2 * Copyright (c) 2012, 2013 Nicira, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 #include "ofproto-dpif-ipfix.h"
20 #include "byte-order.h"
21 #include "collectors.h"
29 #include "poll-loop.h"
36 VLOG_DEFINE_THIS_MODULE(ipfix
);
38 static struct vlog_rate_limit rl
= VLOG_RATE_LIMIT_INIT(1, 5);
39 static struct ovs_mutex mutex
= OVS_MUTEX_INITIALIZER
;
41 /* Cf. IETF RFC 5101 Section 10.3.4. */
42 #define IPFIX_DEFAULT_COLLECTOR_PORT 4739
44 struct dpif_ipfix_exporter
{
45 struct collectors
*collectors
;
47 time_t last_template_set_time
;
48 struct hmap cache_flow_key_map
; /* ipfix_flow_cache_entry. */
49 struct list cache_flow_start_timestamp_list
; /* ipfix_flow_cache_entry. */
50 uint32_t cache_active_timeout
; /* In seconds. */
51 uint32_t cache_max_flows
;
54 struct dpif_ipfix_bridge_exporter
{
55 struct dpif_ipfix_exporter exporter
;
56 struct ofproto_ipfix_bridge_exporter_options
*options
;
60 struct dpif_ipfix_flow_exporter
{
61 struct dpif_ipfix_exporter exporter
;
62 struct ofproto_ipfix_flow_exporter_options
*options
;
65 struct dpif_ipfix_flow_exporter_map_node
{
66 struct hmap_node node
;
67 struct dpif_ipfix_flow_exporter exporter
;
71 struct dpif_ipfix_bridge_exporter bridge_exporter
;
72 struct hmap flow_exporter_map
; /* dpif_ipfix_flow_exporter_map_node. */
73 struct ovs_refcount ref_cnt
;
76 #define IPFIX_VERSION 0x000a
78 /* When using UDP, IPFIX Template Records must be re-sent regularly.
79 * The standard default interval is 10 minutes (600 seconds).
80 * Cf. IETF RFC 5101 Section 10.3.6. */
81 #define IPFIX_TEMPLATE_INTERVAL 600
83 /* Cf. IETF RFC 5101 Section 3.1. */
86 ovs_be16 version
; /* IPFIX_VERSION. */
87 ovs_be16 length
; /* Length in bytes including this header. */
88 ovs_be32 export_time
; /* Seconds since the epoch. */
89 ovs_be32 seq_number
; /* Message sequence number. */
90 ovs_be32 obs_domain_id
; /* Observation Domain ID. */
92 BUILD_ASSERT_DECL(sizeof(struct ipfix_header
) == 16);
94 #define IPFIX_SET_ID_TEMPLATE 2
95 #define IPFIX_SET_ID_OPTION_TEMPLATE 3
97 /* Cf. IETF RFC 5101 Section 3.3.2. */
99 struct ipfix_set_header
{
100 ovs_be16 set_id
; /* IPFIX_SET_ID_* or valid template ID for Data Sets. */
101 ovs_be16 length
; /* Length of the set in bytes including header. */
103 BUILD_ASSERT_DECL(sizeof(struct ipfix_set_header
) == 4);
105 /* Alternatives for templates at each layer. A template is defined by
106 * a combination of one value for each layer. */
107 enum ipfix_proto_l2
{
108 IPFIX_PROTO_L2_ETH
= 0, /* No VLAN. */
112 enum ipfix_proto_l3
{
113 IPFIX_PROTO_L3_UNKNOWN
= 0,
118 enum ipfix_proto_l4
{
119 IPFIX_PROTO_L4_UNKNOWN
= 0,
120 IPFIX_PROTO_L4_TCP_UDP_SCTP
,
125 /* Any Template ID > 255 is usable for Template Records. */
126 #define IPFIX_TEMPLATE_ID_MIN 256
128 /* Cf. IETF RFC 5101 Section 3.4.1. */
130 struct ipfix_template_record_header
{
131 ovs_be16 template_id
;
132 ovs_be16 field_count
;
134 BUILD_ASSERT_DECL(sizeof(struct ipfix_template_record_header
) == 4);
136 enum ipfix_entity_id
{
137 #define IPFIX_ENTITY(ENUM, ID, SIZE, NAME) IPFIX_ENTITY_ID_##ENUM = ID,
138 #include "ofproto/ipfix-entities.def"
141 enum ipfix_entity_size
{
142 #define IPFIX_ENTITY(ENUM, ID, SIZE, NAME) IPFIX_ENTITY_SIZE_##ENUM = SIZE,
143 #include "ofproto/ipfix-entities.def"
147 struct ipfix_template_field_specifier
{
148 ovs_be16 element_id
; /* IPFIX_ENTITY_ID_*. */
149 ovs_be16 field_length
; /* Length of the field's value, in bytes. */
150 /* No Enterprise ID, since only standard element IDs are specified. */
152 BUILD_ASSERT_DECL(sizeof(struct ipfix_template_field_specifier
) == 4);
154 /* Part of data record flow key for common metadata and Ethernet entities. */
156 struct ipfix_data_record_flow_key_common
{
157 ovs_be32 observation_point_id
; /* OBSERVATION_POINT_ID */
158 uint8_t source_mac_address
[6]; /* SOURCE_MAC_ADDRESS */
159 uint8_t destination_mac_address
[6]; /* DESTINATION_MAC_ADDRESS */
160 ovs_be16 ethernet_type
; /* ETHERNET_TYPE */
161 uint8_t ethernet_header_length
; /* ETHERNET_HEADER_LENGTH */
163 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_common
) == 19);
165 /* Part of data record flow key for VLAN entities. */
167 struct ipfix_data_record_flow_key_vlan
{
168 ovs_be16 vlan_id
; /* VLAN_ID */
169 ovs_be16 dot1q_vlan_id
; /* DOT1Q_VLAN_ID */
170 uint8_t dot1q_priority
; /* DOT1Q_PRIORITY */
172 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_vlan
) == 5);
174 /* Part of data record flow key for IP entities. */
175 /* XXX: Replace IP_TTL with MINIMUM_TTL and MAXIMUM_TTL? */
177 struct ipfix_data_record_flow_key_ip
{
178 uint8_t ip_version
; /* IP_VERSION */
179 uint8_t ip_ttl
; /* IP_TTL */
180 uint8_t protocol_identifier
; /* PROTOCOL_IDENTIFIER */
181 uint8_t ip_diff_serv_code_point
; /* IP_DIFF_SERV_CODE_POINT */
182 uint8_t ip_precedence
; /* IP_PRECEDENCE */
183 uint8_t ip_class_of_service
; /* IP_CLASS_OF_SERVICE */
185 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ip
) == 6);
187 /* Part of data record flow key for IPv4 entities. */
189 struct ipfix_data_record_flow_key_ipv4
{
190 ovs_be32 source_ipv4_address
; /* SOURCE_IPV4_ADDRESS */
191 ovs_be32 destination_ipv4_address
; /* DESTINATION_IPV4_ADDRESS */
193 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ipv4
) == 8);
195 /* Part of data record flow key for IPv6 entities. */
197 struct ipfix_data_record_flow_key_ipv6
{
198 uint8_t source_ipv6_address
[16]; /* SOURCE_IPV6_ADDRESS */
199 uint8_t destination_ipv6_address
[16]; /* DESTINATION_IPV6_ADDRESS */
200 ovs_be32 flow_label_ipv6
; /* FLOW_LABEL_IPV6 */
202 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_ipv6
) == 36);
204 /* Part of data record flow key for TCP/UDP/SCTP entities. */
206 struct ipfix_data_record_flow_key_transport
{
207 ovs_be16 source_transport_port
; /* SOURCE_TRANSPORT_PORT */
208 ovs_be16 destination_transport_port
; /* DESTINATION_TRANSPORT_PORT */
210 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_transport
) == 4);
212 /* Part of data record flow key for ICMP entities. */
214 struct ipfix_data_record_flow_key_icmp
{
215 uint8_t icmp_type
; /* ICMP_TYPE_IPV4 / ICMP_TYPE_IPV6 */
216 uint8_t icmp_code
; /* ICMP_CODE_IPV4 / ICMP_CODE_IPV6 */
218 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_icmp
) == 2);
220 /* Cf. IETF RFC 5102 Section 5.11.3. */
221 enum ipfix_flow_end_reason
{
223 ACTIVE_TIMEOUT
= 0x02,
224 END_OF_FLOW_DETECTED
= 0x03,
226 LACK_OF_RESOURCES
= 0x05
229 /* Part of data record for common aggregated elements. */
231 struct ipfix_data_record_aggregated_common
{
232 ovs_be32 flow_start_delta_microseconds
; /* FLOW_START_DELTA_MICROSECONDS */
233 ovs_be32 flow_end_delta_microseconds
; /* FLOW_END_DELTA_MICROSECONDS */
234 ovs_be64 packet_delta_count
; /* PACKET_DELTA_COUNT */
235 ovs_be64 layer2_octet_delta_count
; /* LAYER2_OCTET_DELTA_COUNT */
236 uint8_t flow_end_reason
; /* FLOW_END_REASON */
238 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_common
) == 25);
240 /* Part of data record for IP aggregated elements. */
242 struct ipfix_data_record_aggregated_ip
{
243 ovs_be64 octet_delta_count
; /* OCTET_DELTA_COUNT */
244 ovs_be64 octet_delta_sum_of_squares
; /* OCTET_DELTA_SUM_OF_SQUARES */
245 ovs_be64 minimum_ip_total_length
; /* MINIMUM_IP_TOTAL_LENGTH */
246 ovs_be64 maximum_ip_total_length
; /* MAXIMUM_IP_TOTAL_LENGTH */
248 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_ip
) == 32);
250 #define MAX_FLOW_KEY_LEN \
251 (sizeof(struct ipfix_data_record_flow_key_common) \
252 + sizeof(struct ipfix_data_record_flow_key_vlan) \
253 + sizeof(struct ipfix_data_record_flow_key_ip) \
254 + MAX(sizeof(struct ipfix_data_record_flow_key_ipv4), \
255 sizeof(struct ipfix_data_record_flow_key_ipv6)) \
256 + MAX(sizeof(struct ipfix_data_record_flow_key_icmp), \
257 sizeof(struct ipfix_data_record_flow_key_transport)))
259 #define MAX_DATA_RECORD_LEN \
261 + sizeof(struct ipfix_data_record_aggregated_common) \
262 + sizeof(struct ipfix_data_record_aggregated_ip))
264 /* Max length of a data set. To simplify the implementation, each
265 * data record is sent in a separate data set, so each data set
266 * contains at most one data record. */
267 #define MAX_DATA_SET_LEN \
268 (sizeof(struct ipfix_set_header) \
269 + MAX_DATA_RECORD_LEN)
271 /* Max length of an IPFIX message. Arbitrarily set to accomodate low
273 #define MAX_MESSAGE_LEN 1024
275 /* Cache structures. */
278 struct ipfix_flow_key
{
279 uint32_t obs_domain_id
;
280 uint16_t template_id
;
281 size_t flow_key_msg_part_size
;
282 uint64_t flow_key_msg_part
[DIV_ROUND_UP(MAX_FLOW_KEY_LEN
, 8)];
285 /* Flow cache entry. */
286 struct ipfix_flow_cache_entry
{
287 struct hmap_node flow_key_map_node
;
288 struct list cache_flow_start_timestamp_list_node
;
289 struct ipfix_flow_key flow_key
;
290 /* Common aggregated elements. */
291 uint64_t flow_start_timestamp_usec
;
292 uint64_t flow_end_timestamp_usec
;
293 uint64_t packet_delta_count
;
294 uint64_t layer2_octet_delta_count
;
295 uint64_t octet_delta_count
;
296 uint64_t octet_delta_sum_of_squares
; /* 0 if not IP. */
297 uint16_t minimum_ip_total_length
; /* 0 if not IP. */
298 uint16_t maximum_ip_total_length
; /* 0 if not IP. */
301 static void dpif_ipfix_cache_expire(struct dpif_ipfix_exporter
*, bool,
302 const uint64_t, const uint32_t);
304 static void get_export_time_now(uint64_t *, uint32_t *);
306 static void dpif_ipfix_cache_expire_now(struct dpif_ipfix_exporter
*, bool);
309 ofproto_ipfix_bridge_exporter_options_equal(
310 const struct ofproto_ipfix_bridge_exporter_options
*a
,
311 const struct ofproto_ipfix_bridge_exporter_options
*b
)
313 return (a
->obs_domain_id
== b
->obs_domain_id
314 && a
->obs_point_id
== b
->obs_point_id
315 && a
->sampling_rate
== b
->sampling_rate
316 && a
->cache_active_timeout
== b
->cache_active_timeout
317 && a
->cache_max_flows
== b
->cache_max_flows
318 && sset_equals(&a
->targets
, &b
->targets
));
321 static struct ofproto_ipfix_bridge_exporter_options
*
322 ofproto_ipfix_bridge_exporter_options_clone(
323 const struct ofproto_ipfix_bridge_exporter_options
*old
)
325 struct ofproto_ipfix_bridge_exporter_options
*new =
326 xmemdup(old
, sizeof *old
);
327 sset_clone(&new->targets
, &old
->targets
);
332 ofproto_ipfix_bridge_exporter_options_destroy(
333 struct ofproto_ipfix_bridge_exporter_options
*options
)
336 sset_destroy(&options
->targets
);
342 ofproto_ipfix_flow_exporter_options_equal(
343 const struct ofproto_ipfix_flow_exporter_options
*a
,
344 const struct ofproto_ipfix_flow_exporter_options
*b
)
346 return (a
->collector_set_id
== b
->collector_set_id
347 && a
->cache_active_timeout
== b
->cache_active_timeout
348 && a
->cache_max_flows
== b
->cache_max_flows
349 && sset_equals(&a
->targets
, &b
->targets
));
352 static struct ofproto_ipfix_flow_exporter_options
*
353 ofproto_ipfix_flow_exporter_options_clone(
354 const struct ofproto_ipfix_flow_exporter_options
*old
)
356 struct ofproto_ipfix_flow_exporter_options
*new =
357 xmemdup(old
, sizeof *old
);
358 sset_clone(&new->targets
, &old
->targets
);
363 ofproto_ipfix_flow_exporter_options_destroy(
364 struct ofproto_ipfix_flow_exporter_options
*options
)
367 sset_destroy(&options
->targets
);
373 dpif_ipfix_exporter_init(struct dpif_ipfix_exporter
*exporter
)
375 exporter
->collectors
= NULL
;
376 exporter
->seq_number
= 1;
377 exporter
->last_template_set_time
= TIME_MIN
;
378 hmap_init(&exporter
->cache_flow_key_map
);
379 list_init(&exporter
->cache_flow_start_timestamp_list
);
380 exporter
->cache_active_timeout
= 0;
381 exporter
->cache_max_flows
= 0;
385 dpif_ipfix_exporter_clear(struct dpif_ipfix_exporter
*exporter
)
387 /* Flush the cache with flow end reason "forced end." */
388 dpif_ipfix_cache_expire_now(exporter
, true);
390 collectors_destroy(exporter
->collectors
);
391 exporter
->collectors
= NULL
;
392 exporter
->seq_number
= 1;
393 exporter
->last_template_set_time
= TIME_MIN
;
394 exporter
->cache_active_timeout
= 0;
395 exporter
->cache_max_flows
= 0;
399 dpif_ipfix_exporter_destroy(struct dpif_ipfix_exporter
*exporter
)
401 dpif_ipfix_exporter_clear(exporter
);
402 hmap_destroy(&exporter
->cache_flow_key_map
);
406 dpif_ipfix_exporter_set_options(struct dpif_ipfix_exporter
*exporter
,
407 const struct sset
*targets
,
408 const uint32_t cache_active_timeout
,
409 const uint32_t cache_max_flows
)
411 collectors_destroy(exporter
->collectors
);
412 collectors_create(targets
, IPFIX_DEFAULT_COLLECTOR_PORT
,
413 &exporter
->collectors
);
414 if (exporter
->collectors
== NULL
) {
415 VLOG_WARN_RL(&rl
, "no collectors could be initialized, "
416 "IPFIX exporter disabled");
417 dpif_ipfix_exporter_clear(exporter
);
420 exporter
->cache_active_timeout
= cache_active_timeout
;
421 exporter
->cache_max_flows
= cache_max_flows
;
426 dpif_ipfix_bridge_exporter_init(struct dpif_ipfix_bridge_exporter
*exporter
)
428 dpif_ipfix_exporter_init(&exporter
->exporter
);
429 exporter
->options
= NULL
;
430 exporter
->probability
= 0;
434 dpif_ipfix_bridge_exporter_clear(struct dpif_ipfix_bridge_exporter
*exporter
)
436 dpif_ipfix_exporter_clear(&exporter
->exporter
);
437 ofproto_ipfix_bridge_exporter_options_destroy(exporter
->options
);
438 exporter
->options
= NULL
;
439 exporter
->probability
= 0;
443 dpif_ipfix_bridge_exporter_destroy(struct dpif_ipfix_bridge_exporter
*exporter
)
445 dpif_ipfix_bridge_exporter_clear(exporter
);
446 dpif_ipfix_exporter_destroy(&exporter
->exporter
);
450 dpif_ipfix_bridge_exporter_set_options(
451 struct dpif_ipfix_bridge_exporter
*exporter
,
452 const struct ofproto_ipfix_bridge_exporter_options
*options
)
454 bool options_changed
;
456 if (!options
|| sset_is_empty(&options
->targets
)) {
457 /* No point in doing any work if there are no targets. */
458 dpif_ipfix_bridge_exporter_clear(exporter
);
464 || !ofproto_ipfix_bridge_exporter_options_equal(
465 options
, exporter
->options
));
467 /* Configure collectors if options have changed or if we're
468 * shortchanged in collectors (which indicates that opening one or
469 * more of the configured collectors failed, so that we should
472 || collectors_count(exporter
->exporter
.collectors
)
473 < sset_count(&options
->targets
)) {
474 if (!dpif_ipfix_exporter_set_options(
475 &exporter
->exporter
, &options
->targets
,
476 options
->cache_active_timeout
, options
->cache_max_flows
)) {
481 /* Avoid reconfiguring if options didn't change. */
482 if (!options_changed
) {
486 ofproto_ipfix_bridge_exporter_options_destroy(exporter
->options
);
487 exporter
->options
= ofproto_ipfix_bridge_exporter_options_clone(options
);
488 exporter
->probability
=
489 MAX(1, UINT32_MAX
/ exporter
->options
->sampling_rate
);
491 /* Run over the cache as some entries might have expired after
492 * changing the timeouts. */
493 dpif_ipfix_cache_expire_now(&exporter
->exporter
, false);
496 static struct dpif_ipfix_flow_exporter_map_node
*
497 dpif_ipfix_find_flow_exporter_map_node(
498 const struct dpif_ipfix
*di
, const uint32_t collector_set_id
)
501 struct dpif_ipfix_flow_exporter_map_node
*exporter_node
;
503 HMAP_FOR_EACH_WITH_HASH (exporter_node
, node
,
504 hash_int(collector_set_id
, 0),
505 &di
->flow_exporter_map
) {
506 if (exporter_node
->exporter
.options
->collector_set_id
507 == collector_set_id
) {
508 return exporter_node
;
516 dpif_ipfix_flow_exporter_init(struct dpif_ipfix_flow_exporter
*exporter
)
518 dpif_ipfix_exporter_init(&exporter
->exporter
);
519 exporter
->options
= NULL
;
523 dpif_ipfix_flow_exporter_clear(struct dpif_ipfix_flow_exporter
*exporter
)
525 dpif_ipfix_exporter_clear(&exporter
->exporter
);
526 ofproto_ipfix_flow_exporter_options_destroy(exporter
->options
);
527 exporter
->options
= NULL
;
531 dpif_ipfix_flow_exporter_destroy(struct dpif_ipfix_flow_exporter
*exporter
)
533 dpif_ipfix_flow_exporter_clear(exporter
);
534 dpif_ipfix_exporter_destroy(&exporter
->exporter
);
538 dpif_ipfix_flow_exporter_set_options(
539 struct dpif_ipfix_flow_exporter
*exporter
,
540 const struct ofproto_ipfix_flow_exporter_options
*options
)
542 bool options_changed
;
544 if (sset_is_empty(&options
->targets
)) {
545 /* No point in doing any work if there are no targets. */
546 dpif_ipfix_flow_exporter_clear(exporter
);
552 || !ofproto_ipfix_flow_exporter_options_equal(
553 options
, exporter
->options
));
555 /* Configure collectors if options have changed or if we're
556 * shortchanged in collectors (which indicates that opening one or
557 * more of the configured collectors failed, so that we should
560 || collectors_count(exporter
->exporter
.collectors
)
561 < sset_count(&options
->targets
)) {
562 if (!dpif_ipfix_exporter_set_options(
563 &exporter
->exporter
, &options
->targets
,
564 options
->cache_active_timeout
, options
->cache_max_flows
)) {
569 /* Avoid reconfiguring if options didn't change. */
570 if (!options_changed
) {
574 ofproto_ipfix_flow_exporter_options_destroy(exporter
->options
);
575 exporter
->options
= ofproto_ipfix_flow_exporter_options_clone(options
);
577 /* Run over the cache as some entries might have expired after
578 * changing the timeouts. */
579 dpif_ipfix_cache_expire_now(&exporter
->exporter
, false);
585 dpif_ipfix_set_options(
586 struct dpif_ipfix
*di
,
587 const struct ofproto_ipfix_bridge_exporter_options
*bridge_exporter_options
,
588 const struct ofproto_ipfix_flow_exporter_options
*flow_exporters_options
,
589 size_t n_flow_exporters_options
) OVS_EXCLUDED(mutex
)
592 struct ofproto_ipfix_flow_exporter_options
*options
;
593 struct dpif_ipfix_flow_exporter_map_node
*node
, *next
;
594 size_t n_broken_flow_exporters_options
= 0;
596 ovs_mutex_lock(&mutex
);
597 dpif_ipfix_bridge_exporter_set_options(&di
->bridge_exporter
,
598 bridge_exporter_options
);
600 /* Add new flow exporters and update current flow exporters. */
601 options
= (struct ofproto_ipfix_flow_exporter_options
*)
602 flow_exporters_options
;
603 for (i
= 0; i
< n_flow_exporters_options
; i
++) {
604 node
= dpif_ipfix_find_flow_exporter_map_node(
605 di
, options
->collector_set_id
);
607 node
= xzalloc(sizeof *node
);
608 dpif_ipfix_flow_exporter_init(&node
->exporter
);
609 hmap_insert(&di
->flow_exporter_map
, &node
->node
,
610 hash_int(options
->collector_set_id
, 0));
612 if (!dpif_ipfix_flow_exporter_set_options(&node
->exporter
, options
)) {
613 n_broken_flow_exporters_options
++;
618 ovs_assert(hmap_count(&di
->flow_exporter_map
) >=
619 (n_flow_exporters_options
- n_broken_flow_exporters_options
));
621 /* Remove dropped flow exporters, if any needs to be removed. */
622 if (hmap_count(&di
->flow_exporter_map
) > n_flow_exporters_options
) {
623 HMAP_FOR_EACH_SAFE (node
, next
, node
, &di
->flow_exporter_map
) {
624 /* This is slow but doesn't take any extra memory, and
625 * this table is not supposed to contain many rows anyway. */
626 options
= (struct ofproto_ipfix_flow_exporter_options
*)
627 flow_exporters_options
;
628 for (i
= 0; i
< n_flow_exporters_options
; i
++) {
629 if (node
->exporter
.options
->collector_set_id
630 == options
->collector_set_id
) {
635 if (i
== n_flow_exporters_options
) { // Not found.
636 hmap_remove(&di
->flow_exporter_map
, &node
->node
);
637 dpif_ipfix_flow_exporter_destroy(&node
->exporter
);
643 ovs_assert(hmap_count(&di
->flow_exporter_map
) ==
644 (n_flow_exporters_options
- n_broken_flow_exporters_options
));
645 ovs_mutex_unlock(&mutex
);
649 dpif_ipfix_create(void)
651 struct dpif_ipfix
*di
;
652 di
= xzalloc(sizeof *di
);
653 dpif_ipfix_bridge_exporter_init(&di
->bridge_exporter
);
654 hmap_init(&di
->flow_exporter_map
);
655 ovs_refcount_init(&di
->ref_cnt
);
660 dpif_ipfix_ref(const struct dpif_ipfix
*di_
)
662 struct dpif_ipfix
*di
= CONST_CAST(struct dpif_ipfix
*, di_
);
664 ovs_refcount_ref(&di
->ref_cnt
);
670 dpif_ipfix_get_bridge_exporter_probability(const struct dpif_ipfix
*di
)
674 ovs_mutex_lock(&mutex
);
675 ret
= di
->bridge_exporter
.probability
;
676 ovs_mutex_unlock(&mutex
);
681 dpif_ipfix_clear(struct dpif_ipfix
*di
) OVS_REQUIRES(mutex
)
683 struct dpif_ipfix_flow_exporter_map_node
*exp_node
, *exp_next
;
685 dpif_ipfix_bridge_exporter_clear(&di
->bridge_exporter
);
687 HMAP_FOR_EACH_SAFE (exp_node
, exp_next
, node
, &di
->flow_exporter_map
) {
688 hmap_remove(&di
->flow_exporter_map
, &exp_node
->node
);
689 dpif_ipfix_flow_exporter_destroy(&exp_node
->exporter
);
695 dpif_ipfix_unref(struct dpif_ipfix
*di
) OVS_EXCLUDED(mutex
)
697 if (di
&& ovs_refcount_unref(&di
->ref_cnt
) == 1) {
698 ovs_mutex_lock(&mutex
);
699 dpif_ipfix_clear(di
);
700 dpif_ipfix_bridge_exporter_destroy(&di
->bridge_exporter
);
701 hmap_destroy(&di
->flow_exporter_map
);
702 ovs_refcount_destroy(&di
->ref_cnt
);
704 ovs_mutex_unlock(&mutex
);
709 ipfix_init_header(uint32_t export_time_sec
, uint32_t seq_number
,
710 uint32_t obs_domain_id
, struct ofpbuf
*msg
)
712 struct ipfix_header
*hdr
;
714 hdr
= ofpbuf_put_zeros(msg
, sizeof *hdr
);
715 hdr
->version
= htons(IPFIX_VERSION
);
716 hdr
->length
= htons(sizeof *hdr
); /* Updated in ipfix_send_msg. */
717 hdr
->export_time
= htonl(export_time_sec
);
718 hdr
->seq_number
= htonl(seq_number
);
719 hdr
->obs_domain_id
= htonl(obs_domain_id
);
723 ipfix_send_msg(const struct collectors
*collectors
, struct ofpbuf
*msg
)
725 struct ipfix_header
*hdr
;
727 /* Adjust the length in the header. */
729 hdr
->length
= htons(msg
->size
);
731 collectors_send(collectors
, msg
->data
, msg
->size
);
736 ipfix_get_template_id(enum ipfix_proto_l2 l2
, enum ipfix_proto_l3 l3
,
737 enum ipfix_proto_l4 l4
)
739 uint16_t template_id
;
741 template_id
= template_id
* NUM_IPFIX_PROTO_L3
+ l3
;
742 template_id
= template_id
* NUM_IPFIX_PROTO_L4
+ l4
;
743 return IPFIX_TEMPLATE_ID_MIN
+ template_id
;
747 ipfix_define_template_entity(enum ipfix_entity_id id
,
748 enum ipfix_entity_size size
, struct ofpbuf
*msg
)
750 struct ipfix_template_field_specifier
*field
;
752 field
= ofpbuf_put_zeros(msg
, sizeof *field
);
753 field
->element_id
= htons(id
);
754 field
->field_length
= htons(size
);
758 ipfix_define_template_fields(enum ipfix_proto_l2 l2
, enum ipfix_proto_l3 l3
,
759 enum ipfix_proto_l4 l4
, struct ofpbuf
*msg
)
765 ipfix_define_template_entity(IPFIX_ENTITY_ID_##ID, \
766 IPFIX_ENTITY_SIZE_##ID, msg); \
772 DEF(OBSERVATION_POINT_ID
);
774 /* Common Ethernet entities. */
775 DEF(SOURCE_MAC_ADDRESS
);
776 DEF(DESTINATION_MAC_ADDRESS
);
778 DEF(ETHERNET_HEADER_LENGTH
);
780 if (l2
== IPFIX_PROTO_L2_VLAN
) {
786 if (l3
!= IPFIX_PROTO_L3_UNKNOWN
) {
789 DEF(PROTOCOL_IDENTIFIER
);
790 DEF(IP_DIFF_SERV_CODE_POINT
);
792 DEF(IP_CLASS_OF_SERVICE
);
794 if (l3
== IPFIX_PROTO_L3_IPV4
) {
795 DEF(SOURCE_IPV4_ADDRESS
);
796 DEF(DESTINATION_IPV4_ADDRESS
);
797 if (l4
== IPFIX_PROTO_L4_TCP_UDP_SCTP
) {
798 DEF(SOURCE_TRANSPORT_PORT
);
799 DEF(DESTINATION_TRANSPORT_PORT
);
800 } else if (l4
== IPFIX_PROTO_L4_ICMP
) {
804 } else { /* l3 == IPFIX_PROTO_L3_IPV6 */
805 DEF(SOURCE_IPV6_ADDRESS
);
806 DEF(DESTINATION_IPV6_ADDRESS
);
807 DEF(FLOW_LABEL_IPV6
);
808 if (l4
== IPFIX_PROTO_L4_TCP_UDP_SCTP
) {
809 DEF(SOURCE_TRANSPORT_PORT
);
810 DEF(DESTINATION_TRANSPORT_PORT
);
811 } else if (l4
== IPFIX_PROTO_L4_ICMP
) {
818 /* 2. Flow aggregated data. */
820 DEF(FLOW_START_DELTA_MICROSECONDS
);
821 DEF(FLOW_END_DELTA_MICROSECONDS
);
822 DEF(PACKET_DELTA_COUNT
);
823 DEF(LAYER2_OCTET_DELTA_COUNT
);
824 DEF(FLOW_END_REASON
);
826 if (l3
!= IPFIX_PROTO_L3_UNKNOWN
) {
827 DEF(OCTET_DELTA_COUNT
);
828 DEF(OCTET_DELTA_SUM_OF_SQUARES
);
829 DEF(MINIMUM_IP_TOTAL_LENGTH
);
830 DEF(MAXIMUM_IP_TOTAL_LENGTH
);
839 ipfix_send_template_msg(struct dpif_ipfix_exporter
*exporter
,
840 uint32_t export_time_sec
, uint32_t obs_domain_id
)
842 uint64_t msg_stub
[DIV_ROUND_UP(MAX_MESSAGE_LEN
, 8)];
844 size_t set_hdr_offset
, tmpl_hdr_offset
;
845 struct ipfix_set_header
*set_hdr
;
846 struct ipfix_template_record_header
*tmpl_hdr
;
847 uint16_t field_count
;
848 enum ipfix_proto_l2 l2
;
849 enum ipfix_proto_l3 l3
;
850 enum ipfix_proto_l4 l4
;
852 ofpbuf_use_stub(&msg
, msg_stub
, sizeof msg_stub
);
854 ipfix_init_header(export_time_sec
, exporter
->seq_number
, obs_domain_id
,
856 set_hdr_offset
= msg
.size
;
858 /* Add a Template Set. */
859 set_hdr
= ofpbuf_put_zeros(&msg
, sizeof *set_hdr
);
860 set_hdr
->set_id
= htons(IPFIX_SET_ID_TEMPLATE
);
862 /* Define one template for each possible combination of
864 for (l2
= 0; l2
< NUM_IPFIX_PROTO_L2
; l2
++) {
865 for (l3
= 0; l3
< NUM_IPFIX_PROTO_L3
; l3
++) {
866 for (l4
= 0; l4
< NUM_IPFIX_PROTO_L4
; l4
++) {
867 if (l3
== IPFIX_PROTO_L3_UNKNOWN
&&
868 l4
!= IPFIX_PROTO_L4_UNKNOWN
) {
871 tmpl_hdr_offset
= msg
.size
;
872 tmpl_hdr
= ofpbuf_put_zeros(&msg
, sizeof *tmpl_hdr
);
873 tmpl_hdr
->template_id
= htons(
874 ipfix_get_template_id(l2
, l3
, l4
));
875 field_count
= ipfix_define_template_fields(l2
, l3
, l4
, &msg
);
876 tmpl_hdr
= (struct ipfix_template_record_header
*)
877 ((uint8_t*)msg
.data
+ tmpl_hdr_offset
);
878 tmpl_hdr
->field_count
= htons(field_count
);
883 set_hdr
= (struct ipfix_set_header
*)((uint8_t*)msg
.data
+ set_hdr_offset
);
884 set_hdr
->length
= htons(msg
.size
- set_hdr_offset
);
886 /* XXX: Add Options Template Sets, at least to define a Flow Keys
887 * Option Template. */
889 ipfix_send_msg(exporter
->collectors
, &msg
);
894 static inline uint32_t
895 ipfix_hash_flow_key(const struct ipfix_flow_key
*flow_key
, uint32_t basis
)
898 hash
= hash_int(flow_key
->obs_domain_id
, basis
);
899 hash
= hash_int(flow_key
->template_id
, hash
);
900 hash
= hash_bytes(flow_key
->flow_key_msg_part
,
901 flow_key
->flow_key_msg_part_size
, hash
);
906 ipfix_flow_key_equal(const struct ipfix_flow_key
*a
,
907 const struct ipfix_flow_key
*b
)
909 /* The template ID determines the flow key size, so not need to
911 return (a
->obs_domain_id
== b
->obs_domain_id
912 && a
->template_id
== b
->template_id
913 && memcmp(a
->flow_key_msg_part
, b
->flow_key_msg_part
,
914 a
->flow_key_msg_part_size
) == 0);
917 static struct ipfix_flow_cache_entry
*
918 ipfix_cache_find_entry(const struct dpif_ipfix_exporter
*exporter
,
919 const struct ipfix_flow_key
*flow_key
)
921 struct ipfix_flow_cache_entry
*entry
;
923 HMAP_FOR_EACH_WITH_HASH (entry
, flow_key_map_node
,
924 ipfix_hash_flow_key(flow_key
, 0),
925 &exporter
->cache_flow_key_map
) {
926 if (ipfix_flow_key_equal(&entry
->flow_key
, flow_key
)) {
935 ipfix_cache_next_timeout_msec(const struct dpif_ipfix_exporter
*exporter
,
936 long long int *next_timeout_msec
)
938 struct ipfix_flow_cache_entry
*entry
;
940 LIST_FOR_EACH (entry
, cache_flow_start_timestamp_list_node
,
941 &exporter
->cache_flow_start_timestamp_list
) {
942 *next_timeout_msec
= entry
->flow_start_timestamp_usec
/ 1000LL
943 + 1000LL * exporter
->cache_active_timeout
;
951 ipfix_cache_aggregate_entries(struct ipfix_flow_cache_entry
*from_entry
,
952 struct ipfix_flow_cache_entry
*to_entry
)
954 uint64_t *to_start
, *to_end
, *from_start
, *from_end
;
955 uint16_t *to_min_len
, *to_max_len
, *from_min_len
, *from_max_len
;
957 to_start
= &to_entry
->flow_start_timestamp_usec
;
958 to_end
= &to_entry
->flow_end_timestamp_usec
;
959 from_start
= &from_entry
->flow_start_timestamp_usec
;
960 from_end
= &from_entry
->flow_end_timestamp_usec
;
962 if (*to_start
> *from_start
) {
963 *to_start
= *from_start
;
965 if (*to_end
< *from_end
) {
969 to_entry
->packet_delta_count
+= from_entry
->packet_delta_count
;
970 to_entry
->layer2_octet_delta_count
+= from_entry
->layer2_octet_delta_count
;
972 to_entry
->octet_delta_count
+= from_entry
->octet_delta_count
;
973 to_entry
->octet_delta_sum_of_squares
+=
974 from_entry
->octet_delta_sum_of_squares
;
976 to_min_len
= &to_entry
->minimum_ip_total_length
;
977 to_max_len
= &to_entry
->maximum_ip_total_length
;
978 from_min_len
= &from_entry
->minimum_ip_total_length
;
979 from_max_len
= &from_entry
->maximum_ip_total_length
;
981 if (!*to_min_len
|| (*from_min_len
&& *to_min_len
> *from_min_len
)) {
982 *to_min_len
= *from_min_len
;
984 if (*to_max_len
< *from_max_len
) {
985 *to_max_len
= *from_max_len
;
989 /* Add an entry into a flow cache. The entry is either aggregated into
990 * an existing entry with the same flow key and free()d, or it is
991 * inserted into the cache. */
993 ipfix_cache_update(struct dpif_ipfix_exporter
*exporter
,
994 struct ipfix_flow_cache_entry
*entry
)
996 struct ipfix_flow_cache_entry
*old_entry
;
998 old_entry
= ipfix_cache_find_entry(exporter
, &entry
->flow_key
);
1000 if (old_entry
== NULL
) {
1001 hmap_insert(&exporter
->cache_flow_key_map
, &entry
->flow_key_map_node
,
1002 ipfix_hash_flow_key(&entry
->flow_key
, 0));
1004 /* As the latest entry added into the cache, it should
1005 * logically have the highest flow_start_timestamp_usec, so
1006 * append it at the tail. */
1007 list_push_back(&exporter
->cache_flow_start_timestamp_list
,
1008 &entry
->cache_flow_start_timestamp_list_node
);
1010 /* Enforce exporter->cache_max_flows limit. */
1011 if (hmap_count(&exporter
->cache_flow_key_map
)
1012 > exporter
->cache_max_flows
) {
1013 dpif_ipfix_cache_expire_now(exporter
, false);
1016 ipfix_cache_aggregate_entries(entry
, old_entry
);
1022 ipfix_cache_entry_init(struct ipfix_flow_cache_entry
*entry
,
1023 struct ofpbuf
*packet
, const struct flow
*flow
,
1024 uint64_t packet_delta_count
, uint32_t obs_domain_id
,
1025 uint32_t obs_point_id
)
1027 struct ipfix_flow_key
*flow_key
;
1029 enum ipfix_proto_l2 l2
;
1030 enum ipfix_proto_l3 l3
;
1031 enum ipfix_proto_l4 l4
;
1032 uint8_t ethernet_header_length
;
1033 uint16_t ethernet_total_length
;
1035 flow_key
= &entry
->flow_key
;
1036 ofpbuf_use_stack(&msg
, flow_key
->flow_key_msg_part
,
1037 sizeof flow_key
->flow_key_msg_part
);
1039 /* Choose the right template ID matching the protocols in the
1040 * sampled packet. */
1041 l2
= (flow
->vlan_tci
== 0) ? IPFIX_PROTO_L2_ETH
: IPFIX_PROTO_L2_VLAN
;
1043 switch(ntohs(flow
->dl_type
)) {
1045 l3
= IPFIX_PROTO_L3_IPV4
;
1046 switch(flow
->nw_proto
) {
1050 l4
= IPFIX_PROTO_L4_TCP_UDP_SCTP
;
1053 l4
= IPFIX_PROTO_L4_ICMP
;
1056 l4
= IPFIX_PROTO_L4_UNKNOWN
;
1060 l3
= IPFIX_PROTO_L3_IPV6
;
1061 switch(flow
->nw_proto
) {
1065 l4
= IPFIX_PROTO_L4_TCP_UDP_SCTP
;
1067 case IPPROTO_ICMPV6
:
1068 l4
= IPFIX_PROTO_L4_ICMP
;
1071 l4
= IPFIX_PROTO_L4_UNKNOWN
;
1075 l3
= IPFIX_PROTO_L3_UNKNOWN
;
1076 l4
= IPFIX_PROTO_L4_UNKNOWN
;
1079 flow_key
->obs_domain_id
= obs_domain_id
;
1080 flow_key
->template_id
= ipfix_get_template_id(l2
, l3
, l4
);
1082 /* The fields defined in the ipfix_data_record_* structs and sent
1083 * below must match exactly the templates defined in
1084 * ipfix_define_template_fields. */
1086 ethernet_header_length
= (l2
== IPFIX_PROTO_L2_VLAN
)
1087 ? VLAN_ETH_HEADER_LEN
: ETH_HEADER_LEN
;
1088 ethernet_total_length
= packet
->size
;
1090 /* Common Ethernet entities. */
1092 struct ipfix_data_record_flow_key_common
*data_common
;
1094 data_common
= ofpbuf_put_zeros(&msg
, sizeof *data_common
);
1095 data_common
->observation_point_id
= htonl(obs_point_id
);
1096 memcpy(data_common
->source_mac_address
, flow
->dl_src
,
1097 sizeof flow
->dl_src
);
1098 memcpy(data_common
->destination_mac_address
, flow
->dl_dst
,
1099 sizeof flow
->dl_dst
);
1100 data_common
->ethernet_type
= flow
->dl_type
;
1101 data_common
->ethernet_header_length
= ethernet_header_length
;
1104 if (l2
== IPFIX_PROTO_L2_VLAN
) {
1105 struct ipfix_data_record_flow_key_vlan
*data_vlan
;
1106 uint16_t vlan_id
= vlan_tci_to_vid(flow
->vlan_tci
);
1107 uint8_t priority
= vlan_tci_to_pcp(flow
->vlan_tci
);
1109 data_vlan
= ofpbuf_put_zeros(&msg
, sizeof *data_vlan
);
1110 data_vlan
->vlan_id
= htons(vlan_id
);
1111 data_vlan
->dot1q_vlan_id
= htons(vlan_id
);
1112 data_vlan
->dot1q_priority
= priority
;
1115 if (l3
!= IPFIX_PROTO_L3_UNKNOWN
) {
1116 struct ipfix_data_record_flow_key_ip
*data_ip
;
1118 data_ip
= ofpbuf_put_zeros(&msg
, sizeof *data_ip
);
1119 data_ip
->ip_version
= (l3
== IPFIX_PROTO_L3_IPV4
) ? 4 : 6;
1120 data_ip
->ip_ttl
= flow
->nw_ttl
;
1121 data_ip
->protocol_identifier
= flow
->nw_proto
;
1122 data_ip
->ip_diff_serv_code_point
= flow
->nw_tos
>> 2;
1123 data_ip
->ip_precedence
= flow
->nw_tos
>> 5;
1124 data_ip
->ip_class_of_service
= flow
->nw_tos
;
1126 if (l3
== IPFIX_PROTO_L3_IPV4
) {
1127 struct ipfix_data_record_flow_key_ipv4
*data_ipv4
;
1129 data_ipv4
= ofpbuf_put_zeros(&msg
, sizeof *data_ipv4
);
1130 data_ipv4
->source_ipv4_address
= flow
->nw_src
;
1131 data_ipv4
->destination_ipv4_address
= flow
->nw_dst
;
1132 } else { /* l3 == IPFIX_PROTO_L3_IPV6 */
1133 struct ipfix_data_record_flow_key_ipv6
*data_ipv6
;
1135 data_ipv6
= ofpbuf_put_zeros(&msg
, sizeof *data_ipv6
);
1136 memcpy(data_ipv6
->source_ipv6_address
, &flow
->ipv6_src
,
1137 sizeof flow
->ipv6_src
);
1138 memcpy(data_ipv6
->destination_ipv6_address
, &flow
->ipv6_dst
,
1139 sizeof flow
->ipv6_dst
);
1140 data_ipv6
->flow_label_ipv6
= flow
->ipv6_label
;
1144 if (l4
== IPFIX_PROTO_L4_TCP_UDP_SCTP
) {
1145 struct ipfix_data_record_flow_key_transport
*data_transport
;
1147 data_transport
= ofpbuf_put_zeros(&msg
, sizeof *data_transport
);
1148 data_transport
->source_transport_port
= flow
->tp_src
;
1149 data_transport
->destination_transport_port
= flow
->tp_dst
;
1150 } else if (l4
== IPFIX_PROTO_L4_ICMP
) {
1151 struct ipfix_data_record_flow_key_icmp
*data_icmp
;
1153 data_icmp
= ofpbuf_put_zeros(&msg
, sizeof *data_icmp
);
1154 data_icmp
->icmp_type
= ntohs(flow
->tp_src
) & 0xff;
1155 data_icmp
->icmp_code
= ntohs(flow
->tp_dst
) & 0xff;
1158 flow_key
->flow_key_msg_part_size
= msg
.size
;
1162 uint64_t layer2_octet_delta_count
;
1164 /* Calculate the total matched octet count by considering as
1165 * an approximation that all matched packets have the same
1167 layer2_octet_delta_count
= packet_delta_count
* ethernet_total_length
;
1169 xgettimeofday(&now
);
1170 entry
->flow_end_timestamp_usec
= now
.tv_usec
+ 1000000LL * now
.tv_sec
;
1171 entry
->flow_start_timestamp_usec
= entry
->flow_end_timestamp_usec
;
1172 entry
->packet_delta_count
= packet_delta_count
;
1173 entry
->layer2_octet_delta_count
= layer2_octet_delta_count
;
1176 if (l3
!= IPFIX_PROTO_L3_UNKNOWN
) {
1177 uint16_t ip_total_length
=
1178 ethernet_total_length
- ethernet_header_length
;
1179 uint64_t octet_delta_count
;
1181 /* Calculate the total matched octet count by considering as
1182 * an approximation that all matched packets have the same
1184 octet_delta_count
= packet_delta_count
* ip_total_length
;
1186 entry
->octet_delta_count
= octet_delta_count
;
1187 entry
->octet_delta_sum_of_squares
= octet_delta_count
* ip_total_length
;
1188 entry
->minimum_ip_total_length
= ip_total_length
;
1189 entry
->maximum_ip_total_length
= ip_total_length
;
1191 entry
->octet_delta_sum_of_squares
= 0;
1192 entry
->minimum_ip_total_length
= 0;
1193 entry
->maximum_ip_total_length
= 0;
1197 /* Send each single data record in its own data set, to simplify the
1198 * implementation by avoiding having to group record by template ID
1199 * before sending. */
1201 ipfix_put_data_set(uint32_t export_time_sec
,
1202 struct ipfix_flow_cache_entry
*entry
,
1203 enum ipfix_flow_end_reason flow_end_reason
,
1206 size_t set_hdr_offset
;
1207 struct ipfix_set_header
*set_hdr
;
1209 set_hdr_offset
= msg
->size
;
1211 /* Put a Data Set. */
1212 set_hdr
= ofpbuf_put_zeros(msg
, sizeof *set_hdr
);
1213 set_hdr
->set_id
= htons(entry
->flow_key
.template_id
);
1215 /* Copy the flow key part of the data record. */
1217 ofpbuf_put(msg
, entry
->flow_key
.flow_key_msg_part
,
1218 entry
->flow_key
.flow_key_msg_part_size
);
1220 /* Put the non-key part of the data record. */
1223 struct ipfix_data_record_aggregated_common
*data_aggregated_common
;
1224 uint64_t export_time_usec
, flow_start_delta_usec
, flow_end_delta_usec
;
1226 /* Calculate the negative deltas relative to the export time
1227 * in seconds sent in the header, not the exact export
1229 export_time_usec
= 1000000LL * export_time_sec
;
1230 flow_start_delta_usec
= export_time_usec
1231 - entry
->flow_start_timestamp_usec
;
1232 flow_end_delta_usec
= export_time_usec
1233 - entry
->flow_end_timestamp_usec
;
1235 data_aggregated_common
= ofpbuf_put_zeros(
1236 msg
, sizeof *data_aggregated_common
);
1237 data_aggregated_common
->flow_start_delta_microseconds
= htonl(
1238 flow_start_delta_usec
);
1239 data_aggregated_common
->flow_end_delta_microseconds
= htonl(
1240 flow_end_delta_usec
);
1241 data_aggregated_common
->packet_delta_count
= htonll(
1242 entry
->packet_delta_count
);
1243 data_aggregated_common
->layer2_octet_delta_count
= htonll(
1244 entry
->layer2_octet_delta_count
);
1245 data_aggregated_common
->flow_end_reason
= flow_end_reason
;
1248 if (entry
->octet_delta_sum_of_squares
) { /* IP packet. */
1249 struct ipfix_data_record_aggregated_ip
*data_aggregated_ip
;
1251 data_aggregated_ip
= ofpbuf_put_zeros(
1252 msg
, sizeof *data_aggregated_ip
);
1253 data_aggregated_ip
->octet_delta_count
= htonll(
1254 entry
->octet_delta_count
);
1255 data_aggregated_ip
->octet_delta_sum_of_squares
= htonll(
1256 entry
->octet_delta_sum_of_squares
);
1257 data_aggregated_ip
->minimum_ip_total_length
= htonll(
1258 entry
->minimum_ip_total_length
);
1259 data_aggregated_ip
->maximum_ip_total_length
= htonll(
1260 entry
->maximum_ip_total_length
);
1263 set_hdr
= (struct ipfix_set_header
*)((uint8_t*)msg
->data
+ set_hdr_offset
);
1264 set_hdr
->length
= htons(msg
->size
- set_hdr_offset
);
1267 /* Send an IPFIX message with a single data record. */
1269 ipfix_send_data_msg(struct dpif_ipfix_exporter
*exporter
,
1270 uint32_t export_time_sec
,
1271 struct ipfix_flow_cache_entry
*entry
,
1272 enum ipfix_flow_end_reason flow_end_reason
)
1274 uint64_t msg_stub
[DIV_ROUND_UP(MAX_MESSAGE_LEN
, 8)];
1276 ofpbuf_use_stub(&msg
, msg_stub
, sizeof msg_stub
);
1278 ipfix_init_header(export_time_sec
, exporter
->seq_number
++,
1279 entry
->flow_key
.obs_domain_id
, &msg
);
1280 ipfix_put_data_set(export_time_sec
, entry
, flow_end_reason
, &msg
);
1281 ipfix_send_msg(exporter
->collectors
, &msg
);
1283 ofpbuf_uninit(&msg
);
1287 dpif_ipfix_sample(struct dpif_ipfix_exporter
*exporter
,
1288 struct ofpbuf
*packet
, const struct flow
*flow
,
1289 uint64_t packet_delta_count
, uint32_t obs_domain_id
,
1290 uint32_t obs_point_id
)
1292 struct ipfix_flow_cache_entry
*entry
;
1294 /* Create a flow cache entry from the sample. */
1295 entry
= xmalloc(sizeof *entry
);
1296 ipfix_cache_entry_init(entry
, packet
, flow
, packet_delta_count
,
1297 obs_domain_id
, obs_point_id
);
1298 ipfix_cache_update(exporter
, entry
);
1302 dpif_ipfix_bridge_sample(struct dpif_ipfix
*di
, struct ofpbuf
*packet
,
1303 const struct flow
*flow
) OVS_EXCLUDED(mutex
)
1305 uint64_t packet_delta_count
;
1307 ovs_mutex_lock(&mutex
);
1308 /* Use the sampling probability as an approximation of the number
1309 * of matched packets. */
1310 packet_delta_count
= UINT32_MAX
/ di
->bridge_exporter
.probability
;
1311 dpif_ipfix_sample(&di
->bridge_exporter
.exporter
, packet
, flow
,
1313 di
->bridge_exporter
.options
->obs_domain_id
,
1314 di
->bridge_exporter
.options
->obs_point_id
);
1315 ovs_mutex_unlock(&mutex
);
1319 dpif_ipfix_flow_sample(struct dpif_ipfix
*di
, struct ofpbuf
*packet
,
1320 const struct flow
*flow
, uint32_t collector_set_id
,
1321 uint16_t probability
, uint32_t obs_domain_id
,
1322 uint32_t obs_point_id
) OVS_EXCLUDED(mutex
)
1324 struct dpif_ipfix_flow_exporter_map_node
*node
;
1325 /* Use the sampling probability as an approximation of the number
1326 * of matched packets. */
1327 uint64_t packet_delta_count
= USHRT_MAX
/ probability
;
1329 ovs_mutex_lock(&mutex
);
1330 node
= dpif_ipfix_find_flow_exporter_map_node(di
, collector_set_id
);
1332 dpif_ipfix_sample(&node
->exporter
.exporter
, packet
, flow
,
1333 packet_delta_count
, obs_domain_id
, obs_point_id
);
1335 ovs_mutex_unlock(&mutex
);
1339 dpif_ipfix_cache_expire(struct dpif_ipfix_exporter
*exporter
,
1340 bool forced_end
, const uint64_t export_time_usec
,
1341 const uint32_t export_time_sec
)
1343 struct ipfix_flow_cache_entry
*entry
, *next_entry
;
1344 uint64_t max_flow_start_timestamp_usec
;
1345 bool template_msg_sent
= false;
1346 enum ipfix_flow_end_reason flow_end_reason
;
1348 if (list_is_empty(&exporter
->cache_flow_start_timestamp_list
)) {
1352 max_flow_start_timestamp_usec
= export_time_usec
-
1353 1000000LL * exporter
->cache_active_timeout
;
1355 LIST_FOR_EACH_SAFE (entry
, next_entry
, cache_flow_start_timestamp_list_node
,
1356 &exporter
->cache_flow_start_timestamp_list
) {
1358 flow_end_reason
= FORCED_END
;
1359 } else if (entry
->flow_start_timestamp_usec
1360 <= max_flow_start_timestamp_usec
) {
1361 flow_end_reason
= ACTIVE_TIMEOUT
;
1362 } else if (hmap_count(&exporter
->cache_flow_key_map
)
1363 > exporter
->cache_max_flows
) {
1364 /* Enforce exporter->cache_max_flows. */
1365 flow_end_reason
= LACK_OF_RESOURCES
;
1367 /* Remaining flows haven't expired yet. */
1371 list_remove(&entry
->cache_flow_start_timestamp_list_node
);
1372 hmap_remove(&exporter
->cache_flow_key_map
,
1373 &entry
->flow_key_map_node
);
1375 if (!template_msg_sent
1376 && (exporter
->last_template_set_time
+ IPFIX_TEMPLATE_INTERVAL
)
1377 <= export_time_sec
) {
1378 ipfix_send_template_msg(exporter
, export_time_sec
,
1379 entry
->flow_key
.obs_domain_id
);
1380 exporter
->last_template_set_time
= export_time_sec
;
1381 template_msg_sent
= true;
1384 /* XXX: Group multiple data records for the same obs domain id
1385 * into the same message. */
1386 ipfix_send_data_msg(exporter
, export_time_sec
, entry
, flow_end_reason
);
1392 get_export_time_now(uint64_t *export_time_usec
, uint32_t *export_time_sec
)
1394 struct timeval export_time
;
1395 xgettimeofday(&export_time
);
1397 *export_time_usec
= export_time
.tv_usec
+ 1000000LL * export_time
.tv_sec
;
1399 /* The IPFIX start and end deltas are negative deltas relative to
1400 * the export time, so set the export time 1 second off to
1401 * calculate those deltas. */
1402 if (export_time
.tv_usec
== 0) {
1403 *export_time_sec
= export_time
.tv_sec
;
1405 *export_time_sec
= export_time
.tv_sec
+ 1;
1410 dpif_ipfix_cache_expire_now(struct dpif_ipfix_exporter
*exporter
,
1413 uint64_t export_time_usec
;
1414 uint32_t export_time_sec
;
1416 get_export_time_now(&export_time_usec
, &export_time_sec
);
1417 dpif_ipfix_cache_expire(exporter
, forced_end
, export_time_usec
,
1422 dpif_ipfix_run(struct dpif_ipfix
*di
) OVS_EXCLUDED(mutex
)
1424 uint64_t export_time_usec
;
1425 uint32_t export_time_sec
;
1426 struct dpif_ipfix_flow_exporter_map_node
*flow_exporter_node
;
1428 ovs_mutex_lock(&mutex
);
1429 get_export_time_now(&export_time_usec
, &export_time_sec
);
1430 if (di
->bridge_exporter
.probability
> 0) { /* Bridge exporter enabled. */
1431 dpif_ipfix_cache_expire(
1432 &di
->bridge_exporter
.exporter
, false, export_time_usec
,
1435 HMAP_FOR_EACH (flow_exporter_node
, node
, &di
->flow_exporter_map
) {
1436 dpif_ipfix_cache_expire(
1437 &flow_exporter_node
->exporter
.exporter
, false, export_time_usec
,
1440 ovs_mutex_unlock(&mutex
);
1444 dpif_ipfix_wait(struct dpif_ipfix
*di
) OVS_EXCLUDED(mutex
)
1446 long long int next_timeout_msec
= LLONG_MAX
;
1447 struct dpif_ipfix_flow_exporter_map_node
*flow_exporter_node
;
1449 ovs_mutex_lock(&mutex
);
1450 if (di
->bridge_exporter
.probability
> 0) { /* Bridge exporter enabled. */
1451 if (ipfix_cache_next_timeout_msec(
1452 &di
->bridge_exporter
.exporter
, &next_timeout_msec
)) {
1453 poll_timer_wait_until(next_timeout_msec
);
1456 HMAP_FOR_EACH (flow_exporter_node
, node
, &di
->flow_exporter_map
) {
1457 if (ipfix_cache_next_timeout_msec(
1458 &flow_exporter_node
->exporter
.exporter
, &next_timeout_msec
)) {
1459 poll_timer_wait_until(next_timeout_msec
);
1462 ovs_mutex_unlock(&mutex
);