += packet_delta_count;
2137 }
2138 } else if (is_multicast) {
2139 if (flow_direction == INGRESS_FLOW) {
2140 stats->in_mcast_packet_total_count += packet_delta_count;
2141 } else if (flow_direction == EGRESS_FLOW) {
2142 entry->post_mcast_packet_delta_count = packet_delta_count;
2143 stats->post_mcast_packet_total_count += packet_delta_count;
2144 }
2145 } else {
2146 if (flow_direction == INGRESS_FLOW) {
2147 stats->in_ucast_packet_total_count += packet_delta_count;
2148 } else if (flow_direction == EGRESS_FLOW) {
2149 stats->out_ucast_packet_total_count += packet_delta_count;
2150 }
2151 }
2152
2153 entry->dropped_packet_total_count = stats->dropped_packet_total_count;
2154 entry->packet_total_count = stats->packet_total_count;
2155 entry->in_ucast_packet_total_count =
2156 stats->in_ucast_packet_total_count;
2157 entry->in_mcast_packet_total_count =
2158 stats->in_mcast_packet_total_count;
2159 entry->in_bcast_packet_total_count =
2160 stats->in_bcast_packet_total_count;
2161 entry->out_ucast_packet_total_count =
2162 stats->out_ucast_packet_total_count;
2163 entry->out_bcast_packet_total_count =
2164 stats->out_bcast_packet_total_count;
2165 entry->post_mcast_packet_total_count =
2166 stats->post_mcast_packet_total_count;
2167 entry->layer2_octet_total_count = stats->layer2_octet_total_count;
2168 }
2169
2170 if (l3 != IPFIX_PROTO_L3_UNKNOWN) {
2171 uint16_t ip_total_length =
2172 ethernet_total_length - ethernet_header_length;
2173 uint64_t octet_delta_count;
2174
2175 /* Calculate the total matched octet count by considering as
2176 * an approximation that all matched packets have the same
2177 * length. */
2178 octet_delta_count = packet_delta_count * ip_total_length;
2179
2180 if (ipfix_actions && ipfix_actions->output_action) {
2181 entry->dropped_octet_delta_count = 0;
2182 } else {
2183 entry->dropped_octet_delta_count = octet_delta_count;
2184 }
2185
2186 entry->octet_delta_count = octet_delta_count;
2187 entry->octet_delta_sum_of_squares = octet_delta_count * ip_total_length;
2188 entry->minimum_ip_total_length = ip_total_length;
2189 entry->maximum_ip_total_length = ip_total_length;
2190
2191 stats->dropped_octet_total_count += entry->dropped_octet_delta_count;
2192 stats->octet_total_count += octet_delta_count;
2193 stats->octet_total_sum_of_squares += entry->octet_delta_sum_of_squares;
2194
2195 if (is_multicast && flow_direction == EGRESS_FLOW) {
2196 entry->post_mcast_octet_delta_count = octet_delta_count;
2197 stats->post_mcast_octet_total_count += octet_delta_count;
2198 } else {
2199 entry->post_mcast_octet_delta_count = 0;
2200 }
2201 } else {
2202 entry->octet_delta_sum_of_squares = 0;
2203 entry->minimum_ip_total_length = 0;
2204 entry->maximum_ip_total_length = 0;
2205 }
2206
2207 entry->dropped_octet_total_count = stats->dropped_octet_total_count;
2208 entry->octet_total_sum_of_squares = stats->octet_total_sum_of_squares;
2209 entry->octet_total_count = stats->octet_total_count;
2210 entry->post_mcast_octet_total_count =
2211 stats->post_mcast_octet_total_count;
2212
2213 if (l4 == IPFIX_PROTO_L4_TCP) {
2214 uint16_t tcp_flags = ntohs(flow->tcp_flags);
2215 entry->tcp_packet_delta_count = packet_delta_count;
2216
2217 if (tcp_flags & TCP_ACK) {
2218 stats->tcp_ack_total_count += packet_delta_count;
2219 }
2220 if (tcp_flags & TCP_FIN) {
2221 stats->tcp_fin_total_count += packet_delta_count;
2222 }
2223 if (tcp_flags & TCP_PSH) {
2224 stats->tcp_psh_total_count += packet_delta_count;
2225 }
2226 if (tcp_flags & TCP_RST) {
2227 stats->tcp_rst_total_count += packet_delta_count;
2228 }
2229 if (tcp_flags & TCP_SYN) {
2230 stats->tcp_syn_total_count += packet_delta_count;
2231 }
2232 if (tcp_flags & TCP_URG) {
2233 stats->tcp_urg_total_count += packet_delta_count;
2234 }
2235 } else {
2236 entry->tcp_packet_delta_count = 0;
2237 }
2238
2239 entry->tcp_ack_total_count = stats->tcp_ack_total_count;
2240 entry->tcp_fin_total_count = stats->tcp_fin_total_count;
2241 entry->tcp_psh_total_count = stats->tcp_psh_total_count;
2242 entry->tcp_rst_total_count = stats->tcp_rst_total_count;
2243 entry->tcp_syn_total_count = stats->tcp_syn_total_count;
2244 entry->tcp_urg_total_count = stats->tcp_urg_total_count;
2245
2246 return sampled_pkt_type;
2247 }
2248
2249 /* Send each single data record in its own data set, to simplify the
2250 * implementation by avoiding having to group record by template ID
2251 * before sending. */
2252 static void
2253 ipfix_put_data_set(uint32_t export_time_sec,
2254 struct ipfix_flow_cache_entry *entry,
2255 enum ipfix_flow_end_reason flow_end_reason,
2256 const char *virtual_obs_id,
2257 uint8_t virtual_obs_len,
2258 struct dp_packet *msg)
2259 {
2260 size_t set_hdr_offset;
2261 struct ipfix_set_header *set_hdr;
2262
2263 set_hdr_offset = dp_packet_size(msg);
2264
2265 /* Put a Data Set. */
2266 set_hdr = dp_packet_put_zeros(msg, sizeof *set_hdr);
2267 set_hdr->set_id = htons(entry->flow_key.template_id);
2268
2269 /* Copy the flow key part of the data record. */
2270 dp_packet_put(msg, entry->flow_key.flow_key_msg_part,
2271 entry->flow_key.flow_key_msg_part_size);
2272
2273 /* Export virtual observation ID. */
2274 if (virtual_obs_id) {
2275 dp_packet_put(msg, &virtual_obs_len, sizeof(virtual_obs_len));
2276 dp_packet_put(msg, virtual_obs_id, virtual_obs_len);
2277 }
2278
2279 /* Put the non-key part of the data record. */
2280
2281 {
2282 struct ipfix_data_record_aggregated_common *data_aggregated_common;
2283 uint64_t export_time_usec, flow_start_delta_usec, flow_end_delta_usec;
2284
2285 /* Calculate the negative deltas relative to the export time
2286 * in seconds sent in the header, not the exact export
2287 * time. */
2288 export_time_usec = 1000000LL * export_time_sec;
2289 flow_start_delta_usec = export_time_usec
2290 - entry->flow_start_timestamp_usec;
2291 flow_end_delta_usec = export_time_usec
2292 - entry->flow_end_timestamp_usec;
2293
2294 data_aggregated_common = dp_packet_put_zeros(
2295 msg, sizeof *data_aggregated_common);
2296 data_aggregated_common->flow_start_delta_microseconds = htonl(
2297 flow_start_delta_usec);
2298 data_aggregated_common->flow_end_delta_microseconds = htonl(
2299 flow_end_delta_usec);
2300 data_aggregated_common->dropped_packet_delta_count = htonll(
2301 entry->dropped_packet_delta_count);
2302 data_aggregated_common->dropped_packet_total_count = htonll(
2303 entry->dropped_packet_total_count);
2304 data_aggregated_common->packet_delta_count = htonll(
2305 entry->packet_delta_count);
2306 data_aggregated_common->packet_total_count = htonll(
2307 entry->packet_total_count);
2308 data_aggregated_common->in_ucast_packet_total_count = htonll(
2309 entry->in_ucast_packet_total_count);
2310 data_aggregated_common->in_mcast_packet_total_count = htonll(
2311 entry->in_mcast_packet_total_count);
2312 data_aggregated_common->in_bcast_packet_total_count = htonll(
2313 entry->in_bcast_packet_total_count);
2314 data_aggregated_common->out_ucast_packet_total_count = htonll(
2315 entry->out_ucast_packet_total_count);
2316 data_aggregated_common->out_bcast_packet_total_count = htonll(
2317 entry->out_bcast_packet_total_count);
2318 data_aggregated_common->layer2_octet_delta_count = htonll(
2319 entry->layer2_octet_delta_count);
2320 data_aggregated_common->layer2_octet_total_count = htonll(
2321 entry->layer2_octet_total_count);
2322 data_aggregated_common->flow_end_reason = flow_end_reason;
2323 data_aggregated_common->post_mcast_packet_delta_count = htonll(
2324 entry->post_mcast_packet_delta_count);
2325 data_aggregated_common->post_mcast_packet_total_count = htonll(
2326 entry->post_mcast_packet_total_count);
2327 }
2328
2329 if (entry->octet_delta_sum_of_squares) { /* IP packet. */
2330 struct ipfix_data_record_aggregated_ip *data_aggregated_ip;
2331
2332 data_aggregated_ip = dp_packet_put_zeros(
2333 msg, sizeof *data_aggregated_ip);
2334 data_aggregated_ip->dropped_octet_delta_count = htonll(
2335 entry->dropped_octet_delta_count);
2336 data_aggregated_ip->dropped_octet_total_count = htonll(
2337 entry->dropped_octet_total_count);
2338 data_aggregated_ip->octet_delta_count = htonll(
2339 entry->octet_delta_count);
2340 data_aggregated_ip->octet_total_count = htonll(
2341 entry->octet_total_count);
2342 data_aggregated_ip->octet_delta_sum_of_squares = htonll(
2343 entry->octet_delta_sum_of_squares);
2344 data_aggregated_ip->octet_total_sum_of_squares = htonll(
2345 entry->octet_total_sum_of_squares);
2346 data_aggregated_ip->minimum_ip_total_length = htonll(
2347 entry->minimum_ip_total_length);
2348 data_aggregated_ip->maximum_ip_total_length = htonll(
2349 entry->maximum_ip_total_length);
2350 data_aggregated_ip->post_mcast_octet_delta_count = htonll(
2351 entry->post_mcast_octet_delta_count);
2352 data_aggregated_ip->post_mcast_octet_total_count = htonll(
2353 entry->post_mcast_octet_total_count);
2354 }
2355
2356 if (entry->tcp_packet_delta_count) {
2357 struct ipfix_data_record_aggregated_tcp *data_aggregated_tcp;
2358
2359 data_aggregated_tcp = dp_packet_put_zeros(
2360 msg, sizeof *data_aggregated_tcp);
2361 data_aggregated_tcp->tcp_ack_total_count = htonll(
2362 entry->tcp_ack_total_count);
2363 data_aggregated_tcp->tcp_fin_total_count = htonll(
2364 entry->tcp_fin_total_count);
2365 data_aggregated_tcp->tcp_psh_total_count = htonll(
2366 entry->tcp_psh_total_count);
2367 data_aggregated_tcp->tcp_rst_total_count = htonll(
2368 entry->tcp_rst_total_count);
2369 data_aggregated_tcp->tcp_syn_total_count = htonll(
2370 entry->tcp_syn_total_count);
2371 data_aggregated_tcp->tcp_urg_total_count = htonll(
2372 entry->tcp_urg_total_count);
2373 }
2374
2375 set_hdr = (struct ipfix_set_header*)((uint8_t*)dp_packet_data(msg) + set_hdr_offset);
2376 set_hdr->length = htons(dp_packet_size(msg) - set_hdr_offset);
2377 }
2378
2379 static void
2380 ipfix_put_exporter_data_set(uint32_t exporting_process_id,
2381 const ofproto_ipfix_stats *ofproto_stats,
2382 struct dp_packet *msg)
2383 {
2384 size_t set_hdr_offset;
2385 struct ipfix_set_header *set_hdr;
2386
2387 set_hdr_offset = dp_packet_size(msg);
2388
2389 /* Put a Data Set. */
2390 set_hdr = dp_packet_put_zeros(msg, sizeof *set_hdr);
2391 set_hdr->set_id = htons(
2392 ipfix_get_options_template_id(IPFIX_OPTIONS_TEMPLATE_EXPORTER_STATS));
2393
2394 {
2395 struct ipfix_data_record_exporter_stats *data_exporter_stats;
2396
2397 data_exporter_stats = dp_packet_put_zeros(
2398 msg, sizeof *data_exporter_stats);
2399
2400 data_exporter_stats->exporting_process_id =
2401 htonl(exporting_process_id);
2402 data_exporter_stats->not_sent_packet_total_count = htonll(
2403 ofproto_stats->tx_errors);
2404 }
2405
2406 set_hdr = (struct ipfix_set_header *)
2407 ((uint8_t *)dp_packet_data(msg) + set_hdr_offset);
2408 set_hdr->length = htons(dp_packet_size(msg) - set_hdr_offset);
2409 }
2410
2411 /* Send an IPFIX message with a single data set containing Exporting Process
2412 * Reliability Statistics. */
2413 static void
2414 ipfix_send_exporter_data_msg(struct dpif_ipfix_exporter *exporter,
2415 uint32_t export_time_sec)
2416 {
2417 uint64_t msg_stub[DIV_ROUND_UP(MAX_MESSAGE_LEN, 8)];
2418 struct dp_packet msg;
2419 size_t tx_errors;
2420
2421 dp_packet_use_stub(&msg, msg_stub, sizeof msg_stub);
2422
2423 /* In case of Exporting Process Statistics, Observation Domain ID should
2424 * be set to 0. */
2425 ipfix_init_header(export_time_sec, exporter->seq_number++, 0U, &msg);
2426 ipfix_put_exporter_data_set(exporter->exporter_id,
2427 &exporter->ofproto_stats, &msg);
2428 tx_errors = ipfix_send_msg(exporter->collectors, &msg);
2429
2430 dp_packet_uninit(&msg);
2431
2432 exporter->ofproto_stats.tx_pkts +=
2433 collectors_count(exporter->collectors) - tx_errors;
2434 exporter->ofproto_stats.tx_errors += tx_errors;
2435 }
2436
2437 /* Send an IPFIX message with a single data record. */
2438 static void
2439 ipfix_send_data_msg(struct dpif_ipfix_exporter *exporter,
2440 uint32_t export_time_sec,
2441 struct ipfix_flow_cache_entry *entry,
2442 enum ipfix_flow_end_reason flow_end_reason)
2443 {
2444 uint64_t msg_stub[DIV_ROUND_UP(MAX_MESSAGE_LEN, 8)];
2445 struct dp_packet msg;
2446 size_t tx_errors;
2447
2448 dp_packet_use_stub(&msg, msg_stub, sizeof msg_stub);
2449
2450 ipfix_init_header(export_time_sec, exporter->seq_number++,
2451 entry->flow_key.obs_domain_id, &msg);
2452 ipfix_put_data_set(export_time_sec, entry, flow_end_reason,
2453 exporter->virtual_obs_id, exporter->virtual_obs_len,
2454 &msg);
2455 tx_errors = ipfix_send_msg(exporter->collectors, &msg);
2456
2457 dp_packet_uninit(&msg);
2458
2459 exporter->ofproto_stats.current_flows--;
2460 exporter->ofproto_stats.tx_pkts +=
2461 collectors_count(exporter->collectors) - tx_errors;
2462 exporter->ofproto_stats.tx_errors += tx_errors;
2463 }
2464
2465 static void
2466 dpif_ipfix_sample(struct dpif_ipfix_exporter *exporter,
2467 const struct dp_packet *packet, const struct flow *flow,
2468 uint64_t packet_delta_count, uint32_t obs_domain_id,
2469 uint32_t obs_point_id, odp_port_t output_odp_port,
2470 enum nx_action_sample_direction direction,
2471 const struct dpif_ipfix_port *tunnel_port,
2472 const struct flow_tnl *tunnel_key,
2473 const struct dpif_ipfix_actions *ipfix_actions)
2474 {
2475 struct ipfix_flow_cache_entry *entry;
2476 enum ipfix_sampled_packet_type sampled_packet_type;
2477
2478 /* Create a flow cache entry from the sample. */
2479 entry = xmalloc(sizeof *entry);
2480 sampled_packet_type =
2481 ipfix_cache_entry_init(entry, packet,
2482 flow, packet_delta_count,
2483 obs_domain_id, obs_point_id,
2484 output_odp_port, direction,
2485 tunnel_port, tunnel_key,
2486 &exporter->ipfix_global_stats,
2487 ipfix_actions);
2488
2489 ipfix_cache_update(exporter, entry, sampled_packet_type);
2490 }
2491
2492 static bool
2493 bridge_exporter_enabled(struct dpif_ipfix *di)
2494 {
2495 return di->bridge_exporter.probability > 0;
2496 }
2497
2498 void
2499 dpif_ipfix_bridge_sample(struct dpif_ipfix *di, const struct dp_packet *packet,
2500 const struct flow *flow,
2501 odp_port_t input_odp_port, odp_port_t output_odp_port,
2502 const struct flow_tnl *output_tunnel_key,
2503 const struct dpif_ipfix_actions *ipfix_actions)
2504 OVS_EXCLUDED(mutex)
2505 {
2506 uint64_t packet_delta_count;
2507 const struct flow_tnl *tunnel_key = NULL;
2508 struct dpif_ipfix_port * tunnel_port = NULL;
2509
2510 ovs_mutex_lock(&mutex);
2511 if (!bridge_exporter_enabled(di)) {
2512 ovs_mutex_unlock(&mutex);
2513 return;
2514 }
2515
2516 /* Skip BFD packets:
2517 * Bidirectional Forwarding Detection(BFD) packets are for monitoring
2518 * the tunnel link status and consumed by ovs itself. No need to
2519 * smaple them.
2520 * CF IETF RFC 5881, BFD control packet is the UDP packet with
2521 * destination port 3784, and BFD echo packet is the UDP packet with
2522 * destination port 3785.
2523 */
2524 if (is_ip_any(flow) &&
2525 flow->nw_proto == IPPROTO_UDP &&
2526 (flow->tp_dst == htons(BFD_CONTROL_DEST_PORT) ||
2527 flow->tp_dst == htons(BFD_ECHO_DEST_PORT))) {
2528 ovs_mutex_unlock(&mutex);
2529 return;
2530 }
2531
2532 /* Use the sampling probability as an approximation of the number
2533 * of matched packets. */
2534 packet_delta_count = UINT32_MAX / di->bridge_exporter.probability;
2535 if (di->bridge_exporter.options->enable_tunnel_sampling) {
2536 if (output_odp_port == ODPP_NONE && flow->tunnel.ip_dst) {
2537 /* Input tunnel. */
2538 tunnel_key = &flow->tunnel;
2539 tunnel_port = dpif_ipfix_find_port(di, input_odp_port);
2540 }
2541 if (output_odp_port != ODPP_NONE && output_tunnel_key) {
2542 /* Output tunnel, output_tunnel_key must be valid. */
2543 tunnel_key = output_tunnel_key;
2544 tunnel_port = dpif_ipfix_find_port(di, output_odp_port);
2545 }
2546 }
2547
2548 dpif_ipfix_sample(&di->bridge_exporter.exporter, packet, flow,
2549 packet_delta_count,
2550 di->bridge_exporter.options->obs_domain_id,
2551 di->bridge_exporter.options->obs_point_id,
2552 output_odp_port, NX_ACTION_SAMPLE_DEFAULT,
2553 tunnel_port, tunnel_key, ipfix_actions);
2554 ovs_mutex_unlock(&mutex);
2555 }
2556
2557 void
2558 dpif_ipfix_flow_sample(struct dpif_ipfix *di, const struct dp_packet *packet,
2559 const struct flow *flow,
2560 const union user_action_cookie *cookie,
2561 odp_port_t input_odp_port,
2562 const struct flow_tnl *output_tunnel_key,
2563 const struct dpif_ipfix_actions *ipfix_actions)
2564 OVS_EXCLUDED(mutex)
2565 {
2566 struct dpif_ipfix_flow_exporter_map_node *node;
2567 const struct flow_tnl *tunnel_key = NULL;
2568 struct dpif_ipfix_port * tunnel_port = NULL;
2569 odp_port_t output_odp_port = cookie->flow_sample.output_odp_port;
2570 uint32_t collector_set_id = cookie->flow_sample.collector_set_id;
2571 uint16_t probability = cookie->flow_sample.probability;
2572
2573 /* Use the sampling probability as an approximation of the number
2574 * of matched packets. */
2575 uint64_t packet_delta_count = USHRT_MAX / probability;
2576
2577 ovs_mutex_lock(&mutex);
2578 node = dpif_ipfix_find_flow_exporter_map_node(di, collector_set_id);
2579 if (node) {
2580 if (node->exporter.options->enable_tunnel_sampling) {
2581 if (output_odp_port == ODPP_NONE && flow->tunnel.ip_dst) {
2582 /* Input tunnel. */
2583 tunnel_key = &flow->tunnel;
2584 tunnel_port = dpif_ipfix_find_port(di, input_odp_port);
2585 }
2586 if (output_odp_port != ODPP_NONE && output_tunnel_key) {
2587 /* Output tunnel, output_tunnel_key must be valid. */
2588 tunnel_key = output_tunnel_key;
2589 tunnel_port = dpif_ipfix_find_port(di, output_odp_port);
2590 }
2591 }
2592
2593 dpif_ipfix_sample(&node->exporter.exporter, packet, flow,
2594 packet_delta_count,
2595 cookie->flow_sample.obs_domain_id,
2596 cookie->flow_sample.obs_point_id,
2597 output_odp_port, cookie->flow_sample.direction,
2598 tunnel_port, tunnel_key, ipfix_actions);
2599 }
2600 ovs_mutex_unlock(&mutex);
2601 }
2602
2603 static void
2604 dpif_ipfix_cache_expire(struct dpif_ipfix_exporter *exporter,
2605 bool forced_end, const uint64_t export_time_usec,
2606 const uint32_t export_time_sec)
2607 {
2608 struct ipfix_flow_cache_entry *entry, *next_entry;
2609 uint64_t max_flow_start_timestamp_usec;
2610 bool template_msg_sent = false;
2611 enum ipfix_flow_end_reason flow_end_reason;
2612
2613 if (ovs_list_is_empty(&exporter->cache_flow_start_timestamp_list)) {
2614 return;
2615 }
2616
2617 max_flow_start_timestamp_usec = export_time_usec -
2618 1000000LL * exporter->cache_active_timeout;
2619
2620 LIST_FOR_EACH_SAFE (entry, next_entry, cache_flow_start_timestamp_list_node,
2621 &exporter->cache_flow_start_timestamp_list) {
2622 if (forced_end) {
2623 flow_end_reason = FORCED_END;
2624 } else if (entry->flow_start_timestamp_usec
2625 <= max_flow_start_timestamp_usec) {
2626 flow_end_reason = ACTIVE_TIMEOUT;
2627 } else if (hmap_count(&exporter->cache_flow_key_map)
2628 > exporter->cache_max_flows) {
2629 /* Enforce exporter->cache_max_flows. */
2630 flow_end_reason = LACK_OF_RESOURCES;
2631 } else {
2632 /* Remaining flows haven't expired yet. */
2633 break;
2634 }
2635
2636 ovs_list_remove(&entry->cache_flow_start_timestamp_list_node);
2637 hmap_remove(&exporter->cache_flow_key_map,
2638 &entry->flow_key_map_node);
2639
2640 /* XXX: Make frequency of the (Options) Template and Exporter Process
2641 * Statistics transmission configurable.
2642 * Cf. IETF RFC 5101 Section 4.3. and 10.3.6. */
2643 if (!template_msg_sent
2644 && (exporter->last_template_set_time + IPFIX_TEMPLATE_INTERVAL)
2645 <= export_time_sec) {
2646 ipfix_send_template_msgs(exporter, export_time_sec,
2647 entry->flow_key.obs_domain_id);
2648 exporter->last_template_set_time = export_time_sec;
2649 template_msg_sent = true;
2650
2651 /* Send Exporter Process Statistics. */
2652 ipfix_send_exporter_data_msg(exporter, export_time_sec);
2653 }
2654
2655 /* XXX: Group multiple data records for the same obs domain id
2656 * into the same message. */
2657 ipfix_send_data_msg(exporter, export_time_sec, entry, flow_end_reason);
2658 free(entry);
2659 }
2660 }
2661
2662 static void
2663 get_export_time_now(uint64_t *export_time_usec, uint32_t *export_time_sec)
2664 {
2665 struct timeval export_time;
2666 xgettimeofday(&export_time);
2667
2668 *export_time_usec = export_time.tv_usec + 1000000LL * export_time.tv_sec;
2669
2670 /* The IPFIX start and end deltas are negative deltas relative to
2671 * the export time, so set the export time 1 second off to
2672 * calculate those deltas. */
2673 if (export_time.tv_usec == 0) {
2674 *export_time_sec = export_time.tv_sec;
2675 } else {
2676 *export_time_sec = export_time.tv_sec + 1;
2677 }
2678 }
2679
2680 static void
2681 dpif_ipfix_cache_expire_now(struct dpif_ipfix_exporter *exporter,
2682 bool forced_end)
2683 {
2684 uint64_t export_time_usec;
2685 uint32_t export_time_sec;
2686
2687 get_export_time_now(&export_time_usec, &export_time_sec);
2688 dpif_ipfix_cache_expire(exporter, forced_end, export_time_usec,
2689 export_time_sec);
2690 }
2691
2692 void
2693 dpif_ipfix_run(struct dpif_ipfix *di) OVS_EXCLUDED(mutex)
2694 {
2695 uint64_t export_time_usec;
2696 uint32_t export_time_sec;
2697 struct dpif_ipfix_flow_exporter_map_node *flow_exporter_node;
2698
2699 ovs_mutex_lock(&mutex);
2700 get_export_time_now(&export_time_usec, &export_time_sec);
2701 if (bridge_exporter_enabled(di)) {
2702 dpif_ipfix_cache_expire(
2703 &di->bridge_exporter.exporter, false, export_time_usec,
2704 export_time_sec);
2705 }
2706 HMAP_FOR_EACH (flow_exporter_node, node, &di->flow_exporter_map) {
2707 dpif_ipfix_cache_expire(
2708 &flow_exporter_node->exporter.exporter, false, export_time_usec,
2709 export_time_sec);
2710 }
2711 ovs_mutex_unlock(&mutex);
2712 }
2713
2714 void
2715 dpif_ipfix_wait(struct dpif_ipfix *di) OVS_EXCLUDED(mutex)
2716 {
2717 long long int next_timeout_msec = LLONG_MAX;
2718 struct dpif_ipfix_flow_exporter_map_node *flow_exporter_node;
2719
2720 ovs_mutex_lock(&mutex);
2721 if (bridge_exporter_enabled(di)) {
2722 if (ipfix_cache_next_timeout_msec(
2723 &di->bridge_exporter.exporter, &next_timeout_msec)) {
2724 poll_timer_wait_until(next_timeout_msec);
2725 }
2726 }
2727 HMAP_FOR_EACH (flow_exporter_node, node, &di->flow_exporter_map) {
2728 if (ipfix_cache_next_timeout_msec(
2729 &flow_exporter_node->exporter.exporter, &next_timeout_msec)) {
2730 poll_timer_wait_until(next_timeout_msec);
2731 }
2732 }
2733 ovs_mutex_unlock(&mutex);
2734 }
2735
2736 static void
2737 dpif_ipfix_read_sample_actions(const struct flow *flow,
2738 const struct nlattr *actions,
2739 size_t actions_len,
2740 struct dpif_ipfix_actions *ipfix_actions)
2741 {
2742 const struct nlattr *a;
2743 unsigned int left;
2744 uint32_t probability = 0;
2745 struct dpif_ipfix_actions sample_actions = {0};
2746
2747 if (actions_len == 0) {
2748 return;
2749 }
2750
2751 NL_ATTR_FOR_EACH (a, left, actions, actions_len) {
2752
2753 enum ovs_sample_attr type = nl_attr_type(a);
2754 switch (type) {
2755 case OVS_SAMPLE_ATTR_PROBABILITY:
2756 probability = nl_attr_get_u32(a);
2757 break;
2758
2759 case OVS_SAMPLE_ATTR_ACTIONS:
2760 dpif_ipfix_read_actions(flow, nl_attr_get(a), nl_attr_get_size(a),
2761 &sample_actions);
2762 break;
2763
2764 case OVS_SAMPLE_ATTR_UNSPEC:
2765 case __OVS_SAMPLE_ATTR_MAX:
2766 default:
2767 OVS_NOT_REACHED();
2768 }
2769 }
2770
2771 /* An output action inside sample action is truly an output if the sampling
2772 * probability is set to 100% */
2773 if (probability == UINT32_MAX && sample_actions.output_action == true) {
2774 ipfix_actions->output_action = true;
2775 }
2776 }
2777
2778 void
2779 dpif_ipfix_read_actions(const struct flow *flow,
2780 const struct nlattr *actions,
2781 size_t actions_len,
2782 struct dpif_ipfix_actions *ipfix_actions)
2783 {
2784 const struct nlattr *a;
2785 unsigned int left;
2786
2787 if (actions_len == 0) {
2788 return;
2789 }
2790
2791 NL_ATTR_FOR_EACH (a, left, actions, actions_len) {
2792 enum ovs_action_attr type = nl_attr_type(a);
2793 switch (type) {
2794 case OVS_ACTION_ATTR_OUTPUT:
2795 ipfix_actions->output_action = true;
2796 break;
2797 case OVS_ACTION_ATTR_SAMPLE:
2798 dpif_ipfix_read_sample_actions(flow, nl_attr_get(a),
2799 nl_attr_get_size(a), ipfix_actions);
2800 break;
2801 case OVS_ACTION_ATTR_CLONE:
2802 dpif_ipfix_read_actions(flow, nl_attr_get(a), nl_attr_get_size(a),
2803 ipfix_actions);
2804 break;
2805
2806 /* OVS_ACTION_ATTR_USERSPACE and OVS_ACTION_ATTR_RECIRC actions can
2807 * yield absolutely any kind of behavior. Let's assume that flow drops
2808 * the packet if there isn't another clear OVS_ACTION_ATTR_OUTPUT
2809 * action associated with packet */
2810 case OVS_ACTION_ATTR_USERSPACE:
2811 case OVS_ACTION_ATTR_RECIRC:
2812
2813 case OVS_ACTION_ATTR_TUNNEL_POP:
2814 case OVS_ACTION_ATTR_TUNNEL_PUSH:
2815 case OVS_ACTION_ATTR_TRUNC:
2816 case OVS_ACTION_ATTR_HASH:
2817 case OVS_ACTION_ATTR_CT:
2818 case OVS_ACTION_ATTR_METER:
2819 case OVS_ACTION_ATTR_SET_MASKED:
2820 case OVS_ACTION_ATTR_SET:
2821 case OVS_ACTION_ATTR_PUSH_VLAN:
2822 case OVS_ACTION_ATTR_POP_VLAN:
2823 case OVS_ACTION_ATTR_PUSH_MPLS:
2824 case OVS_ACTION_ATTR_POP_MPLS:
2825 case OVS_ACTION_ATTR_PUSH_ETH:
2826 case OVS_ACTION_ATTR_POP_ETH:
2827 case OVS_ACTION_ATTR_UNSPEC:
2828 case __OVS_ACTION_ATTR_MAX:
2829 default:
2830 break;
2831 }
2832 }
2833 }
openvswitch mirror