2 * Copyright (c) 2009, 2010 Nicira Networks.
3 * Copyright (c) 2010 Jean Tourrilhes - HP-Labs.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
22 #include <sys/socket.h>
24 #include <netinet/in.h>
27 #include "classifier.h"
29 #include "discovery.h"
31 #include "dynamic-string.h"
32 #include "fail-open.h"
36 #include "mac-learning.h"
40 #include "ofp-print.h"
42 #include "ofproto-sflow.h"
44 #include "openflow/nicira-ext.h"
45 #include "openflow/openflow.h"
46 #include "openvswitch/datapath-protocol.h"
50 #include "poll-loop.h"
54 #include "stream-ssl.h"
63 VLOG_DEFINE_THIS_MODULE(ofproto
)
65 #include "sflow_api.h"
69 TABLEID_CLASSIFIER
= 1
74 struct hmap_node hmap_node
; /* In struct ofproto's "ports" hmap. */
75 struct netdev
*netdev
;
76 struct ofp_phy_port opp
; /* In host byte order. */
80 static void ofport_free(struct ofport
*);
81 static void hton_ofp_phy_port(struct ofp_phy_port
*);
83 static int xlate_actions(const union ofp_action
*in
, size_t n_in
,
84 const struct flow
*, struct ofproto
*,
85 const struct ofpbuf
*packet
,
86 struct odp_actions
*out
, tag_type
*tags
,
87 bool *may_set_up_flow
, uint16_t *nf_output_iface
);
92 uint64_t flow_cookie
; /* Controller-issued identifier.
93 (Kept in network-byte order.) */
94 uint16_t idle_timeout
; /* In seconds from time of last use. */
95 uint16_t hard_timeout
; /* In seconds from time of creation. */
96 bool send_flow_removed
; /* Send a flow removed message? */
97 long long int used
; /* Last-used time (0 if never used). */
98 long long int created
; /* Creation time. */
99 uint64_t packet_count
; /* Number of packets received. */
100 uint64_t byte_count
; /* Number of bytes received. */
101 uint64_t accounted_bytes
; /* Number of bytes passed to account_cb. */
102 tag_type tags
; /* Tags (set only by hooks). */
103 struct netflow_flow nf_flow
; /* Per-flow NetFlow tracking data. */
105 /* If 'super' is non-NULL, this rule is a subrule, that is, it is an
106 * exact-match rule (having cr.wc.wildcards of 0) generated from the
107 * wildcard rule 'super'. In this case, 'list' is an element of the
110 * If 'super' is NULL, this rule is a super-rule, and 'list' is the head of
111 * a list of subrules. A super-rule with no wildcards (where
112 * cr.wc.wildcards is 0) will never have any subrules. */
118 * 'n_actions' is the number of elements in the 'actions' array. A single
119 * action may take up more more than one element's worth of space.
121 * A subrule has no actions (it uses the super-rule's actions). */
123 union ofp_action
*actions
;
127 * A super-rule with wildcard fields never has ODP actions (since the
128 * datapath only supports exact-match flows). */
129 bool installed
; /* Installed in datapath? */
130 bool may_install
; /* True ordinarily; false if actions must
131 * be reassessed for every packet. */
133 union odp_action
*odp_actions
;
137 rule_is_hidden(const struct rule
*rule
)
139 /* Subrules are merely an implementation detail, so hide them from the
141 if (rule
->super
!= NULL
) {
145 /* Rules with priority higher than UINT16_MAX are set up by ofproto itself
146 * (e.g. by in-band control) and are intentionally hidden from the
148 if (rule
->cr
.priority
> UINT16_MAX
) {
155 static struct rule
*rule_create(struct ofproto
*, struct rule
*super
,
156 const union ofp_action
*, size_t n_actions
,
157 uint16_t idle_timeout
, uint16_t hard_timeout
,
158 uint64_t flow_cookie
, bool send_flow_removed
);
159 static void rule_free(struct rule
*);
160 static void rule_destroy(struct ofproto
*, struct rule
*);
161 static struct rule
*rule_from_cls_rule(const struct cls_rule
*);
162 static void rule_insert(struct ofproto
*, struct rule
*,
163 struct ofpbuf
*packet
, uint16_t in_port
);
164 static void rule_remove(struct ofproto
*, struct rule
*);
165 static bool rule_make_actions(struct ofproto
*, struct rule
*,
166 const struct ofpbuf
*packet
);
167 static void rule_install(struct ofproto
*, struct rule
*,
168 struct rule
*displaced_rule
);
169 static void rule_uninstall(struct ofproto
*, struct rule
*);
170 static void rule_post_uninstall(struct ofproto
*, struct rule
*);
171 static void send_flow_removed(struct ofproto
*p
, struct rule
*rule
,
172 long long int now
, uint8_t reason
);
174 /* ofproto supports two kinds of OpenFlow connections:
176 * - "Primary" connections to ordinary OpenFlow controllers. ofproto
177 * maintains persistent connections to these controllers and by default
178 * sends them asynchronous messages such as packet-ins.
180 * - "Service" connections, e.g. from ovs-ofctl. When these connections
181 * drop, it is the other side's responsibility to reconnect them if
182 * necessary. ofproto does not send them asynchronous messages by default.
184 * Currently, active (tcp, ssl, unix) connections are always "primary"
185 * connections and passive (ptcp, pssl, punix) connections are always "service"
186 * connections. There is no inherent reason for this, but it reflects the
190 OFCONN_PRIMARY
, /* An ordinary OpenFlow controller. */
191 OFCONN_SERVICE
/* A service connection, e.g. "ovs-ofctl". */
194 /* A listener for incoming OpenFlow "service" connections. */
196 struct hmap_node node
; /* In struct ofproto's "services" hmap. */
197 struct pvconn
*pvconn
; /* OpenFlow connection listener. */
199 /* These are not used by ofservice directly. They are settings for
200 * accepted "struct ofconn"s from the pvconn. */
201 int probe_interval
; /* Max idle time before probing, in seconds. */
202 int rate_limit
; /* Max packet-in rate in packets per second. */
203 int burst_limit
; /* Limit on accumulating packet credits. */
206 static struct ofservice
*ofservice_lookup(struct ofproto
*,
208 static int ofservice_create(struct ofproto
*,
209 const struct ofproto_controller
*);
210 static void ofservice_reconfigure(struct ofservice
*,
211 const struct ofproto_controller
*);
212 static void ofservice_destroy(struct ofproto
*, struct ofservice
*);
214 /* An OpenFlow connection. */
216 struct ofproto
*ofproto
; /* The ofproto that owns this connection. */
217 struct list node
; /* In struct ofproto's "all_conns" list. */
218 struct rconn
*rconn
; /* OpenFlow connection. */
219 enum ofconn_type type
; /* Type. */
221 /* OFPT_PACKET_IN related data. */
222 struct rconn_packet_counter
*packet_in_counter
; /* # queued on 'rconn'. */
223 struct pinsched
*schedulers
[2]; /* Indexed by reason code; see below. */
224 struct pktbuf
*pktbuf
; /* OpenFlow packet buffers. */
225 int miss_send_len
; /* Bytes to send of buffered packets. */
227 /* Number of OpenFlow messages queued on 'rconn' as replies to OpenFlow
228 * requests, and the maximum number before we stop reading OpenFlow
230 #define OFCONN_REPLY_MAX 100
231 struct rconn_packet_counter
*reply_counter
;
233 /* type == OFCONN_PRIMARY only. */
234 enum nx_role role
; /* Role. */
235 struct hmap_node hmap_node
; /* In struct ofproto's "controllers" map. */
236 struct discovery
*discovery
; /* Controller discovery object, if enabled. */
237 struct status_category
*ss
; /* Switch status category. */
238 enum ofproto_band band
; /* In-band or out-of-band? */
241 /* We use OFPR_NO_MATCH and OFPR_ACTION as indexes into struct ofconn's
242 * "schedulers" array. Their values are 0 and 1, and their meanings and values
243 * coincide with _ODPL_MISS_NR and _ODPL_ACTION_NR, so this is convenient. In
244 * case anything ever changes, check their values here. */
245 #define N_SCHEDULERS 2
246 BUILD_ASSERT_DECL(OFPR_NO_MATCH
== 0);
247 BUILD_ASSERT_DECL(OFPR_NO_MATCH
== _ODPL_MISS_NR
);
248 BUILD_ASSERT_DECL(OFPR_ACTION
== 1);
249 BUILD_ASSERT_DECL(OFPR_ACTION
== _ODPL_ACTION_NR
);
251 static struct ofconn
*ofconn_create(struct ofproto
*, struct rconn
*,
253 static void ofconn_destroy(struct ofconn
*);
254 static void ofconn_run(struct ofconn
*, struct ofproto
*);
255 static void ofconn_wait(struct ofconn
*);
256 static bool ofconn_receives_async_msgs(const struct ofconn
*);
257 static char *ofconn_make_name(const struct ofproto
*, const char *target
);
258 static void ofconn_set_rate_limit(struct ofconn
*, int rate
, int burst
);
260 static void queue_tx(struct ofpbuf
*msg
, const struct ofconn
*ofconn
,
261 struct rconn_packet_counter
*counter
);
263 static void send_packet_in(struct ofproto
*, struct ofpbuf
*odp_msg
);
264 static void do_send_packet_in(struct ofpbuf
*odp_msg
, void *ofconn
);
268 uint64_t datapath_id
; /* Datapath ID. */
269 uint64_t fallback_dpid
; /* Datapath ID if no better choice found. */
270 char *mfr_desc
; /* Manufacturer. */
271 char *hw_desc
; /* Hardware. */
272 char *sw_desc
; /* Software version. */
273 char *serial_desc
; /* Serial number. */
274 char *dp_desc
; /* Datapath description. */
278 struct netdev_monitor
*netdev_monitor
;
279 struct hmap ports
; /* Contains "struct ofport"s. */
280 struct shash port_by_name
;
284 struct switch_status
*switch_status
;
285 struct fail_open
*fail_open
;
286 struct netflow
*netflow
;
287 struct ofproto_sflow
*sflow
;
289 /* In-band control. */
290 struct in_band
*in_band
;
291 long long int next_in_band_update
;
292 struct sockaddr_in
*extra_in_band_remotes
;
293 size_t n_extra_remotes
;
296 struct classifier cls
;
297 bool need_revalidate
;
298 long long int next_expiration
;
299 struct tag_set revalidate_set
;
300 bool tun_id_from_cookie
;
302 /* OpenFlow connections. */
303 struct hmap controllers
; /* Controller "struct ofconn"s. */
304 struct list all_conns
; /* Contains "struct ofconn"s. */
305 enum ofproto_fail_mode fail_mode
;
307 /* OpenFlow listeners. */
308 struct hmap services
; /* Contains "struct ofservice"s. */
309 struct pvconn
**snoops
;
312 /* Hooks for ovs-vswitchd. */
313 const struct ofhooks
*ofhooks
;
316 /* Used by default ofhooks. */
317 struct mac_learning
*ml
;
320 static struct vlog_rate_limit rl
= VLOG_RATE_LIMIT_INIT(1, 5);
322 static const struct ofhooks default_ofhooks
;
324 static uint64_t pick_datapath_id(const struct ofproto
*);
325 static uint64_t pick_fallback_dpid(void);
327 static int ofproto_expire(struct ofproto
*);
329 static void update_stats(struct ofproto
*, struct rule
*,
330 const struct odp_flow_stats
*);
331 static bool revalidate_rule(struct ofproto
*p
, struct rule
*rule
);
332 static void revalidate_cb(struct cls_rule
*rule_
, void *p_
);
334 static void handle_odp_msg(struct ofproto
*, struct ofpbuf
*);
336 static void handle_openflow(struct ofconn
*, struct ofproto
*,
339 static struct ofport
*get_port(const struct ofproto
*, uint16_t odp_port
);
340 static void update_port(struct ofproto
*, const char *devname
);
341 static int init_ports(struct ofproto
*);
342 static void reinit_ports(struct ofproto
*);
345 ofproto_create(const char *datapath
, const char *datapath_type
,
346 const struct ofhooks
*ofhooks
, void *aux
,
347 struct ofproto
**ofprotop
)
349 struct odp_stats stats
;
356 /* Connect to datapath and start listening for messages. */
357 error
= dpif_open(datapath
, datapath_type
, &dpif
);
359 VLOG_ERR("failed to open datapath %s: %s", datapath
, strerror(error
));
362 error
= dpif_get_dp_stats(dpif
, &stats
);
364 VLOG_ERR("failed to obtain stats for datapath %s: %s",
365 datapath
, strerror(error
));
369 error
= dpif_recv_set_mask(dpif
, ODPL_MISS
| ODPL_ACTION
| ODPL_SFLOW
);
371 VLOG_ERR("failed to listen on datapath %s: %s",
372 datapath
, strerror(error
));
376 dpif_flow_flush(dpif
);
377 dpif_recv_purge(dpif
);
379 /* Initialize settings. */
380 p
= xzalloc(sizeof *p
);
381 p
->fallback_dpid
= pick_fallback_dpid();
382 p
->datapath_id
= p
->fallback_dpid
;
383 p
->mfr_desc
= xstrdup(DEFAULT_MFR_DESC
);
384 p
->hw_desc
= xstrdup(DEFAULT_HW_DESC
);
385 p
->sw_desc
= xstrdup(DEFAULT_SW_DESC
);
386 p
->serial_desc
= xstrdup(DEFAULT_SERIAL_DESC
);
387 p
->dp_desc
= xstrdup(DEFAULT_DP_DESC
);
389 /* Initialize datapath. */
391 p
->netdev_monitor
= netdev_monitor_create();
392 hmap_init(&p
->ports
);
393 shash_init(&p
->port_by_name
);
394 p
->max_ports
= stats
.max_ports
;
396 /* Initialize submodules. */
397 p
->switch_status
= switch_status_create(p
);
403 /* Initialize flow table. */
404 classifier_init(&p
->cls
);
405 p
->need_revalidate
= false;
406 p
->next_expiration
= time_msec() + 1000;
407 tag_set_init(&p
->revalidate_set
);
409 /* Initialize OpenFlow connections. */
410 list_init(&p
->all_conns
);
411 hmap_init(&p
->controllers
);
412 hmap_init(&p
->services
);
416 /* Initialize hooks. */
418 p
->ofhooks
= ofhooks
;
422 p
->ofhooks
= &default_ofhooks
;
424 p
->ml
= mac_learning_create();
427 /* Pick final datapath ID. */
428 p
->datapath_id
= pick_datapath_id(p
);
429 VLOG_INFO("using datapath ID %016"PRIx64
, p
->datapath_id
);
436 ofproto_set_datapath_id(struct ofproto
*p
, uint64_t datapath_id
)
438 uint64_t old_dpid
= p
->datapath_id
;
439 p
->datapath_id
= datapath_id
? datapath_id
: pick_datapath_id(p
);
440 if (p
->datapath_id
!= old_dpid
) {
441 VLOG_INFO("datapath ID changed to %016"PRIx64
, p
->datapath_id
);
443 /* Force all active connections to reconnect, since there is no way to
444 * notify a controller that the datapath ID has changed. */
445 ofproto_reconnect_controllers(p
);
450 is_discovery_controller(const struct ofproto_controller
*c
)
452 return !strcmp(c
->target
, "discover");
456 is_in_band_controller(const struct ofproto_controller
*c
)
458 return is_discovery_controller(c
) || c
->band
== OFPROTO_IN_BAND
;
461 /* Creates a new controller in 'ofproto'. Some of the settings are initially
462 * drawn from 'c', but update_controller() needs to be called later to finish
463 * the new ofconn's configuration. */
465 add_controller(struct ofproto
*ofproto
, const struct ofproto_controller
*c
)
467 struct discovery
*discovery
;
468 struct ofconn
*ofconn
;
470 if (is_discovery_controller(c
)) {
471 int error
= discovery_create(c
->accept_re
, c
->update_resolv_conf
,
472 ofproto
->dpif
, ofproto
->switch_status
,
481 ofconn
= ofconn_create(ofproto
, rconn_create(5, 8), OFCONN_PRIMARY
);
482 ofconn
->pktbuf
= pktbuf_create();
483 ofconn
->miss_send_len
= OFP_DEFAULT_MISS_SEND_LEN
;
485 ofconn
->discovery
= discovery
;
487 char *name
= ofconn_make_name(ofproto
, c
->target
);
488 rconn_connect(ofconn
->rconn
, c
->target
, name
);
491 hmap_insert(&ofproto
->controllers
, &ofconn
->hmap_node
,
492 hash_string(c
->target
, 0));
495 /* Reconfigures 'ofconn' to match 'c'. This function cannot update an ofconn's
496 * target or turn discovery on or off (these are done by creating new ofconns
497 * and deleting old ones), but it can update the rest of an ofconn's
500 update_controller(struct ofconn
*ofconn
, const struct ofproto_controller
*c
)
504 ofconn
->band
= (is_in_band_controller(c
)
505 ? OFPROTO_IN_BAND
: OFPROTO_OUT_OF_BAND
);
507 rconn_set_max_backoff(ofconn
->rconn
, c
->max_backoff
);
509 probe_interval
= c
->probe_interval
? MAX(c
->probe_interval
, 5) : 0;
510 rconn_set_probe_interval(ofconn
->rconn
, probe_interval
);
512 if (ofconn
->discovery
) {
513 discovery_set_update_resolv_conf(ofconn
->discovery
,
514 c
->update_resolv_conf
);
515 discovery_set_accept_controller_re(ofconn
->discovery
, c
->accept_re
);
518 ofconn_set_rate_limit(ofconn
, c
->rate_limit
, c
->burst_limit
);
522 ofconn_get_target(const struct ofconn
*ofconn
)
524 return ofconn
->discovery
? "discover" : rconn_get_target(ofconn
->rconn
);
527 static struct ofconn
*
528 find_controller_by_target(struct ofproto
*ofproto
, const char *target
)
530 struct ofconn
*ofconn
;
532 HMAP_FOR_EACH_WITH_HASH (ofconn
, hmap_node
,
533 hash_string(target
, 0), &ofproto
->controllers
) {
534 if (!strcmp(ofconn_get_target(ofconn
), target
)) {
542 update_in_band_remotes(struct ofproto
*ofproto
)
544 const struct ofconn
*ofconn
;
545 struct sockaddr_in
*addrs
;
546 size_t max_addrs
, n_addrs
;
550 /* Allocate enough memory for as many remotes as we could possibly have. */
551 max_addrs
= ofproto
->n_extra_remotes
+ hmap_count(&ofproto
->controllers
);
552 addrs
= xmalloc(max_addrs
* sizeof *addrs
);
555 /* Add all the remotes. */
557 HMAP_FOR_EACH (ofconn
, hmap_node
, &ofproto
->controllers
) {
558 struct sockaddr_in
*sin
= &addrs
[n_addrs
];
560 if (ofconn
->band
== OFPROTO_OUT_OF_BAND
) {
564 sin
->sin_addr
.s_addr
= rconn_get_remote_ip(ofconn
->rconn
);
565 if (sin
->sin_addr
.s_addr
) {
566 sin
->sin_port
= rconn_get_remote_port(ofconn
->rconn
);
569 if (ofconn
->discovery
) {
573 for (i
= 0; i
< ofproto
->n_extra_remotes
; i
++) {
574 addrs
[n_addrs
++] = ofproto
->extra_in_band_remotes
[i
];
577 /* Create or update or destroy in-band.
579 * Ordinarily we only enable in-band if there's at least one remote
580 * address, but discovery needs the in-band rules for DHCP to be installed
581 * even before we know any remote addresses. */
582 if (n_addrs
|| discovery
) {
583 if (!ofproto
->in_band
) {
584 in_band_create(ofproto
, ofproto
->dpif
, ofproto
->switch_status
,
587 if (ofproto
->in_band
) {
588 in_band_set_remotes(ofproto
->in_band
, addrs
, n_addrs
);
590 ofproto
->next_in_band_update
= time_msec() + 1000;
592 in_band_destroy(ofproto
->in_band
);
593 ofproto
->in_band
= NULL
;
601 update_fail_open(struct ofproto
*p
)
603 struct ofconn
*ofconn
;
605 if (!hmap_is_empty(&p
->controllers
)
606 && p
->fail_mode
== OFPROTO_FAIL_STANDALONE
) {
607 struct rconn
**rconns
;
611 p
->fail_open
= fail_open_create(p
, p
->switch_status
);
615 rconns
= xmalloc(hmap_count(&p
->controllers
) * sizeof *rconns
);
616 HMAP_FOR_EACH (ofconn
, hmap_node
, &p
->controllers
) {
617 rconns
[n
++] = ofconn
->rconn
;
620 fail_open_set_controllers(p
->fail_open
, rconns
, n
);
621 /* p->fail_open takes ownership of 'rconns'. */
623 fail_open_destroy(p
->fail_open
);
629 ofproto_set_controllers(struct ofproto
*p
,
630 const struct ofproto_controller
*controllers
,
631 size_t n_controllers
)
633 struct shash new_controllers
;
634 struct ofconn
*ofconn
, *next_ofconn
;
635 struct ofservice
*ofservice
, *next_ofservice
;
639 /* Create newly configured controllers and services.
640 * Create a name to ofproto_controller mapping in 'new_controllers'. */
641 shash_init(&new_controllers
);
642 for (i
= 0; i
< n_controllers
; i
++) {
643 const struct ofproto_controller
*c
= &controllers
[i
];
645 if (!vconn_verify_name(c
->target
) || !strcmp(c
->target
, "discover")) {
646 if (!find_controller_by_target(p
, c
->target
)) {
647 add_controller(p
, c
);
649 } else if (!pvconn_verify_name(c
->target
)) {
650 if (!ofservice_lookup(p
, c
->target
) && ofservice_create(p
, c
)) {
654 VLOG_WARN_RL(&rl
, "%s: unsupported controller \"%s\"",
655 dpif_name(p
->dpif
), c
->target
);
659 shash_add_once(&new_controllers
, c
->target
, &controllers
[i
]);
662 /* Delete controllers that are no longer configured.
663 * Update configuration of all now-existing controllers. */
665 HMAP_FOR_EACH_SAFE (ofconn
, next_ofconn
, hmap_node
, &p
->controllers
) {
666 struct ofproto_controller
*c
;
668 c
= shash_find_data(&new_controllers
, ofconn_get_target(ofconn
));
670 ofconn_destroy(ofconn
);
672 update_controller(ofconn
, c
);
679 /* Delete services that are no longer configured.
680 * Update configuration of all now-existing services. */
681 HMAP_FOR_EACH_SAFE (ofservice
, next_ofservice
, node
, &p
->services
) {
682 struct ofproto_controller
*c
;
684 c
= shash_find_data(&new_controllers
,
685 pvconn_get_name(ofservice
->pvconn
));
687 ofservice_destroy(p
, ofservice
);
689 ofservice_reconfigure(ofservice
, c
);
693 shash_destroy(&new_controllers
);
695 update_in_band_remotes(p
);
698 if (!hmap_is_empty(&p
->controllers
) && !ss_exists
) {
699 ofconn
= CONTAINER_OF(hmap_first(&p
->controllers
),
700 struct ofconn
, hmap_node
);
701 ofconn
->ss
= switch_status_register(p
->switch_status
, "remote",
702 rconn_status_cb
, ofconn
->rconn
);
707 ofproto_set_fail_mode(struct ofproto
*p
, enum ofproto_fail_mode fail_mode
)
709 p
->fail_mode
= fail_mode
;
713 /* Drops the connections between 'ofproto' and all of its controllers, forcing
714 * them to reconnect. */
716 ofproto_reconnect_controllers(struct ofproto
*ofproto
)
718 struct ofconn
*ofconn
;
720 LIST_FOR_EACH (ofconn
, node
, &ofproto
->all_conns
) {
721 rconn_reconnect(ofconn
->rconn
);
726 any_extras_changed(const struct ofproto
*ofproto
,
727 const struct sockaddr_in
*extras
, size_t n
)
731 if (n
!= ofproto
->n_extra_remotes
) {
735 for (i
= 0; i
< n
; i
++) {
736 const struct sockaddr_in
*old
= &ofproto
->extra_in_band_remotes
[i
];
737 const struct sockaddr_in
*new = &extras
[i
];
739 if (old
->sin_addr
.s_addr
!= new->sin_addr
.s_addr
||
740 old
->sin_port
!= new->sin_port
) {
748 /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'ofproto''s
749 * in-band control should guarantee access, in the same way that in-band
750 * control guarantees access to OpenFlow controllers. */
752 ofproto_set_extra_in_band_remotes(struct ofproto
*ofproto
,
753 const struct sockaddr_in
*extras
, size_t n
)
755 if (!any_extras_changed(ofproto
, extras
, n
)) {
759 free(ofproto
->extra_in_band_remotes
);
760 ofproto
->n_extra_remotes
= n
;
761 ofproto
->extra_in_band_remotes
= xmemdup(extras
, n
* sizeof *extras
);
763 update_in_band_remotes(ofproto
);
767 ofproto_set_desc(struct ofproto
*p
,
768 const char *mfr_desc
, const char *hw_desc
,
769 const char *sw_desc
, const char *serial_desc
,
772 struct ofp_desc_stats
*ods
;
775 if (strlen(mfr_desc
) >= sizeof ods
->mfr_desc
) {
776 VLOG_WARN("truncating mfr_desc, must be less than %zu characters",
777 sizeof ods
->mfr_desc
);
780 p
->mfr_desc
= xstrdup(mfr_desc
);
783 if (strlen(hw_desc
) >= sizeof ods
->hw_desc
) {
784 VLOG_WARN("truncating hw_desc, must be less than %zu characters",
785 sizeof ods
->hw_desc
);
788 p
->hw_desc
= xstrdup(hw_desc
);
791 if (strlen(sw_desc
) >= sizeof ods
->sw_desc
) {
792 VLOG_WARN("truncating sw_desc, must be less than %zu characters",
793 sizeof ods
->sw_desc
);
796 p
->sw_desc
= xstrdup(sw_desc
);
799 if (strlen(serial_desc
) >= sizeof ods
->serial_num
) {
800 VLOG_WARN("truncating serial_desc, must be less than %zu "
802 sizeof ods
->serial_num
);
804 free(p
->serial_desc
);
805 p
->serial_desc
= xstrdup(serial_desc
);
808 if (strlen(dp_desc
) >= sizeof ods
->dp_desc
) {
809 VLOG_WARN("truncating dp_desc, must be less than %zu characters",
810 sizeof ods
->dp_desc
);
813 p
->dp_desc
= xstrdup(dp_desc
);
818 set_pvconns(struct pvconn
***pvconnsp
, size_t *n_pvconnsp
,
819 const struct svec
*svec
)
821 struct pvconn
**pvconns
= *pvconnsp
;
822 size_t n_pvconns
= *n_pvconnsp
;
826 for (i
= 0; i
< n_pvconns
; i
++) {
827 pvconn_close(pvconns
[i
]);
831 pvconns
= xmalloc(svec
->n
* sizeof *pvconns
);
833 for (i
= 0; i
< svec
->n
; i
++) {
834 const char *name
= svec
->names
[i
];
835 struct pvconn
*pvconn
;
838 error
= pvconn_open(name
, &pvconn
);
840 pvconns
[n_pvconns
++] = pvconn
;
842 VLOG_ERR("failed to listen on %s: %s", name
, strerror(error
));
850 *n_pvconnsp
= n_pvconns
;
856 ofproto_set_snoops(struct ofproto
*ofproto
, const struct svec
*snoops
)
858 return set_pvconns(&ofproto
->snoops
, &ofproto
->n_snoops
, snoops
);
862 ofproto_set_netflow(struct ofproto
*ofproto
,
863 const struct netflow_options
*nf_options
)
865 if (nf_options
&& nf_options
->collectors
.n
) {
866 if (!ofproto
->netflow
) {
867 ofproto
->netflow
= netflow_create();
869 return netflow_set_options(ofproto
->netflow
, nf_options
);
871 netflow_destroy(ofproto
->netflow
);
872 ofproto
->netflow
= NULL
;
878 ofproto_set_sflow(struct ofproto
*ofproto
,
879 const struct ofproto_sflow_options
*oso
)
881 struct ofproto_sflow
*os
= ofproto
->sflow
;
884 struct ofport
*ofport
;
886 os
= ofproto
->sflow
= ofproto_sflow_create(ofproto
->dpif
);
887 HMAP_FOR_EACH (ofport
, hmap_node
, &ofproto
->ports
) {
888 ofproto_sflow_add_port(os
, ofport
->odp_port
,
889 netdev_get_name(ofport
->netdev
));
892 ofproto_sflow_set_options(os
, oso
);
894 ofproto_sflow_destroy(os
);
895 ofproto
->sflow
= NULL
;
900 ofproto_get_datapath_id(const struct ofproto
*ofproto
)
902 return ofproto
->datapath_id
;
906 ofproto_has_primary_controller(const struct ofproto
*ofproto
)
908 return !hmap_is_empty(&ofproto
->controllers
);
911 enum ofproto_fail_mode
912 ofproto_get_fail_mode(const struct ofproto
*p
)
918 ofproto_get_snoops(const struct ofproto
*ofproto
, struct svec
*snoops
)
922 for (i
= 0; i
< ofproto
->n_snoops
; i
++) {
923 svec_add(snoops
, pvconn_get_name(ofproto
->snoops
[i
]));
928 ofproto_destroy(struct ofproto
*p
)
930 struct ofservice
*ofservice
, *next_ofservice
;
931 struct ofconn
*ofconn
, *next_ofconn
;
932 struct ofport
*ofport
, *next_ofport
;
939 /* Destroy fail-open and in-band early, since they touch the classifier. */
940 fail_open_destroy(p
->fail_open
);
943 in_band_destroy(p
->in_band
);
945 free(p
->extra_in_band_remotes
);
947 ofproto_flush_flows(p
);
948 classifier_destroy(&p
->cls
);
950 LIST_FOR_EACH_SAFE (ofconn
, next_ofconn
, node
, &p
->all_conns
) {
951 ofconn_destroy(ofconn
);
953 hmap_destroy(&p
->controllers
);
956 netdev_monitor_destroy(p
->netdev_monitor
);
957 HMAP_FOR_EACH_SAFE (ofport
, next_ofport
, hmap_node
, &p
->ports
) {
958 hmap_remove(&p
->ports
, &ofport
->hmap_node
);
961 shash_destroy(&p
->port_by_name
);
963 switch_status_destroy(p
->switch_status
);
964 netflow_destroy(p
->netflow
);
965 ofproto_sflow_destroy(p
->sflow
);
967 HMAP_FOR_EACH_SAFE (ofservice
, next_ofservice
, node
, &p
->services
) {
968 ofservice_destroy(p
, ofservice
);
970 hmap_destroy(&p
->services
);
972 for (i
= 0; i
< p
->n_snoops
; i
++) {
973 pvconn_close(p
->snoops
[i
]);
977 mac_learning_destroy(p
->ml
);
982 free(p
->serial_desc
);
985 hmap_destroy(&p
->ports
);
991 ofproto_run(struct ofproto
*p
)
993 int error
= ofproto_run1(p
);
995 error
= ofproto_run2(p
, false);
1001 process_port_change(struct ofproto
*ofproto
, int error
, char *devname
)
1003 if (error
== ENOBUFS
) {
1004 reinit_ports(ofproto
);
1005 } else if (!error
) {
1006 update_port(ofproto
, devname
);
1011 /* Returns a "preference level" for snooping 'ofconn'. A higher return value
1012 * means that 'ofconn' is more interesting for monitoring than a lower return
1015 snoop_preference(const struct ofconn
*ofconn
)
1017 switch (ofconn
->role
) {
1018 case NX_ROLE_MASTER
:
1025 /* Shouldn't happen. */
1030 /* One of ofproto's "snoop" pvconns has accepted a new connection on 'vconn'.
1031 * Connects this vconn to a controller. */
1033 add_snooper(struct ofproto
*ofproto
, struct vconn
*vconn
)
1035 struct ofconn
*ofconn
, *best
;
1037 /* Pick a controller for monitoring. */
1039 LIST_FOR_EACH (ofconn
, node
, &ofproto
->all_conns
) {
1040 if (ofconn
->type
== OFCONN_PRIMARY
1041 && (!best
|| snoop_preference(ofconn
) > snoop_preference(best
))) {
1047 rconn_add_monitor(best
->rconn
, vconn
);
1049 VLOG_INFO_RL(&rl
, "no controller connection to snoop");
1055 ofproto_run1(struct ofproto
*p
)
1057 struct ofconn
*ofconn
, *next_ofconn
;
1058 struct ofservice
*ofservice
;
1063 if (shash_is_empty(&p
->port_by_name
)) {
1067 for (i
= 0; i
< 50; i
++) {
1070 error
= dpif_recv(p
->dpif
, &buf
);
1072 if (error
== ENODEV
) {
1073 /* Someone destroyed the datapath behind our back. The caller
1074 * better destroy us and give up, because we're just going to
1075 * spin from here on out. */
1076 static struct vlog_rate_limit rl2
= VLOG_RATE_LIMIT_INIT(1, 5);
1077 VLOG_ERR_RL(&rl2
, "%s: datapath was destroyed externally",
1078 dpif_name(p
->dpif
));
1084 handle_odp_msg(p
, buf
);
1087 while ((error
= dpif_port_poll(p
->dpif
, &devname
)) != EAGAIN
) {
1088 process_port_change(p
, error
, devname
);
1090 while ((error
= netdev_monitor_poll(p
->netdev_monitor
,
1091 &devname
)) != EAGAIN
) {
1092 process_port_change(p
, error
, devname
);
1096 if (time_msec() >= p
->next_in_band_update
) {
1097 update_in_band_remotes(p
);
1099 in_band_run(p
->in_band
);
1102 LIST_FOR_EACH_SAFE (ofconn
, next_ofconn
, node
, &p
->all_conns
) {
1103 ofconn_run(ofconn
, p
);
1106 /* Fail-open maintenance. Do this after processing the ofconns since
1107 * fail-open checks the status of the controller rconn. */
1109 fail_open_run(p
->fail_open
);
1112 HMAP_FOR_EACH (ofservice
, node
, &p
->services
) {
1113 struct vconn
*vconn
;
1116 retval
= pvconn_accept(ofservice
->pvconn
, OFP_VERSION
, &vconn
);
1118 struct rconn
*rconn
;
1121 rconn
= rconn_create(ofservice
->probe_interval
, 0);
1122 name
= ofconn_make_name(p
, vconn_get_name(vconn
));
1123 rconn_connect_unreliably(rconn
, vconn
, name
);
1126 ofconn
= ofconn_create(p
, rconn
, OFCONN_SERVICE
);
1127 ofconn_set_rate_limit(ofconn
, ofservice
->rate_limit
,
1128 ofservice
->burst_limit
);
1129 } else if (retval
!= EAGAIN
) {
1130 VLOG_WARN_RL(&rl
, "accept failed (%s)", strerror(retval
));
1134 for (i
= 0; i
< p
->n_snoops
; i
++) {
1135 struct vconn
*vconn
;
1138 retval
= pvconn_accept(p
->snoops
[i
], OFP_VERSION
, &vconn
);
1140 add_snooper(p
, vconn
);
1141 } else if (retval
!= EAGAIN
) {
1142 VLOG_WARN_RL(&rl
, "accept failed (%s)", strerror(retval
));
1146 if (time_msec() >= p
->next_expiration
) {
1147 int delay
= ofproto_expire(p
);
1148 p
->next_expiration
= time_msec() + delay
;
1149 COVERAGE_INC(ofproto_expiration
);
1153 netflow_run(p
->netflow
);
1156 ofproto_sflow_run(p
->sflow
);
1162 struct revalidate_cbdata
{
1163 struct ofproto
*ofproto
;
1164 bool revalidate_all
; /* Revalidate all exact-match rules? */
1165 bool revalidate_subrules
; /* Revalidate all exact-match subrules? */
1166 struct tag_set revalidate_set
; /* Set of tags to revalidate. */
1170 ofproto_run2(struct ofproto
*p
, bool revalidate_all
)
1172 if (p
->need_revalidate
|| revalidate_all
1173 || !tag_set_is_empty(&p
->revalidate_set
)) {
1174 struct revalidate_cbdata cbdata
;
1176 cbdata
.revalidate_all
= revalidate_all
;
1177 cbdata
.revalidate_subrules
= p
->need_revalidate
;
1178 cbdata
.revalidate_set
= p
->revalidate_set
;
1179 tag_set_init(&p
->revalidate_set
);
1180 COVERAGE_INC(ofproto_revalidate
);
1181 classifier_for_each(&p
->cls
, CLS_INC_EXACT
, revalidate_cb
, &cbdata
);
1182 p
->need_revalidate
= false;
1189 ofproto_wait(struct ofproto
*p
)
1191 struct ofservice
*ofservice
;
1192 struct ofconn
*ofconn
;
1195 dpif_recv_wait(p
->dpif
);
1196 dpif_port_poll_wait(p
->dpif
);
1197 netdev_monitor_poll_wait(p
->netdev_monitor
);
1198 LIST_FOR_EACH (ofconn
, node
, &p
->all_conns
) {
1199 ofconn_wait(ofconn
);
1202 poll_timer_wait_until(p
->next_in_band_update
);
1203 in_band_wait(p
->in_band
);
1206 fail_open_wait(p
->fail_open
);
1209 ofproto_sflow_wait(p
->sflow
);
1211 if (!tag_set_is_empty(&p
->revalidate_set
)) {
1212 poll_immediate_wake();
1214 if (p
->need_revalidate
) {
1215 /* Shouldn't happen, but if it does just go around again. */
1216 VLOG_DBG_RL(&rl
, "need revalidate in ofproto_wait_cb()");
1217 poll_immediate_wake();
1218 } else if (p
->next_expiration
!= LLONG_MAX
) {
1219 poll_timer_wait_until(p
->next_expiration
);
1221 HMAP_FOR_EACH (ofservice
, node
, &p
->services
) {
1222 pvconn_wait(ofservice
->pvconn
);
1224 for (i
= 0; i
< p
->n_snoops
; i
++) {
1225 pvconn_wait(p
->snoops
[i
]);
1230 ofproto_revalidate(struct ofproto
*ofproto
, tag_type tag
)
1232 tag_set_add(&ofproto
->revalidate_set
, tag
);
1236 ofproto_get_revalidate_set(struct ofproto
*ofproto
)
1238 return &ofproto
->revalidate_set
;
1242 ofproto_is_alive(const struct ofproto
*p
)
1244 return !hmap_is_empty(&p
->controllers
);
1247 /* Deletes port number 'odp_port' from the datapath for 'ofproto'.
1249 * This is almost the same as calling dpif_port_del() directly on the
1250 * datapath, but it also makes 'ofproto' close its open netdev for the port
1251 * (if any). This makes it possible to create a new netdev of a different
1252 * type under the same name, which otherwise the netdev library would refuse
1253 * to do because of the conflict. (The netdev would eventually get closed on
1254 * the next trip through ofproto_run(), but this interface is more direct.)
1256 * Returns 0 if successful, otherwise a positive errno. */
1258 ofproto_port_del(struct ofproto
*ofproto
, uint16_t odp_port
)
1260 struct ofport
*ofport
= get_port(ofproto
, odp_port
);
1261 const char *name
= ofport
? (char *) ofport
->opp
.name
: "<unknown>";
1264 error
= dpif_port_del(ofproto
->dpif
, odp_port
);
1266 VLOG_ERR("%s: failed to remove port %"PRIu16
" (%s) interface (%s)",
1267 dpif_name(ofproto
->dpif
), odp_port
, name
, strerror(error
));
1268 } else if (ofport
) {
1269 /* 'name' is ofport->opp.name and update_port() is going to destroy
1270 * 'ofport'. Just in case update_port() refers to 'name' after it
1271 * destroys 'ofport', make a copy of it around the update_port()
1273 char *devname
= xstrdup(name
);
1274 update_port(ofproto
, devname
);
1280 /* Checks if 'ofproto' thinks 'odp_port' should be included in floods. Returns
1281 * true if 'odp_port' exists and should be included, false otherwise. */
1283 ofproto_port_is_floodable(struct ofproto
*ofproto
, uint16_t odp_port
)
1285 struct ofport
*ofport
= get_port(ofproto
, odp_port
);
1286 return ofport
&& !(ofport
->opp
.config
& OFPPC_NO_FLOOD
);
1290 ofproto_send_packet(struct ofproto
*p
, const struct flow
*flow
,
1291 const union ofp_action
*actions
, size_t n_actions
,
1292 const struct ofpbuf
*packet
)
1294 struct odp_actions odp_actions
;
1297 error
= xlate_actions(actions
, n_actions
, flow
, p
, packet
, &odp_actions
,
1303 /* XXX Should we translate the dpif_execute() errno value into an OpenFlow
1305 dpif_execute(p
->dpif
, odp_actions
.actions
, odp_actions
.n_actions
, packet
);
1310 ofproto_add_flow(struct ofproto
*p
, const struct flow
*flow
,
1311 uint32_t wildcards
, unsigned int priority
,
1312 const union ofp_action
*actions
, size_t n_actions
,
1316 rule
= rule_create(p
, NULL
, actions
, n_actions
,
1317 idle_timeout
>= 0 ? idle_timeout
: 5 /* XXX */,
1319 cls_rule_from_flow(flow
, wildcards
, priority
, &rule
->cr
);
1320 rule_insert(p
, rule
, NULL
, 0);
1324 ofproto_delete_flow(struct ofproto
*ofproto
, const struct flow
*flow
,
1325 uint32_t wildcards
, unsigned int priority
)
1329 rule
= rule_from_cls_rule(classifier_find_rule_exactly(&ofproto
->cls
,
1333 rule_remove(ofproto
, rule
);
1338 destroy_rule(struct cls_rule
*rule_
, void *ofproto_
)
1340 struct rule
*rule
= rule_from_cls_rule(rule_
);
1341 struct ofproto
*ofproto
= ofproto_
;
1343 /* Mark the flow as not installed, even though it might really be
1344 * installed, so that rule_remove() doesn't bother trying to uninstall it.
1345 * There is no point in uninstalling it individually since we are about to
1346 * blow away all the flows with dpif_flow_flush(). */
1347 rule
->installed
= false;
1349 rule_remove(ofproto
, rule
);
1353 ofproto_flush_flows(struct ofproto
*ofproto
)
1355 COVERAGE_INC(ofproto_flush
);
1356 classifier_for_each(&ofproto
->cls
, CLS_INC_ALL
, destroy_rule
, ofproto
);
1357 dpif_flow_flush(ofproto
->dpif
);
1358 if (ofproto
->in_band
) {
1359 in_band_flushed(ofproto
->in_band
);
1361 if (ofproto
->fail_open
) {
1362 fail_open_flushed(ofproto
->fail_open
);
1367 reinit_ports(struct ofproto
*p
)
1369 struct svec devnames
;
1370 struct ofport
*ofport
;
1371 struct odp_port
*odp_ports
;
1375 svec_init(&devnames
);
1376 HMAP_FOR_EACH (ofport
, hmap_node
, &p
->ports
) {
1377 svec_add (&devnames
, (char *) ofport
->opp
.name
);
1379 dpif_port_list(p
->dpif
, &odp_ports
, &n_odp_ports
);
1380 for (i
= 0; i
< n_odp_ports
; i
++) {
1381 svec_add (&devnames
, odp_ports
[i
].devname
);
1385 svec_sort_unique(&devnames
);
1386 for (i
= 0; i
< devnames
.n
; i
++) {
1387 update_port(p
, devnames
.names
[i
]);
1389 svec_destroy(&devnames
);
1392 static struct ofport
*
1393 make_ofport(const struct odp_port
*odp_port
)
1395 struct netdev_options netdev_options
;
1396 enum netdev_flags flags
;
1397 struct ofport
*ofport
;
1398 struct netdev
*netdev
;
1402 memset(&netdev_options
, 0, sizeof netdev_options
);
1403 netdev_options
.name
= odp_port
->devname
;
1404 netdev_options
.ethertype
= NETDEV_ETH_TYPE_NONE
;
1406 error
= netdev_open(&netdev_options
, &netdev
);
1408 VLOG_WARN_RL(&rl
, "ignoring port %s (%"PRIu16
") because netdev %s "
1409 "cannot be opened (%s)",
1410 odp_port
->devname
, odp_port
->port
,
1411 odp_port
->devname
, strerror(error
));
1415 ofport
= xmalloc(sizeof *ofport
);
1416 ofport
->netdev
= netdev
;
1417 ofport
->odp_port
= odp_port
->port
;
1418 ofport
->opp
.port_no
= odp_port_to_ofp_port(odp_port
->port
);
1419 netdev_get_etheraddr(netdev
, ofport
->opp
.hw_addr
);
1420 memcpy(ofport
->opp
.name
, odp_port
->devname
,
1421 MIN(sizeof ofport
->opp
.name
, sizeof odp_port
->devname
));
1422 ofport
->opp
.name
[sizeof ofport
->opp
.name
- 1] = '\0';
1424 netdev_get_flags(netdev
, &flags
);
1425 ofport
->opp
.config
= flags
& NETDEV_UP
? 0 : OFPPC_PORT_DOWN
;
1427 netdev_get_carrier(netdev
, &carrier
);
1428 ofport
->opp
.state
= carrier
? 0 : OFPPS_LINK_DOWN
;
1430 netdev_get_features(netdev
,
1431 &ofport
->opp
.curr
, &ofport
->opp
.advertised
,
1432 &ofport
->opp
.supported
, &ofport
->opp
.peer
);
1437 ofport_conflicts(const struct ofproto
*p
, const struct odp_port
*odp_port
)
1439 if (get_port(p
, odp_port
->port
)) {
1440 VLOG_WARN_RL(&rl
, "ignoring duplicate port %"PRIu16
" in datapath",
1443 } else if (shash_find(&p
->port_by_name
, odp_port
->devname
)) {
1444 VLOG_WARN_RL(&rl
, "ignoring duplicate device %s in datapath",
1453 ofport_equal(const struct ofport
*a_
, const struct ofport
*b_
)
1455 const struct ofp_phy_port
*a
= &a_
->opp
;
1456 const struct ofp_phy_port
*b
= &b_
->opp
;
1458 BUILD_ASSERT_DECL(sizeof *a
== 48); /* Detect ofp_phy_port changes. */
1459 return (a
->port_no
== b
->port_no
1460 && !memcmp(a
->hw_addr
, b
->hw_addr
, sizeof a
->hw_addr
)
1461 && !strcmp((char *) a
->name
, (char *) b
->name
)
1462 && a
->state
== b
->state
1463 && a
->config
== b
->config
1464 && a
->curr
== b
->curr
1465 && a
->advertised
== b
->advertised
1466 && a
->supported
== b
->supported
1467 && a
->peer
== b
->peer
);
1471 send_port_status(struct ofproto
*p
, const struct ofport
*ofport
,
1474 /* XXX Should limit the number of queued port status change messages. */
1475 struct ofconn
*ofconn
;
1476 LIST_FOR_EACH (ofconn
, node
, &p
->all_conns
) {
1477 struct ofp_port_status
*ops
;
1480 if (!ofconn_receives_async_msgs(ofconn
)) {
1484 ops
= make_openflow_xid(sizeof *ops
, OFPT_PORT_STATUS
, 0, &b
);
1485 ops
->reason
= reason
;
1486 ops
->desc
= ofport
->opp
;
1487 hton_ofp_phy_port(&ops
->desc
);
1488 queue_tx(b
, ofconn
, NULL
);
1493 ofport_install(struct ofproto
*p
, struct ofport
*ofport
)
1495 const char *netdev_name
= (const char *) ofport
->opp
.name
;
1497 netdev_monitor_add(p
->netdev_monitor
, ofport
->netdev
);
1498 hmap_insert(&p
->ports
, &ofport
->hmap_node
, hash_int(ofport
->odp_port
, 0));
1499 shash_add(&p
->port_by_name
, netdev_name
, ofport
);
1501 ofproto_sflow_add_port(p
->sflow
, ofport
->odp_port
, netdev_name
);
1506 ofport_remove(struct ofproto
*p
, struct ofport
*ofport
)
1508 netdev_monitor_remove(p
->netdev_monitor
, ofport
->netdev
);
1509 hmap_remove(&p
->ports
, &ofport
->hmap_node
);
1510 shash_delete(&p
->port_by_name
,
1511 shash_find(&p
->port_by_name
, (char *) ofport
->opp
.name
));
1513 ofproto_sflow_del_port(p
->sflow
, ofport
->odp_port
);
1518 ofport_free(struct ofport
*ofport
)
1521 netdev_close(ofport
->netdev
);
1526 static struct ofport
*
1527 get_port(const struct ofproto
*ofproto
, uint16_t odp_port
)
1529 struct ofport
*port
;
1531 HMAP_FOR_EACH_IN_BUCKET (port
, hmap_node
,
1532 hash_int(odp_port
, 0), &ofproto
->ports
) {
1533 if (port
->odp_port
== odp_port
) {
1541 update_port(struct ofproto
*p
, const char *devname
)
1543 struct odp_port odp_port
;
1544 struct ofport
*old_ofport
;
1545 struct ofport
*new_ofport
;
1548 COVERAGE_INC(ofproto_update_port
);
1550 /* Query the datapath for port information. */
1551 error
= dpif_port_query_by_name(p
->dpif
, devname
, &odp_port
);
1553 /* Find the old ofport. */
1554 old_ofport
= shash_find_data(&p
->port_by_name
, devname
);
1557 /* There's no port named 'devname' but there might be a port with
1558 * the same port number. This could happen if a port is deleted
1559 * and then a new one added in its place very quickly, or if a port
1560 * is renamed. In the former case we want to send an OFPPR_DELETE
1561 * and an OFPPR_ADD, and in the latter case we want to send a
1562 * single OFPPR_MODIFY. We can distinguish the cases by comparing
1563 * the old port's ifindex against the new port, or perhaps less
1564 * reliably but more portably by comparing the old port's MAC
1565 * against the new port's MAC. However, this code isn't that smart
1566 * and always sends an OFPPR_MODIFY (XXX). */
1567 old_ofport
= get_port(p
, odp_port
.port
);
1569 } else if (error
!= ENOENT
&& error
!= ENODEV
) {
1570 VLOG_WARN_RL(&rl
, "dpif_port_query_by_name returned unexpected error "
1571 "%s", strerror(error
));
1575 /* Create a new ofport. */
1576 new_ofport
= !error
? make_ofport(&odp_port
) : NULL
;
1578 /* Eliminate a few pathological cases. */
1579 if (!old_ofport
&& !new_ofport
) {
1581 } else if (old_ofport
&& new_ofport
) {
1582 /* Most of the 'config' bits are OpenFlow soft state, but
1583 * OFPPC_PORT_DOWN is maintained the kernel. So transfer the OpenFlow
1584 * bits from old_ofport. (make_ofport() only sets OFPPC_PORT_DOWN and
1585 * leaves the other bits 0.) */
1586 new_ofport
->opp
.config
|= old_ofport
->opp
.config
& ~OFPPC_PORT_DOWN
;
1588 if (ofport_equal(old_ofport
, new_ofport
)) {
1589 /* False alarm--no change. */
1590 ofport_free(new_ofport
);
1595 /* Now deal with the normal cases. */
1597 ofport_remove(p
, old_ofport
);
1600 ofport_install(p
, new_ofport
);
1602 send_port_status(p
, new_ofport
? new_ofport
: old_ofport
,
1603 (!old_ofport
? OFPPR_ADD
1604 : !new_ofport
? OFPPR_DELETE
1606 ofport_free(old_ofport
);
1610 init_ports(struct ofproto
*p
)
1612 struct odp_port
*ports
;
1617 error
= dpif_port_list(p
->dpif
, &ports
, &n_ports
);
1622 for (i
= 0; i
< n_ports
; i
++) {
1623 const struct odp_port
*odp_port
= &ports
[i
];
1624 if (!ofport_conflicts(p
, odp_port
)) {
1625 struct ofport
*ofport
= make_ofport(odp_port
);
1627 ofport_install(p
, ofport
);
1635 static struct ofconn
*
1636 ofconn_create(struct ofproto
*p
, struct rconn
*rconn
, enum ofconn_type type
)
1638 struct ofconn
*ofconn
= xzalloc(sizeof *ofconn
);
1639 ofconn
->ofproto
= p
;
1640 list_push_back(&p
->all_conns
, &ofconn
->node
);
1641 ofconn
->rconn
= rconn
;
1642 ofconn
->type
= type
;
1643 ofconn
->role
= NX_ROLE_OTHER
;
1644 ofconn
->packet_in_counter
= rconn_packet_counter_create ();
1645 ofconn
->pktbuf
= NULL
;
1646 ofconn
->miss_send_len
= 0;
1647 ofconn
->reply_counter
= rconn_packet_counter_create ();
1652 ofconn_destroy(struct ofconn
*ofconn
)
1654 if (ofconn
->type
== OFCONN_PRIMARY
) {
1655 hmap_remove(&ofconn
->ofproto
->controllers
, &ofconn
->hmap_node
);
1657 discovery_destroy(ofconn
->discovery
);
1659 list_remove(&ofconn
->node
);
1660 switch_status_unregister(ofconn
->ss
);
1661 rconn_destroy(ofconn
->rconn
);
1662 rconn_packet_counter_destroy(ofconn
->packet_in_counter
);
1663 rconn_packet_counter_destroy(ofconn
->reply_counter
);
1664 pktbuf_destroy(ofconn
->pktbuf
);
1669 ofconn_run(struct ofconn
*ofconn
, struct ofproto
*p
)
1674 if (ofconn
->discovery
) {
1675 char *controller_name
;
1676 if (rconn_is_connectivity_questionable(ofconn
->rconn
)) {
1677 discovery_question_connectivity(ofconn
->discovery
);
1679 if (discovery_run(ofconn
->discovery
, &controller_name
)) {
1680 if (controller_name
) {
1681 char *ofconn_name
= ofconn_make_name(p
, controller_name
);
1682 rconn_connect(ofconn
->rconn
, controller_name
, ofconn_name
);
1685 rconn_disconnect(ofconn
->rconn
);
1690 for (i
= 0; i
< N_SCHEDULERS
; i
++) {
1691 pinsched_run(ofconn
->schedulers
[i
], do_send_packet_in
, ofconn
);
1694 rconn_run(ofconn
->rconn
);
1696 if (rconn_packet_counter_read (ofconn
->reply_counter
) < OFCONN_REPLY_MAX
) {
1697 /* Limit the number of iterations to prevent other tasks from
1699 for (iteration
= 0; iteration
< 50; iteration
++) {
1700 struct ofpbuf
*of_msg
= rconn_recv(ofconn
->rconn
);
1705 fail_open_maybe_recover(p
->fail_open
);
1707 handle_openflow(ofconn
, p
, of_msg
);
1708 ofpbuf_delete(of_msg
);
1712 if (!ofconn
->discovery
&& !rconn_is_alive(ofconn
->rconn
)) {
1713 ofconn_destroy(ofconn
);
1718 ofconn_wait(struct ofconn
*ofconn
)
1722 if (ofconn
->discovery
) {
1723 discovery_wait(ofconn
->discovery
);
1725 for (i
= 0; i
< N_SCHEDULERS
; i
++) {
1726 pinsched_wait(ofconn
->schedulers
[i
]);
1728 rconn_run_wait(ofconn
->rconn
);
1729 if (rconn_packet_counter_read (ofconn
->reply_counter
) < OFCONN_REPLY_MAX
) {
1730 rconn_recv_wait(ofconn
->rconn
);
1732 COVERAGE_INC(ofproto_ofconn_stuck
);
1736 /* Returns true if 'ofconn' should receive asynchronous messages. */
1738 ofconn_receives_async_msgs(const struct ofconn
*ofconn
)
1740 if (ofconn
->type
== OFCONN_PRIMARY
) {
1741 /* Primary controllers always get asynchronous messages unless they
1742 * have configured themselves as "slaves". */
1743 return ofconn
->role
!= NX_ROLE_SLAVE
;
1745 /* Service connections don't get asynchronous messages unless they have
1746 * explicitly asked for them by setting a nonzero miss send length. */
1747 return ofconn
->miss_send_len
> 0;
1751 /* Returns a human-readable name for an OpenFlow connection between 'ofproto'
1752 * and 'target', suitable for use in log messages for identifying the
1755 * The name is dynamically allocated. The caller should free it (with free())
1756 * when it is no longer needed. */
1758 ofconn_make_name(const struct ofproto
*ofproto
, const char *target
)
1760 return xasprintf("%s<->%s", dpif_base_name(ofproto
->dpif
), target
);
1764 ofconn_set_rate_limit(struct ofconn
*ofconn
, int rate
, int burst
)
1768 for (i
= 0; i
< N_SCHEDULERS
; i
++) {
1769 struct pinsched
**s
= &ofconn
->schedulers
[i
];
1773 *s
= pinsched_create(rate
, burst
,
1774 ofconn
->ofproto
->switch_status
);
1776 pinsched_set_limits(*s
, rate
, burst
);
1779 pinsched_destroy(*s
);
1786 ofservice_reconfigure(struct ofservice
*ofservice
,
1787 const struct ofproto_controller
*c
)
1789 ofservice
->probe_interval
= c
->probe_interval
;
1790 ofservice
->rate_limit
= c
->rate_limit
;
1791 ofservice
->burst_limit
= c
->burst_limit
;
1794 /* Creates a new ofservice in 'ofproto'. Returns 0 if successful, otherwise a
1795 * positive errno value. */
1797 ofservice_create(struct ofproto
*ofproto
, const struct ofproto_controller
*c
)
1799 struct ofservice
*ofservice
;
1800 struct pvconn
*pvconn
;
1803 error
= pvconn_open(c
->target
, &pvconn
);
1808 ofservice
= xzalloc(sizeof *ofservice
);
1809 hmap_insert(&ofproto
->services
, &ofservice
->node
,
1810 hash_string(c
->target
, 0));
1811 ofservice
->pvconn
= pvconn
;
1813 ofservice_reconfigure(ofservice
, c
);
1819 ofservice_destroy(struct ofproto
*ofproto
, struct ofservice
*ofservice
)
1821 hmap_remove(&ofproto
->services
, &ofservice
->node
);
1822 pvconn_close(ofservice
->pvconn
);
1826 /* Finds and returns the ofservice within 'ofproto' that has the given
1827 * 'target', or a null pointer if none exists. */
1828 static struct ofservice
*
1829 ofservice_lookup(struct ofproto
*ofproto
, const char *target
)
1831 struct ofservice
*ofservice
;
1833 HMAP_FOR_EACH_WITH_HASH (ofservice
, node
, hash_string(target
, 0),
1834 &ofproto
->services
) {
1835 if (!strcmp(pvconn_get_name(ofservice
->pvconn
), target
)) {
1842 /* Caller is responsible for initializing the 'cr' member of the returned
1844 static struct rule
*
1845 rule_create(struct ofproto
*ofproto
, struct rule
*super
,
1846 const union ofp_action
*actions
, size_t n_actions
,
1847 uint16_t idle_timeout
, uint16_t hard_timeout
,
1848 uint64_t flow_cookie
, bool send_flow_removed
)
1850 struct rule
*rule
= xzalloc(sizeof *rule
);
1851 rule
->idle_timeout
= idle_timeout
;
1852 rule
->hard_timeout
= hard_timeout
;
1853 rule
->flow_cookie
= flow_cookie
;
1854 rule
->used
= rule
->created
= time_msec();
1855 rule
->send_flow_removed
= send_flow_removed
;
1856 rule
->super
= super
;
1858 list_push_back(&super
->list
, &rule
->list
);
1860 list_init(&rule
->list
);
1862 if (n_actions
> 0) {
1863 rule
->n_actions
= n_actions
;
1864 rule
->actions
= xmemdup(actions
, n_actions
* sizeof *actions
);
1866 netflow_flow_clear(&rule
->nf_flow
);
1867 netflow_flow_update_time(ofproto
->netflow
, &rule
->nf_flow
, rule
->created
);
1872 static struct rule
*
1873 rule_from_cls_rule(const struct cls_rule
*cls_rule
)
1875 return cls_rule
? CONTAINER_OF(cls_rule
, struct rule
, cr
) : NULL
;
1879 rule_free(struct rule
*rule
)
1881 free(rule
->actions
);
1882 free(rule
->odp_actions
);
1886 /* Destroys 'rule'. If 'rule' is a subrule, also removes it from its
1887 * super-rule's list of subrules. If 'rule' is a super-rule, also iterates
1888 * through all of its subrules and revalidates them, destroying any that no
1889 * longer has a super-rule (which is probably all of them).
1891 * Before calling this function, the caller must make have removed 'rule' from
1892 * the classifier. If 'rule' is an exact-match rule, the caller is also
1893 * responsible for ensuring that it has been uninstalled from the datapath. */
1895 rule_destroy(struct ofproto
*ofproto
, struct rule
*rule
)
1898 struct rule
*subrule
, *next
;
1899 LIST_FOR_EACH_SAFE (subrule
, next
, list
, &rule
->list
) {
1900 revalidate_rule(ofproto
, subrule
);
1903 list_remove(&rule
->list
);
1909 rule_has_out_port(const struct rule
*rule
, uint16_t out_port
)
1911 const union ofp_action
*oa
;
1912 struct actions_iterator i
;
1914 if (out_port
== htons(OFPP_NONE
)) {
1917 for (oa
= actions_first(&i
, rule
->actions
, rule
->n_actions
); oa
;
1918 oa
= actions_next(&i
)) {
1919 if (action_outputs_to_port(oa
, out_port
)) {
1926 /* Executes, within 'ofproto', the 'n_actions' actions in 'actions' on
1927 * 'packet', which arrived on 'in_port'.
1929 * Takes ownership of 'packet'. */
1931 execute_odp_actions(struct ofproto
*ofproto
, uint16_t in_port
,
1932 const union odp_action
*actions
, size_t n_actions
,
1933 struct ofpbuf
*packet
)
1935 if (n_actions
== 1 && actions
[0].type
== ODPAT_CONTROLLER
) {
1936 /* As an optimization, avoid a round-trip from userspace to kernel to
1937 * userspace. This also avoids possibly filling up kernel packet
1938 * buffers along the way. */
1939 struct odp_msg
*msg
;
1941 msg
= ofpbuf_push_uninit(packet
, sizeof *msg
);
1942 msg
->type
= _ODPL_ACTION_NR
;
1943 msg
->length
= sizeof(struct odp_msg
) + packet
->size
;
1944 msg
->port
= in_port
;
1946 msg
->arg
= actions
[0].controller
.arg
;
1948 send_packet_in(ofproto
, packet
);
1954 error
= dpif_execute(ofproto
->dpif
, actions
, n_actions
, packet
);
1955 ofpbuf_delete(packet
);
1960 /* Executes the actions indicated by 'rule' on 'packet', which is in flow
1961 * 'flow' and is considered to have arrived on ODP port 'in_port'. 'packet'
1962 * must have at least sizeof(struct ofp_packet_in) bytes of headroom.
1964 * The flow that 'packet' actually contains does not need to actually match
1965 * 'rule'; the actions in 'rule' will be applied to it either way. Likewise,
1966 * the packet and byte counters for 'rule' will be credited for the packet sent
1967 * out whether or not the packet actually matches 'rule'.
1969 * If 'rule' is an exact-match rule and 'flow' actually equals the rule's flow,
1970 * the caller must already have accurately composed ODP actions for it given
1971 * 'packet' using rule_make_actions(). If 'rule' is a wildcard rule, or if
1972 * 'rule' is an exact-match rule but 'flow' is not the rule's flow, then this
1973 * function will compose a set of ODP actions based on 'rule''s OpenFlow
1974 * actions and apply them to 'packet'.
1976 * Takes ownership of 'packet'. */
1978 rule_execute(struct ofproto
*ofproto
, struct rule
*rule
,
1979 struct ofpbuf
*packet
, const struct flow
*flow
)
1981 const union odp_action
*actions
;
1982 struct odp_flow_stats stats
;
1984 struct odp_actions a
;
1986 assert(ofpbuf_headroom(packet
) >= sizeof(struct ofp_packet_in
));
1988 /* Grab or compose the ODP actions.
1990 * The special case for an exact-match 'rule' where 'flow' is not the
1991 * rule's flow is important to avoid, e.g., sending a packet out its input
1992 * port simply because the ODP actions were composed for the wrong
1994 if (rule
->cr
.wc
.wildcards
|| !flow_equal(flow
, &rule
->cr
.flow
)) {
1995 struct rule
*super
= rule
->super
? rule
->super
: rule
;
1996 if (xlate_actions(super
->actions
, super
->n_actions
, flow
, ofproto
,
1997 packet
, &a
, NULL
, 0, NULL
)) {
1998 ofpbuf_delete(packet
);
2001 actions
= a
.actions
;
2002 n_actions
= a
.n_actions
;
2004 actions
= rule
->odp_actions
;
2005 n_actions
= rule
->n_odp_actions
;
2008 /* Execute the ODP actions. */
2009 flow_extract_stats(flow
, packet
, &stats
);
2010 if (execute_odp_actions(ofproto
, flow
->in_port
,
2011 actions
, n_actions
, packet
)) {
2012 update_stats(ofproto
, rule
, &stats
);
2013 rule
->used
= time_msec();
2014 netflow_flow_update_time(ofproto
->netflow
, &rule
->nf_flow
, rule
->used
);
2018 /* Inserts 'rule' into 'p''s flow table.
2020 * If 'packet' is nonnull, takes ownership of 'packet', executes 'rule''s
2021 * actions on it and credits the statistics for sending the packet to 'rule'.
2022 * 'packet' must have at least sizeof(struct ofp_packet_in) bytes of
2025 rule_insert(struct ofproto
*p
, struct rule
*rule
, struct ofpbuf
*packet
,
2028 struct rule
*displaced_rule
;
2030 /* Insert the rule in the classifier. */
2031 displaced_rule
= rule_from_cls_rule(classifier_insert(&p
->cls
, &rule
->cr
));
2032 if (!rule
->cr
.wc
.wildcards
) {
2033 rule_make_actions(p
, rule
, packet
);
2036 /* Send the packet and credit it to the rule. */
2039 flow_extract(packet
, 0, in_port
, &flow
);
2040 rule_execute(p
, rule
, packet
, &flow
);
2043 /* Install the rule in the datapath only after sending the packet, to
2044 * avoid packet reordering. */
2045 if (rule
->cr
.wc
.wildcards
) {
2046 COVERAGE_INC(ofproto_add_wc_flow
);
2047 p
->need_revalidate
= true;
2049 rule_install(p
, rule
, displaced_rule
);
2052 /* Free the rule that was displaced, if any. */
2053 if (displaced_rule
) {
2054 rule_destroy(p
, displaced_rule
);
2058 static struct rule
*
2059 rule_create_subrule(struct ofproto
*ofproto
, struct rule
*rule
,
2060 const struct flow
*flow
)
2062 struct rule
*subrule
= rule_create(ofproto
, rule
, NULL
, 0,
2063 rule
->idle_timeout
, rule
->hard_timeout
,
2065 COVERAGE_INC(ofproto_subrule_create
);
2066 cls_rule_from_flow(flow
, 0, (rule
->cr
.priority
<= UINT16_MAX
? UINT16_MAX
2067 : rule
->cr
.priority
), &subrule
->cr
);
2068 classifier_insert_exact(&ofproto
->cls
, &subrule
->cr
);
2073 /* Remove 'rule' from 'ofproto' and free up the associated memory:
2075 * - If 'rule' was installed in the datapath, uninstalls it and updates
2076 * 'rule''s statistics (or its super-rule's statistics, if it is a
2077 * subrule), via rule_uninstall().
2079 * - Removes 'rule' from the classifier.
2081 * - If 'rule' is a super-rule that has subrules, revalidates (and possibly
2082 * uninstalls and destroys) its subrules, via rule_destroy().
2085 rule_remove(struct ofproto
*ofproto
, struct rule
*rule
)
2087 if (rule
->cr
.wc
.wildcards
) {
2088 COVERAGE_INC(ofproto_del_wc_flow
);
2089 ofproto
->need_revalidate
= true;
2091 rule_uninstall(ofproto
, rule
);
2093 classifier_remove(&ofproto
->cls
, &rule
->cr
);
2094 rule_destroy(ofproto
, rule
);
2097 /* Returns true if the actions changed, false otherwise. */
2099 rule_make_actions(struct ofproto
*p
, struct rule
*rule
,
2100 const struct ofpbuf
*packet
)
2102 const struct rule
*super
;
2103 struct odp_actions a
;
2106 assert(!rule
->cr
.wc
.wildcards
);
2108 super
= rule
->super
? rule
->super
: rule
;
2110 xlate_actions(super
->actions
, super
->n_actions
, &rule
->cr
.flow
, p
,
2111 packet
, &a
, &rule
->tags
, &rule
->may_install
,
2112 &rule
->nf_flow
.output_iface
);
2114 actions_len
= a
.n_actions
* sizeof *a
.actions
;
2115 if (rule
->n_odp_actions
!= a
.n_actions
2116 || memcmp(rule
->odp_actions
, a
.actions
, actions_len
)) {
2117 COVERAGE_INC(ofproto_odp_unchanged
);
2118 free(rule
->odp_actions
);
2119 rule
->n_odp_actions
= a
.n_actions
;
2120 rule
->odp_actions
= xmemdup(a
.actions
, actions_len
);
2128 do_put_flow(struct ofproto
*ofproto
, struct rule
*rule
, int flags
,
2129 struct odp_flow_put
*put
)
2131 memset(&put
->flow
.stats
, 0, sizeof put
->flow
.stats
);
2132 odp_flow_key_from_flow(&put
->flow
.key
, &rule
->cr
.flow
);
2133 put
->flow
.actions
= rule
->odp_actions
;
2134 put
->flow
.n_actions
= rule
->n_odp_actions
;
2135 put
->flow
.flags
= 0;
2137 return dpif_flow_put(ofproto
->dpif
, put
);
2141 rule_install(struct ofproto
*p
, struct rule
*rule
, struct rule
*displaced_rule
)
2143 assert(!rule
->cr
.wc
.wildcards
);
2145 if (rule
->may_install
) {
2146 struct odp_flow_put put
;
2147 if (!do_put_flow(p
, rule
,
2148 ODPPF_CREATE
| ODPPF_MODIFY
| ODPPF_ZERO_STATS
,
2150 rule
->installed
= true;
2151 if (displaced_rule
) {
2152 update_stats(p
, displaced_rule
, &put
.flow
.stats
);
2153 rule_post_uninstall(p
, displaced_rule
);
2156 } else if (displaced_rule
) {
2157 rule_uninstall(p
, displaced_rule
);
2162 rule_reinstall(struct ofproto
*ofproto
, struct rule
*rule
)
2164 if (rule
->installed
) {
2165 struct odp_flow_put put
;
2166 COVERAGE_INC(ofproto_dp_missed
);
2167 do_put_flow(ofproto
, rule
, ODPPF_CREATE
| ODPPF_MODIFY
, &put
);
2169 rule_install(ofproto
, rule
, NULL
);
2174 rule_update_actions(struct ofproto
*ofproto
, struct rule
*rule
)
2176 bool actions_changed
;
2177 uint16_t new_out_iface
, old_out_iface
;
2179 old_out_iface
= rule
->nf_flow
.output_iface
;
2180 actions_changed
= rule_make_actions(ofproto
, rule
, NULL
);
2182 if (rule
->may_install
) {
2183 if (rule
->installed
) {
2184 if (actions_changed
) {
2185 struct odp_flow_put put
;
2186 do_put_flow(ofproto
, rule
, ODPPF_CREATE
| ODPPF_MODIFY
2187 | ODPPF_ZERO_STATS
, &put
);
2188 update_stats(ofproto
, rule
, &put
.flow
.stats
);
2190 /* Temporarily set the old output iface so that NetFlow
2191 * messages have the correct output interface for the old
2193 new_out_iface
= rule
->nf_flow
.output_iface
;
2194 rule
->nf_flow
.output_iface
= old_out_iface
;
2195 rule_post_uninstall(ofproto
, rule
);
2196 rule
->nf_flow
.output_iface
= new_out_iface
;
2199 rule_install(ofproto
, rule
, NULL
);
2202 rule_uninstall(ofproto
, rule
);
2207 rule_account(struct ofproto
*ofproto
, struct rule
*rule
, uint64_t extra_bytes
)
2209 uint64_t total_bytes
= rule
->byte_count
+ extra_bytes
;
2211 if (ofproto
->ofhooks
->account_flow_cb
2212 && total_bytes
> rule
->accounted_bytes
)
2214 ofproto
->ofhooks
->account_flow_cb(
2215 &rule
->cr
.flow
, rule
->tags
, rule
->odp_actions
, rule
->n_odp_actions
,
2216 total_bytes
- rule
->accounted_bytes
, ofproto
->aux
);
2217 rule
->accounted_bytes
= total_bytes
;
2221 /* 'rule' must be an exact-match rule in 'p'.
2223 * If 'rule' is installed in the datapath, uninstalls it and updates's
2224 * statistics. If 'rule' is a subrule, the statistics that are updated are
2225 * actually its super-rule's statistics; otherwise 'rule''s own statistics are
2228 * If 'rule' is not installed, this function has no effect. */
2230 rule_uninstall(struct ofproto
*p
, struct rule
*rule
)
2232 assert(!rule
->cr
.wc
.wildcards
);
2233 if (rule
->installed
) {
2234 struct odp_flow odp_flow
;
2236 odp_flow_key_from_flow(&odp_flow
.key
, &rule
->cr
.flow
);
2237 odp_flow
.actions
= NULL
;
2238 odp_flow
.n_actions
= 0;
2240 if (!dpif_flow_del(p
->dpif
, &odp_flow
)) {
2241 update_stats(p
, rule
, &odp_flow
.stats
);
2243 rule
->installed
= false;
2245 rule_post_uninstall(p
, rule
);
2250 is_controller_rule(struct rule
*rule
)
2252 /* If the only action is send to the controller then don't report
2253 * NetFlow expiration messages since it is just part of the control
2254 * logic for the network and not real traffic. */
2258 && rule
->super
->n_actions
== 1
2259 && action_outputs_to_port(&rule
->super
->actions
[0],
2260 htons(OFPP_CONTROLLER
)));
2264 rule_post_uninstall(struct ofproto
*ofproto
, struct rule
*rule
)
2266 struct rule
*super
= rule
->super
;
2268 rule_account(ofproto
, rule
, 0);
2270 if (ofproto
->netflow
&& !is_controller_rule(rule
)) {
2271 struct ofexpired expired
;
2272 expired
.flow
= rule
->cr
.flow
;
2273 expired
.packet_count
= rule
->packet_count
;
2274 expired
.byte_count
= rule
->byte_count
;
2275 expired
.used
= rule
->used
;
2276 netflow_expire(ofproto
->netflow
, &rule
->nf_flow
, &expired
);
2279 super
->packet_count
+= rule
->packet_count
;
2280 super
->byte_count
+= rule
->byte_count
;
2282 /* Reset counters to prevent double counting if the rule ever gets
2284 rule
->packet_count
= 0;
2285 rule
->byte_count
= 0;
2286 rule
->accounted_bytes
= 0;
2288 netflow_flow_clear(&rule
->nf_flow
);
2293 queue_tx(struct ofpbuf
*msg
, const struct ofconn
*ofconn
,
2294 struct rconn_packet_counter
*counter
)
2296 update_openflow_length(msg
);
2297 if (rconn_send(ofconn
->rconn
, msg
, counter
)) {
2303 send_error(const struct ofconn
*ofconn
, const struct ofp_header
*oh
,
2304 int error
, const void *data
, size_t len
)
2307 struct ofp_error_msg
*oem
;
2309 if (!(error
>> 16)) {
2310 VLOG_WARN_RL(&rl
, "not sending bad error code %d to controller",
2315 COVERAGE_INC(ofproto_error
);
2316 oem
= make_openflow_xid(len
+ sizeof *oem
, OFPT_ERROR
,
2317 oh
? oh
->xid
: 0, &buf
);
2318 oem
->type
= htons((unsigned int) error
>> 16);
2319 oem
->code
= htons(error
& 0xffff);
2320 memcpy(oem
->data
, data
, len
);
2321 queue_tx(buf
, ofconn
, ofconn
->reply_counter
);
2325 send_error_oh(const struct ofconn
*ofconn
, const struct ofp_header
*oh
,
2328 size_t oh_length
= ntohs(oh
->length
);
2329 send_error(ofconn
, oh
, error
, oh
, MIN(oh_length
, 64));
2333 hton_ofp_phy_port(struct ofp_phy_port
*opp
)
2335 opp
->port_no
= htons(opp
->port_no
);
2336 opp
->config
= htonl(opp
->config
);
2337 opp
->state
= htonl(opp
->state
);
2338 opp
->curr
= htonl(opp
->curr
);
2339 opp
->advertised
= htonl(opp
->advertised
);
2340 opp
->supported
= htonl(opp
->supported
);
2341 opp
->peer
= htonl(opp
->peer
);
2345 handle_echo_request(struct ofconn
*ofconn
, struct ofp_header
*oh
)
2347 struct ofp_header
*rq
= oh
;
2348 queue_tx(make_echo_reply(rq
), ofconn
, ofconn
->reply_counter
);
2353 handle_features_request(struct ofproto
*p
, struct ofconn
*ofconn
,
2354 struct ofp_header
*oh
)
2356 struct ofp_switch_features
*osf
;
2358 struct ofport
*port
;
2360 osf
= make_openflow_xid(sizeof *osf
, OFPT_FEATURES_REPLY
, oh
->xid
, &buf
);
2361 osf
->datapath_id
= htonll(p
->datapath_id
);
2362 osf
->n_buffers
= htonl(pktbuf_capacity());
2364 osf
->capabilities
= htonl(OFPC_FLOW_STATS
| OFPC_TABLE_STATS
|
2365 OFPC_PORT_STATS
| OFPC_ARP_MATCH_IP
);
2366 osf
->actions
= htonl((1u << OFPAT_OUTPUT
) |
2367 (1u << OFPAT_SET_VLAN_VID
) |
2368 (1u << OFPAT_SET_VLAN_PCP
) |
2369 (1u << OFPAT_STRIP_VLAN
) |
2370 (1u << OFPAT_SET_DL_SRC
) |
2371 (1u << OFPAT_SET_DL_DST
) |
2372 (1u << OFPAT_SET_NW_SRC
) |
2373 (1u << OFPAT_SET_NW_DST
) |
2374 (1u << OFPAT_SET_NW_TOS
) |
2375 (1u << OFPAT_SET_TP_SRC
) |
2376 (1u << OFPAT_SET_TP_DST
) |
2377 (1u << OFPAT_ENQUEUE
));
2379 HMAP_FOR_EACH (port
, hmap_node
, &p
->ports
) {
2380 hton_ofp_phy_port(ofpbuf_put(buf
, &port
->opp
, sizeof port
->opp
));
2383 queue_tx(buf
, ofconn
, ofconn
->reply_counter
);
2388 handle_get_config_request(struct ofproto
*p
, struct ofconn
*ofconn
,
2389 struct ofp_header
*oh
)
2392 struct ofp_switch_config
*osc
;
2396 /* Figure out flags. */
2397 dpif_get_drop_frags(p
->dpif
, &drop_frags
);
2398 flags
= drop_frags
? OFPC_FRAG_DROP
: OFPC_FRAG_NORMAL
;
2401 osc
= make_openflow_xid(sizeof *osc
, OFPT_GET_CONFIG_REPLY
, oh
->xid
, &buf
);
2402 osc
->flags
= htons(flags
);
2403 osc
->miss_send_len
= htons(ofconn
->miss_send_len
);
2404 queue_tx(buf
, ofconn
, ofconn
->reply_counter
);
2410 handle_set_config(struct ofproto
*p
, struct ofconn
*ofconn
,
2411 struct ofp_switch_config
*osc
)
2416 error
= check_ofp_message(&osc
->header
, OFPT_SET_CONFIG
, sizeof *osc
);
2420 flags
= ntohs(osc
->flags
);
2422 if (ofconn
->type
== OFCONN_PRIMARY
&& ofconn
->role
!= NX_ROLE_SLAVE
) {
2423 switch (flags
& OFPC_FRAG_MASK
) {
2424 case OFPC_FRAG_NORMAL
:
2425 dpif_set_drop_frags(p
->dpif
, false);
2427 case OFPC_FRAG_DROP
:
2428 dpif_set_drop_frags(p
->dpif
, true);
2431 VLOG_WARN_RL(&rl
, "requested bad fragment mode (flags=%"PRIx16
")",
2437 ofconn
->miss_send_len
= ntohs(osc
->miss_send_len
);
2443 add_controller_action(struct odp_actions
*actions
, uint16_t max_len
)
2445 union odp_action
*a
= odp_actions_add(actions
, ODPAT_CONTROLLER
);
2446 a
->controller
.arg
= max_len
;
2449 struct action_xlate_ctx
{
2451 struct flow flow
; /* Flow to which these actions correspond. */
2452 int recurse
; /* Recursion level, via xlate_table_action. */
2453 struct ofproto
*ofproto
;
2454 const struct ofpbuf
*packet
; /* The packet corresponding to 'flow', or a
2455 * null pointer if we are revalidating
2456 * without a packet to refer to. */
2459 struct odp_actions
*out
; /* Datapath actions. */
2460 tag_type
*tags
; /* Tags associated with OFPP_NORMAL actions. */
2461 bool may_set_up_flow
; /* True ordinarily; false if the actions must
2462 * be reassessed for every packet. */
2463 uint16_t nf_output_iface
; /* Output interface index for NetFlow. */
2466 /* Maximum depth of flow table recursion (due to NXAST_RESUBMIT actions) in a
2467 * flow translation. */
2468 #define MAX_RESUBMIT_RECURSION 8
2470 static void do_xlate_actions(const union ofp_action
*in
, size_t n_in
,
2471 struct action_xlate_ctx
*ctx
);
2474 add_output_action(struct action_xlate_ctx
*ctx
, uint16_t port
)
2476 const struct ofport
*ofport
= get_port(ctx
->ofproto
, port
);
2479 if (ofport
->opp
.config
& OFPPC_NO_FWD
) {
2480 /* Forwarding disabled on port. */
2485 * We don't have an ofport record for this port, but it doesn't hurt to
2486 * allow forwarding to it anyhow. Maybe such a port will appear later
2487 * and we're pre-populating the flow table.
2491 odp_actions_add(ctx
->out
, ODPAT_OUTPUT
)->output
.port
= port
;
2492 ctx
->nf_output_iface
= port
;
2495 static struct rule
*
2496 lookup_valid_rule(struct ofproto
*ofproto
, const struct flow
*flow
)
2499 rule
= rule_from_cls_rule(classifier_lookup(&ofproto
->cls
, flow
));
2501 /* The rule we found might not be valid, since we could be in need of
2502 * revalidation. If it is not valid, don't return it. */
2505 && ofproto
->need_revalidate
2506 && !revalidate_rule(ofproto
, rule
)) {
2507 COVERAGE_INC(ofproto_invalidated
);
2515 xlate_table_action(struct action_xlate_ctx
*ctx
, uint16_t in_port
)
2517 if (ctx
->recurse
< MAX_RESUBMIT_RECURSION
) {
2518 uint16_t old_in_port
;
2521 /* Look up a flow with 'in_port' as the input port. Then restore the
2522 * original input port (otherwise OFPP_NORMAL and OFPP_IN_PORT will
2523 * have surprising behavior). */
2524 old_in_port
= ctx
->flow
.in_port
;
2525 ctx
->flow
.in_port
= in_port
;
2526 rule
= lookup_valid_rule(ctx
->ofproto
, &ctx
->flow
);
2527 ctx
->flow
.in_port
= old_in_port
;
2535 do_xlate_actions(rule
->actions
, rule
->n_actions
, ctx
);
2539 struct vlog_rate_limit recurse_rl
= VLOG_RATE_LIMIT_INIT(1, 1);
2541 VLOG_ERR_RL(&recurse_rl
, "NXAST_RESUBMIT recursed over %d times",
2542 MAX_RESUBMIT_RECURSION
);
2547 flood_packets(struct ofproto
*ofproto
, uint16_t odp_in_port
, uint32_t mask
,
2548 uint16_t *nf_output_iface
, struct odp_actions
*actions
)
2550 struct ofport
*ofport
;
2552 HMAP_FOR_EACH (ofport
, hmap_node
, &ofproto
->ports
) {
2553 uint16_t odp_port
= ofport
->odp_port
;
2554 if (odp_port
!= odp_in_port
&& !(ofport
->opp
.config
& mask
)) {
2555 odp_actions_add(actions
, ODPAT_OUTPUT
)->output
.port
= odp_port
;
2558 *nf_output_iface
= NF_OUT_FLOOD
;
2562 xlate_output_action__(struct action_xlate_ctx
*ctx
,
2563 uint16_t port
, uint16_t max_len
)
2566 uint16_t prev_nf_output_iface
= ctx
->nf_output_iface
;
2568 ctx
->nf_output_iface
= NF_OUT_DROP
;
2572 add_output_action(ctx
, ctx
->flow
.in_port
);
2575 xlate_table_action(ctx
, ctx
->flow
.in_port
);
2578 if (!ctx
->ofproto
->ofhooks
->normal_cb(&ctx
->flow
, ctx
->packet
,
2579 ctx
->out
, ctx
->tags
,
2580 &ctx
->nf_output_iface
,
2581 ctx
->ofproto
->aux
)) {
2582 COVERAGE_INC(ofproto_uninstallable
);
2583 ctx
->may_set_up_flow
= false;
2587 flood_packets(ctx
->ofproto
, ctx
->flow
.in_port
, OFPPC_NO_FLOOD
,
2588 &ctx
->nf_output_iface
, ctx
->out
);
2591 flood_packets(ctx
->ofproto
, ctx
->flow
.in_port
, 0,
2592 &ctx
->nf_output_iface
, ctx
->out
);
2594 case OFPP_CONTROLLER
:
2595 add_controller_action(ctx
->out
, max_len
);
2598 add_output_action(ctx
, ODPP_LOCAL
);
2601 odp_port
= ofp_port_to_odp_port(port
);
2602 if (odp_port
!= ctx
->flow
.in_port
) {
2603 add_output_action(ctx
, odp_port
);
2608 if (prev_nf_output_iface
== NF_OUT_FLOOD
) {
2609 ctx
->nf_output_iface
= NF_OUT_FLOOD
;
2610 } else if (ctx
->nf_output_iface
== NF_OUT_DROP
) {
2611 ctx
->nf_output_iface
= prev_nf_output_iface
;
2612 } else if (prev_nf_output_iface
!= NF_OUT_DROP
&&
2613 ctx
->nf_output_iface
!= NF_OUT_FLOOD
) {
2614 ctx
->nf_output_iface
= NF_OUT_MULTI
;
2619 xlate_output_action(struct action_xlate_ctx
*ctx
,
2620 const struct ofp_action_output
*oao
)
2622 xlate_output_action__(ctx
, ntohs(oao
->port
), ntohs(oao
->max_len
));
2625 /* If the final ODP action in 'ctx' is "pop priority", drop it, as an
2626 * optimization, because we're going to add another action that sets the
2627 * priority immediately after, or because there are no actions following the
2630 remove_pop_action(struct action_xlate_ctx
*ctx
)
2632 size_t n
= ctx
->out
->n_actions
;
2633 if (n
> 0 && ctx
->out
->actions
[n
- 1].type
== ODPAT_POP_PRIORITY
) {
2634 ctx
->out
->n_actions
--;
2639 xlate_enqueue_action(struct action_xlate_ctx
*ctx
,
2640 const struct ofp_action_enqueue
*oae
)
2642 uint16_t ofp_port
, odp_port
;
2646 error
= dpif_queue_to_priority(ctx
->ofproto
->dpif
, ntohl(oae
->queue_id
),
2649 /* Fall back to ordinary output action. */
2650 xlate_output_action__(ctx
, ntohs(oae
->port
), 0);
2654 /* Figure out ODP output port. */
2655 ofp_port
= ntohs(oae
->port
);
2656 if (ofp_port
!= OFPP_IN_PORT
) {
2657 odp_port
= ofp_port_to_odp_port(ofp_port
);
2659 odp_port
= ctx
->flow
.in_port
;
2662 /* Add ODP actions. */
2663 remove_pop_action(ctx
);
2664 odp_actions_add(ctx
->out
, ODPAT_SET_PRIORITY
)->priority
.priority
2666 add_output_action(ctx
, odp_port
);
2667 odp_actions_add(ctx
->out
, ODPAT_POP_PRIORITY
);
2669 /* Update NetFlow output port. */
2670 if (ctx
->nf_output_iface
== NF_OUT_DROP
) {
2671 ctx
->nf_output_iface
= odp_port
;
2672 } else if (ctx
->nf_output_iface
!= NF_OUT_FLOOD
) {
2673 ctx
->nf_output_iface
= NF_OUT_MULTI
;
2678 xlate_set_queue_action(struct action_xlate_ctx
*ctx
,
2679 const struct nx_action_set_queue
*nasq
)
2684 error
= dpif_queue_to_priority(ctx
->ofproto
->dpif
, ntohl(nasq
->queue_id
),
2687 /* Couldn't translate queue to a priority, so ignore. A warning
2688 * has already been logged. */
2692 remove_pop_action(ctx
);
2693 odp_actions_add(ctx
->out
, ODPAT_SET_PRIORITY
)->priority
.priority
2698 xlate_nicira_action(struct action_xlate_ctx
*ctx
,
2699 const struct nx_action_header
*nah
)
2701 const struct nx_action_resubmit
*nar
;
2702 const struct nx_action_set_tunnel
*nast
;
2703 const struct nx_action_set_queue
*nasq
;
2704 union odp_action
*oa
;
2705 int subtype
= ntohs(nah
->subtype
);
2707 assert(nah
->vendor
== htonl(NX_VENDOR_ID
));
2709 case NXAST_RESUBMIT
:
2710 nar
= (const struct nx_action_resubmit
*) nah
;
2711 xlate_table_action(ctx
, ofp_port_to_odp_port(ntohs(nar
->in_port
)));
2714 case NXAST_SET_TUNNEL
:
2715 nast
= (const struct nx_action_set_tunnel
*) nah
;
2716 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_TUNNEL
);
2717 ctx
->flow
.tun_id
= oa
->tunnel
.tun_id
= nast
->tun_id
;
2720 case NXAST_DROP_SPOOFED_ARP
:
2721 if (ctx
->flow
.dl_type
== htons(ETH_TYPE_ARP
)) {
2722 odp_actions_add(ctx
->out
, ODPAT_DROP_SPOOFED_ARP
);
2726 case NXAST_SET_QUEUE
:
2727 nasq
= (const struct nx_action_set_queue
*) nah
;
2728 xlate_set_queue_action(ctx
, nasq
);
2731 case NXAST_POP_QUEUE
:
2732 odp_actions_add(ctx
->out
, ODPAT_POP_PRIORITY
);
2735 /* If you add a new action here that modifies flow data, don't forget to
2736 * update the flow key in ctx->flow at the same time. */
2739 VLOG_DBG_RL(&rl
, "unknown Nicira action type %"PRIu16
, subtype
);
2745 do_xlate_actions(const union ofp_action
*in
, size_t n_in
,
2746 struct action_xlate_ctx
*ctx
)
2748 struct actions_iterator iter
;
2749 const union ofp_action
*ia
;
2750 const struct ofport
*port
;
2752 port
= get_port(ctx
->ofproto
, ctx
->flow
.in_port
);
2753 if (port
&& port
->opp
.config
& (OFPPC_NO_RECV
| OFPPC_NO_RECV_STP
) &&
2754 port
->opp
.config
& (eth_addr_equals(ctx
->flow
.dl_dst
, eth_addr_stp
)
2755 ? OFPPC_NO_RECV_STP
: OFPPC_NO_RECV
)) {
2756 /* Drop this flow. */
2760 for (ia
= actions_first(&iter
, in
, n_in
); ia
; ia
= actions_next(&iter
)) {
2761 uint16_t type
= ntohs(ia
->type
);
2762 union odp_action
*oa
;
2766 xlate_output_action(ctx
, &ia
->output
);
2769 case OFPAT_SET_VLAN_VID
:
2770 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_DL_TCI
);
2771 oa
->dl_tci
.tci
= ia
->vlan_vid
.vlan_vid
;
2772 oa
->dl_tci
.tci
|= htons(ctx
->flow
.dl_vlan_pcp
<< VLAN_PCP_SHIFT
);
2773 ctx
->flow
.dl_vlan
= ia
->vlan_vid
.vlan_vid
;
2776 case OFPAT_SET_VLAN_PCP
:
2777 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_DL_TCI
);
2778 oa
->dl_tci
.tci
= htons(ia
->vlan_pcp
.vlan_pcp
<< VLAN_PCP_SHIFT
);
2779 oa
->dl_tci
.tci
|= ctx
->flow
.dl_vlan
;
2780 ctx
->flow
.dl_vlan_pcp
= ia
->vlan_pcp
.vlan_pcp
;
2783 case OFPAT_STRIP_VLAN
:
2784 odp_actions_add(ctx
->out
, ODPAT_STRIP_VLAN
);
2785 ctx
->flow
.dl_vlan
= htons(OFP_VLAN_NONE
);
2786 ctx
->flow
.dl_vlan_pcp
= 0;
2789 case OFPAT_SET_DL_SRC
:
2790 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_DL_SRC
);
2791 memcpy(oa
->dl_addr
.dl_addr
,
2792 ((struct ofp_action_dl_addr
*) ia
)->dl_addr
, ETH_ADDR_LEN
);
2793 memcpy(ctx
->flow
.dl_src
,
2794 ((struct ofp_action_dl_addr
*) ia
)->dl_addr
, ETH_ADDR_LEN
);
2797 case OFPAT_SET_DL_DST
:
2798 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_DL_DST
);
2799 memcpy(oa
->dl_addr
.dl_addr
,
2800 ((struct ofp_action_dl_addr
*) ia
)->dl_addr
, ETH_ADDR_LEN
);
2801 memcpy(ctx
->flow
.dl_dst
,
2802 ((struct ofp_action_dl_addr
*) ia
)->dl_addr
, ETH_ADDR_LEN
);
2805 case OFPAT_SET_NW_SRC
:
2806 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_NW_SRC
);
2807 ctx
->flow
.nw_src
= oa
->nw_addr
.nw_addr
= ia
->nw_addr
.nw_addr
;
2810 case OFPAT_SET_NW_DST
:
2811 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_NW_DST
);
2812 ctx
->flow
.nw_dst
= oa
->nw_addr
.nw_addr
= ia
->nw_addr
.nw_addr
;
2815 case OFPAT_SET_NW_TOS
:
2816 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_NW_TOS
);
2817 ctx
->flow
.nw_tos
= oa
->nw_tos
.nw_tos
= ia
->nw_tos
.nw_tos
;
2820 case OFPAT_SET_TP_SRC
:
2821 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_TP_SRC
);
2822 ctx
->flow
.tp_src
= oa
->tp_port
.tp_port
= ia
->tp_port
.tp_port
;
2825 case OFPAT_SET_TP_DST
:
2826 oa
= odp_actions_add(ctx
->out
, ODPAT_SET_TP_DST
);
2827 ctx
->flow
.tp_dst
= oa
->tp_port
.tp_port
= ia
->tp_port
.tp_port
;
2831 xlate_nicira_action(ctx
, (const struct nx_action_header
*) ia
);
2835 xlate_enqueue_action(ctx
, (const struct ofp_action_enqueue
*) ia
);
2839 VLOG_DBG_RL(&rl
, "unknown action type %"PRIu16
, type
);
2846 xlate_actions(const union ofp_action
*in
, size_t n_in
,
2847 const struct flow
*flow
, struct ofproto
*ofproto
,
2848 const struct ofpbuf
*packet
,
2849 struct odp_actions
*out
, tag_type
*tags
, bool *may_set_up_flow
,
2850 uint16_t *nf_output_iface
)
2852 tag_type no_tags
= 0;
2853 struct action_xlate_ctx ctx
;
2854 COVERAGE_INC(ofproto_ofp2odp
);
2855 odp_actions_init(out
);
2858 ctx
.ofproto
= ofproto
;
2859 ctx
.packet
= packet
;
2861 ctx
.tags
= tags
? tags
: &no_tags
;
2862 ctx
.may_set_up_flow
= true;
2863 ctx
.nf_output_iface
= NF_OUT_DROP
;
2864 do_xlate_actions(in
, n_in
, &ctx
);
2865 remove_pop_action(&ctx
);
2867 /* Check with in-band control to see if we're allowed to set up this
2869 if (!in_band_rule_check(ofproto
->in_band
, flow
, out
)) {
2870 ctx
.may_set_up_flow
= false;
2873 if (may_set_up_flow
) {
2874 *may_set_up_flow
= ctx
.may_set_up_flow
;
2876 if (nf_output_iface
) {
2877 *nf_output_iface
= ctx
.nf_output_iface
;
2879 if (odp_actions_overflow(out
)) {
2880 COVERAGE_INC(odp_overflow
);
2881 odp_actions_init(out
);
2882 return ofp_mkerr(OFPET_BAD_ACTION
, OFPBAC_TOO_MANY
);
2887 /* Checks whether 'ofconn' is a slave controller. If so, returns an OpenFlow
2888 * error message code (composed with ofp_mkerr()) for the caller to propagate
2889 * upward. Otherwise, returns 0.
2891 * 'oh' is used to make log messages more informative. */
2893 reject_slave_controller(struct ofconn
*ofconn
, const struct ofp_header
*oh
)
2895 if (ofconn
->type
== OFCONN_PRIMARY
&& ofconn
->role
== NX_ROLE_SLAVE
) {
2896 static struct vlog_rate_limit perm_rl
= VLOG_RATE_LIMIT_INIT(1, 5);
2899 type_name
= ofp_message_type_to_string(oh
->type
);
2900 VLOG_WARN_RL(&perm_rl
, "rejecting %s message from slave controller",
2904 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_EPERM
);
2911 handle_packet_out(struct ofproto
*p
, struct ofconn
*ofconn
,
2912 struct ofp_header
*oh
)
2914 struct ofp_packet_out
*opo
;
2915 struct ofpbuf payload
, *buffer
;
2916 struct odp_actions actions
;
2922 error
= reject_slave_controller(ofconn
, oh
);
2927 error
= check_ofp_packet_out(oh
, &payload
, &n_actions
, p
->max_ports
);
2931 opo
= (struct ofp_packet_out
*) oh
;
2933 COVERAGE_INC(ofproto_packet_out
);
2934 if (opo
->buffer_id
!= htonl(UINT32_MAX
)) {
2935 error
= pktbuf_retrieve(ofconn
->pktbuf
, ntohl(opo
->buffer_id
),
2937 if (error
|| !buffer
) {
2945 flow_extract(&payload
, 0, ofp_port_to_odp_port(ntohs(opo
->in_port
)), &flow
);
2946 error
= xlate_actions((const union ofp_action
*) opo
->actions
, n_actions
,
2947 &flow
, p
, &payload
, &actions
, NULL
, NULL
, NULL
);
2952 dpif_execute(p
->dpif
, actions
.actions
, actions
.n_actions
, &payload
);
2953 ofpbuf_delete(buffer
);
2959 update_port_config(struct ofproto
*p
, struct ofport
*port
,
2960 uint32_t config
, uint32_t mask
)
2962 mask
&= config
^ port
->opp
.config
;
2963 if (mask
& OFPPC_PORT_DOWN
) {
2964 if (config
& OFPPC_PORT_DOWN
) {
2965 netdev_turn_flags_off(port
->netdev
, NETDEV_UP
, true);
2967 netdev_turn_flags_on(port
->netdev
, NETDEV_UP
, true);
2970 #define REVALIDATE_BITS (OFPPC_NO_RECV | OFPPC_NO_RECV_STP | \
2971 OFPPC_NO_FWD | OFPPC_NO_FLOOD)
2972 if (mask
& REVALIDATE_BITS
) {
2973 COVERAGE_INC(ofproto_costly_flags
);
2974 port
->opp
.config
^= mask
& REVALIDATE_BITS
;
2975 p
->need_revalidate
= true;
2977 #undef REVALIDATE_BITS
2978 if (mask
& OFPPC_NO_PACKET_IN
) {
2979 port
->opp
.config
^= OFPPC_NO_PACKET_IN
;
2984 handle_port_mod(struct ofproto
*p
, struct ofconn
*ofconn
,
2985 struct ofp_header
*oh
)
2987 const struct ofp_port_mod
*opm
;
2988 struct ofport
*port
;
2991 error
= reject_slave_controller(ofconn
, oh
);
2995 error
= check_ofp_message(oh
, OFPT_PORT_MOD
, sizeof *opm
);
2999 opm
= (struct ofp_port_mod
*) oh
;
3001 port
= get_port(p
, ofp_port_to_odp_port(ntohs(opm
->port_no
)));
3003 return ofp_mkerr(OFPET_PORT_MOD_FAILED
, OFPPMFC_BAD_PORT
);
3004 } else if (memcmp(port
->opp
.hw_addr
, opm
->hw_addr
, OFP_ETH_ALEN
)) {
3005 return ofp_mkerr(OFPET_PORT_MOD_FAILED
, OFPPMFC_BAD_HW_ADDR
);
3007 update_port_config(p
, port
, ntohl(opm
->config
), ntohl(opm
->mask
));
3008 if (opm
->advertise
) {
3009 netdev_set_advertisements(port
->netdev
, ntohl(opm
->advertise
));
3015 static struct ofpbuf
*
3016 make_stats_reply(uint32_t xid
, uint16_t type
, size_t body_len
)
3018 struct ofp_stats_reply
*osr
;
3021 msg
= ofpbuf_new(MIN(sizeof *osr
+ body_len
, UINT16_MAX
));
3022 osr
= put_openflow_xid(sizeof *osr
, OFPT_STATS_REPLY
, xid
, msg
);
3024 osr
->flags
= htons(0);
3028 static struct ofpbuf
*
3029 start_stats_reply(const struct ofp_stats_request
*request
, size_t body_len
)
3031 return make_stats_reply(request
->header
.xid
, request
->type
, body_len
);
3035 append_stats_reply(size_t nbytes
, struct ofconn
*ofconn
, struct ofpbuf
**msgp
)
3037 struct ofpbuf
*msg
= *msgp
;
3038 assert(nbytes
<= UINT16_MAX
- sizeof(struct ofp_stats_reply
));
3039 if (nbytes
+ msg
->size
> UINT16_MAX
) {
3040 struct ofp_stats_reply
*reply
= msg
->data
;
3041 reply
->flags
= htons(OFPSF_REPLY_MORE
);
3042 *msgp
= make_stats_reply(reply
->header
.xid
, reply
->type
, nbytes
);
3043 queue_tx(msg
, ofconn
, ofconn
->reply_counter
);
3045 return ofpbuf_put_uninit(*msgp
, nbytes
);
3049 handle_desc_stats_request(struct ofproto
*p
, struct ofconn
*ofconn
,
3050 struct ofp_stats_request
*request
)
3052 struct ofp_desc_stats
*ods
;
3055 msg
= start_stats_reply(request
, sizeof *ods
);
3056 ods
= append_stats_reply(sizeof *ods
, ofconn
, &msg
);
3057 memset(ods
, 0, sizeof *ods
);
3058 ovs_strlcpy(ods
->mfr_desc
, p
->mfr_desc
, sizeof ods
->mfr_desc
);
3059 ovs_strlcpy(ods
->hw_desc
, p
->hw_desc
, sizeof ods
->hw_desc
);
3060 ovs_strlcpy(ods
->sw_desc
, p
->sw_desc
, sizeof ods
->sw_desc
);
3061 ovs_strlcpy(ods
->serial_num
, p
->serial_desc
, sizeof ods
->serial_num
);
3062 ovs_strlcpy(ods
->dp_desc
, p
->dp_desc
, sizeof ods
->dp_desc
);
3063 queue_tx(msg
, ofconn
, ofconn
->reply_counter
);
3069 handle_table_stats_request(struct ofproto
*p
, struct ofconn
*ofconn
,
3070 struct ofp_stats_request
*request
)
3072 struct ofp_table_stats
*ots
;
3074 struct odp_stats dpstats
;
3075 int n_exact
, n_subrules
, n_wild
;
3078 msg
= start_stats_reply(request
, sizeof *ots
* 2);
3080 /* Count rules of various kinds. */
3082 CLASSIFIER_FOR_EACH_EXACT_RULE (rule
, cr
, &p
->cls
) {
3087 n_exact
= classifier_count_exact(&p
->cls
) - n_subrules
;
3088 n_wild
= classifier_count(&p
->cls
) - classifier_count_exact(&p
->cls
);
3091 dpif_get_dp_stats(p
->dpif
, &dpstats
);
3092 ots
= append_stats_reply(sizeof *ots
, ofconn
, &msg
);
3093 memset(ots
, 0, sizeof *ots
);
3094 ots
->table_id
= TABLEID_HASH
;
3095 strcpy(ots
->name
, "hash");
3096 ots
->wildcards
= htonl(0);
3097 ots
->max_entries
= htonl(dpstats
.max_capacity
);
3098 ots
->active_count
= htonl(n_exact
);
3099 ots
->lookup_count
= htonll(dpstats
.n_frags
+ dpstats
.n_hit
+
3101 ots
->matched_count
= htonll(dpstats
.n_hit
); /* XXX */
3103 /* Classifier table. */
3104 ots
= append_stats_reply(sizeof *ots
, ofconn
, &msg
);
3105 memset(ots
, 0, sizeof *ots
);
3106 ots
->table_id
= TABLEID_CLASSIFIER
;
3107 strcpy(ots
->name
, "classifier");
3108 ots
->wildcards
= p
->tun_id_from_cookie
? htonl(OVSFW_ALL
)
3110 ots
->max_entries
= htonl(65536);
3111 ots
->active_count
= htonl(n_wild
);
3112 ots
->lookup_count
= htonll(0); /* XXX */
3113 ots
->matched_count
= htonll(0); /* XXX */
3115 queue_tx(msg
, ofconn
, ofconn
->reply_counter
);
3120 append_port_stat(struct ofport
*port
, struct ofconn
*ofconn
,
3121 struct ofpbuf
**msgp
)
3123 struct netdev_stats stats
;
3124 struct ofp_port_stats
*ops
;
3126 /* Intentionally ignore return value, since errors will set
3127 * 'stats' to all-1s, which is correct for OpenFlow, and
3128 * netdev_get_stats() will log errors. */
3129 netdev_get_stats(port
->netdev
, &stats
);
3131 ops
= append_stats_reply(sizeof *ops
, ofconn
, msgp
);
3132 ops
->port_no
= htons(port
->opp
.port_no
);
3133 memset(ops
->pad
, 0, sizeof ops
->pad
);
3134 ops
->rx_packets
= htonll(stats
.rx_packets
);
3135 ops
->tx_packets
= htonll(stats
.tx_packets
);
3136 ops
->rx_bytes
= htonll(stats
.rx_bytes
);
3137 ops
->tx_bytes
= htonll(stats
.tx_bytes
);
3138 ops
->rx_dropped
= htonll(stats
.rx_dropped
);
3139 ops
->tx_dropped
= htonll(stats
.tx_dropped
);
3140 ops
->rx_errors
= htonll(stats
.rx_errors
);
3141 ops
->tx_errors
= htonll(stats
.tx_errors
);
3142 ops
->rx_frame_err
= htonll(stats
.rx_frame_errors
);
3143 ops
->rx_over_err
= htonll(stats
.rx_over_errors
);
3144 ops
->rx_crc_err
= htonll(stats
.rx_crc_errors
);
3145 ops
->collisions
= htonll(stats
.collisions
);
3149 handle_port_stats_request(struct ofproto
*p
, struct ofconn
*ofconn
,
3150 struct ofp_stats_request
*osr
,
3153 struct ofp_port_stats_request
*psr
;
3154 struct ofp_port_stats
*ops
;
3156 struct ofport
*port
;
3158 if (arg_size
!= sizeof *psr
) {
3159 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_LEN
);
3161 psr
= (struct ofp_port_stats_request
*) osr
->body
;
3163 msg
= start_stats_reply(osr
, sizeof *ops
* 16);
3164 if (psr
->port_no
!= htons(OFPP_NONE
)) {
3165 port
= get_port(p
, ofp_port_to_odp_port(ntohs(psr
->port_no
)));
3167 append_port_stat(port
, ofconn
, &msg
);
3170 HMAP_FOR_EACH (port
, hmap_node
, &p
->ports
) {
3171 append_port_stat(port
, ofconn
, &msg
);
3175 queue_tx(msg
, ofconn
, ofconn
->reply_counter
);
3179 struct flow_stats_cbdata
{
3180 struct ofproto
*ofproto
;
3181 struct ofconn
*ofconn
;
3186 /* Obtains statistic counters for 'rule' within 'p' and stores them into
3187 * '*packet_countp' and '*byte_countp'. If 'rule' is a wildcarded rule, the
3188 * returned statistic include statistics for all of 'rule''s subrules. */
3190 query_stats(struct ofproto
*p
, struct rule
*rule
,
3191 uint64_t *packet_countp
, uint64_t *byte_countp
)
3193 uint64_t packet_count
, byte_count
;
3194 struct rule
*subrule
;
3195 struct odp_flow
*odp_flows
;
3198 /* Start from historical data for 'rule' itself that are no longer tracked
3199 * by the datapath. This counts, for example, subrules that have
3201 packet_count
= rule
->packet_count
;
3202 byte_count
= rule
->byte_count
;
3204 /* Prepare to ask the datapath for statistics on 'rule', or if it is
3205 * wildcarded then on all of its subrules.
3207 * Also, add any statistics that are not tracked by the datapath for each
3208 * subrule. This includes, for example, statistics for packets that were
3209 * executed "by hand" by ofproto via dpif_execute() but must be accounted
3211 n_odp_flows
= rule
->cr
.wc
.wildcards
? list_size(&rule
->list
) : 1;
3212 odp_flows
= xzalloc(n_odp_flows
* sizeof *odp_flows
);
3213 if (rule
->cr
.wc
.wildcards
) {
3215 LIST_FOR_EACH (subrule
, list
, &rule
->list
) {
3216 odp_flow_key_from_flow(&odp_flows
[i
++].key
, &subrule
->cr
.flow
);
3217 packet_count
+= subrule
->packet_count
;
3218 byte_count
+= subrule
->byte_count
;
3221 odp_flow_key_from_flow(&odp_flows
[0].key
, &rule
->cr
.flow
);
3224 /* Fetch up-to-date statistics from the datapath and add them in. */
3225 if (!dpif_flow_get_multiple(p
->dpif
, odp_flows
, n_odp_flows
)) {
3227 for (i
= 0; i
< n_odp_flows
; i
++) {
3228 struct odp_flow
*odp_flow
= &odp_flows
[i
];
3229 packet_count
+= odp_flow
->stats
.n_packets
;
3230 byte_count
+= odp_flow
->stats
.n_bytes
;
3235 /* Return the stats to the caller. */
3236 *packet_countp
= packet_count
;
3237 *byte_countp
= byte_count
;
3241 flow_stats_cb(struct cls_rule
*rule_
, void *cbdata_
)
3243 struct rule
*rule
= rule_from_cls_rule(rule_
);
3244 struct flow_stats_cbdata
*cbdata
= cbdata_
;
3245 struct ofp_flow_stats
*ofs
;
3246 uint64_t packet_count
, byte_count
;
3247 size_t act_len
, len
;
3248 long long int tdiff
= time_msec() - rule
->created
;
3249 uint32_t sec
= tdiff
/ 1000;
3250 uint32_t msec
= tdiff
- (sec
* 1000);
3252 if (rule_is_hidden(rule
) || !rule_has_out_port(rule
, cbdata
->out_port
)) {
3256 act_len
= sizeof *rule
->actions
* rule
->n_actions
;
3257 len
= offsetof(struct ofp_flow_stats
, actions
) + act_len
;
3259 query_stats(cbdata
->ofproto
, rule
, &packet_count
, &byte_count
);
3261 ofs
= append_stats_reply(len
, cbdata
->ofconn
, &cbdata
->msg
);
3262 ofs
->length
= htons(len
);
3263 ofs
->table_id
= rule
->cr
.wc
.wildcards
? TABLEID_CLASSIFIER
: TABLEID_HASH
;
3265 flow_to_match(&rule
->cr
.flow
, rule
->cr
.wc
.wildcards
,
3266 cbdata
->ofproto
->tun_id_from_cookie
, &ofs
->match
);
3267 ofs
->duration_sec
= htonl(sec
);
3268 ofs
->duration_nsec
= htonl(msec
* 1000000);
3269 ofs
->cookie
= rule
->flow_cookie
;
3270 ofs
->priority
= htons(rule
->cr
.priority
);
3271 ofs
->idle_timeout
= htons(rule
->idle_timeout
);
3272 ofs
->hard_timeout
= htons(rule
->hard_timeout
);
3273 memset(ofs
->pad2
, 0, sizeof ofs
->pad2
);
3274 ofs
->packet_count
= htonll(packet_count
);
3275 ofs
->byte_count
= htonll(byte_count
);
3276 if (rule
->n_actions
> 0) {
3277 memcpy(ofs
->actions
, rule
->actions
, act_len
);
3282 table_id_to_include(uint8_t table_id
)
3284 return (table_id
== TABLEID_HASH
? CLS_INC_EXACT
3285 : table_id
== TABLEID_CLASSIFIER
? CLS_INC_WILD
3286 : table_id
== 0xff ? CLS_INC_ALL
3291 handle_flow_stats_request(struct ofproto
*p
, struct ofconn
*ofconn
,
3292 const struct ofp_stats_request
*osr
,
3295 struct ofp_flow_stats_request
*fsr
;
3296 struct flow_stats_cbdata cbdata
;
3297 struct cls_rule target
;
3299 if (arg_size
!= sizeof *fsr
) {
3300 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_LEN
);
3302 fsr
= (struct ofp_flow_stats_request
*) osr
->body
;
3304 COVERAGE_INC(ofproto_flows_req
);
3306 cbdata
.ofconn
= ofconn
;
3307 cbdata
.out_port
= fsr
->out_port
;
3308 cbdata
.msg
= start_stats_reply(osr
, 1024);
3309 cls_rule_from_match(&fsr
->match
, 0, false, 0, &target
);
3310 classifier_for_each_match(&p
->cls
, &target
,
3311 table_id_to_include(fsr
->table_id
),
3312 flow_stats_cb
, &cbdata
);
3313 queue_tx(cbdata
.msg
, ofconn
, ofconn
->reply_counter
);
3317 struct flow_stats_ds_cbdata
{
3318 struct ofproto
*ofproto
;
3323 flow_stats_ds_cb(struct cls_rule
*rule_
, void *cbdata_
)
3325 struct rule
*rule
= rule_from_cls_rule(rule_
);
3326 struct flow_stats_ds_cbdata
*cbdata
= cbdata_
;
3327 struct ds
*results
= cbdata
->results
;
3328 struct ofp_match match
;
3329 uint64_t packet_count
, byte_count
;
3330 size_t act_len
= sizeof *rule
->actions
* rule
->n_actions
;
3332 /* Don't report on subrules. */
3333 if (rule
->super
!= NULL
) {
3337 query_stats(cbdata
->ofproto
, rule
, &packet_count
, &byte_count
);
3338 flow_to_match(&rule
->cr
.flow
, rule
->cr
.wc
.wildcards
,
3339 cbdata
->ofproto
->tun_id_from_cookie
, &match
);
3341 ds_put_format(results
, "duration=%llds, ",
3342 (time_msec() - rule
->created
) / 1000);
3343 ds_put_format(results
, "priority=%u, ", rule
->cr
.priority
);
3344 ds_put_format(results
, "n_packets=%"PRIu64
", ", packet_count
);
3345 ds_put_format(results
, "n_bytes=%"PRIu64
", ", byte_count
);
3346 ofp_print_match(results
, &match
, true);
3348 ofp_print_actions(results
, &rule
->actions
->header
, act_len
);
3350 ds_put_cstr(results
, "drop");
3352 ds_put_cstr(results
, "\n");
3355 /* Adds a pretty-printed description of all flows to 'results', including
3356 * those marked hidden by secchan (e.g., by in-band control). */
3358 ofproto_get_all_flows(struct ofproto
*p
, struct ds
*results
)
3360 struct ofp_match match
;
3361 struct cls_rule target
;
3362 struct flow_stats_ds_cbdata cbdata
;
3364 memset(&match
, 0, sizeof match
);
3365 match
.wildcards
= htonl(OVSFW_ALL
);
3368 cbdata
.results
= results
;
3370 cls_rule_from_match(&match
, 0, false, 0, &target
);
3371 classifier_for_each_match(&p
->cls
, &target
, CLS_INC_ALL
,
3372 flow_stats_ds_cb
, &cbdata
);
3375 struct aggregate_stats_cbdata
{
3376 struct ofproto
*ofproto
;
3378 uint64_t packet_count
;
3379 uint64_t byte_count
;
3384 aggregate_stats_cb(struct cls_rule
*rule_
, void *cbdata_
)
3386 struct rule
*rule
= rule_from_cls_rule(rule_
);
3387 struct aggregate_stats_cbdata
*cbdata
= cbdata_
;
3388 uint64_t packet_count
, byte_count
;
3390 if (rule_is_hidden(rule
) || !rule_has_out_port(rule
, cbdata
->out_port
)) {
3394 query_stats(cbdata
->ofproto
, rule
, &packet_count
, &byte_count
);
3396 cbdata
->packet_count
+= packet_count
;
3397 cbdata
->byte_count
+= byte_count
;
3402 handle_aggregate_stats_request(struct ofproto
*p
, struct ofconn
*ofconn
,
3403 const struct ofp_stats_request
*osr
,
3406 struct ofp_aggregate_stats_request
*asr
;
3407 struct ofp_aggregate_stats_reply
*reply
;
3408 struct aggregate_stats_cbdata cbdata
;
3409 struct cls_rule target
;
3412 if (arg_size
!= sizeof *asr
) {
3413 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_LEN
);
3415 asr
= (struct ofp_aggregate_stats_request
*) osr
->body
;
3417 COVERAGE_INC(ofproto_agg_request
);
3419 cbdata
.out_port
= asr
->out_port
;
3420 cbdata
.packet_count
= 0;
3421 cbdata
.byte_count
= 0;
3423 cls_rule_from_match(&asr
->match
, 0, false, 0, &target
);
3424 classifier_for_each_match(&p
->cls
, &target
,
3425 table_id_to_include(asr
->table_id
),
3426 aggregate_stats_cb
, &cbdata
);
3428 msg
= start_stats_reply(osr
, sizeof *reply
);
3429 reply
= append_stats_reply(sizeof *reply
, ofconn
, &msg
);
3430 reply
->flow_count
= htonl(cbdata
.n_flows
);
3431 reply
->packet_count
= htonll(cbdata
.packet_count
);
3432 reply
->byte_count
= htonll(cbdata
.byte_count
);
3433 queue_tx(msg
, ofconn
, ofconn
->reply_counter
);
3437 struct queue_stats_cbdata
{
3438 struct ofconn
*ofconn
;
3439 struct ofport
*ofport
;
3444 put_queue_stats(struct queue_stats_cbdata
*cbdata
, uint32_t queue_id
,
3445 const struct netdev_queue_stats
*stats
)
3447 struct ofp_queue_stats
*reply
;
3449 reply
= append_stats_reply(sizeof *reply
, cbdata
->ofconn
, &cbdata
->msg
);
3450 reply
->port_no
= htons(cbdata
->ofport
->opp
.port_no
);
3451 memset(reply
->pad
, 0, sizeof reply
->pad
);
3452 reply
->queue_id
= htonl(queue_id
);
3453 reply
->tx_bytes
= htonll(stats
->tx_bytes
);
3454 reply
->tx_packets
= htonll(stats
->tx_packets
);
3455 reply
->tx_errors
= htonll(stats
->tx_errors
);
3459 handle_queue_stats_dump_cb(uint32_t queue_id
,
3460 struct netdev_queue_stats
*stats
,
3463 struct queue_stats_cbdata
*cbdata
= cbdata_
;
3465 put_queue_stats(cbdata
, queue_id
, stats
);
3469 handle_queue_stats_for_port(struct ofport
*port
, uint32_t queue_id
,
3470 struct queue_stats_cbdata
*cbdata
)
3472 cbdata
->ofport
= port
;
3473 if (queue_id
== OFPQ_ALL
) {
3474 netdev_dump_queue_stats(port
->netdev
,
3475 handle_queue_stats_dump_cb
, cbdata
);
3477 struct netdev_queue_stats stats
;
3479 if (!netdev_get_queue_stats(port
->netdev
, queue_id
, &stats
)) {
3480 put_queue_stats(cbdata
, queue_id
, &stats
);
3486 handle_queue_stats_request(struct ofproto
*ofproto
, struct ofconn
*ofconn
,
3487 const struct ofp_stats_request
*osr
,
3490 struct ofp_queue_stats_request
*qsr
;
3491 struct queue_stats_cbdata cbdata
;
3492 struct ofport
*port
;
3493 unsigned int port_no
;
3496 if (arg_size
!= sizeof *qsr
) {
3497 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_LEN
);
3499 qsr
= (struct ofp_queue_stats_request
*) osr
->body
;
3501 COVERAGE_INC(ofproto_queue_req
);
3503 cbdata
.ofconn
= ofconn
;
3504 cbdata
.msg
= start_stats_reply(osr
, 128);
3506 port_no
= ntohs(qsr
->port_no
);
3507 queue_id
= ntohl(qsr
->queue_id
);
3508 if (port_no
== OFPP_ALL
) {
3509 HMAP_FOR_EACH (port
, hmap_node
, &ofproto
->ports
) {
3510 handle_queue_stats_for_port(port
, queue_id
, &cbdata
);
3512 } else if (port_no
< ofproto
->max_ports
) {
3513 port
= get_port(ofproto
, ofp_port_to_odp_port(port_no
));
3515 handle_queue_stats_for_port(port
, queue_id
, &cbdata
);
3518 ofpbuf_delete(cbdata
.msg
);
3519 return ofp_mkerr(OFPET_QUEUE_OP_FAILED
, OFPQOFC_BAD_PORT
);
3521 queue_tx(cbdata
.msg
, ofconn
, ofconn
->reply_counter
);
3527 handle_stats_request(struct ofproto
*p
, struct ofconn
*ofconn
,
3528 struct ofp_header
*oh
)
3530 struct ofp_stats_request
*osr
;
3534 error
= check_ofp_message_array(oh
, OFPT_STATS_REQUEST
, sizeof *osr
,
3539 osr
= (struct ofp_stats_request
*) oh
;
3541 switch (ntohs(osr
->type
)) {
3543 return handle_desc_stats_request(p
, ofconn
, osr
);
3546 return handle_flow_stats_request(p
, ofconn
, osr
, arg_size
);
3548 case OFPST_AGGREGATE
:
3549 return handle_aggregate_stats_request(p
, ofconn
, osr
, arg_size
);
3552 return handle_table_stats_request(p
, ofconn
, osr
);
3555 return handle_port_stats_request(p
, ofconn
, osr
, arg_size
);
3558 return handle_queue_stats_request(p
, ofconn
, osr
, arg_size
);
3561 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_VENDOR
);
3564 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_STAT
);
3568 static long long int
3569 msec_from_nsec(uint64_t sec
, uint32_t nsec
)
3571 return !sec
? 0 : sec
* 1000 + nsec
/ 1000000;
3575 update_time(struct ofproto
*ofproto
, struct rule
*rule
,
3576 const struct odp_flow_stats
*stats
)
3578 long long int used
= msec_from_nsec(stats
->used_sec
, stats
->used_nsec
);
3579 if (used
> rule
->used
) {
3581 if (rule
->super
&& used
> rule
->super
->used
) {
3582 rule
->super
->used
= used
;
3584 netflow_flow_update_time(ofproto
->netflow
, &rule
->nf_flow
, used
);
3589 update_stats(struct ofproto
*ofproto
, struct rule
*rule
,
3590 const struct odp_flow_stats
*stats
)
3592 if (stats
->n_packets
) {
3593 update_time(ofproto
, rule
, stats
);
3594 rule
->packet_count
+= stats
->n_packets
;
3595 rule
->byte_count
+= stats
->n_bytes
;
3596 netflow_flow_update_flags(&rule
->nf_flow
, stats
->tcp_flags
);
3600 /* Implements OFPFC_ADD and the cases for OFPFC_MODIFY and OFPFC_MODIFY_STRICT
3601 * in which no matching flow already exists in the flow table.
3603 * Adds the flow specified by 'ofm', which is followed by 'n_actions'
3604 * ofp_actions, to 'p''s flow table. Returns 0 on success or an OpenFlow error
3605 * code as encoded by ofp_mkerr() on failure.
3607 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3610 add_flow(struct ofproto
*p
, struct ofconn
*ofconn
,
3611 const struct ofp_flow_mod
*ofm
, size_t n_actions
)
3613 struct ofpbuf
*packet
;
3618 if (ofm
->flags
& htons(OFPFF_CHECK_OVERLAP
)) {
3622 flow_from_match(&ofm
->match
, p
->tun_id_from_cookie
, ofm
->cookie
,
3624 if (classifier_rule_overlaps(&p
->cls
, &flow
, wildcards
,
3625 ntohs(ofm
->priority
))) {
3626 return ofp_mkerr(OFPET_FLOW_MOD_FAILED
, OFPFMFC_OVERLAP
);
3630 rule
= rule_create(p
, NULL
, (const union ofp_action
*) ofm
->actions
,
3631 n_actions
, ntohs(ofm
->idle_timeout
),
3632 ntohs(ofm
->hard_timeout
), ofm
->cookie
,
3633 ofm
->flags
& htons(OFPFF_SEND_FLOW_REM
));
3634 cls_rule_from_match(&ofm
->match
, ntohs(ofm
->priority
),
3635 p
->tun_id_from_cookie
, ofm
->cookie
, &rule
->cr
);
3638 if (ofm
->buffer_id
!= htonl(UINT32_MAX
)) {
3639 error
= pktbuf_retrieve(ofconn
->pktbuf
, ntohl(ofm
->buffer_id
),
3643 in_port
= UINT16_MAX
;
3646 rule_insert(p
, rule
, packet
, in_port
);
3650 static struct rule
*
3651 find_flow_strict(struct ofproto
*p
, const struct ofp_flow_mod
*ofm
)
3656 flow_from_match(&ofm
->match
, p
->tun_id_from_cookie
, ofm
->cookie
,
3658 return rule_from_cls_rule(classifier_find_rule_exactly(
3659 &p
->cls
, &flow
, wildcards
,
3660 ntohs(ofm
->priority
)));
3664 send_buffered_packet(struct ofproto
*ofproto
, struct ofconn
*ofconn
,
3665 struct rule
*rule
, const struct ofp_flow_mod
*ofm
)
3667 struct ofpbuf
*packet
;
3672 if (ofm
->buffer_id
== htonl(UINT32_MAX
)) {
3676 error
= pktbuf_retrieve(ofconn
->pktbuf
, ntohl(ofm
->buffer_id
),
3682 flow_extract(packet
, 0, in_port
, &flow
);
3683 rule_execute(ofproto
, rule
, packet
, &flow
);
3688 /* OFPFC_MODIFY and OFPFC_MODIFY_STRICT. */
3690 struct modify_flows_cbdata
{
3691 struct ofproto
*ofproto
;
3692 const struct ofp_flow_mod
*ofm
;
3697 static int modify_flow(struct ofproto
*, const struct ofp_flow_mod
*,
3698 size_t n_actions
, struct rule
*);
3699 static void modify_flows_cb(struct cls_rule
*, void *cbdata_
);
3701 /* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code as
3702 * encoded by ofp_mkerr() on failure.
3704 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3707 modify_flows_loose(struct ofproto
*p
, struct ofconn
*ofconn
,
3708 const struct ofp_flow_mod
*ofm
, size_t n_actions
)
3710 struct modify_flows_cbdata cbdata
;
3711 struct cls_rule target
;
3715 cbdata
.n_actions
= n_actions
;
3716 cbdata
.match
= NULL
;
3718 cls_rule_from_match(&ofm
->match
, 0, p
->tun_id_from_cookie
, ofm
->cookie
,
3721 classifier_for_each_match(&p
->cls
, &target
, CLS_INC_ALL
,
3722 modify_flows_cb
, &cbdata
);
3724 /* This credits the packet to whichever flow happened to happened to
3725 * match last. That's weird. Maybe we should do a lookup for the
3726 * flow that actually matches the packet? Who knows. */
3727 send_buffered_packet(p
, ofconn
, cbdata
.match
, ofm
);
3730 return add_flow(p
, ofconn
, ofm
, n_actions
);
3734 /* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error
3735 * code as encoded by ofp_mkerr() on failure.
3737 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3740 modify_flow_strict(struct ofproto
*p
, struct ofconn
*ofconn
,
3741 struct ofp_flow_mod
*ofm
, size_t n_actions
)
3743 struct rule
*rule
= find_flow_strict(p
, ofm
);
3744 if (rule
&& !rule_is_hidden(rule
)) {
3745 modify_flow(p
, ofm
, n_actions
, rule
);
3746 return send_buffered_packet(p
, ofconn
, rule
, ofm
);
3748 return add_flow(p
, ofconn
, ofm
, n_actions
);
3752 /* Callback for modify_flows_loose(). */
3754 modify_flows_cb(struct cls_rule
*rule_
, void *cbdata_
)
3756 struct rule
*rule
= rule_from_cls_rule(rule_
);
3757 struct modify_flows_cbdata
*cbdata
= cbdata_
;
3759 if (!rule_is_hidden(rule
)) {
3760 cbdata
->match
= rule
;
3761 modify_flow(cbdata
->ofproto
, cbdata
->ofm
, cbdata
->n_actions
, rule
);
3765 /* Implements core of OFPFC_MODIFY and OFPFC_MODIFY_STRICT where 'rule' has
3766 * been identified as a flow in 'p''s flow table to be modified, by changing
3767 * the rule's actions to match those in 'ofm' (which is followed by 'n_actions'
3768 * ofp_action[] structures). */
3770 modify_flow(struct ofproto
*p
, const struct ofp_flow_mod
*ofm
,
3771 size_t n_actions
, struct rule
*rule
)
3773 size_t actions_len
= n_actions
* sizeof *rule
->actions
;
3775 rule
->flow_cookie
= ofm
->cookie
;
3777 /* If the actions are the same, do nothing. */
3778 if (n_actions
== rule
->n_actions
3779 && (!n_actions
|| !memcmp(ofm
->actions
, rule
->actions
, actions_len
)))
3784 /* Replace actions. */
3785 free(rule
->actions
);
3786 rule
->actions
= n_actions
? xmemdup(ofm
->actions
, actions_len
) : NULL
;
3787 rule
->n_actions
= n_actions
;
3789 /* Make sure that the datapath gets updated properly. */
3790 if (rule
->cr
.wc
.wildcards
) {
3791 COVERAGE_INC(ofproto_mod_wc_flow
);
3792 p
->need_revalidate
= true;
3794 rule_update_actions(p
, rule
);
3800 /* OFPFC_DELETE implementation. */
3802 struct delete_flows_cbdata
{
3803 struct ofproto
*ofproto
;
3807 static void delete_flows_cb(struct cls_rule
*, void *cbdata_
);
3808 static void delete_flow(struct ofproto
*, struct rule
*, uint16_t out_port
);
3810 /* Implements OFPFC_DELETE. */
3812 delete_flows_loose(struct ofproto
*p
, const struct ofp_flow_mod
*ofm
)
3814 struct delete_flows_cbdata cbdata
;
3815 struct cls_rule target
;
3818 cbdata
.out_port
= ofm
->out_port
;
3820 cls_rule_from_match(&ofm
->match
, 0, p
->tun_id_from_cookie
, ofm
->cookie
,
3823 classifier_for_each_match(&p
->cls
, &target
, CLS_INC_ALL
,
3824 delete_flows_cb
, &cbdata
);
3827 /* Implements OFPFC_DELETE_STRICT. */
3829 delete_flow_strict(struct ofproto
*p
, struct ofp_flow_mod
*ofm
)
3831 struct rule
*rule
= find_flow_strict(p
, ofm
);
3833 delete_flow(p
, rule
, ofm
->out_port
);
3837 /* Callback for delete_flows_loose(). */
3839 delete_flows_cb(struct cls_rule
*rule_
, void *cbdata_
)
3841 struct rule
*rule
= rule_from_cls_rule(rule_
);
3842 struct delete_flows_cbdata
*cbdata
= cbdata_
;
3844 delete_flow(cbdata
->ofproto
, rule
, cbdata
->out_port
);
3847 /* Implements core of OFPFC_DELETE and OFPFC_DELETE_STRICT where 'rule' has
3848 * been identified as a flow to delete from 'p''s flow table, by deleting the
3849 * flow and sending out a OFPT_FLOW_REMOVED message to any interested
3852 * Will not delete 'rule' if it is hidden. Will delete 'rule' only if
3853 * 'out_port' is htons(OFPP_NONE) or if 'rule' actually outputs to the
3854 * specified 'out_port'. */
3856 delete_flow(struct ofproto
*p
, struct rule
*rule
, uint16_t out_port
)
3858 if (rule_is_hidden(rule
)) {
3862 if (out_port
!= htons(OFPP_NONE
) && !rule_has_out_port(rule
, out_port
)) {
3866 send_flow_removed(p
, rule
, time_msec(), OFPRR_DELETE
);
3867 rule_remove(p
, rule
);
3871 handle_flow_mod(struct ofproto
*p
, struct ofconn
*ofconn
,
3872 struct ofp_flow_mod
*ofm
)
3874 struct ofp_match orig_match
;
3878 error
= reject_slave_controller(ofconn
, &ofm
->header
);
3882 error
= check_ofp_message_array(&ofm
->header
, OFPT_FLOW_MOD
, sizeof *ofm
,
3883 sizeof *ofm
->actions
, &n_actions
);
3888 /* We do not support the emergency flow cache. It will hopefully
3889 * get dropped from OpenFlow in the near future. */
3890 if (ofm
->flags
& htons(OFPFF_EMERG
)) {
3891 /* There isn't a good fit for an error code, so just state that the
3892 * flow table is full. */
3893 return ofp_mkerr(OFPET_FLOW_MOD_FAILED
, OFPFMFC_ALL_TABLES_FULL
);
3896 /* Normalize ofp->match. If normalization actually changes anything, then
3897 * log the differences. */
3898 ofm
->match
.pad1
[0] = ofm
->match
.pad2
[0] = 0;
3899 orig_match
= ofm
->match
;
3900 normalize_match(&ofm
->match
);
3901 if (memcmp(&ofm
->match
, &orig_match
, sizeof orig_match
)) {
3902 static struct vlog_rate_limit normal_rl
= VLOG_RATE_LIMIT_INIT(1, 1);
3903 if (!VLOG_DROP_INFO(&normal_rl
)) {
3904 char *old
= ofp_match_to_literal_string(&orig_match
);
3905 char *new = ofp_match_to_literal_string(&ofm
->match
);
3906 VLOG_INFO("%s: normalization changed ofp_match, details:",
3907 rconn_get_name(ofconn
->rconn
));
3908 VLOG_INFO(" pre: %s", old
);
3909 VLOG_INFO("post: %s", new);
3915 if (!ofm
->match
.wildcards
) {
3916 ofm
->priority
= htons(UINT16_MAX
);
3919 error
= validate_actions((const union ofp_action
*) ofm
->actions
,
3920 n_actions
, p
->max_ports
);
3925 switch (ntohs(ofm
->command
)) {
3927 return add_flow(p
, ofconn
, ofm
, n_actions
);
3930 return modify_flows_loose(p
, ofconn
, ofm
, n_actions
);
3932 case OFPFC_MODIFY_STRICT
:
3933 return modify_flow_strict(p
, ofconn
, ofm
, n_actions
);
3936 delete_flows_loose(p
, ofm
);
3939 case OFPFC_DELETE_STRICT
:
3940 delete_flow_strict(p
, ofm
);
3944 return ofp_mkerr(OFPET_FLOW_MOD_FAILED
, OFPFMFC_BAD_COMMAND
);
3949 handle_tun_id_from_cookie(struct ofproto
*p
, struct nxt_tun_id_cookie
*msg
)
3953 error
= check_ofp_message(&msg
->header
, OFPT_VENDOR
, sizeof *msg
);
3958 p
->tun_id_from_cookie
= !!msg
->set
;
3963 handle_role_request(struct ofproto
*ofproto
,
3964 struct ofconn
*ofconn
, struct nicira_header
*msg
)
3966 struct nx_role_request
*nrr
;
3967 struct nx_role_request
*reply
;
3971 if (ntohs(msg
->header
.length
) != sizeof *nrr
) {
3972 VLOG_WARN_RL(&rl
, "received role request of length %u (expected %zu)",
3973 ntohs(msg
->header
.length
), sizeof *nrr
);
3974 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_LEN
);
3976 nrr
= (struct nx_role_request
*) msg
;
3978 if (ofconn
->type
!= OFCONN_PRIMARY
) {
3979 VLOG_WARN_RL(&rl
, "ignoring role request on non-controller "
3981 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_EPERM
);
3984 role
= ntohl(nrr
->role
);
3985 if (role
!= NX_ROLE_OTHER
&& role
!= NX_ROLE_MASTER
3986 && role
!= NX_ROLE_SLAVE
) {
3987 VLOG_WARN_RL(&rl
, "received request for unknown role %"PRIu32
, role
);
3989 /* There's no good error code for this. */
3990 return ofp_mkerr(OFPET_BAD_REQUEST
, -1);
3993 if (role
== NX_ROLE_MASTER
) {
3994 struct ofconn
*other
;
3996 HMAP_FOR_EACH (other
, hmap_node
, &ofproto
->controllers
) {
3997 if (other
->role
== NX_ROLE_MASTER
) {
3998 other
->role
= NX_ROLE_SLAVE
;
4002 ofconn
->role
= role
;
4004 reply
= make_openflow_xid(sizeof *reply
, OFPT_VENDOR
, msg
->header
.xid
,
4006 reply
->nxh
.vendor
= htonl(NX_VENDOR_ID
);
4007 reply
->nxh
.subtype
= htonl(NXT_ROLE_REPLY
);
4008 reply
->role
= htonl(role
);
4009 queue_tx(buf
, ofconn
, ofconn
->reply_counter
);
4015 handle_vendor(struct ofproto
*p
, struct ofconn
*ofconn
, void *msg
)
4017 struct ofp_vendor_header
*ovh
= msg
;
4018 struct nicira_header
*nh
;
4020 if (ntohs(ovh
->header
.length
) < sizeof(struct ofp_vendor_header
)) {
4021 VLOG_WARN_RL(&rl
, "received vendor message of length %u "
4022 "(expected at least %zu)",
4023 ntohs(ovh
->header
.length
), sizeof(struct ofp_vendor_header
));
4024 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_LEN
);
4026 if (ovh
->vendor
!= htonl(NX_VENDOR_ID
)) {
4027 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_VENDOR
);
4029 if (ntohs(ovh
->header
.length
) < sizeof(struct nicira_header
)) {
4030 VLOG_WARN_RL(&rl
, "received Nicira vendor message of length %u "
4031 "(expected at least %zu)",
4032 ntohs(ovh
->header
.length
), sizeof(struct nicira_header
));
4033 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_LEN
);
4037 switch (ntohl(nh
->subtype
)) {
4038 case NXT_STATUS_REQUEST
:
4039 return switch_status_handle_request(p
->switch_status
, ofconn
->rconn
,
4042 case NXT_TUN_ID_FROM_COOKIE
:
4043 return handle_tun_id_from_cookie(p
, msg
);
4045 case NXT_ROLE_REQUEST
:
4046 return handle_role_request(p
, ofconn
, msg
);
4049 return ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_SUBTYPE
);
4053 handle_barrier_request(struct ofconn
*ofconn
, struct ofp_header
*oh
)
4055 struct ofp_header
*ob
;
4058 /* Currently, everything executes synchronously, so we can just
4059 * immediately send the barrier reply. */
4060 ob
= make_openflow_xid(sizeof *ob
, OFPT_BARRIER_REPLY
, oh
->xid
, &buf
);
4061 queue_tx(buf
, ofconn
, ofconn
->reply_counter
);
4066 handle_openflow(struct ofconn
*ofconn
, struct ofproto
*p
,
4067 struct ofpbuf
*ofp_msg
)
4069 struct ofp_header
*oh
= ofp_msg
->data
;
4072 COVERAGE_INC(ofproto_recv_openflow
);
4074 case OFPT_ECHO_REQUEST
:
4075 error
= handle_echo_request(ofconn
, oh
);
4078 case OFPT_ECHO_REPLY
:
4082 case OFPT_FEATURES_REQUEST
:
4083 error
= handle_features_request(p
, ofconn
, oh
);
4086 case OFPT_GET_CONFIG_REQUEST
:
4087 error
= handle_get_config_request(p
, ofconn
, oh
);
4090 case OFPT_SET_CONFIG
:
4091 error
= handle_set_config(p
, ofconn
, ofp_msg
->data
);
4094 case OFPT_PACKET_OUT
:
4095 error
= handle_packet_out(p
, ofconn
, ofp_msg
->data
);
4099 error
= handle_port_mod(p
, ofconn
, oh
);
4103 error
= handle_flow_mod(p
, ofconn
, ofp_msg
->data
);
4106 case OFPT_STATS_REQUEST
:
4107 error
= handle_stats_request(p
, ofconn
, oh
);
4111 error
= handle_vendor(p
, ofconn
, ofp_msg
->data
);
4114 case OFPT_BARRIER_REQUEST
:
4115 error
= handle_barrier_request(ofconn
, oh
);
4119 if (VLOG_IS_WARN_ENABLED()) {
4120 char *s
= ofp_to_string(oh
, ntohs(oh
->length
), 2);
4121 VLOG_DBG_RL(&rl
, "OpenFlow message ignored: %s", s
);
4124 error
= ofp_mkerr(OFPET_BAD_REQUEST
, OFPBRC_BAD_TYPE
);
4129 send_error_oh(ofconn
, ofp_msg
->data
, error
);
4134 handle_odp_miss_msg(struct ofproto
*p
, struct ofpbuf
*packet
)
4136 struct odp_msg
*msg
= packet
->data
;
4138 struct ofpbuf payload
;
4141 payload
.data
= msg
+ 1;
4142 payload
.size
= msg
->length
- sizeof *msg
;
4143 flow_extract(&payload
, msg
->arg
, msg
->port
, &flow
);
4145 /* Check with in-band control to see if this packet should be sent
4146 * to the local port regardless of the flow table. */
4147 if (in_band_msg_in_hook(p
->in_band
, &flow
, &payload
)) {
4148 union odp_action action
;
4150 memset(&action
, 0, sizeof(action
));
4151 action
.output
.type
= ODPAT_OUTPUT
;
4152 action
.output
.port
= ODPP_LOCAL
;
4153 dpif_execute(p
->dpif
, &action
, 1, &payload
);
4156 rule
= lookup_valid_rule(p
, &flow
);
4158 /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */
4159 struct ofport
*port
= get_port(p
, msg
->port
);
4161 if (port
->opp
.config
& OFPPC_NO_PACKET_IN
) {
4162 COVERAGE_INC(ofproto_no_packet_in
);
4163 /* XXX install 'drop' flow entry */
4164 ofpbuf_delete(packet
);
4168 VLOG_WARN_RL(&rl
, "packet-in on unknown port %"PRIu16
, msg
->port
);
4171 COVERAGE_INC(ofproto_packet_in
);
4172 send_packet_in(p
, packet
);
4176 if (rule
->cr
.wc
.wildcards
) {
4177 rule
= rule_create_subrule(p
, rule
, &flow
);
4178 rule_make_actions(p
, rule
, packet
);
4180 if (!rule
->may_install
) {
4181 /* The rule is not installable, that is, we need to process every
4182 * packet, so process the current packet and set its actions into
4184 rule_make_actions(p
, rule
, packet
);
4186 /* XXX revalidate rule if it needs it */
4190 if (rule
->super
&& rule
->super
->cr
.priority
== FAIL_OPEN_PRIORITY
) {
4192 * Extra-special case for fail-open mode.
4194 * We are in fail-open mode and the packet matched the fail-open rule,
4195 * but we are connected to a controller too. We should send the packet
4196 * up to the controller in the hope that it will try to set up a flow
4197 * and thereby allow us to exit fail-open.
4199 * See the top-level comment in fail-open.c for more information.
4201 send_packet_in(p
, ofpbuf_clone_with_headroom(packet
,
4202 DPIF_RECV_MSG_PADDING
));
4205 ofpbuf_pull(packet
, sizeof *msg
);
4206 rule_execute(p
, rule
, packet
, &flow
);
4207 rule_reinstall(p
, rule
);
4211 handle_odp_msg(struct ofproto
*p
, struct ofpbuf
*packet
)
4213 struct odp_msg
*msg
= packet
->data
;
4215 switch (msg
->type
) {
4216 case _ODPL_ACTION_NR
:
4217 COVERAGE_INC(ofproto_ctlr_action
);
4218 send_packet_in(p
, packet
);
4221 case _ODPL_SFLOW_NR
:
4223 ofproto_sflow_received(p
->sflow
, msg
);
4225 ofpbuf_delete(packet
);
4229 handle_odp_miss_msg(p
, packet
);
4233 VLOG_WARN_RL(&rl
, "received ODP message of unexpected type %"PRIu32
,
4239 /* Flow expiration. */
4241 struct expire_cbdata
{
4242 struct ofproto
*ofproto
;
4246 static int ofproto_dp_max_idle(const struct ofproto
*);
4247 static void ofproto_update_used(struct ofproto
*);
4248 static void rule_expire(struct cls_rule
*, void *cbdata
);
4250 /* This function is called periodically by ofproto_run(). Its job is to
4251 * collect updates for the flows that have been installed into the datapath,
4252 * most importantly when they last were used, and then use that information to
4253 * expire flows that have not been used recently.
4255 * Returns the number of milliseconds after which it should be called again. */
4257 ofproto_expire(struct ofproto
*ofproto
)
4259 struct expire_cbdata cbdata
;
4261 /* Update 'used' for each flow in the datapath. */
4262 ofproto_update_used(ofproto
);
4264 /* Expire idle flows.
4266 * A wildcarded flow is idle only when all of its subrules have expired due
4267 * to becoming idle, so iterate through the exact-match flows first. */
4268 cbdata
.ofproto
= ofproto
;
4269 cbdata
.dp_max_idle
= ofproto_dp_max_idle(ofproto
);
4270 classifier_for_each(&ofproto
->cls
, CLS_INC_EXACT
, rule_expire
, &cbdata
);
4271 classifier_for_each(&ofproto
->cls
, CLS_INC_WILD
, rule_expire
, &cbdata
);
4273 /* Let the hook know that we're at a stable point: all outstanding data
4274 * in existing flows has been accounted to the account_cb. Thus, the
4275 * hook can now reasonably do operations that depend on having accurate
4276 * flow volume accounting (currently, that's just bond rebalancing). */
4277 if (ofproto
->ofhooks
->account_checkpoint_cb
) {
4278 ofproto
->ofhooks
->account_checkpoint_cb(ofproto
->aux
);
4281 return MIN(cbdata
.dp_max_idle
, 1000);
4284 /* Update 'used' member of each flow currently installed into the datapath. */
4286 ofproto_update_used(struct ofproto
*p
)
4288 struct odp_flow
*flows
;
4293 error
= dpif_flow_list_all(p
->dpif
, &flows
, &n_flows
);
4298 for (i
= 0; i
< n_flows
; i
++) {
4299 struct odp_flow
*f
= &flows
[i
];
4303 odp_flow_key_to_flow(&f
->key
, &flow
);
4305 rule
= rule_from_cls_rule(
4306 classifier_find_rule_exactly(&p
->cls
, &flow
, 0, UINT16_MAX
));
4308 if (rule
&& rule
->installed
) {
4309 update_time(p
, rule
, &f
->stats
);
4310 rule_account(p
, rule
, f
->stats
.n_bytes
);
4312 /* There's a flow in the datapath that we know nothing about.
4314 COVERAGE_INC(ofproto_unexpected_rule
);
4315 dpif_flow_del(p
->dpif
, f
);
4322 /* Calculates and returns the number of milliseconds of idle time after which
4323 * flows should expire from the datapath and we should fold their statistics
4324 * into their parent rules in userspace. */
4326 ofproto_dp_max_idle(const struct ofproto
*ofproto
)
4329 * Idle time histogram.
4331 * Most of the time a switch has a relatively small number of flows. When
4332 * this is the case we might as well keep statistics for all of them in
4333 * userspace and to cache them in the kernel datapath for performance as
4336 * As the number of flows increases, the memory required to maintain
4337 * statistics about them in userspace and in the kernel becomes
4338 * significant. However, with a large number of flows it is likely that
4339 * only a few of them are "heavy hitters" that consume a large amount of
4340 * bandwidth. At this point, only heavy hitters are worth caching in the
4341 * kernel and maintaining in userspaces; other flows we can discard.
4343 * The technique used to compute the idle time is to build a histogram with
4344 * N_BUCKETS bucket whose width is BUCKET_WIDTH msecs each. Each flow that
4345 * is installed in the kernel gets dropped in the appropriate bucket.
4346 * After the histogram has been built, we compute the cutoff so that only
4347 * the most-recently-used 1% of flows (but at least 1000 flows) are kept
4348 * cached. At least the most-recently-used bucket of flows is kept, so
4349 * actually an arbitrary number of flows can be kept in any given
4350 * expiration run (though the next run will delete most of those unless
4351 * they receive additional data).
4353 * This requires a second pass through the exact-match flows, in addition
4354 * to the pass made by ofproto_update_used(), because the former function
4355 * never looks at uninstallable flows.
4357 enum { BUCKET_WIDTH
= ROUND_UP(100, TIME_UPDATE_INTERVAL
) };
4358 enum { N_BUCKETS
= 5000 / BUCKET_WIDTH
};
4359 int buckets
[N_BUCKETS
] = { 0 };
4365 total
= classifier_count_exact(&ofproto
->cls
);
4366 if (total
<= 1000) {
4367 return N_BUCKETS
* BUCKET_WIDTH
;
4370 /* Build histogram. */
4372 CLASSIFIER_FOR_EACH_EXACT_RULE (rule
, cr
, &ofproto
->cls
) {
4373 long long int idle
= now
- rule
->used
;
4374 int bucket
= (idle
<= 0 ? 0
4375 : idle
>= BUCKET_WIDTH
* N_BUCKETS
? N_BUCKETS
- 1
4376 : (unsigned int) idle
/ BUCKET_WIDTH
);
4380 /* Find the first bucket whose flows should be expired. */
4381 for (bucket
= 0; bucket
< N_BUCKETS
; bucket
++) {
4382 if (buckets
[bucket
]) {
4385 subtotal
+= buckets
[bucket
++];
4386 } while (bucket
< N_BUCKETS
&& subtotal
< MAX(1000, total
/ 100));
4391 if (VLOG_IS_DBG_ENABLED()) {
4395 ds_put_cstr(&s
, "keep");
4396 for (i
= 0; i
< N_BUCKETS
; i
++) {
4398 ds_put_cstr(&s
, ", drop");
4401 ds_put_format(&s
, " %d:%d", i
* BUCKET_WIDTH
, buckets
[i
]);
4404 VLOG_INFO("%s: %s (msec:count)",
4405 dpif_name(ofproto
->dpif
), ds_cstr(&s
));
4409 return bucket
* BUCKET_WIDTH
;
4413 rule_active_timeout(struct ofproto
*ofproto
, struct rule
*rule
)
4415 if (ofproto
->netflow
&& !is_controller_rule(rule
) &&
4416 netflow_active_timeout_expired(ofproto
->netflow
, &rule
->nf_flow
)) {
4417 struct ofexpired expired
;
4418 struct odp_flow odp_flow
;
4420 /* Get updated flow stats.
4422 * XXX We could avoid this call entirely if (1) ofproto_update_used()
4423 * updated TCP flags and (2) the dpif_flow_list_all() in
4424 * ofproto_update_used() zeroed TCP flags. */
4425 memset(&odp_flow
, 0, sizeof odp_flow
);
4426 if (rule
->installed
) {
4427 odp_flow_key_from_flow(&odp_flow
.key
, &rule
->cr
.flow
);
4428 odp_flow
.flags
= ODPFF_ZERO_TCP_FLAGS
;
4429 dpif_flow_get(ofproto
->dpif
, &odp_flow
);
4431 if (odp_flow
.stats
.n_packets
) {
4432 update_time(ofproto
, rule
, &odp_flow
.stats
);
4433 netflow_flow_update_flags(&rule
->nf_flow
,
4434 odp_flow
.stats
.tcp_flags
);
4438 expired
.flow
= rule
->cr
.flow
;
4439 expired
.packet_count
= rule
->packet_count
+
4440 odp_flow
.stats
.n_packets
;
4441 expired
.byte_count
= rule
->byte_count
+ odp_flow
.stats
.n_bytes
;
4442 expired
.used
= rule
->used
;
4444 netflow_expire(ofproto
->netflow
, &rule
->nf_flow
, &expired
);
4448 /* If 'cls_rule' is an OpenFlow rule, that has expired according to OpenFlow
4449 * rules, then delete it entirely.
4451 * If 'cls_rule' is a subrule, that has not been used recently, remove it from
4452 * the datapath and fold its statistics back into its super-rule.
4454 * (This is a callback function for classifier_for_each().) */
4456 rule_expire(struct cls_rule
*cls_rule
, void *cbdata_
)
4458 struct expire_cbdata
*cbdata
= cbdata_
;
4459 struct ofproto
*ofproto
= cbdata
->ofproto
;
4460 struct rule
*rule
= rule_from_cls_rule(cls_rule
);
4461 long long int hard_expire
, idle_expire
, expire
, now
;
4463 /* Calculate OpenFlow expiration times for 'rule'. */
4464 hard_expire
= (rule
->hard_timeout
4465 ? rule
->created
+ rule
->hard_timeout
* 1000
4467 idle_expire
= (rule
->idle_timeout
4468 && (rule
->super
|| list_is_empty(&rule
->list
))
4469 ? rule
->used
+ rule
->idle_timeout
* 1000
4471 expire
= MIN(hard_expire
, idle_expire
);
4475 /* 'rule' has not expired according to OpenFlow rules. */
4476 if (!rule
->cr
.wc
.wildcards
) {
4477 if (now
>= rule
->used
+ cbdata
->dp_max_idle
) {
4478 /* This rule is idle, so drop it to free up resources. */
4480 /* It's not part of the OpenFlow flow table, so we can
4481 * delete it entirely and fold its statistics into its
4483 rule_remove(ofproto
, rule
);
4485 /* It is part of the OpenFlow flow table, so we have to
4486 * keep the rule but we can at least uninstall it from the
4488 rule_uninstall(ofproto
, rule
);
4491 /* Send NetFlow active timeout if appropriate. */
4492 rule_active_timeout(cbdata
->ofproto
, rule
);
4496 /* 'rule' has expired according to OpenFlow rules. */
4497 COVERAGE_INC(ofproto_expired
);
4499 /* Update stats. (This is a no-op if the rule expired due to an idle
4500 * timeout, because that only happens when the rule has no subrules
4502 if (rule
->cr
.wc
.wildcards
) {
4503 struct rule
*subrule
, *next
;
4504 LIST_FOR_EACH_SAFE (subrule
, next
, list
, &rule
->list
) {
4505 rule_remove(cbdata
->ofproto
, subrule
);
4508 rule_uninstall(cbdata
->ofproto
, rule
);
4511 /* Get rid of the rule. */
4512 if (!rule_is_hidden(rule
)) {
4513 send_flow_removed(cbdata
->ofproto
, rule
, now
,
4515 ? OFPRR_HARD_TIMEOUT
: OFPRR_IDLE_TIMEOUT
));
4517 rule_remove(cbdata
->ofproto
, rule
);
4522 revalidate_cb(struct cls_rule
*sub_
, void *cbdata_
)
4524 struct rule
*sub
= rule_from_cls_rule(sub_
);
4525 struct revalidate_cbdata
*cbdata
= cbdata_
;
4527 if (cbdata
->revalidate_all
4528 || (cbdata
->revalidate_subrules
&& sub
->super
)
4529 || (tag_set_intersects(&cbdata
->revalidate_set
, sub
->tags
))) {
4530 revalidate_rule(cbdata
->ofproto
, sub
);
4535 revalidate_rule(struct ofproto
*p
, struct rule
*rule
)
4537 const struct flow
*flow
= &rule
->cr
.flow
;
4539 COVERAGE_INC(ofproto_revalidate_rule
);
4542 super
= rule_from_cls_rule(classifier_lookup_wild(&p
->cls
, flow
));
4544 rule_remove(p
, rule
);
4546 } else if (super
!= rule
->super
) {
4547 COVERAGE_INC(ofproto_revalidate_moved
);
4548 list_remove(&rule
->list
);
4549 list_push_back(&super
->list
, &rule
->list
);
4550 rule
->super
= super
;
4551 rule
->hard_timeout
= super
->hard_timeout
;
4552 rule
->idle_timeout
= super
->idle_timeout
;
4553 rule
->created
= super
->created
;
4558 rule_update_actions(p
, rule
);
4562 static struct ofpbuf
*
4563 compose_flow_removed(struct ofproto
*p
, const struct rule
*rule
,
4564 long long int now
, uint8_t reason
)
4566 struct ofp_flow_removed
*ofr
;
4568 long long int tdiff
= now
- rule
->created
;
4569 uint32_t sec
= tdiff
/ 1000;
4570 uint32_t msec
= tdiff
- (sec
* 1000);
4572 ofr
= make_openflow(sizeof *ofr
, OFPT_FLOW_REMOVED
, &buf
);
4573 flow_to_match(&rule
->cr
.flow
, rule
->cr
.wc
.wildcards
, p
->tun_id_from_cookie
,
4575 ofr
->cookie
= rule
->flow_cookie
;
4576 ofr
->priority
= htons(rule
->cr
.priority
);
4577 ofr
->reason
= reason
;
4578 ofr
->duration_sec
= htonl(sec
);
4579 ofr
->duration_nsec
= htonl(msec
* 1000000);
4580 ofr
->idle_timeout
= htons(rule
->idle_timeout
);
4581 ofr
->packet_count
= htonll(rule
->packet_count
);
4582 ofr
->byte_count
= htonll(rule
->byte_count
);
4588 send_flow_removed(struct ofproto
*p
, struct rule
*rule
,
4589 long long int now
, uint8_t reason
)
4591 struct ofconn
*ofconn
;
4592 struct ofconn
*prev
;
4593 struct ofpbuf
*buf
= NULL
;
4595 if (!rule
->send_flow_removed
) {
4599 /* We limit the maximum number of queued flow expirations it by accounting
4600 * them under the counter for replies. That works because preventing
4601 * OpenFlow requests from being processed also prevents new flows from
4602 * being added (and expiring). (It also prevents processing OpenFlow
4603 * requests that would not add new flows, so it is imperfect.) */
4606 LIST_FOR_EACH (ofconn
, node
, &p
->all_conns
) {
4607 if (rconn_is_connected(ofconn
->rconn
)
4608 && ofconn_receives_async_msgs(ofconn
)) {
4610 queue_tx(ofpbuf_clone(buf
), prev
, prev
->reply_counter
);
4612 buf
= compose_flow_removed(p
, rule
, now
, reason
);
4618 queue_tx(buf
, prev
, prev
->reply_counter
);
4622 /* pinsched callback for sending 'packet' on 'ofconn'. */
4624 do_send_packet_in(struct ofpbuf
*packet
, void *ofconn_
)
4626 struct ofconn
*ofconn
= ofconn_
;
4628 rconn_send_with_limit(ofconn
->rconn
, packet
,
4629 ofconn
->packet_in_counter
, 100);
4632 /* Takes 'packet', which has been converted with do_convert_to_packet_in(), and
4633 * finalizes its content for sending on 'ofconn', and passes it to 'ofconn''s
4634 * packet scheduler for sending.
4636 * 'max_len' specifies the maximum number of bytes of the packet to send on
4637 * 'ofconn' (INT_MAX specifies no limit).
4639 * If 'clone' is true, the caller retains ownership of 'packet'. Otherwise,
4640 * ownership is transferred to this function. */
4642 schedule_packet_in(struct ofconn
*ofconn
, struct ofpbuf
*packet
, int max_len
,
4645 struct ofproto
*ofproto
= ofconn
->ofproto
;
4646 struct ofp_packet_in
*opi
= packet
->data
;
4647 uint16_t in_port
= ofp_port_to_odp_port(ntohs(opi
->in_port
));
4648 int send_len
, trim_size
;
4652 if (opi
->reason
== OFPR_ACTION
) {
4653 buffer_id
= UINT32_MAX
;
4654 } else if (ofproto
->fail_open
&& fail_open_is_active(ofproto
->fail_open
)) {
4655 buffer_id
= pktbuf_get_null();
4656 } else if (!ofconn
->pktbuf
) {
4657 buffer_id
= UINT32_MAX
;
4659 struct ofpbuf payload
;
4660 payload
.data
= opi
->data
;
4661 payload
.size
= packet
->size
- offsetof(struct ofp_packet_in
, data
);
4662 buffer_id
= pktbuf_save(ofconn
->pktbuf
, &payload
, in_port
);
4665 /* Figure out how much of the packet to send. */
4666 send_len
= ntohs(opi
->total_len
);
4667 if (buffer_id
!= UINT32_MAX
) {
4668 send_len
= MIN(send_len
, ofconn
->miss_send_len
);
4670 send_len
= MIN(send_len
, max_len
);
4672 /* Adjust packet length and clone if necessary. */
4673 trim_size
= offsetof(struct ofp_packet_in
, data
) + send_len
;
4675 packet
= ofpbuf_clone_data(packet
->data
, trim_size
);
4678 packet
->size
= trim_size
;
4681 /* Update packet headers. */
4682 opi
->buffer_id
= htonl(buffer_id
);
4683 update_openflow_length(packet
);
4685 /* Hand over to packet scheduler. It might immediately call into
4686 * do_send_packet_in() or it might buffer it for a while (until a later
4687 * call to pinsched_run()). */
4688 pinsched_send(ofconn
->schedulers
[opi
->reason
], in_port
,
4689 packet
, do_send_packet_in
, ofconn
);
4692 /* Replace struct odp_msg header in 'packet' by equivalent struct
4693 * ofp_packet_in. The odp_msg must have sufficient headroom to do so (e.g. as
4694 * returned by dpif_recv()).
4696 * The conversion is not complete: the caller still needs to trim any unneeded
4697 * payload off the end of the buffer, set the length in the OpenFlow header,
4698 * and set buffer_id. Those require us to know the controller settings and so
4699 * must be done on a per-controller basis.
4701 * Returns the maximum number of bytes of the packet that should be sent to
4702 * the controller (INT_MAX if no limit). */
4704 do_convert_to_packet_in(struct ofpbuf
*packet
)
4706 struct odp_msg
*msg
= packet
->data
;
4707 struct ofp_packet_in
*opi
;
4713 /* Extract relevant header fields */
4714 if (msg
->type
== _ODPL_ACTION_NR
) {
4715 reason
= OFPR_ACTION
;
4718 reason
= OFPR_NO_MATCH
;
4721 total_len
= msg
->length
- sizeof *msg
;
4722 in_port
= odp_port_to_ofp_port(msg
->port
);
4724 /* Repurpose packet buffer by overwriting header. */
4725 ofpbuf_pull(packet
, sizeof(struct odp_msg
));
4726 opi
= ofpbuf_push_zeros(packet
, offsetof(struct ofp_packet_in
, data
));
4727 opi
->header
.version
= OFP_VERSION
;
4728 opi
->header
.type
= OFPT_PACKET_IN
;
4729 opi
->total_len
= htons(total_len
);
4730 opi
->in_port
= htons(in_port
);
4731 opi
->reason
= reason
;
4736 /* Given 'packet' containing an odp_msg of type _ODPL_ACTION_NR or
4737 * _ODPL_MISS_NR, sends an OFPT_PACKET_IN message to each OpenFlow controller
4738 * as necessary according to their individual configurations.
4740 * 'packet' must have sufficient headroom to convert it into a struct
4741 * ofp_packet_in (e.g. as returned by dpif_recv()).
4743 * Takes ownership of 'packet'. */
4745 send_packet_in(struct ofproto
*ofproto
, struct ofpbuf
*packet
)
4747 struct ofconn
*ofconn
, *prev
;
4750 max_len
= do_convert_to_packet_in(packet
);
4753 LIST_FOR_EACH (ofconn
, node
, &ofproto
->all_conns
) {
4754 if (ofconn_receives_async_msgs(ofconn
)) {
4756 schedule_packet_in(prev
, packet
, max_len
, true);
4762 schedule_packet_in(prev
, packet
, max_len
, false);
4764 ofpbuf_delete(packet
);
4769 pick_datapath_id(const struct ofproto
*ofproto
)
4771 const struct ofport
*port
;
4773 port
= get_port(ofproto
, ODPP_LOCAL
);
4775 uint8_t ea
[ETH_ADDR_LEN
];
4778 error
= netdev_get_etheraddr(port
->netdev
, ea
);
4780 return eth_addr_to_uint64(ea
);
4782 VLOG_WARN("could not get MAC address for %s (%s)",
4783 netdev_get_name(port
->netdev
), strerror(error
));
4785 return ofproto
->fallback_dpid
;
4789 pick_fallback_dpid(void)
4791 uint8_t ea
[ETH_ADDR_LEN
];
4792 eth_addr_nicira_random(ea
);
4793 return eth_addr_to_uint64(ea
);
4797 default_normal_ofhook_cb(const struct flow
*flow
, const struct ofpbuf
*packet
,
4798 struct odp_actions
*actions
, tag_type
*tags
,
4799 uint16_t *nf_output_iface
, void *ofproto_
)
4801 struct ofproto
*ofproto
= ofproto_
;
4804 /* Drop frames for reserved multicast addresses. */
4805 if (eth_addr_is_reserved(flow
->dl_dst
)) {
4809 /* Learn source MAC (but don't try to learn from revalidation). */
4810 if (packet
!= NULL
) {
4811 tag_type rev_tag
= mac_learning_learn(ofproto
->ml
, flow
->dl_src
,
4813 GRAT_ARP_LOCK_NONE
);
4815 /* The log messages here could actually be useful in debugging,
4816 * so keep the rate limit relatively high. */
4817 static struct vlog_rate_limit rl
= VLOG_RATE_LIMIT_INIT(30, 300);
4818 VLOG_DBG_RL(&rl
, "learned that "ETH_ADDR_FMT
" is on port %"PRIu16
,
4819 ETH_ADDR_ARGS(flow
->dl_src
), flow
->in_port
);
4820 ofproto_revalidate(ofproto
, rev_tag
);
4824 /* Determine output port. */
4825 out_port
= mac_learning_lookup_tag(ofproto
->ml
, flow
->dl_dst
, 0, tags
,
4828 flood_packets(ofproto
, flow
->in_port
, OFPPC_NO_FLOOD
,
4829 nf_output_iface
, actions
);
4830 } else if (out_port
!= flow
->in_port
) {
4831 odp_actions_add(actions
, ODPAT_OUTPUT
)->output
.port
= out_port
;
4832 *nf_output_iface
= out_port
;
4840 static const struct ofhooks default_ofhooks
= {
4841 default_normal_ofhook_cb
,