2 * Copyright (c) 2009, 2010, 2011 Nicira Networks.
3 * Copyright (c) 2010 Jean Tourrilhes - HP-Labs.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
22 #include <sys/socket.h>
24 #include <netinet/in.h>
30 #include "byte-order.h"
32 #include "classifier.h"
36 #include "dynamic-string.h"
37 #include "fail-open.h"
43 #include "mac-learning.h"
44 #include "multipath.h"
50 #include "ofp-print.h"
52 #include "ofproto-sflow.h"
54 #include "openflow/nicira-ext.h"
55 #include "openflow/openflow.h"
56 #include "openvswitch/datapath-protocol.h"
60 #include "poll-loop.h"
65 #include "stream-ssl.h"
69 #include "unaligned.h"
72 #include "vlan-bitmap.h"
75 VLOG_DEFINE_THIS_MODULE(ofproto);
77 COVERAGE_DEFINE(facet_changed_rule);
78 COVERAGE_DEFINE(facet_revalidate);
79 COVERAGE_DEFINE(odp_overflow);
80 COVERAGE_DEFINE(ofproto_agg_request);
81 COVERAGE_DEFINE(ofproto_costly_flags);
82 COVERAGE_DEFINE(ofproto_ctlr_action);
83 COVERAGE_DEFINE(ofproto_del_rule);
84 COVERAGE_DEFINE(ofproto_error);
85 COVERAGE_DEFINE(ofproto_expiration);
86 COVERAGE_DEFINE(ofproto_expired);
87 COVERAGE_DEFINE(ofproto_flows_req);
88 COVERAGE_DEFINE(ofproto_flush);
89 COVERAGE_DEFINE(ofproto_invalidated);
90 COVERAGE_DEFINE(ofproto_no_packet_in);
91 COVERAGE_DEFINE(ofproto_ofp2odp);
92 COVERAGE_DEFINE(ofproto_packet_in);
93 COVERAGE_DEFINE(ofproto_packet_out);
94 COVERAGE_DEFINE(ofproto_queue_req);
95 COVERAGE_DEFINE(ofproto_recv_openflow);
96 COVERAGE_DEFINE(ofproto_reinit_ports);
97 COVERAGE_DEFINE(ofproto_unexpected_rule);
98 COVERAGE_DEFINE(ofproto_uninstallable);
99 COVERAGE_DEFINE(ofproto_update_port);
101 /* Maximum depth of flow table recursion (due to NXAST_RESUBMIT actions) in a
102 * flow translation. */
103 #define MAX_RESUBMIT_RECURSION 16
107 #define MAX_MIRRORS 32
108 typedef uint32_t mirror_mask_t;
109 #define MIRROR_MASK_C(X) UINT32_C(X)
110 BUILD_ASSERT_DECL(sizeof(mirror_mask_t) * CHAR_BIT >= MAX_MIRRORS);
112 struct ofproto *ofproto; /* Owning ofproto. */
113 size_t idx; /* In ofproto's "mirrors" array. */
114 void *aux; /* Key supplied by ofproto's client. */
115 char *name; /* Identifier for log messages. */
117 /* Selection criteria. */
118 struct hmapx srcs; /* Contains "struct ofbundle *"s. */
119 struct hmapx dsts; /* Contains "struct ofbundle *"s. */
120 unsigned long *vlans; /* Bitmap of chosen VLANs, NULL selects all. */
122 /* Output (mutually exclusive). */
123 struct ofbundle *out; /* Output port or NULL. */
124 int out_vlan; /* Output VLAN or -1. */
127 static void ofproto_mirror_destroy(struct ofmirror *);
129 /* A group of one or more OpenFlow ports. */
130 #define OFBUNDLE_FLOOD ((struct ofbundle *) 1)
132 struct ofproto *ofproto; /* Owning ofproto. */
133 struct hmap_node hmap_node; /* In struct ofproto's "bundles" hmap. */
134 void *aux; /* Key supplied by ofproto's client. */
135 char *name; /* Identifier for log messages. */
138 struct list ports; /* Contains "struct ofport"s. */
139 int vlan; /* -1=trunk port, else a 12-bit VLAN ID. */
140 unsigned long *trunks; /* Bitmap of trunked VLANs, if 'vlan' == -1.
141 * NULL if all VLANs are trunked. */
142 struct lacp *lacp; /* LACP if LACP is enabled, otherwise NULL. */
143 struct bond *bond; /* Bonding setup if more than one port,
147 bool floodable; /* True if no port has OFPPC_NO_FLOOD set. */
149 /* Port mirroring info. */
150 mirror_mask_t src_mirrors; /* Mirrors triggered when packet received. */
151 mirror_mask_t dst_mirrors; /* Mirrors triggered when packet sent. */
152 mirror_mask_t mirror_out; /* Mirrors that output to this bundle. */
155 /* An OpenFlow port. */
157 struct ofproto *ofproto; /* Owning ofproto. */
158 struct hmap_node hmap_node; /* In struct ofproto's "ports" hmap. */
159 struct netdev *netdev;
160 struct ofp_phy_port opp;
164 struct ofbundle *bundle; /* Bundle that contains this port, if any. */
165 struct list bundle_node; /* In struct ofbundle's "ports" list. */
166 struct cfm *cfm; /* Connectivity Fault Management, if any. */
167 tag_type tag; /* Tag associated with this port. */
170 static void ofport_free(struct ofport *);
171 static void ofport_run(struct ofport *);
172 static void ofport_wait(struct ofport *);
174 struct action_xlate_ctx {
175 /* action_xlate_ctx_init() initializes these members. */
178 struct ofproto *ofproto;
180 /* Flow to which the OpenFlow actions apply. xlate_actions() will modify
181 * this flow when actions change header fields. */
184 /* The packet corresponding to 'flow', or a null pointer if we are
185 * revalidating without a packet to refer to. */
186 const struct ofpbuf *packet;
188 /* If nonnull, called just before executing a resubmit action.
190 * This is normally null so the client has to set it manually after
191 * calling action_xlate_ctx_init(). */
192 void (*resubmit_hook)(struct action_xlate_ctx *, struct rule *);
194 /* If true, the speciality of 'flow' should be checked before executing
195 * its actions. If special_cb returns false on 'flow' rendered
196 * uninstallable and no actions will be executed. */
199 /* xlate_actions() initializes and uses these members. The client might want
200 * to look at them after it returns. */
202 struct ofpbuf *odp_actions; /* Datapath actions. */
203 tag_type tags; /* Tags associated with OFPP_NORMAL actions. */
204 bool may_set_up_flow; /* True ordinarily; false if the actions must
205 * be reassessed for every packet. */
206 uint16_t nf_output_iface; /* Output interface index for NetFlow. */
208 /* xlate_actions() initializes and uses these members, but the client has no
209 * reason to look at them. */
211 int recurse; /* Recursion level, via xlate_table_action. */
212 int last_pop_priority; /* Offset in 'odp_actions' just past most
213 * recent ODP_ACTION_ATTR_SET_PRIORITY. */
216 static void action_xlate_ctx_init(struct action_xlate_ctx *,
217 struct ofproto *, const struct flow *,
218 const struct ofpbuf *);
219 static struct ofpbuf *xlate_actions(struct action_xlate_ctx *,
220 const union ofp_action *in, size_t n_in);
222 /* An OpenFlow flow. */
224 long long int used; /* Time last used; time created if not used. */
225 long long int created; /* Creation time. */
229 * - Do include packets and bytes from facets that have been deleted or
230 * whose own statistics have been folded into the rule.
232 * - Do include packets and bytes sent "by hand" that were accounted to
233 * the rule without any facet being involved (this is a rare corner
234 * case in rule_execute()).
236 * - Do not include packet or bytes that can be obtained from any facet's
237 * packet_count or byte_count member or that can be obtained from the
238 * datapath by, e.g., dpif_flow_get() for any facet.
240 uint64_t packet_count; /* Number of packets received. */
241 uint64_t byte_count; /* Number of bytes received. */
243 ovs_be64 flow_cookie; /* Controller-issued identifier. */
245 struct cls_rule cr; /* In owning ofproto's classifier. */
246 uint16_t idle_timeout; /* In seconds from time of last use. */
247 uint16_t hard_timeout; /* In seconds from time of creation. */
248 bool send_flow_removed; /* Send a flow removed message? */
249 int n_actions; /* Number of elements in actions[]. */
250 union ofp_action *actions; /* OpenFlow actions. */
251 struct list facets; /* List of "struct facet"s. */
254 static struct rule *rule_from_cls_rule(const struct cls_rule *);
255 static bool rule_is_hidden(const struct rule *);
257 static struct rule *rule_create(const struct cls_rule *,
258 const union ofp_action *, size_t n_actions,
259 uint16_t idle_timeout, uint16_t hard_timeout,
260 ovs_be64 flow_cookie, bool send_flow_removed);
261 static void rule_destroy(struct ofproto *, struct rule *);
262 static void rule_free(struct rule *);
264 static struct rule *rule_lookup(struct ofproto *, const struct flow *);
265 static void rule_insert(struct ofproto *, struct rule *);
266 static void rule_remove(struct ofproto *, struct rule *);
268 static void rule_send_removed(struct ofproto *, struct rule *, uint8_t reason);
269 static void rule_get_stats(const struct rule *, uint64_t *packets,
272 /* An exact-match instantiation of an OpenFlow flow. */
274 long long int used; /* Time last used; time created if not used. */
278 * - Do include packets and bytes sent "by hand", e.g. with
281 * - Do include packets and bytes that were obtained from the datapath
282 * when a flow was deleted (e.g. dpif_flow_del()) or when its
283 * statistics were reset (e.g. dpif_flow_put() with
284 * DPIF_FP_ZERO_STATS).
286 * - Do not include any packets or bytes that can currently be obtained
287 * from the datapath by, e.g., dpif_flow_get().
289 uint64_t packet_count; /* Number of packets received. */
290 uint64_t byte_count; /* Number of bytes received. */
292 uint64_t dp_packet_count; /* Last known packet count in the datapath. */
293 uint64_t dp_byte_count; /* Last known byte count in the datapath. */
295 uint64_t rs_packet_count; /* Packets pushed to resubmit children. */
296 uint64_t rs_byte_count; /* Bytes pushed to resubmit children. */
297 long long int rs_used; /* Used time pushed to resubmit children. */
299 /* Number of bytes passed to account_cb. This may include bytes that can
300 * currently obtained from the datapath (thus, it can be greater than
302 uint64_t accounted_bytes;
304 struct hmap_node hmap_node; /* In owning ofproto's 'facets' hmap. */
305 struct list list_node; /* In owning rule's 'facets' list. */
306 struct rule *rule; /* Owning rule. */
307 struct flow flow; /* Exact-match flow. */
308 bool installed; /* Installed in datapath? */
309 bool may_install; /* True ordinarily; false if actions must
310 * be reassessed for every packet. */
311 size_t actions_len; /* Number of bytes in actions[]. */
312 struct nlattr *actions; /* Datapath actions. */
313 tag_type tags; /* Tags. */
314 struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */
317 static struct facet *facet_create(struct ofproto *, struct rule *,
319 const struct ofpbuf *packet);
320 static void facet_remove(struct ofproto *, struct facet *);
321 static void facet_free(struct facet *);
323 static struct facet *facet_lookup_valid(struct ofproto *, const struct flow *);
324 static bool facet_revalidate(struct ofproto *, struct facet *);
326 static void facet_install(struct ofproto *, struct facet *, bool zero_stats);
327 static void facet_uninstall(struct ofproto *, struct facet *);
328 static void facet_flush_stats(struct ofproto *, struct facet *);
330 static void facet_make_actions(struct ofproto *, struct facet *,
331 const struct ofpbuf *packet);
332 static void facet_update_stats(struct ofproto *, struct facet *,
333 const struct dpif_flow_stats *);
334 static void facet_push_stats(struct ofproto *, struct facet *);
336 static void send_packet_in(struct ofproto *, struct dpif_upcall *,
337 const struct flow *, bool clone);
340 char *name; /* Datapath name. */
341 struct hmap_node hmap_node; /* In global 'all_ofprotos' hmap. */
344 uint64_t datapath_id; /* Datapath ID. */
345 uint64_t fallback_dpid; /* Datapath ID if no better choice found. */
346 char *mfr_desc; /* Manufacturer. */
347 char *hw_desc; /* Hardware. */
348 char *sw_desc; /* Software version. */
349 char *serial_desc; /* Serial number. */
350 char *dp_desc; /* Datapath description. */
354 struct netdev_monitor *netdev_monitor;
355 struct hmap ports; /* Contains "struct ofport"s. */
356 struct shash port_by_name;
360 struct netflow *netflow;
361 struct ofproto_sflow *sflow;
362 struct hmap bundles; /* Contains "struct ofbundle"s. */
363 struct mac_learning *ml;
364 struct ofmirror *mirrors[MAX_MIRRORS];
365 bool has_bonded_bundles;
368 struct classifier cls;
369 struct timer next_expiration;
373 bool need_revalidate;
374 struct tag_set revalidate_set;
376 /* OpenFlow connections. */
377 struct connmgr *connmgr;
380 /* Map from dpif name to struct ofproto, for use by unixctl commands. */
381 static struct hmap all_ofprotos = HMAP_INITIALIZER(&all_ofprotos);
383 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
385 static uint64_t pick_datapath_id(const struct ofproto *);
386 static uint64_t pick_fallback_dpid(void);
388 static void ofproto_flush_flows__(struct ofproto *);
389 static int ofproto_expire(struct ofproto *);
390 static void flow_push_stats(struct ofproto *, const struct rule *,
391 struct flow *, uint64_t packets, uint64_t bytes,
394 static void handle_upcall(struct ofproto *, struct dpif_upcall *);
396 static void handle_openflow(struct ofconn *, struct ofpbuf *);
398 static struct ofport *get_port(const struct ofproto *, uint16_t odp_port);
399 static void update_port(struct ofproto *, const char *devname);
400 static int init_ports(struct ofproto *);
401 static void reinit_ports(struct ofproto *);
403 static void update_learning_table(struct ofproto *,
404 const struct flow *, int vlan,
406 static bool is_admissible(struct ofproto *, const struct flow *,
407 bool have_packet, tag_type *, int *vlanp,
408 struct ofbundle **in_bundlep);
410 static void ofproto_unixctl_init(void);
413 ofproto_create(const char *datapath, const char *datapath_type,
414 struct ofproto **ofprotop)
416 char local_name[IF_NAMESIZE];
424 ofproto_unixctl_init();
426 /* Connect to datapath and start listening for messages. */
427 error = dpif_create_and_open(datapath, datapath_type, &dpif);
429 VLOG_ERR("failed to open datapath %s: %s", datapath, strerror(error));
432 error = dpif_recv_set_mask(dpif,
433 ((1u << DPIF_UC_MISS) |
434 (1u << DPIF_UC_ACTION) |
435 (1u << DPIF_UC_SAMPLE)));
437 VLOG_ERR("failed to listen on datapath %s: %s",
438 datapath, strerror(error));
442 dpif_flow_flush(dpif);
443 dpif_recv_purge(dpif);
445 error = dpif_port_get_name(dpif, ODPP_LOCAL,
446 local_name, sizeof local_name);
448 VLOG_ERR("%s: cannot get name of datapath local port (%s)",
449 datapath, strerror(error));
453 /* Initialize settings. */
454 p = xzalloc(sizeof *p);
455 p->name = xstrdup(dpif_name(dpif));
456 hmap_insert(&all_ofprotos, &p->hmap_node, hash_string(p->name, 0));
457 p->fallback_dpid = pick_fallback_dpid();
458 p->datapath_id = p->fallback_dpid;
459 p->mfr_desc = xstrdup(DEFAULT_MFR_DESC);
460 p->hw_desc = xstrdup(DEFAULT_HW_DESC);
461 p->sw_desc = xstrdup(DEFAULT_SW_DESC);
462 p->serial_desc = xstrdup(DEFAULT_SERIAL_DESC);
463 p->dp_desc = xstrdup(DEFAULT_DP_DESC);
465 /* Initialize datapath. */
467 p->netdev_monitor = netdev_monitor_create();
468 hmap_init(&p->ports);
469 shash_init(&p->port_by_name);
470 p->max_ports = dpif_get_max_ports(dpif);
472 /* Initialize bridging. */
475 hmap_init(&p->bundles);
476 p->ml = mac_learning_create();
477 for (i = 0; i < MAX_MIRRORS; i++) {
478 p->mirrors[i] = NULL;
480 p->has_bonded_bundles = false;
482 /* Initialize flow table. */
483 classifier_init(&p->cls);
484 timer_set_duration(&p->next_expiration, 1000);
486 /* Initialize facet table. */
487 hmap_init(&p->facets);
488 p->need_revalidate = false;
489 tag_set_init(&p->revalidate_set);
491 /* Pick final datapath ID. */
492 p->datapath_id = pick_datapath_id(p);
493 VLOG_INFO("using datapath ID %016"PRIx64, p->datapath_id);
495 /* Initialize OpenFlow connections. */
496 p->connmgr = connmgr_create(p, datapath, local_name);
505 ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id)
507 uint64_t old_dpid = p->datapath_id;
508 p->datapath_id = datapath_id ? datapath_id : pick_datapath_id(p);
509 if (p->datapath_id != old_dpid) {
510 VLOG_INFO("datapath ID changed to %016"PRIx64, p->datapath_id);
512 /* Force all active connections to reconnect, since there is no way to
513 * notify a controller that the datapath ID has changed. */
514 ofproto_reconnect_controllers(p);
519 ofproto_set_controllers(struct ofproto *p,
520 const struct ofproto_controller *controllers,
521 size_t n_controllers)
523 connmgr_set_controllers(p->connmgr, controllers, n_controllers);
527 ofproto_set_fail_mode(struct ofproto *p, enum ofproto_fail_mode fail_mode)
529 connmgr_set_fail_mode(p->connmgr, fail_mode);
532 /* Drops the connections between 'ofproto' and all of its controllers, forcing
533 * them to reconnect. */
535 ofproto_reconnect_controllers(struct ofproto *ofproto)
537 connmgr_reconnect(ofproto->connmgr);
540 /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'ofproto''s
541 * in-band control should guarantee access, in the same way that in-band
542 * control guarantees access to OpenFlow controllers. */
544 ofproto_set_extra_in_band_remotes(struct ofproto *ofproto,
545 const struct sockaddr_in *extras, size_t n)
547 connmgr_set_extra_in_band_remotes(ofproto->connmgr, extras, n);
550 /* Sets the OpenFlow queue used by flows set up by in-band control on
551 * 'ofproto' to 'queue_id'. If 'queue_id' is negative, then in-band control
552 * flows will use the default queue. */
554 ofproto_set_in_band_queue(struct ofproto *ofproto, int queue_id)
556 connmgr_set_in_band_queue(ofproto->connmgr, queue_id);
560 ofproto_set_desc(struct ofproto *p,
561 const char *mfr_desc, const char *hw_desc,
562 const char *sw_desc, const char *serial_desc,
565 struct ofp_desc_stats *ods;
568 if (strlen(mfr_desc) >= sizeof ods->mfr_desc) {
569 VLOG_WARN("truncating mfr_desc, must be less than %zu characters",
570 sizeof ods->mfr_desc);
573 p->mfr_desc = xstrdup(mfr_desc);
576 if (strlen(hw_desc) >= sizeof ods->hw_desc) {
577 VLOG_WARN("truncating hw_desc, must be less than %zu characters",
578 sizeof ods->hw_desc);
581 p->hw_desc = xstrdup(hw_desc);
584 if (strlen(sw_desc) >= sizeof ods->sw_desc) {
585 VLOG_WARN("truncating sw_desc, must be less than %zu characters",
586 sizeof ods->sw_desc);
589 p->sw_desc = xstrdup(sw_desc);
592 if (strlen(serial_desc) >= sizeof ods->serial_num) {
593 VLOG_WARN("truncating serial_desc, must be less than %zu "
595 sizeof ods->serial_num);
597 free(p->serial_desc);
598 p->serial_desc = xstrdup(serial_desc);
601 if (strlen(dp_desc) >= sizeof ods->dp_desc) {
602 VLOG_WARN("truncating dp_desc, must be less than %zu characters",
603 sizeof ods->dp_desc);
606 p->dp_desc = xstrdup(dp_desc);
611 ofproto_set_snoops(struct ofproto *ofproto, const struct sset *snoops)
613 return connmgr_set_snoops(ofproto->connmgr, snoops);
617 ofproto_set_netflow(struct ofproto *ofproto,
618 const struct netflow_options *nf_options)
620 if (nf_options && !sset_is_empty(&nf_options->collectors)) {
621 if (!ofproto->netflow) {
622 ofproto->netflow = netflow_create();
624 return netflow_set_options(ofproto->netflow, nf_options);
626 netflow_destroy(ofproto->netflow);
627 ofproto->netflow = NULL;
633 ofproto_set_sflow(struct ofproto *ofproto,
634 const struct ofproto_sflow_options *oso)
636 struct ofproto_sflow *os = ofproto->sflow;
639 struct ofport *ofport;
641 os = ofproto->sflow = ofproto_sflow_create(ofproto->dpif);
642 HMAP_FOR_EACH (ofport, hmap_node, &ofproto->ports) {
643 ofproto_sflow_add_port(os, ofport->odp_port,
644 netdev_get_name(ofport->netdev));
647 ofproto_sflow_set_options(os, oso);
649 ofproto_sflow_destroy(os);
650 ofproto->sflow = NULL;
654 /* Connectivity Fault Management configuration. */
656 /* Clears the CFM configuration from 'port_no' on 'ofproto'. */
658 ofproto_port_clear_cfm(struct ofproto *ofproto, uint32_t port_no)
660 struct ofport *ofport = get_port(ofproto, port_no);
661 if (ofport && ofport->cfm){
662 cfm_destroy(ofport->cfm);
667 /* Configures connectivity fault management on 'port_no' in 'ofproto'. Takes
668 * basic configuration from the configuration members in 'cfm', and the set of
669 * remote maintenance points from the 'n_remote_mps' elements in 'remote_mps'.
670 * Ignores the statistics members of 'cfm'.
672 * This function has no effect if 'ofproto' does not have a port 'port_no'. */
674 ofproto_port_set_cfm(struct ofproto *ofproto, uint32_t port_no,
675 const struct cfm *cfm,
676 const uint16_t *remote_mps, size_t n_remote_mps)
678 struct ofport *ofport;
680 ofport = get_port(ofproto, port_no);
682 VLOG_WARN("%s: cannot configure CFM on nonexistent port %"PRIu32,
683 ofproto->name, port_no);
688 ofport->cfm = cfm_create();
691 ofport->cfm->mpid = cfm->mpid;
692 ofport->cfm->interval = cfm->interval;
693 memcpy(ofport->cfm->maid, cfm->maid, CCM_MAID_LEN);
695 cfm_update_remote_mps(ofport->cfm, remote_mps, n_remote_mps);
697 if (!cfm_configure(ofport->cfm)) {
698 VLOG_WARN("%s: CFM configuration on port %"PRIu32" (%s) failed",
699 ofproto->name, port_no,
700 netdev_get_name(ofport->netdev));
701 cfm_destroy(ofport->cfm);
706 /* Returns the connectivity fault management object associated with 'port_no'
707 * within 'ofproto', or a null pointer if 'ofproto' does not have a port
708 * 'port_no' or if that port does not have CFM configured. The caller must not
709 * modify or destroy the returned object. */
711 ofproto_port_get_cfm(struct ofproto *ofproto, uint32_t port_no)
713 struct ofport *ofport = get_port(ofproto, port_no);
714 return ofport ? ofport->cfm : NULL;
717 /* Checks the status of LACP negotiation for 'ofp_port' within ofproto.
718 * Returns 1 if LACP partner information for 'ofp_port' is up-to-date,
719 * 0 if LACP partner information is not current (generally indicating a
720 * connectivity problem), or -1 if LACP is not enabled on 'ofp_port'. */
722 ofproto_port_is_lacp_current(struct ofproto *ofproto, uint16_t ofp_port)
724 struct ofport *ofport = get_port(ofproto, ofp_port_to_odp_port(ofp_port));
725 return (ofport && ofport->bundle && ofport->bundle->lacp
726 ? lacp_slave_is_current(ofport->bundle->lacp, ofport)
732 /* Expires all MAC learning entries associated with 'port' and forces ofproto
733 * to revalidate every flow. */
735 ofproto_bundle_flush_macs(struct ofbundle *bundle)
737 struct ofproto *ofproto = bundle->ofproto;
738 struct mac_learning *ml = ofproto->ml;
739 struct mac_entry *mac, *next_mac;
741 ofproto->need_revalidate = true;
742 LIST_FOR_EACH_SAFE (mac, next_mac, lru_node, &ml->lrus) {
743 if (mac->port.p == bundle) {
744 mac_learning_expire(ml, mac);
749 static struct ofbundle *
750 ofproto_bundle_lookup(const struct ofproto *ofproto, void *aux)
752 struct ofbundle *bundle;
754 HMAP_FOR_EACH_IN_BUCKET (bundle, hmap_node, hash_pointer(aux, 0),
756 if (bundle->aux == aux) {
763 /* Looks up each of the 'n_auxes' pointers in 'auxes' as bundles and adds the
764 * ones that are found to 'bundles'. */
766 ofproto_bundle_lookup_multiple(struct ofproto *ofproto,
767 void **auxes, size_t n_auxes,
768 struct hmapx *bundles)
773 for (i = 0; i < n_auxes; i++) {
774 struct ofbundle *bundle = ofproto_bundle_lookup(ofproto, auxes[i]);
776 hmapx_add(bundles, bundle);
782 ofproto_bundle_del_port(struct ofport *port)
784 struct ofbundle *bundle = port->bundle;
786 list_remove(&port->bundle_node);
790 lacp_slave_unregister(bundle->lacp, port);
793 bond_slave_unregister(bundle->bond, port);
796 bundle->floodable = true;
797 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
798 if (port->opp.config & htonl(OFPPC_NO_FLOOD)) {
799 bundle->floodable = false;
805 ofproto_bundle_add_port(struct ofbundle *bundle, uint32_t ofp_port,
806 struct lacp_slave_settings *lacp)
810 port = get_port(bundle->ofproto, ofp_port_to_odp_port(ofp_port));
815 if (port->bundle != bundle) {
817 ofproto_bundle_del_port(port);
820 port->bundle = bundle;
821 list_push_back(&bundle->ports, &port->bundle_node);
822 if (port->opp.config & htonl(OFPPC_NO_FLOOD)) {
823 bundle->floodable = false;
828 lacp_slave_register(bundle->lacp, port, lacp);
835 ofproto_bundle_register(struct ofproto *ofproto, void *aux,
836 const struct ofproto_bundle_settings *s)
838 bool need_flush = false;
839 const unsigned long *trunks;
840 struct ofbundle *bundle;
845 assert(s->n_slaves == 1 || s->bond != NULL);
846 assert((s->lacp != NULL) == (s->lacp_slaves != NULL));
848 bundle = ofproto_bundle_lookup(ofproto, aux);
850 bundle = xmalloc(sizeof *bundle);
852 bundle->ofproto = ofproto;
853 hmap_insert(&ofproto->bundles, &bundle->hmap_node,
854 hash_pointer(aux, 0));
858 list_init(&bundle->ports);
860 bundle->trunks = NULL;
864 bundle->floodable = true;
866 bundle->src_mirrors = 0;
867 bundle->dst_mirrors = 0;
868 bundle->mirror_out = 0;
871 if (!bundle->name || strcmp(s->name, bundle->name)) {
873 bundle->name = xstrdup(s->name);
879 bundle->lacp = lacp_create();
881 lacp_configure(bundle->lacp, s->lacp);
883 lacp_destroy(bundle->lacp);
887 /* Update set of ports. */
889 for (i = 0; i < s->n_slaves; i++) {
890 if (!ofproto_bundle_add_port(bundle, s->slaves[i],
891 s->lacp ? &s->lacp_slaves[i] : NULL)) {
895 if (!ok || list_size(&bundle->ports) != s->n_slaves) {
896 struct ofport *next_port;
898 LIST_FOR_EACH_SAFE (port, next_port, bundle_node, &bundle->ports) {
899 for (i = 0; i < s->n_slaves; i++) {
900 if (s->slaves[i] == odp_port_to_ofp_port(port->odp_port)) {
905 ofproto_bundle_del_port(port);
909 assert(list_size(&bundle->ports) <= s->n_slaves);
911 if (list_is_empty(&bundle->ports)) {
912 ofproto_bundle_unregister(ofproto, aux);
917 if (s->vlan != bundle->vlan) {
918 bundle->vlan = s->vlan;
922 /* Get trunked VLANs. */
923 trunks = s->vlan == -1 ? NULL : s->trunks;
924 if (!vlan_bitmap_equal(trunks, bundle->trunks)) {
925 free(bundle->trunks);
926 bundle->trunks = vlan_bitmap_clone(trunks);
931 if (!list_is_short(&bundle->ports)) {
932 bundle->ofproto->has_bonded_bundles = true;
934 if (bond_reconfigure(bundle->bond, s->bond)) {
935 ofproto->need_revalidate = true;
938 bundle->bond = bond_create(s->bond);
941 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
942 uint16_t stable_id = (bundle->lacp
943 ? lacp_slave_get_port_id(bundle->lacp, port)
945 bond_slave_register(bundle->bond, port, stable_id, port->netdev);
948 bond_destroy(bundle->bond);
952 /* If we changed something that would affect MAC learning, un-learn
953 * everything on this port and force flow revalidation. */
955 ofproto_bundle_flush_macs(bundle);
960 ofproto_bundle_destroy(struct ofbundle *bundle)
962 struct ofproto *ofproto;
963 struct ofport *port, *next_port;
970 ofproto = bundle->ofproto;
971 for (i = 0; i < MAX_MIRRORS; i++) {
972 struct ofmirror *m = ofproto->mirrors[i];
974 if (m->out == bundle) {
975 ofproto_mirror_destroy(m);
976 } else if (hmapx_find_and_delete(&m->srcs, bundle)
977 || hmapx_find_and_delete(&m->dsts, bundle)) {
978 ofproto->need_revalidate = true;
983 LIST_FOR_EACH_SAFE (port, next_port, bundle_node, &bundle->ports) {
984 ofproto_bundle_del_port(port);
987 ofproto_bundle_flush_macs(bundle);
988 hmap_remove(&ofproto->bundles, &bundle->hmap_node);
990 free(bundle->trunks);
991 bond_destroy(bundle->bond);
992 lacp_destroy(bundle->lacp);
997 ofproto_bundle_unregister(struct ofproto *ofproto, void *aux)
999 ofproto_bundle_destroy(ofproto_bundle_lookup(ofproto, aux));
1003 send_pdu_cb(void *port_, const struct lacp_pdu *pdu)
1005 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 10);
1006 struct ofport *port = port_;
1007 uint8_t ea[ETH_ADDR_LEN];
1010 error = netdev_get_etheraddr(port->netdev, ea);
1012 struct lacp_pdu *packet_pdu;
1013 struct ofpbuf packet;
1015 ofpbuf_init(&packet, 0);
1016 packet_pdu = eth_compose(&packet, eth_addr_lacp, ea, ETH_TYPE_LACP,
1017 sizeof *packet_pdu);
1019 error = netdev_send(port->netdev, &packet);
1021 VLOG_WARN_RL(&rl, "port %s: sending LACP PDU on iface %s failed "
1022 "(%s)", port->bundle->name,
1023 netdev_get_name(port->netdev), strerror(error));
1025 ofpbuf_uninit(&packet);
1027 VLOG_ERR_RL(&rl, "port %s: cannot obtain Ethernet address of iface "
1028 "%s (%s)", port->bundle->name,
1029 netdev_get_name(port->netdev), strerror(error));
1034 ofproto_bundle_send_learning_packets(struct ofbundle *bundle)
1036 struct ofproto *ofproto = bundle->ofproto;
1037 int error, n_packets, n_errors;
1038 struct mac_entry *e;
1040 error = n_packets = n_errors = 0;
1041 LIST_FOR_EACH (e, lru_node, &ofproto->ml->lrus) {
1042 if (e->port.p != bundle) {
1043 int ret = bond_send_learning_packet(bundle->bond, e->mac, e->vlan);
1053 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1054 VLOG_WARN_RL(&rl, "bond %s: %d errors sending %d gratuitous learning "
1055 "packets, last error was: %s",
1056 bundle->name, n_errors, n_packets, strerror(error));
1058 VLOG_DBG("bond %s: sent %d gratuitous learning packets",
1059 bundle->name, n_packets);
1064 ofproto_bundle_run(struct ofbundle *bundle)
1067 lacp_run(bundle->lacp, send_pdu_cb);
1070 struct ofport *port;
1072 LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
1073 bool may_enable = lacp_slave_may_enable(bundle->lacp, port);
1074 bond_slave_set_lacp_may_enable(bundle->bond, port, may_enable);
1077 bond_run(bundle->bond, &bundle->ofproto->revalidate_set,
1078 lacp_negotiated(bundle->lacp));
1079 if (bond_should_send_learning_packets(bundle->bond)) {
1080 ofproto_bundle_send_learning_packets(bundle);
1086 ofproto_bundle_wait(struct ofbundle *bundle)
1089 lacp_wait(bundle->lacp);
1092 bond_wait(bundle->bond);
1097 ofproto_mirror_scan(struct ofproto *ofproto)
1101 for (idx = 0; idx < MAX_MIRRORS; idx++) {
1102 if (!ofproto->mirrors[idx]) {
1109 static struct ofmirror *
1110 ofproto_mirror_lookup(struct ofproto *ofproto, void *aux)
1114 for (i = 0; i < MAX_MIRRORS; i++) {
1115 struct ofmirror *mirror = ofproto->mirrors[i];
1116 if (mirror && mirror->aux == aux) {
1125 ofproto_mirror_register(struct ofproto *ofproto, void *aux,
1126 const struct ofproto_mirror_settings *s)
1128 mirror_mask_t mirror_bit;
1129 struct ofbundle *bundle;
1130 struct ofmirror *mirror;
1131 struct ofbundle *out;
1132 struct hmapx srcs; /* Contains "struct ofbundle *"s. */
1133 struct hmapx dsts; /* Contains "struct ofbundle *"s. */
1136 mirror = ofproto_mirror_lookup(ofproto, aux);
1140 idx = ofproto_mirror_scan(ofproto);
1142 VLOG_WARN("bridge %s: maximum of %d port mirrors reached, "
1144 ofproto->name, MAX_MIRRORS, s->name);
1148 mirror = ofproto->mirrors[idx] = xzalloc(sizeof *mirror);
1149 mirror->ofproto = ofproto;
1151 mirror->out_vlan = -1;
1152 mirror->name = NULL;
1155 if (!mirror->name || strcmp(s->name, mirror->name)) {
1157 mirror->name = xstrdup(s->name);
1160 /* Get the new configuration. */
1161 if (s->out_bundle) {
1162 out = ofproto_bundle_lookup(ofproto, s->out_bundle);
1164 ofproto_mirror_destroy(mirror);
1170 out_vlan = s->out_vlan;
1172 ofproto_bundle_lookup_multiple(ofproto, s->srcs, s->n_srcs, &srcs);
1173 ofproto_bundle_lookup_multiple(ofproto, s->dsts, s->n_dsts, &dsts);
1175 /* If the configuration has not changed, do nothing. */
1176 if (hmapx_equals(&srcs, &mirror->srcs)
1177 && hmapx_equals(&dsts, &mirror->dsts)
1178 && vlan_bitmap_equal(mirror->vlans, s->src_vlans)
1179 && mirror->out == out
1180 && mirror->out_vlan == out_vlan)
1182 hmapx_destroy(&srcs);
1183 hmapx_destroy(&dsts);
1187 hmapx_swap(&srcs, &mirror->srcs);
1188 hmapx_destroy(&srcs);
1190 hmapx_swap(&dsts, &mirror->dsts);
1191 hmapx_destroy(&dsts);
1193 free(mirror->vlans);
1194 mirror->vlans = vlan_bitmap_clone(s->src_vlans);
1197 mirror->out_vlan = out_vlan;
1199 /* Update bundles. */
1200 mirror_bit = MIRROR_MASK_C(1) << mirror->idx;
1201 HMAP_FOR_EACH (bundle, hmap_node, &mirror->ofproto->bundles) {
1202 if (hmapx_contains(&mirror->srcs, bundle)) {
1203 bundle->src_mirrors |= mirror_bit;
1205 bundle->src_mirrors &= ~mirror_bit;
1208 if (hmapx_contains(&mirror->dsts, bundle)) {
1209 bundle->dst_mirrors |= mirror_bit;
1211 bundle->dst_mirrors &= ~mirror_bit;
1214 if (mirror->out == bundle) {
1215 bundle->mirror_out |= mirror_bit;
1217 bundle->mirror_out &= ~mirror_bit;
1221 ofproto->need_revalidate = true;
1222 mac_learning_flush(ofproto->ml);
1226 ofproto_mirror_destroy(struct ofmirror *mirror)
1228 mirror_mask_t mirror_bit;
1229 struct ofbundle *bundle;
1230 struct ofproto *ofproto;
1236 ofproto = mirror->ofproto;
1237 ofproto->need_revalidate = true;
1238 mac_learning_flush(ofproto->ml);
1240 mirror_bit = MIRROR_MASK_C(1) << mirror->idx;
1241 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
1242 bundle->src_mirrors &= ~mirror_bit;
1243 bundle->dst_mirrors &= ~mirror_bit;
1244 bundle->mirror_out &= ~mirror_bit;
1247 hmapx_destroy(&mirror->srcs);
1248 hmapx_destroy(&mirror->dsts);
1249 free(mirror->vlans);
1251 ofproto->mirrors[mirror->idx] = NULL;
1257 ofproto_mirror_unregister(struct ofproto *ofproto, void *aux)
1259 ofproto_mirror_destroy(ofproto_mirror_lookup(ofproto, aux));
1263 ofproto_set_flood_vlans(struct ofproto *ofproto, unsigned long *flood_vlans)
1265 if (mac_learning_set_flood_vlans(ofproto->ml, flood_vlans)) {
1266 ofproto->need_revalidate = true;
1267 mac_learning_flush(ofproto->ml);
1272 ofproto_is_mirror_output_bundle(struct ofproto *ofproto, void *aux)
1274 struct ofbundle *bundle = ofproto_bundle_lookup(ofproto, aux);
1275 return bundle && bundle->mirror_out != 0;
1279 ofproto_has_snoops(const struct ofproto *ofproto)
1281 return connmgr_has_snoops(ofproto->connmgr);
1285 ofproto_get_snoops(const struct ofproto *ofproto, struct sset *snoops)
1287 connmgr_get_snoops(ofproto->connmgr, snoops);
1291 ofproto_destroy(struct ofproto *p)
1293 struct ofport *ofport, *next_ofport;
1300 hmap_remove(&all_ofprotos, &p->hmap_node);
1302 for (i = 0; i < MAX_MIRRORS; i++) {
1303 ofproto_mirror_destroy(p->mirrors[i]);
1305 ofproto_flush_flows__(p);
1306 connmgr_destroy(p->connmgr);
1307 classifier_destroy(&p->cls);
1308 hmap_destroy(&p->facets);
1310 dpif_close(p->dpif);
1312 netdev_monitor_destroy(p->netdev_monitor);
1313 HMAP_FOR_EACH_SAFE (ofport, next_ofport, hmap_node, &p->ports) {
1314 hmap_remove(&p->ports, &ofport->hmap_node);
1315 ofport_free(ofport);
1317 shash_destroy(&p->port_by_name);
1319 netflow_destroy(p->netflow);
1320 ofproto_sflow_destroy(p->sflow);
1325 free(p->serial_desc);
1328 hmap_destroy(&p->ports);
1335 process_port_change(struct ofproto *ofproto, int error, char *devname)
1337 if (error == ENOBUFS) {
1338 reinit_ports(ofproto);
1339 } else if (!error) {
1340 update_port(ofproto, devname);
1346 ofproto_run(struct ofproto *p)
1348 struct ofbundle *bundle;
1349 struct ofport *ofport;
1354 for (i = 0; i < 50; i++) {
1355 struct dpif_upcall packet;
1357 error = dpif_recv(p->dpif, &packet);
1359 if (error == ENODEV) {
1360 /* Someone destroyed the datapath behind our back. The caller
1361 * better destroy us and give up, because we're just going to
1362 * spin from here on out. */
1363 static struct vlog_rate_limit rl2 = VLOG_RATE_LIMIT_INIT(1, 5);
1364 VLOG_ERR_RL(&rl2, "%s: datapath was destroyed externally",
1371 handle_upcall(p, &packet);
1374 while ((error = dpif_port_poll(p->dpif, &devname)) != EAGAIN) {
1375 process_port_change(p, error, devname);
1377 while ((error = netdev_monitor_poll(p->netdev_monitor,
1378 &devname)) != EAGAIN) {
1379 process_port_change(p, error, devname);
1382 HMAP_FOR_EACH (ofport, hmap_node, &p->ports) {
1386 HMAP_FOR_EACH (bundle, hmap_node, &p->bundles) {
1387 ofproto_bundle_run(bundle);
1390 connmgr_run(p->connmgr, handle_openflow);
1392 if (timer_expired(&p->next_expiration)) {
1393 int delay = ofproto_expire(p);
1394 timer_set_duration(&p->next_expiration, delay);
1395 COVERAGE_INC(ofproto_expiration);
1399 netflow_run(p->netflow);
1402 ofproto_sflow_run(p->sflow);
1405 /* Now revalidate if there's anything to do. */
1406 if (p->need_revalidate || !tag_set_is_empty(&p->revalidate_set)) {
1407 struct tag_set revalidate_set = p->revalidate_set;
1408 bool revalidate_all = p->need_revalidate;
1409 struct facet *facet, *next;
1411 /* Clear the revalidation flags. */
1412 tag_set_init(&p->revalidate_set);
1413 p->need_revalidate = false;
1415 HMAP_FOR_EACH_SAFE (facet, next, hmap_node, &p->facets) {
1417 || tag_set_intersects(&revalidate_set, facet->tags)) {
1418 facet_revalidate(p, facet);
1427 ofproto_wait(struct ofproto *p)
1429 struct ofbundle *bundle;
1430 struct ofport *ofport;
1432 HMAP_FOR_EACH (ofport, hmap_node, &p->ports) {
1433 ofport_wait(ofport);
1435 HMAP_FOR_EACH (bundle, hmap_node, &p->bundles) {
1436 ofproto_bundle_wait(bundle);
1438 dpif_recv_wait(p->dpif);
1439 dpif_port_poll_wait(p->dpif);
1440 netdev_monitor_poll_wait(p->netdev_monitor);
1442 ofproto_sflow_wait(p->sflow);
1444 if (!tag_set_is_empty(&p->revalidate_set)) {
1445 poll_immediate_wake();
1447 if (p->need_revalidate) {
1448 /* Shouldn't happen, but if it does just go around again. */
1449 VLOG_DBG_RL(&rl, "need revalidate in ofproto_wait_cb()");
1450 poll_immediate_wake();
1452 timer_wait(&p->next_expiration);
1454 connmgr_wait(p->connmgr);
1458 ofproto_is_alive(const struct ofproto *p)
1460 return connmgr_has_controllers(p->connmgr);
1464 ofproto_get_ofproto_controller_info(const struct ofproto *ofproto,
1467 connmgr_get_controller_info(ofproto->connmgr, info);
1471 ofproto_free_ofproto_controller_info(struct shash *info)
1473 struct shash_node *node;
1475 SHASH_FOR_EACH (node, info) {
1476 struct ofproto_controller_info *cinfo = node->data;
1477 while (cinfo->pairs.n) {
1478 free((char *) cinfo->pairs.values[--cinfo->pairs.n]);
1482 shash_destroy(info);
1485 /* Makes a deep copy of 'old' into 'port'. */
1487 ofproto_port_clone(struct ofproto_port *port, const struct ofproto_port *old)
1489 port->name = xstrdup(old->name);
1490 port->type = xstrdup(old->type);
1491 port->ofp_port = old->ofp_port;
1494 /* Frees memory allocated to members of 'ofproto_port'.
1496 * Do not call this function on an ofproto_port obtained from
1497 * ofproto_port_dump_next(): that function retains ownership of the data in the
1500 ofproto_port_destroy(struct ofproto_port *ofproto_port)
1502 free(ofproto_port->name);
1503 free(ofproto_port->type);
1506 /* Converts a dpif_port into an ofproto_port.
1508 * This only makes a shallow copy, so make sure that the dpif_port doesn't get
1509 * freed while the ofproto_port is still in use. You can choose to free the
1510 * ofproto_port instead of the dpif_port. */
1512 ofproto_port_from_dpif_port(struct ofproto_port *ofproto_port,
1513 struct dpif_port *dpif_port)
1515 ofproto_port->name = dpif_port->name;
1516 ofproto_port->type = dpif_port->type;
1517 ofproto_port->ofp_port = odp_port_to_ofp_port(dpif_port->port_no);
1520 /* Initializes 'dump' to begin dumping the ports in an ofproto.
1522 * This function provides no status indication. An error status for the entire
1523 * dump operation is provided when it is completed by calling
1524 * ofproto_port_dump_done().
1527 ofproto_port_dump_start(struct ofproto_port_dump *dump,
1528 const struct ofproto *ofproto)
1530 struct dpif_port_dump *dpif_dump;
1532 dump->state = dpif_dump = xmalloc(sizeof *dpif_dump);
1533 dpif_port_dump_start(dpif_dump, ofproto->dpif);
1536 /* Attempts to retrieve another port from 'dump', which must have been created
1537 * with ofproto_port_dump_start(). On success, stores a new ofproto_port into
1538 * 'port' and returns true. On failure, returns false.
1540 * Failure might indicate an actual error or merely that the last port has been
1541 * dumped. An error status for the entire dump operation is provided when it
1542 * is completed by calling ofproto_port_dump_done().
1544 * The ofproto owns the data stored in 'port'. It will remain valid until at
1545 * least the next time 'dump' is passed to ofproto_port_dump_next() or
1546 * ofproto_port_dump_done(). */
1548 ofproto_port_dump_next(struct ofproto_port_dump *dump,
1549 struct ofproto_port *port)
1551 struct dpif_port_dump *dpif_dump = dump->state;
1552 struct dpif_port dpif_port;
1555 ok = dpif_port_dump_next(dpif_dump, &dpif_port);
1557 ofproto_port_from_dpif_port(port, &dpif_port);
1562 /* Completes port table dump operation 'dump', which must have been created
1563 * with ofproto_port_dump_start(). Returns 0 if the dump operation was
1564 * error-free, otherwise a positive errno value describing the problem. */
1566 ofproto_port_dump_done(struct ofproto_port_dump *dump)
1568 struct dpif_port_dump *dpif_dump = dump->state;
1569 int error = dpif_port_dump_done(dpif_dump);
1574 /* Attempts to add 'netdev' as a port on 'ofproto'. If successful, returns 0
1575 * and sets '*ofp_portp' to the new port's port OpenFlow number (if 'ofp_portp'
1576 * is non-null). On failure, returns a positive errno value and sets
1577 * '*ofp_portp' to OFPP_NONE (if 'ofp_portp' is non-null). */
1579 ofproto_port_add(struct ofproto *ofproto, struct netdev *netdev,
1580 uint16_t *ofp_portp)
1585 error = dpif_port_add(ofproto->dpif, netdev, &odp_port);
1587 update_port(ofproto, netdev_get_name(netdev));
1590 *ofp_portp = error ? OFPP_NONE : odp_port_to_ofp_port(odp_port);
1595 /* Looks up a port named 'devname' in 'ofproto'. On success, returns 0 and
1596 * initializes '*port' appropriately; on failure, returns a positive errno
1599 * The caller owns the data in 'port' and must free it with
1600 * ofproto_port_destroy() when it is no longer needed. */
1602 ofproto_port_query_by_name(const struct ofproto *ofproto, const char *devname,
1603 struct ofproto_port *port)
1605 struct dpif_port dpif_port;
1608 error = dpif_port_query_by_name(ofproto->dpif, devname, &dpif_port);
1610 ofproto_port_from_dpif_port(port, &dpif_port);
1615 /* Deletes port number 'ofp_port' from the datapath for 'ofproto'.
1617 * This is almost the same as calling dpif_port_del() directly on the
1618 * datapath, but it also makes 'ofproto' close its open netdev for the port
1619 * (if any). This makes it possible to create a new netdev of a different
1620 * type under the same name, which otherwise the netdev library would refuse
1621 * to do because of the conflict. (The netdev would eventually get closed on
1622 * the next trip through ofproto_run(), but this interface is more direct.)
1624 * Returns 0 if successful, otherwise a positive errno. */
1626 ofproto_port_del(struct ofproto *ofproto, uint16_t ofp_port)
1628 uint32_t odp_port = ofp_port_to_odp_port(ofp_port);
1629 struct ofport *ofport = get_port(ofproto, odp_port);
1630 const char *name = ofport ? netdev_get_name(ofport->netdev) : "<unknown>";
1633 error = dpif_port_del(ofproto->dpif, odp_port);
1635 VLOG_ERR("%s: failed to remove port %"PRIu16" (%s) interface (%s)",
1636 ofproto->name, odp_port, name, strerror(error));
1637 } else if (ofport) {
1638 /* 'name' is the netdev's name and update_port() is going to close the
1639 * netdev. Just in case update_port() refers to 'name' after it
1640 * destroys 'ofport', make a copy of it around the update_port()
1642 char *devname = xstrdup(name);
1643 update_port(ofproto, devname);
1649 /* Sends 'packet' out of port 'port_no' within 'p'. If 'vlan_tci' is zero the
1650 * packet will not have any 802.1Q hader; if it is nonzero, then the packet
1651 * will be sent with the VLAN TCI specified by 'vlan_tci & ~VLAN_CFI'.
1653 * Returns 0 if successful, otherwise a positive errno value. */
1655 ofproto_send_packet(struct ofproto *ofproto,
1656 uint32_t port_no, uint16_t vlan_tci,
1657 const struct ofpbuf *packet)
1659 struct ofpbuf odp_actions;
1662 ofpbuf_init(&odp_actions, 32);
1663 if (vlan_tci != 0) {
1664 nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_SET_DL_TCI,
1665 ntohs(vlan_tci & ~VLAN_CFI));
1667 nl_msg_put_u32(&odp_actions, ODP_ACTION_ATTR_OUTPUT, port_no);
1668 error = dpif_execute(ofproto->dpif, odp_actions.data, odp_actions.size,
1670 ofpbuf_uninit(&odp_actions);
1673 VLOG_WARN_RL(&rl, "%s: failed to send packet on port %"PRIu32" (%s)",
1674 ofproto->name, port_no, strerror(error));
1679 /* Adds a flow to the OpenFlow flow table in 'p' that matches 'cls_rule' and
1680 * performs the 'n_actions' actions in 'actions'. The new flow will not
1683 * If cls_rule->priority is in the range of priorities supported by OpenFlow
1684 * (0...65535, inclusive) then the flow will be visible to OpenFlow
1685 * controllers; otherwise, it will be hidden.
1687 * The caller retains ownership of 'cls_rule' and 'actions'. */
1689 ofproto_add_flow(struct ofproto *p, const struct cls_rule *cls_rule,
1690 const union ofp_action *actions, size_t n_actions)
1693 rule = rule_create(cls_rule, actions, n_actions, 0, 0, 0, false);
1694 rule_insert(p, rule);
1698 ofproto_delete_flow(struct ofproto *ofproto, const struct cls_rule *target)
1702 rule = rule_from_cls_rule(classifier_find_rule_exactly(&ofproto->cls,
1705 rule_remove(ofproto, rule);
1710 ofproto_flush_flows__(struct ofproto *ofproto)
1712 struct facet *facet, *next_facet;
1713 struct rule *rule, *next_rule;
1714 struct cls_cursor cursor;
1716 COVERAGE_INC(ofproto_flush);
1718 HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) {
1719 /* Mark the facet as not installed so that facet_remove() doesn't
1720 * bother trying to uninstall it. There is no point in uninstalling it
1721 * individually since we are about to blow away all the facets with
1722 * dpif_flow_flush(). */
1723 facet->installed = false;
1724 facet->dp_packet_count = 0;
1725 facet->dp_byte_count = 0;
1726 facet_remove(ofproto, facet);
1729 cls_cursor_init(&cursor, &ofproto->cls, NULL);
1730 CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) {
1731 rule_remove(ofproto, rule);
1734 dpif_flow_flush(ofproto->dpif);
1738 ofproto_flush_flows(struct ofproto *ofproto)
1740 ofproto_flush_flows__(ofproto);
1741 connmgr_flushed(ofproto->connmgr);
1745 reinit_ports(struct ofproto *p)
1747 struct dpif_port_dump dump;
1748 struct sset devnames;
1749 struct ofport *ofport;
1750 struct dpif_port dpif_port;
1751 const char *devname;
1753 COVERAGE_INC(ofproto_reinit_ports);
1755 sset_init(&devnames);
1756 HMAP_FOR_EACH (ofport, hmap_node, &p->ports) {
1757 sset_add(&devnames, netdev_get_name(ofport->netdev));
1759 DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) {
1760 sset_add(&devnames, dpif_port.name);
1763 SSET_FOR_EACH (devname, &devnames) {
1764 update_port(p, devname);
1766 sset_destroy(&devnames);
1769 /* Opens and returns a netdev for 'dpif_port', or a null pointer if the netdev
1770 * cannot be opened. On success, also fills in 'opp'. */
1771 static struct netdev *
1772 ofport_open(const struct dpif_port *dpif_port, struct ofp_phy_port *opp)
1774 uint32_t curr, advertised, supported, peer;
1775 struct netdev_options netdev_options;
1776 enum netdev_flags flags;
1777 struct netdev *netdev;
1780 memset(&netdev_options, 0, sizeof netdev_options);
1781 netdev_options.name = dpif_port->name;
1782 netdev_options.type = dpif_port->type;
1783 netdev_options.ethertype = NETDEV_ETH_TYPE_NONE;
1785 error = netdev_open(&netdev_options, &netdev);
1787 VLOG_WARN_RL(&rl, "ignoring port %s (%"PRIu16") because netdev %s "
1788 "cannot be opened (%s)",
1789 dpif_port->name, dpif_port->port_no,
1790 dpif_port->name, strerror(error));
1794 netdev_get_flags(netdev, &flags);
1795 netdev_get_features(netdev, &curr, &advertised, &supported, &peer);
1797 opp->port_no = htons(odp_port_to_ofp_port(dpif_port->port_no));
1798 netdev_get_etheraddr(netdev, opp->hw_addr);
1799 ovs_strzcpy(opp->name, dpif_port->name, sizeof opp->name);
1800 opp->config = flags & NETDEV_UP ? 0 : htonl(OFPPC_PORT_DOWN);
1801 opp->state = netdev_get_carrier(netdev) ? 0 : htonl(OFPPS_LINK_DOWN);
1802 opp->curr = htonl(curr);
1803 opp->advertised = htonl(advertised);
1804 opp->supported = htonl(supported);
1805 opp->peer = htonl(peer);
1811 ofport_conflicts(const struct ofproto *p, const struct dpif_port *dpif_port)
1813 if (get_port(p, dpif_port->port_no)) {
1814 VLOG_WARN_RL(&rl, "ignoring duplicate port %"PRIu16" in datapath",
1815 dpif_port->port_no);
1817 } else if (shash_find(&p->port_by_name, dpif_port->name)) {
1818 VLOG_WARN_RL(&rl, "ignoring duplicate device %s in datapath",
1826 /* Returns true if most fields of 'a' and 'b' are equal. Differences in name,
1827 * port number, and 'config' bits other than OFPPC_PORT_DOWN are
1830 ofport_equal(const struct ofp_phy_port *a, const struct ofp_phy_port *b)
1832 BUILD_ASSERT_DECL(sizeof *a == 48); /* Detect ofp_phy_port changes. */
1833 return (!memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr)
1834 && a->state == b->state
1835 && !((a->config ^ b->config) & htonl(OFPPC_PORT_DOWN))
1836 && a->curr == b->curr
1837 && a->advertised == b->advertised
1838 && a->supported == b->supported
1839 && a->peer == b->peer);
1842 /* Adds an ofport to 'p' initialized based on the given 'netdev' and 'opp'.
1843 * The caller must ensure that 'p' does not have a conflicting ofport (that is,
1844 * one with the same name or port number). */
1846 ofport_install(struct ofproto *p,
1847 struct netdev *netdev, const struct ofp_phy_port *opp)
1849 const char *netdev_name = netdev_get_name(netdev);
1850 struct ofport *ofport;
1852 connmgr_send_port_status(p->connmgr, opp, OFPPR_ADD);
1854 /* Create ofport. */
1855 ofport = xmalloc(sizeof *ofport);
1856 ofport->ofproto = p;
1857 ofport->netdev = netdev;
1859 ofport->odp_port = ofp_port_to_odp_port(ntohs(opp->port_no));
1860 ofport->bundle = NULL;
1862 ofport->tag = tag_create_random();
1864 /* Add port to 'p'. */
1865 netdev_monitor_add(p->netdev_monitor, ofport->netdev);
1866 hmap_insert(&p->ports, &ofport->hmap_node, hash_int(ofport->odp_port, 0));
1867 shash_add(&p->port_by_name, netdev_name, ofport);
1869 ofproto_sflow_add_port(p->sflow, ofport->odp_port, netdev_name);
1873 /* Removes 'ofport' from 'p' and destroys it. */
1875 ofport_remove(struct ofport *ofport)
1877 connmgr_send_port_status(ofport->ofproto->connmgr, &ofport->opp,
1879 ofport_free(ofport);
1882 /* If 'ofproto' contains an ofport named 'name', removes it from 'ofproto' and
1885 ofport_remove_with_name(struct ofproto *ofproto, const char *name)
1887 struct ofport *port = shash_find_data(&ofproto->port_by_name, name);
1889 ofport_remove(port);
1893 /* Updates 'port' within 'ofproto' with the new 'netdev' and 'opp'.
1895 * Does not handle a name or port number change. The caller must implement
1896 * such a change as a delete followed by an add. */
1898 ofport_modified(struct ofport *port,
1899 struct netdev *netdev, struct ofp_phy_port *opp)
1901 struct ofproto *ofproto = port->ofproto;
1903 if (port->bundle && port->bundle->bond) {
1904 bond_slave_set_netdev(port->bundle->bond, port, netdev);
1907 memcpy(port->opp.hw_addr, opp->hw_addr, ETH_ADDR_LEN);
1908 port->opp.config = ((port->opp.config & ~htonl(OFPPC_PORT_DOWN))
1909 | (opp->config & htonl(OFPPC_PORT_DOWN)));
1910 port->opp.state = opp->state;
1911 port->opp.curr = opp->curr;
1912 port->opp.advertised = opp->advertised;
1913 port->opp.supported = opp->supported;
1914 port->opp.peer = opp->peer;
1916 netdev_monitor_remove(ofproto->netdev_monitor, port->netdev);
1917 netdev_monitor_add(ofproto->netdev_monitor, netdev);
1919 netdev_close(port->netdev);
1920 port->netdev = netdev;
1922 connmgr_send_port_status(ofproto->connmgr, &port->opp, OFPPR_MODIFY);
1926 ofport_run(struct ofport *ofport)
1929 cfm_run(ofport->cfm);
1931 if (cfm_should_send_ccm(ofport->cfm)) {
1932 struct ofpbuf packet;
1935 ofpbuf_init(&packet, 0);
1936 ccm = eth_compose(&packet, eth_addr_ccm, ofport->opp.hw_addr,
1937 ETH_TYPE_CFM, sizeof *ccm);
1938 cfm_compose_ccm(ofport->cfm, ccm);
1939 ofproto_send_packet(ofport->ofproto, ofport->odp_port, 0, &packet);
1940 ofpbuf_uninit(&packet);
1946 ofport_wait(struct ofport *ofport)
1949 cfm_wait(ofport->cfm);
1954 ofport_unregister(struct ofport *port)
1956 struct ofbundle *bundle = port->bundle;
1959 ofproto_bundle_del_port(port);
1960 if (list_is_empty(&bundle->ports)) {
1961 ofproto_bundle_destroy(bundle);
1962 } else if (list_is_short(&bundle->ports)) {
1963 bond_destroy(bundle->bond);
1964 bundle->bond = NULL;
1968 cfm_destroy(port->cfm);
1973 ofproto_port_unregister(struct ofproto *ofproto, uint32_t ofp_port)
1975 struct ofport *port = get_port(ofproto, ofp_port_to_odp_port(ofp_port));
1977 ofport_unregister(port);
1982 ofport_free(struct ofport *port)
1985 struct ofproto *ofproto = port->ofproto;
1986 const char *name = netdev_get_name(port->netdev);
1988 ofport_unregister(port);
1990 netdev_monitor_remove(ofproto->netdev_monitor, port->netdev);
1991 hmap_remove(&ofproto->ports, &port->hmap_node);
1992 shash_delete(&ofproto->port_by_name,
1993 shash_find(&ofproto->port_by_name, name));
1994 if (ofproto->sflow) {
1995 ofproto_sflow_del_port(ofproto->sflow, port->odp_port);
1998 netdev_close(port->netdev);
2003 static struct ofport *
2004 get_port(const struct ofproto *ofproto, uint16_t odp_port)
2006 struct ofport *port;
2008 HMAP_FOR_EACH_IN_BUCKET (port, hmap_node,
2009 hash_int(odp_port, 0), &ofproto->ports) {
2010 if (port->odp_port == odp_port) {
2018 update_port(struct ofproto *ofproto, const char *name)
2020 struct dpif_port dpif_port;
2021 struct ofp_phy_port opp;
2022 struct netdev *netdev;
2023 struct ofport *port;
2025 COVERAGE_INC(ofproto_update_port);
2027 /* Fetch 'name''s location and properties from the datapath. */
2028 netdev = (!dpif_port_query_by_name(ofproto->dpif, name, &dpif_port)
2029 ? ofport_open(&dpif_port, &opp)
2032 port = get_port(ofproto, dpif_port.port_no);
2033 if (port && !strcmp(netdev_get_name(port->netdev), name)) {
2034 /* 'name' hasn't changed location. Any properties changed? */
2035 if (!ofport_equal(&port->opp, &opp)) {
2036 ofport_modified(port, netdev, &opp);
2038 netdev_close(netdev);
2041 /* If 'port' is nonnull then its name differs from 'name' and thus
2042 * we should delete it. If we think there's a port named 'name'
2043 * then its port number must be wrong now so delete it too. */
2045 ofport_remove(port);
2047 ofport_remove_with_name(ofproto, name);
2048 ofport_install(ofproto, netdev, &opp);
2051 /* Any port named 'name' is gone now. */
2052 ofport_remove_with_name(ofproto, name);
2054 dpif_port_destroy(&dpif_port);
2058 init_ports(struct ofproto *p)
2060 struct dpif_port_dump dump;
2061 struct dpif_port dpif_port;
2063 DPIF_PORT_FOR_EACH (&dpif_port, &dump, p->dpif) {
2064 if (!ofport_conflicts(p, &dpif_port)) {
2065 struct ofp_phy_port opp;
2066 struct netdev *netdev;
2068 netdev = ofport_open(&dpif_port, &opp);
2070 ofport_install(p, netdev, &opp);
2078 /* Returns true if 'rule' should be hidden from the controller.
2080 * Rules with priority higher than UINT16_MAX are set up by ofproto itself
2081 * (e.g. by in-band control) and are intentionally hidden from the
2084 rule_is_hidden(const struct rule *rule)
2086 return rule->cr.priority > UINT16_MAX;
2089 /* Creates and returns a new rule initialized as specified.
2091 * The caller is responsible for inserting the rule into the classifier (with
2092 * rule_insert()). */
2093 static struct rule *
2094 rule_create(const struct cls_rule *cls_rule,
2095 const union ofp_action *actions, size_t n_actions,
2096 uint16_t idle_timeout, uint16_t hard_timeout,
2097 ovs_be64 flow_cookie, bool send_flow_removed)
2099 struct rule *rule = xzalloc(sizeof *rule);
2100 rule->cr = *cls_rule;
2101 rule->idle_timeout = idle_timeout;
2102 rule->hard_timeout = hard_timeout;
2103 rule->flow_cookie = flow_cookie;
2104 rule->used = rule->created = time_msec();
2105 rule->send_flow_removed = send_flow_removed;
2106 list_init(&rule->facets);
2107 if (n_actions > 0) {
2108 rule->n_actions = n_actions;
2109 rule->actions = xmemdup(actions, n_actions * sizeof *actions);
2115 static struct rule *
2116 rule_from_cls_rule(const struct cls_rule *cls_rule)
2118 return cls_rule ? CONTAINER_OF(cls_rule, struct rule, cr) : NULL;
2122 rule_free(struct rule *rule)
2124 free(rule->actions);
2128 /* Destroys 'rule' and iterates through all of its facets and revalidates them,
2129 * destroying any that no longer has a rule (which is probably all of them).
2131 * The caller must have already removed 'rule' from the classifier. */
2133 rule_destroy(struct ofproto *ofproto, struct rule *rule)
2135 struct facet *facet, *next_facet;
2136 LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) {
2137 facet_revalidate(ofproto, facet);
2142 /* Returns true if 'rule' has an OpenFlow OFPAT_OUTPUT or OFPAT_ENQUEUE action
2143 * that outputs to 'out_port' (output to OFPP_FLOOD and OFPP_ALL doesn't
2146 rule_has_out_port(const struct rule *rule, ovs_be16 out_port)
2148 const union ofp_action *oa;
2149 struct actions_iterator i;
2151 if (out_port == htons(OFPP_NONE)) {
2154 for (oa = actions_first(&i, rule->actions, rule->n_actions); oa;
2155 oa = actions_next(&i)) {
2156 if (action_outputs_to_port(oa, out_port)) {
2163 /* Executes, within 'ofproto', the 'n_actions' actions in 'actions' on
2164 * 'packet', which arrived on 'in_port'.
2166 * Takes ownership of 'packet'. */
2168 execute_odp_actions(struct ofproto *ofproto, const struct flow *flow,
2169 const struct nlattr *odp_actions, size_t actions_len,
2170 struct ofpbuf *packet)
2172 if (actions_len == NLA_ALIGN(NLA_HDRLEN + sizeof(uint64_t))
2173 && odp_actions->nla_type == ODP_ACTION_ATTR_CONTROLLER) {
2174 /* As an optimization, avoid a round-trip from userspace to kernel to
2175 * userspace. This also avoids possibly filling up kernel packet
2176 * buffers along the way. */
2177 struct dpif_upcall upcall;
2179 upcall.type = DPIF_UC_ACTION;
2180 upcall.packet = packet;
2183 upcall.userdata = nl_attr_get_u64(odp_actions);
2184 upcall.sample_pool = 0;
2185 upcall.actions = NULL;
2186 upcall.actions_len = 0;
2188 send_packet_in(ofproto, &upcall, flow, false);
2194 error = dpif_execute(ofproto->dpif, odp_actions, actions_len, packet);
2195 ofpbuf_delete(packet);
2200 /* Executes the actions indicated by 'facet' on 'packet' and credits 'facet''s
2201 * statistics appropriately. 'packet' must have at least sizeof(struct
2202 * ofp_packet_in) bytes of headroom.
2204 * For correct results, 'packet' must actually be in 'facet''s flow; that is,
2205 * applying flow_extract() to 'packet' would yield the same flow as
2208 * 'facet' must have accurately composed ODP actions; that is, it must not be
2209 * in need of revalidation.
2211 * Takes ownership of 'packet'. */
2213 facet_execute(struct ofproto *ofproto, struct facet *facet,
2214 struct ofpbuf *packet)
2216 struct dpif_flow_stats stats;
2218 assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in));
2220 flow_extract_stats(&facet->flow, packet, &stats);
2221 stats.used = time_msec();
2222 if (execute_odp_actions(ofproto, &facet->flow,
2223 facet->actions, facet->actions_len, packet)) {
2224 facet_update_stats(ofproto, facet, &stats);
2228 /* Executes the actions indicated by 'rule' on 'packet' and credits 'rule''s
2229 * statistics (or the statistics for one of its facets) appropriately.
2230 * 'packet' must have at least sizeof(struct ofp_packet_in) bytes of headroom.
2232 * 'packet' doesn't necessarily have to match 'rule'. 'rule' will be credited
2233 * with statistics for 'packet' either way.
2235 * Takes ownership of 'packet'. */
2237 rule_execute(struct ofproto *ofproto, struct rule *rule, uint16_t in_port,
2238 struct ofpbuf *packet)
2240 struct action_xlate_ctx ctx;
2241 struct ofpbuf *odp_actions;
2242 struct facet *facet;
2246 assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in));
2248 flow_extract(packet, 0, in_port, &flow);
2250 /* First look for a related facet. If we find one, account it to that. */
2251 facet = facet_lookup_valid(ofproto, &flow);
2252 if (facet && facet->rule == rule) {
2253 facet_execute(ofproto, facet, packet);
2257 /* Otherwise, if 'rule' is in fact the correct rule for 'packet', then
2258 * create a new facet for it and use that. */
2259 if (rule_lookup(ofproto, &flow) == rule) {
2260 facet = facet_create(ofproto, rule, &flow, packet);
2261 facet_execute(ofproto, facet, packet);
2262 facet_install(ofproto, facet, true);
2266 /* We can't account anything to a facet. If we were to try, then that
2267 * facet would have a non-matching rule, busting our invariants. */
2268 action_xlate_ctx_init(&ctx, ofproto, &flow, packet);
2269 odp_actions = xlate_actions(&ctx, rule->actions, rule->n_actions);
2270 size = packet->size;
2271 if (execute_odp_actions(ofproto, &flow, odp_actions->data,
2272 odp_actions->size, packet)) {
2273 rule->used = time_msec();
2274 rule->packet_count++;
2275 rule->byte_count += size;
2276 flow_push_stats(ofproto, rule, &flow, 1, size, rule->used);
2278 ofpbuf_delete(odp_actions);
2281 /* Inserts 'rule' into 'p''s flow table. */
2283 rule_insert(struct ofproto *p, struct rule *rule)
2285 struct rule *displaced_rule;
2287 displaced_rule = rule_from_cls_rule(classifier_insert(&p->cls, &rule->cr));
2288 if (displaced_rule) {
2289 rule_destroy(p, displaced_rule);
2291 p->need_revalidate = true;
2294 /* Creates and returns a new facet within 'ofproto' owned by 'rule', given a
2295 * 'flow' and an example 'packet' within that flow.
2297 * The caller must already have determined that no facet with an identical
2298 * 'flow' exists in 'ofproto' and that 'flow' is the best match for 'rule' in
2299 * 'ofproto''s classifier table. */
2300 static struct facet *
2301 facet_create(struct ofproto *ofproto, struct rule *rule,
2302 const struct flow *flow, const struct ofpbuf *packet)
2304 struct facet *facet;
2306 facet = xzalloc(sizeof *facet);
2307 facet->used = time_msec();
2308 hmap_insert(&ofproto->facets, &facet->hmap_node, flow_hash(flow, 0));
2309 list_push_back(&rule->facets, &facet->list_node);
2311 facet->flow = *flow;
2312 netflow_flow_init(&facet->nf_flow);
2313 netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, facet->used);
2315 facet_make_actions(ofproto, facet, packet);
2321 facet_free(struct facet *facet)
2323 free(facet->actions);
2327 /* Remove 'rule' from 'ofproto' and free up the associated memory:
2329 * - Removes 'rule' from the classifier.
2331 * - If 'rule' has facets, revalidates them (and possibly uninstalls and
2332 * destroys them), via rule_destroy().
2335 rule_remove(struct ofproto *ofproto, struct rule *rule)
2337 COVERAGE_INC(ofproto_del_rule);
2338 ofproto->need_revalidate = true;
2339 classifier_remove(&ofproto->cls, &rule->cr);
2340 rule_destroy(ofproto, rule);
2343 /* Remove 'facet' from 'ofproto' and free up the associated memory:
2345 * - If 'facet' was installed in the datapath, uninstalls it and updates its
2346 * rule's statistics, via facet_uninstall().
2348 * - Removes 'facet' from its rule and from ofproto->facets.
2351 facet_remove(struct ofproto *ofproto, struct facet *facet)
2353 facet_uninstall(ofproto, facet);
2354 facet_flush_stats(ofproto, facet);
2355 hmap_remove(&ofproto->facets, &facet->hmap_node);
2356 list_remove(&facet->list_node);
2360 /* Composes the ODP actions for 'facet' based on its rule's actions. */
2362 facet_make_actions(struct ofproto *p, struct facet *facet,
2363 const struct ofpbuf *packet)
2365 const struct rule *rule = facet->rule;
2366 struct ofpbuf *odp_actions;
2367 struct action_xlate_ctx ctx;
2369 action_xlate_ctx_init(&ctx, p, &facet->flow, packet);
2370 odp_actions = xlate_actions(&ctx, rule->actions, rule->n_actions);
2371 facet->tags = ctx.tags;
2372 facet->may_install = ctx.may_set_up_flow;
2373 facet->nf_flow.output_iface = ctx.nf_output_iface;
2375 if (facet->actions_len != odp_actions->size
2376 || memcmp(facet->actions, odp_actions->data, odp_actions->size)) {
2377 free(facet->actions);
2378 facet->actions_len = odp_actions->size;
2379 facet->actions = xmemdup(odp_actions->data, odp_actions->size);
2382 ofpbuf_delete(odp_actions);
2386 facet_put__(struct ofproto *ofproto, struct facet *facet,
2387 const struct nlattr *actions, size_t actions_len,
2388 struct dpif_flow_stats *stats)
2390 struct odputil_keybuf keybuf;
2391 enum dpif_flow_put_flags flags;
2394 flags = DPIF_FP_CREATE | DPIF_FP_MODIFY;
2396 flags |= DPIF_FP_ZERO_STATS;
2397 facet->dp_packet_count = 0;
2398 facet->dp_byte_count = 0;
2401 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
2402 odp_flow_key_from_flow(&key, &facet->flow);
2404 return dpif_flow_put(ofproto->dpif, flags, key.data, key.size,
2405 actions, actions_len, stats);
2408 /* If 'facet' is installable, inserts or re-inserts it into 'p''s datapath. If
2409 * 'zero_stats' is true, clears any existing statistics from the datapath for
2412 facet_install(struct ofproto *p, struct facet *facet, bool zero_stats)
2414 struct dpif_flow_stats stats;
2416 if (facet->may_install
2417 && !facet_put__(p, facet, facet->actions, facet->actions_len,
2418 zero_stats ? &stats : NULL)) {
2419 facet->installed = true;
2424 facet_account(struct ofproto *ofproto,
2425 struct facet *facet, uint64_t extra_bytes)
2427 uint64_t total_bytes, n_bytes;
2428 struct ofbundle *in_bundle;
2429 const struct nlattr *a;
2434 total_bytes = facet->byte_count + extra_bytes;
2435 if (total_bytes <= facet->accounted_bytes) {
2438 n_bytes = total_bytes - facet->accounted_bytes;
2439 facet->accounted_bytes = total_bytes;
2441 /* Test that 'tags' is nonzero to ensure that only flows that include an
2442 * OFPP_NORMAL action are used for learning and bond slave rebalancing.
2443 * This works because OFPP_NORMAL always sets a nonzero tag value.
2445 * Feed information from the active flows back into the learning table to
2446 * ensure that table is always in sync with what is actually flowing
2447 * through the datapath. */
2449 || !is_admissible(ofproto, &facet->flow, false, &dummy,
2450 &vlan, &in_bundle)) {
2454 update_learning_table(ofproto, &facet->flow, vlan, in_bundle);
2456 if (!ofproto->has_bonded_bundles) {
2459 NL_ATTR_FOR_EACH_UNSAFE (a, left, facet->actions, facet->actions_len) {
2460 if (nl_attr_type(a) == ODP_ACTION_ATTR_OUTPUT) {
2461 struct ofport *port = get_port(ofproto, nl_attr_get_u32(a));
2462 if (port && port->bundle && port->bundle->bond) {
2463 bond_account(port->bundle->bond, &facet->flow, vlan, n_bytes);
2469 /* If 'rule' is installed in the datapath, uninstalls it. */
2471 facet_uninstall(struct ofproto *p, struct facet *facet)
2473 if (facet->installed) {
2474 struct odputil_keybuf keybuf;
2475 struct dpif_flow_stats stats;
2478 ofpbuf_use_stack(&key, &keybuf, sizeof keybuf);
2479 odp_flow_key_from_flow(&key, &facet->flow);
2481 if (!dpif_flow_del(p->dpif, key.data, key.size, &stats)) {
2482 facet_update_stats(p, facet, &stats);
2484 facet->installed = false;
2485 facet->dp_packet_count = 0;
2486 facet->dp_byte_count = 0;
2488 assert(facet->dp_packet_count == 0);
2489 assert(facet->dp_byte_count == 0);
2493 /* Returns true if the only action for 'facet' is to send to the controller.
2494 * (We don't report NetFlow expiration messages for such facets because they
2495 * are just part of the control logic for the network, not real traffic). */
2497 facet_is_controller_flow(struct facet *facet)
2500 && facet->rule->n_actions == 1
2501 && action_outputs_to_port(&facet->rule->actions[0],
2502 htons(OFPP_CONTROLLER)));
2505 /* Folds all of 'facet''s statistics into its rule. Also updates the
2506 * accounting ofhook and emits a NetFlow expiration if appropriate. All of
2507 * 'facet''s statistics in the datapath should have been zeroed and folded into
2508 * its packet and byte counts before this function is called. */
2510 facet_flush_stats(struct ofproto *ofproto, struct facet *facet)
2512 assert(!facet->dp_byte_count);
2513 assert(!facet->dp_packet_count);
2515 facet_push_stats(ofproto, facet);
2516 facet_account(ofproto, facet, 0);
2518 if (ofproto->netflow && !facet_is_controller_flow(facet)) {
2519 struct ofexpired expired;
2520 expired.flow = facet->flow;
2521 expired.packet_count = facet->packet_count;
2522 expired.byte_count = facet->byte_count;
2523 expired.used = facet->used;
2524 netflow_expire(ofproto->netflow, &facet->nf_flow, &expired);
2527 facet->rule->packet_count += facet->packet_count;
2528 facet->rule->byte_count += facet->byte_count;
2530 /* Reset counters to prevent double counting if 'facet' ever gets
2532 facet->packet_count = 0;
2533 facet->byte_count = 0;
2534 facet->rs_packet_count = 0;
2535 facet->rs_byte_count = 0;
2536 facet->accounted_bytes = 0;
2538 netflow_flow_clear(&facet->nf_flow);
2541 /* Searches 'ofproto''s table of facets for one exactly equal to 'flow'.
2542 * Returns it if found, otherwise a null pointer.
2544 * The returned facet might need revalidation; use facet_lookup_valid()
2545 * instead if that is important. */
2546 static struct facet *
2547 facet_find(struct ofproto *ofproto, const struct flow *flow)
2549 struct facet *facet;
2551 HMAP_FOR_EACH_WITH_HASH (facet, hmap_node, flow_hash(flow, 0),
2553 if (flow_equal(flow, &facet->flow)) {
2561 /* Searches 'ofproto''s table of facets for one exactly equal to 'flow'.
2562 * Returns it if found, otherwise a null pointer.
2564 * The returned facet is guaranteed to be valid. */
2565 static struct facet *
2566 facet_lookup_valid(struct ofproto *ofproto, const struct flow *flow)
2568 struct facet *facet = facet_find(ofproto, flow);
2570 /* The facet we found might not be valid, since we could be in need of
2571 * revalidation. If it is not valid, don't return it. */
2573 && ofproto->need_revalidate
2574 && !facet_revalidate(ofproto, facet)) {
2575 COVERAGE_INC(ofproto_invalidated);
2582 /* Re-searches 'ofproto''s classifier for a rule matching 'facet':
2584 * - If the rule found is different from 'facet''s current rule, moves
2585 * 'facet' to the new rule and recompiles its actions.
2587 * - If the rule found is the same as 'facet''s current rule, leaves 'facet'
2588 * where it is and recompiles its actions anyway.
2590 * - If there is none, destroys 'facet'.
2592 * Returns true if 'facet' still exists, false if it has been destroyed. */
2594 facet_revalidate(struct ofproto *ofproto, struct facet *facet)
2596 struct action_xlate_ctx ctx;
2597 struct ofpbuf *odp_actions;
2598 struct rule *new_rule;
2599 bool actions_changed;
2601 COVERAGE_INC(facet_revalidate);
2603 /* Determine the new rule. */
2604 new_rule = rule_lookup(ofproto, &facet->flow);
2606 /* No new rule, so delete the facet. */
2607 facet_remove(ofproto, facet);
2611 /* Calculate new ODP actions.
2613 * We do not modify any 'facet' state yet, because we might need to, e.g.,
2614 * emit a NetFlow expiration and, if so, we need to have the old state
2615 * around to properly compose it. */
2616 action_xlate_ctx_init(&ctx, ofproto, &facet->flow, NULL);
2617 odp_actions = xlate_actions(&ctx, new_rule->actions, new_rule->n_actions);
2618 actions_changed = (facet->actions_len != odp_actions->size
2619 || memcmp(facet->actions, odp_actions->data,
2620 facet->actions_len));
2622 /* If the ODP actions changed or the installability changed, then we need
2623 * to talk to the datapath. */
2624 if (actions_changed || ctx.may_set_up_flow != facet->installed) {
2625 if (ctx.may_set_up_flow) {
2626 struct dpif_flow_stats stats;
2628 facet_put__(ofproto, facet,
2629 odp_actions->data, odp_actions->size, &stats);
2630 facet_update_stats(ofproto, facet, &stats);
2632 facet_uninstall(ofproto, facet);
2635 /* The datapath flow is gone or has zeroed stats, so push stats out of
2636 * 'facet' into 'rule'. */
2637 facet_flush_stats(ofproto, facet);
2640 /* Update 'facet' now that we've taken care of all the old state. */
2641 facet->tags = ctx.tags;
2642 facet->nf_flow.output_iface = ctx.nf_output_iface;
2643 facet->may_install = ctx.may_set_up_flow;
2644 if (actions_changed) {
2645 free(facet->actions);
2646 facet->actions_len = odp_actions->size;
2647 facet->actions = xmemdup(odp_actions->data, odp_actions->size);
2649 if (facet->rule != new_rule) {
2650 COVERAGE_INC(facet_changed_rule);
2651 list_remove(&facet->list_node);
2652 list_push_back(&new_rule->facets, &facet->list_node);
2653 facet->rule = new_rule;
2654 facet->used = new_rule->created;
2655 facet->rs_used = facet->used;
2658 ofpbuf_delete(odp_actions);
2663 /* Bridge packet processing functions. */
2666 struct ofport *port;
2671 struct dst builtin[32];
2673 size_t n, allocated;
2676 static void dst_set_init(struct dst_set *);
2677 static void dst_set_add(struct dst_set *, const struct dst *);
2678 static void dst_set_free(struct dst_set *);
2680 static struct ofport *ofbundle_get_a_port(const struct ofbundle *);
2683 set_dst(struct action_xlate_ctx *ctx, struct dst *dst,
2684 const struct ofbundle *in_bundle, const struct ofbundle *out_bundle)
2686 dst->vlan = (out_bundle->vlan >= 0 ? OFP_VLAN_NONE
2687 : in_bundle->vlan >= 0 ? in_bundle->vlan
2688 : ctx->flow.vlan_tci == 0 ? OFP_VLAN_NONE
2689 : vlan_tci_to_vid(ctx->flow.vlan_tci));
2691 dst->port = (!out_bundle->bond
2692 ? ofbundle_get_a_port(out_bundle)
2693 : bond_choose_output_slave(out_bundle->bond, &ctx->flow,
2694 dst->vlan, &ctx->tags));
2696 return dst->port != NULL;
2700 mirror_mask_ffs(mirror_mask_t mask)
2702 BUILD_ASSERT_DECL(sizeof(unsigned int) >= sizeof(mask));
2707 dst_set_init(struct dst_set *set)
2709 set->dsts = set->builtin;
2711 set->allocated = ARRAY_SIZE(set->builtin);
2715 dst_set_add(struct dst_set *set, const struct dst *dst)
2717 if (set->n >= set->allocated) {
2718 size_t new_allocated;
2719 struct dst *new_dsts;
2721 new_allocated = set->allocated * 2;
2722 new_dsts = xmalloc(new_allocated * sizeof *new_dsts);
2723 memcpy(new_dsts, set->dsts, set->n * sizeof *new_dsts);
2727 set->dsts = new_dsts;
2728 set->allocated = new_allocated;
2730 set->dsts[set->n++] = *dst;
2734 dst_set_free(struct dst_set *set)
2736 if (set->dsts != set->builtin) {
2742 dst_is_duplicate(const struct dst_set *set, const struct dst *test)
2745 for (i = 0; i < set->n; i++) {
2746 if (set->dsts[i].vlan == test->vlan
2747 && set->dsts[i].port == test->port) {
2755 ofbundle_trunks_vlan(const struct ofbundle *bundle, uint16_t vlan)
2757 return bundle->vlan < 0 && vlan_bitmap_contains(bundle->trunks, vlan);
2761 ofbundle_includes_vlan(const struct ofbundle *bundle, uint16_t vlan)
2763 return vlan == bundle->vlan || ofbundle_trunks_vlan(bundle, vlan);
2766 /* Returns an arbitrary interface within 'bundle'. */
2767 static struct ofport *
2768 ofbundle_get_a_port(const struct ofbundle *bundle)
2770 return CONTAINER_OF(list_front(&bundle->ports),
2771 struct ofport, bundle_node);
2775 compose_dsts(struct action_xlate_ctx *ctx, uint16_t vlan,
2776 const struct ofbundle *in_bundle,
2777 const struct ofbundle *out_bundle, struct dst_set *set)
2781 if (out_bundle == OFBUNDLE_FLOOD) {
2782 struct ofbundle *bundle;
2784 HMAP_FOR_EACH (bundle, hmap_node, &ctx->ofproto->bundles) {
2785 if (bundle != in_bundle
2786 && ofbundle_includes_vlan(bundle, vlan)
2787 && bundle->floodable
2788 && !bundle->mirror_out
2789 && set_dst(ctx, &dst, in_bundle, bundle)) {
2790 dst_set_add(set, &dst);
2793 ctx->nf_output_iface = NF_OUT_FLOOD;
2794 } else if (out_bundle && set_dst(ctx, &dst, in_bundle, out_bundle)) {
2795 dst_set_add(set, &dst);
2796 ctx->nf_output_iface = dst.port->odp_port;
2801 vlan_is_mirrored(const struct ofmirror *m, int vlan)
2803 return vlan_bitmap_contains(m->vlans, vlan);
2807 compose_mirror_dsts(struct action_xlate_ctx *ctx,
2808 uint16_t vlan, const struct ofbundle *in_bundle,
2809 struct dst_set *set)
2811 struct ofproto *ofproto = ctx->ofproto;
2812 mirror_mask_t mirrors;
2816 mirrors = in_bundle->src_mirrors;
2817 for (i = 0; i < set->n; i++) {
2818 mirrors |= set->dsts[i].port->bundle->dst_mirrors;
2825 flow_vlan = vlan_tci_to_vid(ctx->flow.vlan_tci);
2826 if (flow_vlan == 0) {
2827 flow_vlan = OFP_VLAN_NONE;
2831 struct ofmirror *m = ofproto->mirrors[mirror_mask_ffs(mirrors) - 1];
2832 if (vlan_is_mirrored(m, vlan)) {
2836 if (set_dst(ctx, &dst, in_bundle, m->out)
2837 && !dst_is_duplicate(set, &dst)) {
2838 dst_set_add(set, &dst);
2841 struct ofbundle *bundle;
2843 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
2844 if (ofbundle_includes_vlan(bundle, m->out_vlan)
2845 && set_dst(ctx, &dst, in_bundle, bundle))
2847 if (bundle->vlan < 0) {
2848 dst.vlan = m->out_vlan;
2850 if (dst_is_duplicate(set, &dst)) {
2854 /* Use the vlan tag on the original flow instead of
2855 * the one passed in the vlan parameter. This ensures
2856 * that we compare the vlan from before any implicit
2857 * tagging tags place. This is necessary because
2858 * dst->vlan is the final vlan, after removing implicit
2860 if (bundle == in_bundle && dst.vlan == flow_vlan) {
2861 /* Don't send out input port on same VLAN. */
2864 dst_set_add(set, &dst);
2869 mirrors &= mirrors - 1;
2874 compose_actions(struct action_xlate_ctx *ctx, uint16_t vlan,
2875 const struct ofbundle *in_bundle,
2876 const struct ofbundle *out_bundle)
2878 uint16_t initial_vlan, cur_vlan;
2879 const struct dst *dst;
2883 compose_dsts(ctx, vlan, in_bundle, out_bundle, &set);
2884 compose_mirror_dsts(ctx, vlan, in_bundle, &set);
2886 /* Output all the packets we can without having to change the VLAN. */
2887 initial_vlan = vlan_tci_to_vid(ctx->flow.vlan_tci);
2888 if (initial_vlan == 0) {
2889 initial_vlan = OFP_VLAN_NONE;
2891 for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) {
2892 if (dst->vlan != initial_vlan) {
2895 nl_msg_put_u32(ctx->odp_actions,
2896 ODP_ACTION_ATTR_OUTPUT, dst->port->odp_port);
2899 /* Then output the rest. */
2900 cur_vlan = initial_vlan;
2901 for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) {
2902 if (dst->vlan == initial_vlan) {
2905 if (dst->vlan != cur_vlan) {
2906 if (dst->vlan == OFP_VLAN_NONE) {
2907 nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_STRIP_VLAN);
2910 tci = htons(dst->vlan & VLAN_VID_MASK);
2911 tci |= ctx->flow.vlan_tci & htons(VLAN_PCP_MASK);
2912 nl_msg_put_be16(ctx->odp_actions,
2913 ODP_ACTION_ATTR_SET_DL_TCI, tci);
2915 cur_vlan = dst->vlan;
2917 nl_msg_put_u32(ctx->odp_actions,
2918 ODP_ACTION_ATTR_OUTPUT, dst->port->odp_port);
2924 /* Returns the effective vlan of a packet, taking into account both the
2925 * 802.1Q header and implicitly tagged ports. A value of 0 indicates that
2926 * the packet is untagged and -1 indicates it has an invalid header and
2927 * should be dropped. */
2929 flow_get_vlan(struct ofproto *ofproto, const struct flow *flow,
2930 struct ofbundle *in_bundle, bool have_packet)
2932 int vlan = vlan_tci_to_vid(flow->vlan_tci);
2933 if (in_bundle->vlan >= 0) {
2936 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2937 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
2938 "packet received on port %s configured with "
2939 "implicit VLAN %"PRIu16,
2940 ofproto->name, vlan,
2941 in_bundle->name, in_bundle->vlan);
2945 vlan = in_bundle->vlan;
2947 if (!ofbundle_includes_vlan(in_bundle, vlan)) {
2949 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
2950 VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
2951 "packet received on port %s not configured for "
2953 ofproto->name, vlan, in_bundle->name, vlan);
2962 /* A VM broadcasts a gratuitous ARP to indicate that it has resumed after
2963 * migration. Older Citrix-patched Linux DomU used gratuitous ARP replies to
2964 * indicate this; newer upstream kernels use gratuitous ARP requests. */
2966 is_gratuitous_arp(const struct flow *flow)
2968 return (flow->dl_type == htons(ETH_TYPE_ARP)
2969 && eth_addr_is_broadcast(flow->dl_dst)
2970 && (flow->nw_proto == ARP_OP_REPLY
2971 || (flow->nw_proto == ARP_OP_REQUEST
2972 && flow->nw_src == flow->nw_dst)));
2976 update_learning_table(struct ofproto *ofproto,
2977 const struct flow *flow, int vlan,
2978 struct ofbundle *in_bundle)
2980 struct mac_entry *mac;
2982 if (!mac_learning_may_learn(ofproto->ml, flow->dl_src, vlan)) {
2986 mac = mac_learning_insert(ofproto->ml, flow->dl_src, vlan);
2987 if (is_gratuitous_arp(flow)) {
2988 /* We don't want to learn from gratuitous ARP packets that are
2989 * reflected back over bond slaves so we lock the learning table. */
2990 if (!in_bundle->bond) {
2991 mac_entry_set_grat_arp_lock(mac);
2992 } else if (mac_entry_is_grat_arp_locked(mac)) {
2997 if (mac_entry_is_new(mac) || mac->port.p != in_bundle) {
2998 /* The log messages here could actually be useful in debugging,
2999 * so keep the rate limit relatively high. */
3000 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300);
3001 VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is "
3002 "on port %s in VLAN %d",
3003 ofproto->name, ETH_ADDR_ARGS(flow->dl_src),
3004 in_bundle->name, vlan);
3006 mac->port.p = in_bundle;
3007 tag_set_add(&ofproto->revalidate_set,
3008 mac_learning_changed(ofproto->ml, mac));
3012 /* Determines whether packets in 'flow' within 'br' should be forwarded or
3013 * dropped. Returns true if they may be forwarded, false if they should be
3016 * If 'have_packet' is true, it indicates that the caller is processing a
3017 * received packet. If 'have_packet' is false, then the caller is just
3018 * revalidating an existing flow because configuration has changed. Either
3019 * way, 'have_packet' only affects logging (there is no point in logging errors
3020 * during revalidation).
3022 * Sets '*in_portp' to the input port. This will be a null pointer if
3023 * flow->in_port does not designate a known input port (in which case
3024 * is_admissible() returns false).
3026 * When returning true, sets '*vlanp' to the effective VLAN of the input
3027 * packet, as returned by flow_get_vlan().
3029 * May also add tags to '*tags', although the current implementation only does
3030 * so in one special case.
3033 is_admissible(struct ofproto *ofproto, const struct flow *flow,
3035 tag_type *tags, int *vlanp, struct ofbundle **in_bundlep)
3037 struct ofport *in_port;
3038 struct ofbundle *in_bundle;
3041 /* Find the port and bundle for the received packet. */
3042 in_port = get_port(ofproto, flow->in_port);
3043 *in_bundlep = in_bundle = in_port->bundle;
3044 if (!in_port || !in_bundle) {
3045 /* No interface? Something fishy... */
3047 /* Odd. A few possible reasons here:
3049 * - We deleted a port but there are still a few packets queued up
3052 * - Someone externally added a port (e.g. "ovs-dpctl add-if") that
3053 * we don't know about.
3055 * - Packet arrived on the local port but the local port is not
3058 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3060 VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown "
3062 ofproto->name, flow->in_port);
3066 *vlanp = vlan = flow_get_vlan(ofproto, flow, in_bundle, have_packet);
3071 /* Drop frames for reserved multicast addresses. */
3072 if (eth_addr_is_reserved(flow->dl_dst)) {
3076 /* Drop frames on bundles reserved for mirroring. */
3077 if (in_bundle->mirror_out) {
3079 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
3080 VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port "
3081 "%s, which is reserved exclusively for mirroring",
3082 ofproto->name, in_bundle->name);
3087 if (in_bundle->bond) {
3088 struct mac_entry *mac;
3090 switch (bond_check_admissibility(in_bundle->bond, in_port,
3091 flow->dl_dst, tags)) {
3098 case BV_DROP_IF_MOVED:
3099 mac = mac_learning_lookup(ofproto->ml, flow->dl_src, vlan, NULL);
3100 if (mac && mac->port.p != in_bundle &&
3101 (!is_gratuitous_arp(flow)
3102 || mac_entry_is_grat_arp_locked(mac))) {
3112 /* If the composed actions may be applied to any packet in the given 'flow',
3113 * returns true. Otherwise, the actions should only be applied to 'packet', or
3114 * not at all, if 'packet' was NULL. */
3116 xlate_normal(struct action_xlate_ctx *ctx)
3118 struct ofbundle *in_bundle;
3119 struct ofbundle *out_bundle;
3120 struct mac_entry *mac;
3123 /* Check whether we should drop packets in this flow. */
3124 if (!is_admissible(ctx->ofproto, &ctx->flow, ctx->packet != NULL,
3125 &ctx->tags, &vlan, &in_bundle)) {
3130 /* Learn source MAC (but don't try to learn from revalidation). */
3132 update_learning_table(ctx->ofproto, &ctx->flow, vlan, in_bundle);
3135 /* Determine output bundle. */
3136 mac = mac_learning_lookup(ctx->ofproto->ml, ctx->flow.dl_dst, vlan,
3139 out_bundle = mac->port.p;
3140 } else if (!ctx->packet && !eth_addr_is_multicast(ctx->flow.dl_dst)) {
3141 /* If we are revalidating but don't have a learning entry then eject
3142 * the flow. Installing a flow that floods packets opens up a window
3143 * of time where we could learn from a packet reflected on a bond and
3144 * blackhole packets before the learning table is updated to reflect
3145 * the correct port. */
3148 out_bundle = OFBUNDLE_FLOOD;
3151 /* Don't send packets out their input bundles. */
3152 if (in_bundle == out_bundle) {
3158 compose_actions(ctx, vlan, in_bundle, out_bundle);
3165 send_error_oh(const struct ofconn *ofconn, const struct ofp_header *oh,
3168 struct ofpbuf *buf = ofputil_encode_error_msg(error, oh);
3170 COVERAGE_INC(ofproto_error);
3171 ofconn_send_reply(ofconn, buf);
3176 handle_echo_request(struct ofconn *ofconn, const struct ofp_header *oh)
3178 ofconn_send_reply(ofconn, make_echo_reply(oh));
3183 handle_features_request(struct ofconn *ofconn, const struct ofp_header *oh)
3185 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
3186 struct ofp_switch_features *osf;
3188 struct ofport *port;
3190 osf = make_openflow_xid(sizeof *osf, OFPT_FEATURES_REPLY, oh->xid, &buf);
3191 osf->datapath_id = htonll(ofproto->datapath_id);
3192 osf->n_buffers = htonl(pktbuf_capacity());
3194 osf->capabilities = htonl(OFPC_FLOW_STATS | OFPC_TABLE_STATS |
3195 OFPC_PORT_STATS | OFPC_ARP_MATCH_IP);
3196 osf->actions = htonl((1u << OFPAT_OUTPUT) |
3197 (1u << OFPAT_SET_VLAN_VID) |
3198 (1u << OFPAT_SET_VLAN_PCP) |
3199 (1u << OFPAT_STRIP_VLAN) |
3200 (1u << OFPAT_SET_DL_SRC) |
3201 (1u << OFPAT_SET_DL_DST) |
3202 (1u << OFPAT_SET_NW_SRC) |
3203 (1u << OFPAT_SET_NW_DST) |
3204 (1u << OFPAT_SET_NW_TOS) |
3205 (1u << OFPAT_SET_TP_SRC) |
3206 (1u << OFPAT_SET_TP_DST) |
3207 (1u << OFPAT_ENQUEUE));
3209 HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) {
3210 ofpbuf_put(buf, &port->opp, sizeof port->opp);
3213 ofconn_send_reply(ofconn, buf);
3218 handle_get_config_request(struct ofconn *ofconn, const struct ofp_header *oh)
3220 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
3222 struct ofp_switch_config *osc;
3226 /* Figure out flags. */
3227 dpif_get_drop_frags(ofproto->dpif, &drop_frags);
3228 flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL;
3231 osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf);
3232 osc->flags = htons(flags);
3233 osc->miss_send_len = htons(ofconn_get_miss_send_len(ofconn));
3234 ofconn_send_reply(ofconn, buf);
3240 handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc)
3242 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
3243 uint16_t flags = ntohs(osc->flags);
3245 if (ofconn_get_type(ofconn) == OFCONN_PRIMARY
3246 && ofconn_get_role(ofconn) != NX_ROLE_SLAVE) {
3247 switch (flags & OFPC_FRAG_MASK) {
3248 case OFPC_FRAG_NORMAL:
3249 dpif_set_drop_frags(ofproto->dpif, false);
3251 case OFPC_FRAG_DROP:
3252 dpif_set_drop_frags(ofproto->dpif, true);
3255 VLOG_WARN_RL(&rl, "requested bad fragment mode (flags=%"PRIx16")",
3261 ofconn_set_miss_send_len(ofconn, ntohs(osc->miss_send_len));
3266 static void do_xlate_actions(const union ofp_action *in, size_t n_in,
3267 struct action_xlate_ctx *ctx);
3270 add_output_action(struct action_xlate_ctx *ctx, uint16_t port)
3272 const struct ofport *ofport = get_port(ctx->ofproto, port);
3275 if (ofport->opp.config & htonl(OFPPC_NO_FWD)) {
3276 /* Forwarding disabled on port. */
3281 * We don't have an ofport record for this port, but it doesn't hurt to
3282 * allow forwarding to it anyhow. Maybe such a port will appear later
3283 * and we're pre-populating the flow table.
3287 nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_OUTPUT, port);
3288 ctx->nf_output_iface = port;
3291 static struct rule *
3292 rule_lookup(struct ofproto *ofproto, const struct flow *flow)
3294 return rule_from_cls_rule(classifier_lookup(&ofproto->cls, flow));
3298 xlate_table_action(struct action_xlate_ctx *ctx, uint16_t in_port)
3300 if (ctx->recurse < MAX_RESUBMIT_RECURSION) {
3301 uint16_t old_in_port;
3304 /* Look up a flow with 'in_port' as the input port. Then restore the
3305 * original input port (otherwise OFPP_NORMAL and OFPP_IN_PORT will
3306 * have surprising behavior). */
3307 old_in_port = ctx->flow.in_port;
3308 ctx->flow.in_port = in_port;
3309 rule = rule_lookup(ctx->ofproto, &ctx->flow);
3310 ctx->flow.in_port = old_in_port;
3312 if (ctx->resubmit_hook) {
3313 ctx->resubmit_hook(ctx, rule);
3318 do_xlate_actions(rule->actions, rule->n_actions, ctx);
3322 static struct vlog_rate_limit recurse_rl = VLOG_RATE_LIMIT_INIT(1, 1);
3324 VLOG_ERR_RL(&recurse_rl, "NXAST_RESUBMIT recursed over %d times",
3325 MAX_RESUBMIT_RECURSION);
3330 flood_packets(struct ofproto *ofproto, uint16_t odp_in_port, ovs_be32 mask,
3331 uint16_t *nf_output_iface, struct ofpbuf *odp_actions)
3333 struct ofport *ofport;
3335 HMAP_FOR_EACH (ofport, hmap_node, &ofproto->ports) {
3336 uint16_t odp_port = ofport->odp_port;
3337 if (odp_port != odp_in_port && !(ofport->opp.config & mask)) {
3338 nl_msg_put_u32(odp_actions, ODP_ACTION_ATTR_OUTPUT, odp_port);
3341 *nf_output_iface = NF_OUT_FLOOD;
3345 xlate_output_action__(struct action_xlate_ctx *ctx,
3346 uint16_t port, uint16_t max_len)
3349 uint16_t prev_nf_output_iface = ctx->nf_output_iface;
3351 ctx->nf_output_iface = NF_OUT_DROP;
3355 add_output_action(ctx, ctx->flow.in_port);
3358 xlate_table_action(ctx, ctx->flow.in_port);
3364 flood_packets(ctx->ofproto, ctx->flow.in_port, htonl(OFPPC_NO_FLOOD),
3365 &ctx->nf_output_iface, ctx->odp_actions);
3368 flood_packets(ctx->ofproto, ctx->flow.in_port, htonl(0),
3369 &ctx->nf_output_iface, ctx->odp_actions);
3371 case OFPP_CONTROLLER:
3372 nl_msg_put_u64(ctx->odp_actions, ODP_ACTION_ATTR_CONTROLLER, max_len);
3375 add_output_action(ctx, ODPP_LOCAL);
3378 odp_port = ofp_port_to_odp_port(port);
3379 if (odp_port != ctx->flow.in_port) {
3380 add_output_action(ctx, odp_port);
3385 if (prev_nf_output_iface == NF_OUT_FLOOD) {
3386 ctx->nf_output_iface = NF_OUT_FLOOD;
3387 } else if (ctx->nf_output_iface == NF_OUT_DROP) {
3388 ctx->nf_output_iface = prev_nf_output_iface;
3389 } else if (prev_nf_output_iface != NF_OUT_DROP &&
3390 ctx->nf_output_iface != NF_OUT_FLOOD) {
3391 ctx->nf_output_iface = NF_OUT_MULTI;
3396 xlate_output_action(struct action_xlate_ctx *ctx,
3397 const struct ofp_action_output *oao)
3399 xlate_output_action__(ctx, ntohs(oao->port), ntohs(oao->max_len));
3402 /* If the final ODP action in 'ctx' is "pop priority", drop it, as an
3403 * optimization, because we're going to add another action that sets the
3404 * priority immediately after, or because there are no actions following the
3407 remove_pop_action(struct action_xlate_ctx *ctx)
3409 if (ctx->odp_actions->size == ctx->last_pop_priority) {
3410 ctx->odp_actions->size -= NLA_ALIGN(NLA_HDRLEN);
3411 ctx->last_pop_priority = -1;
3416 add_pop_action(struct action_xlate_ctx *ctx)
3418 if (ctx->odp_actions->size != ctx->last_pop_priority) {
3419 nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_POP_PRIORITY);
3420 ctx->last_pop_priority = ctx->odp_actions->size;
3425 xlate_enqueue_action(struct action_xlate_ctx *ctx,
3426 const struct ofp_action_enqueue *oae)
3428 uint16_t ofp_port, odp_port;
3432 error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(oae->queue_id),
3435 /* Fall back to ordinary output action. */
3436 xlate_output_action__(ctx, ntohs(oae->port), 0);
3440 /* Figure out ODP output port. */
3441 ofp_port = ntohs(oae->port);
3442 if (ofp_port != OFPP_IN_PORT) {
3443 odp_port = ofp_port_to_odp_port(ofp_port);
3445 odp_port = ctx->flow.in_port;
3448 /* Add ODP actions. */
3449 remove_pop_action(ctx);
3450 nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_SET_PRIORITY, priority);
3451 add_output_action(ctx, odp_port);
3452 add_pop_action(ctx);
3454 /* Update NetFlow output port. */
3455 if (ctx->nf_output_iface == NF_OUT_DROP) {
3456 ctx->nf_output_iface = odp_port;
3457 } else if (ctx->nf_output_iface != NF_OUT_FLOOD) {
3458 ctx->nf_output_iface = NF_OUT_MULTI;
3463 xlate_set_queue_action(struct action_xlate_ctx *ctx,
3464 const struct nx_action_set_queue *nasq)
3469 error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(nasq->queue_id),
3472 /* Couldn't translate queue to a priority, so ignore. A warning
3473 * has already been logged. */
3477 remove_pop_action(ctx);
3478 nl_msg_put_u32(ctx->odp_actions, ODP_ACTION_ATTR_SET_PRIORITY, priority);
3482 xlate_set_dl_tci(struct action_xlate_ctx *ctx)
3484 ovs_be16 tci = ctx->flow.vlan_tci;
3485 if (!(tci & htons(VLAN_CFI))) {
3486 nl_msg_put_flag(ctx->odp_actions, ODP_ACTION_ATTR_STRIP_VLAN);
3488 nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_TCI,
3489 tci & ~htons(VLAN_CFI));
3493 struct xlate_reg_state {
3499 save_reg_state(const struct action_xlate_ctx *ctx,
3500 struct xlate_reg_state *state)
3502 state->vlan_tci = ctx->flow.vlan_tci;
3503 state->tun_id = ctx->flow.tun_id;
3507 update_reg_state(struct action_xlate_ctx *ctx,
3508 const struct xlate_reg_state *state)
3510 if (ctx->flow.vlan_tci != state->vlan_tci) {
3511 xlate_set_dl_tci(ctx);
3513 if (ctx->flow.tun_id != state->tun_id) {
3514 nl_msg_put_be64(ctx->odp_actions,
3515 ODP_ACTION_ATTR_SET_TUNNEL, ctx->flow.tun_id);
3520 xlate_autopath(struct action_xlate_ctx *ctx,
3521 const struct nx_action_autopath *naa)
3523 uint16_t ofp_port = ntohl(naa->id);
3524 struct ofport *port;
3526 port = get_port(ctx->ofproto, ofp_port_to_odp_port(ofp_port));
3527 if (!port || !port->bundle) {
3528 ofp_port = OFPP_NONE;
3529 } else if (port->bundle->bond) {
3530 /* Autopath does not support VLAN hashing. */
3531 struct ofport *slave = bond_choose_output_slave(
3532 port->bundle->bond, &ctx->flow, OFP_VLAN_NONE, &ctx->tags);
3534 ofp_port = odp_port_to_ofp_port(slave->odp_port);
3537 autopath_execute(naa, &ctx->flow, ofp_port);
3541 xlate_nicira_action(struct action_xlate_ctx *ctx,
3542 const struct nx_action_header *nah)
3544 const struct nx_action_resubmit *nar;
3545 const struct nx_action_set_tunnel *nast;
3546 const struct nx_action_set_queue *nasq;
3547 const struct nx_action_multipath *nam;
3548 const struct nx_action_autopath *naa;
3549 enum nx_action_subtype subtype = ntohs(nah->subtype);
3550 struct xlate_reg_state state;
3553 assert(nah->vendor == htonl(NX_VENDOR_ID));
3555 case NXAST_RESUBMIT:
3556 nar = (const struct nx_action_resubmit *) nah;
3557 xlate_table_action(ctx, ofp_port_to_odp_port(ntohs(nar->in_port)));
3560 case NXAST_SET_TUNNEL:
3561 nast = (const struct nx_action_set_tunnel *) nah;
3562 tun_id = htonll(ntohl(nast->tun_id));
3563 nl_msg_put_be64(ctx->odp_actions, ODP_ACTION_ATTR_SET_TUNNEL, tun_id);
3564 ctx->flow.tun_id = tun_id;
3567 case NXAST_DROP_SPOOFED_ARP:
3568 if (ctx->flow.dl_type == htons(ETH_TYPE_ARP)) {
3569 nl_msg_put_flag(ctx->odp_actions,
3570 ODP_ACTION_ATTR_DROP_SPOOFED_ARP);
3574 case NXAST_SET_QUEUE:
3575 nasq = (const struct nx_action_set_queue *) nah;
3576 xlate_set_queue_action(ctx, nasq);
3579 case NXAST_POP_QUEUE:
3580 add_pop_action(ctx);
3583 case NXAST_REG_MOVE:
3584 save_reg_state(ctx, &state);
3585 nxm_execute_reg_move((const struct nx_action_reg_move *) nah,
3587 update_reg_state(ctx, &state);
3590 case NXAST_REG_LOAD:
3591 save_reg_state(ctx, &state);
3592 nxm_execute_reg_load((const struct nx_action_reg_load *) nah,
3594 update_reg_state(ctx, &state);
3598 /* Nothing to do. */
3601 case NXAST_SET_TUNNEL64:
3602 tun_id = ((const struct nx_action_set_tunnel64 *) nah)->tun_id;
3603 nl_msg_put_be64(ctx->odp_actions, ODP_ACTION_ATTR_SET_TUNNEL, tun_id);
3604 ctx->flow.tun_id = tun_id;
3607 case NXAST_MULTIPATH:
3608 nam = (const struct nx_action_multipath *) nah;
3609 multipath_execute(nam, &ctx->flow);
3612 case NXAST_AUTOPATH:
3613 naa = (const struct nx_action_autopath *) nah;
3614 xlate_autopath(ctx, naa);
3617 /* If you add a new action here that modifies flow data, don't forget to
3618 * update the flow key in ctx->flow at the same time. */
3620 case NXAST_SNAT__OBSOLETE:
3622 VLOG_DBG_RL(&rl, "unknown Nicira action type %d", (int) subtype);
3628 do_xlate_actions(const union ofp_action *in, size_t n_in,
3629 struct action_xlate_ctx *ctx)
3631 struct actions_iterator iter;
3632 const union ofp_action *ia;
3633 const struct ofport *port;
3635 port = get_port(ctx->ofproto, ctx->flow.in_port);
3636 if (port && port->opp.config & htonl(OFPPC_NO_RECV | OFPPC_NO_RECV_STP) &&
3637 port->opp.config & (eth_addr_equals(ctx->flow.dl_dst, eth_addr_stp)
3638 ? htonl(OFPPC_NO_RECV_STP)
3639 : htonl(OFPPC_NO_RECV))) {
3640 /* Drop this flow. */
3644 for (ia = actions_first(&iter, in, n_in); ia; ia = actions_next(&iter)) {
3645 enum ofp_action_type type = ntohs(ia->type);
3646 const struct ofp_action_dl_addr *oada;
3650 xlate_output_action(ctx, &ia->output);
3653 case OFPAT_SET_VLAN_VID:
3654 ctx->flow.vlan_tci &= ~htons(VLAN_VID_MASK);
3655 ctx->flow.vlan_tci |= ia->vlan_vid.vlan_vid | htons(VLAN_CFI);
3656 xlate_set_dl_tci(ctx);
3659 case OFPAT_SET_VLAN_PCP:
3660 ctx->flow.vlan_tci &= ~htons(VLAN_PCP_MASK);
3661 ctx->flow.vlan_tci |= htons(
3662 (ia->vlan_pcp.vlan_pcp << VLAN_PCP_SHIFT) | VLAN_CFI);
3663 xlate_set_dl_tci(ctx);
3666 case OFPAT_STRIP_VLAN:
3667 ctx->flow.vlan_tci = htons(0);
3668 xlate_set_dl_tci(ctx);
3671 case OFPAT_SET_DL_SRC:
3672 oada = ((struct ofp_action_dl_addr *) ia);
3673 nl_msg_put_unspec(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_SRC,
3674 oada->dl_addr, ETH_ADDR_LEN);
3675 memcpy(ctx->flow.dl_src, oada->dl_addr, ETH_ADDR_LEN);
3678 case OFPAT_SET_DL_DST:
3679 oada = ((struct ofp_action_dl_addr *) ia);
3680 nl_msg_put_unspec(ctx->odp_actions, ODP_ACTION_ATTR_SET_DL_DST,
3681 oada->dl_addr, ETH_ADDR_LEN);
3682 memcpy(ctx->flow.dl_dst, oada->dl_addr, ETH_ADDR_LEN);
3685 case OFPAT_SET_NW_SRC:
3686 nl_msg_put_be32(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_SRC,
3687 ia->nw_addr.nw_addr);
3688 ctx->flow.nw_src = ia->nw_addr.nw_addr;
3691 case OFPAT_SET_NW_DST:
3692 nl_msg_put_be32(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_DST,
3693 ia->nw_addr.nw_addr);
3694 ctx->flow.nw_dst = ia->nw_addr.nw_addr;
3697 case OFPAT_SET_NW_TOS:
3698 nl_msg_put_u8(ctx->odp_actions, ODP_ACTION_ATTR_SET_NW_TOS,
3700 ctx->flow.nw_tos = ia->nw_tos.nw_tos;
3703 case OFPAT_SET_TP_SRC:
3704 nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_TP_SRC,
3705 ia->tp_port.tp_port);
3706 ctx->flow.tp_src = ia->tp_port.tp_port;
3709 case OFPAT_SET_TP_DST:
3710 nl_msg_put_be16(ctx->odp_actions, ODP_ACTION_ATTR_SET_TP_DST,
3711 ia->tp_port.tp_port);
3712 ctx->flow.tp_dst = ia->tp_port.tp_port;
3716 xlate_nicira_action(ctx, (const struct nx_action_header *) ia);
3720 xlate_enqueue_action(ctx, (const struct ofp_action_enqueue *) ia);
3724 VLOG_DBG_RL(&rl, "unknown action type %d", (int) type);
3731 action_xlate_ctx_init(struct action_xlate_ctx *ctx,
3732 struct ofproto *ofproto, const struct flow *flow,
3733 const struct ofpbuf *packet)
3735 ctx->ofproto = ofproto;
3737 ctx->packet = packet;
3738 ctx->resubmit_hook = NULL;
3739 ctx->check_special = true;
3743 ofproto_process_special(struct ofproto *ofproto, const struct flow *flow,
3744 const struct ofpbuf *packet)
3746 if (cfm_should_process_flow(flow)) {
3747 struct ofport *ofport = get_port(ofproto, flow->in_port);
3748 if (ofport && ofport->cfm) {
3749 cfm_process_heartbeat(ofport->cfm, packet);
3752 } else if (flow->dl_type == htons(ETH_TYPE_LACP)) {
3753 struct ofport *port = get_port(ofproto, flow->in_port);
3754 if (port && port->bundle && port->bundle->lacp) {
3755 const struct lacp_pdu *pdu = parse_lacp_packet(packet);
3757 lacp_process_pdu(port->bundle->lacp, port, pdu);
3765 static struct ofpbuf *
3766 xlate_actions(struct action_xlate_ctx *ctx,
3767 const union ofp_action *in, size_t n_in)
3769 COVERAGE_INC(ofproto_ofp2odp);
3771 ctx->odp_actions = ofpbuf_new(512);
3773 ctx->may_set_up_flow = true;
3774 ctx->nf_output_iface = NF_OUT_DROP;
3776 ctx->last_pop_priority = -1;
3778 if (ctx->check_special
3779 && ofproto_process_special(ctx->ofproto, &ctx->flow, ctx->packet)) {
3780 ctx->may_set_up_flow = false;
3782 do_xlate_actions(in, n_in, ctx);
3785 remove_pop_action(ctx);
3787 /* Check with in-band control to see if we're allowed to set up this
3789 if (!connmgr_may_set_up_flow(ctx->ofproto->connmgr, &ctx->flow,
3790 ctx->odp_actions->data,
3791 ctx->odp_actions->size)) {
3792 ctx->may_set_up_flow = false;
3795 return ctx->odp_actions;
3798 /* Checks whether 'ofconn' is a slave controller. If so, returns an OpenFlow
3799 * error message code (composed with ofp_mkerr()) for the caller to propagate
3800 * upward. Otherwise, returns 0.
3802 * The log message mentions 'msg_type'. */
3804 reject_slave_controller(struct ofconn *ofconn, const const char *msg_type)
3806 if (ofconn_get_type(ofconn) == OFCONN_PRIMARY
3807 && ofconn_get_role(ofconn) == NX_ROLE_SLAVE) {
3808 static struct vlog_rate_limit perm_rl = VLOG_RATE_LIMIT_INIT(1, 5);
3809 VLOG_WARN_RL(&perm_rl, "rejecting %s message from slave controller",
3812 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
3819 handle_packet_out(struct ofconn *ofconn, const struct ofp_header *oh)
3821 struct ofproto *p = ofconn_get_ofproto(ofconn);
3822 struct ofp_packet_out *opo;
3823 struct ofpbuf payload, *buffer;
3824 union ofp_action *ofp_actions;
3825 struct action_xlate_ctx ctx;
3826 struct ofpbuf *odp_actions;
3827 struct ofpbuf request;
3829 size_t n_ofp_actions;
3833 COVERAGE_INC(ofproto_packet_out);
3835 error = reject_slave_controller(ofconn, "OFPT_PACKET_OUT");
3840 /* Get ofp_packet_out. */
3841 ofpbuf_use_const(&request, oh, ntohs(oh->length));
3842 opo = ofpbuf_pull(&request, offsetof(struct ofp_packet_out, actions));
3845 error = ofputil_pull_actions(&request, ntohs(opo->actions_len),
3846 &ofp_actions, &n_ofp_actions);
3852 if (opo->buffer_id != htonl(UINT32_MAX)) {
3853 error = ofconn_pktbuf_retrieve(ofconn, ntohl(opo->buffer_id),
3855 if (error || !buffer) {
3864 /* Extract flow, check actions. */
3865 flow_extract(&payload, 0, ofp_port_to_odp_port(ntohs(opo->in_port)),
3867 error = validate_actions(ofp_actions, n_ofp_actions, &flow, p->max_ports);
3873 action_xlate_ctx_init(&ctx, p, &flow, &payload);
3874 odp_actions = xlate_actions(&ctx, ofp_actions, n_ofp_actions);
3875 dpif_execute(p->dpif, odp_actions->data, odp_actions->size, &payload);
3876 ofpbuf_delete(odp_actions);
3879 ofpbuf_delete(buffer);
3884 update_port_config(struct ofproto *p, struct ofport *port,
3885 ovs_be32 config, ovs_be32 mask)
3887 mask &= config ^ port->opp.config;
3888 if (mask & htonl(OFPPC_PORT_DOWN)) {
3889 if (config & htonl(OFPPC_PORT_DOWN)) {
3890 netdev_turn_flags_off(port->netdev, NETDEV_UP, true);
3892 netdev_turn_flags_on(port->netdev, NETDEV_UP, true);
3895 #define REVALIDATE_BITS (OFPPC_NO_RECV | OFPPC_NO_RECV_STP | \
3896 OFPPC_NO_FWD | OFPPC_NO_FLOOD)
3897 if (mask & htonl(REVALIDATE_BITS)) {
3898 COVERAGE_INC(ofproto_costly_flags);
3899 port->opp.config ^= mask & htonl(REVALIDATE_BITS);
3900 p->need_revalidate = true;
3902 #undef REVALIDATE_BITS
3903 if (mask & htonl(OFPPC_NO_PACKET_IN)) {
3904 port->opp.config ^= htonl(OFPPC_NO_PACKET_IN);
3909 handle_port_mod(struct ofconn *ofconn, const struct ofp_header *oh)
3911 struct ofproto *p = ofconn_get_ofproto(ofconn);
3912 const struct ofp_port_mod *opm = (const struct ofp_port_mod *) oh;
3913 struct ofport *port;
3916 error = reject_slave_controller(ofconn, "OFPT_PORT_MOD");
3921 port = get_port(p, ofp_port_to_odp_port(ntohs(opm->port_no)));
3923 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_PORT);
3924 } else if (memcmp(port->opp.hw_addr, opm->hw_addr, OFP_ETH_ALEN)) {
3925 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_HW_ADDR);
3927 update_port_config(p, port, opm->config, opm->mask);
3928 if (opm->advertise) {
3929 netdev_set_advertisements(port->netdev, ntohl(opm->advertise));
3935 static struct ofpbuf *
3936 make_ofp_stats_reply(ovs_be32 xid, ovs_be16 type, size_t body_len)
3938 struct ofp_stats_reply *osr;
3941 msg = ofpbuf_new(MIN(sizeof *osr + body_len, UINT16_MAX));
3942 osr = put_openflow_xid(sizeof *osr, OFPT_STATS_REPLY, xid, msg);
3944 osr->flags = htons(0);
3948 static struct ofpbuf *
3949 start_ofp_stats_reply(const struct ofp_header *request, size_t body_len)
3951 const struct ofp_stats_request *osr
3952 = (const struct ofp_stats_request *) request;
3953 return make_ofp_stats_reply(osr->header.xid, osr->type, body_len);
3957 append_ofp_stats_reply(size_t nbytes, struct ofconn *ofconn,
3958 struct ofpbuf **msgp)
3960 struct ofpbuf *msg = *msgp;
3961 assert(nbytes <= UINT16_MAX - sizeof(struct ofp_stats_reply));
3962 if (nbytes + msg->size > UINT16_MAX) {
3963 struct ofp_stats_reply *reply = msg->data;
3964 reply->flags = htons(OFPSF_REPLY_MORE);
3965 *msgp = make_ofp_stats_reply(reply->header.xid, reply->type, nbytes);
3966 ofconn_send_reply(ofconn, msg);
3968 return ofpbuf_put_uninit(*msgp, nbytes);
3971 static struct ofpbuf *
3972 make_nxstats_reply(ovs_be32 xid, ovs_be32 subtype, size_t body_len)
3974 struct nicira_stats_msg *nsm;
3977 msg = ofpbuf_new(MIN(sizeof *nsm + body_len, UINT16_MAX));
3978 nsm = put_openflow_xid(sizeof *nsm, OFPT_STATS_REPLY, xid, msg);
3979 nsm->type = htons(OFPST_VENDOR);
3980 nsm->flags = htons(0);
3981 nsm->vendor = htonl(NX_VENDOR_ID);
3982 nsm->subtype = subtype;
3986 static struct ofpbuf *
3987 start_nxstats_reply(const struct nicira_stats_msg *request, size_t body_len)
3989 return make_nxstats_reply(request->header.xid, request->subtype, body_len);
3993 append_nxstats_reply(size_t nbytes, struct ofconn *ofconn,
3994 struct ofpbuf **msgp)
3996 struct ofpbuf *msg = *msgp;
3997 assert(nbytes <= UINT16_MAX - sizeof(struct nicira_stats_msg));
3998 if (nbytes + msg->size > UINT16_MAX) {
3999 struct nicira_stats_msg *reply = msg->data;
4000 reply->flags = htons(OFPSF_REPLY_MORE);
4001 *msgp = make_nxstats_reply(reply->header.xid, reply->subtype, nbytes);
4002 ofconn_send_reply(ofconn, msg);
4004 ofpbuf_prealloc_tailroom(*msgp, nbytes);
4008 handle_desc_stats_request(struct ofconn *ofconn,
4009 const struct ofp_header *request)
4011 struct ofproto *p = ofconn_get_ofproto(ofconn);
4012 struct ofp_desc_stats *ods;
4015 msg = start_ofp_stats_reply(request, sizeof *ods);
4016 ods = append_ofp_stats_reply(sizeof *ods, ofconn, &msg);
4017 memset(ods, 0, sizeof *ods);
4018 ovs_strlcpy(ods->mfr_desc, p->mfr_desc, sizeof ods->mfr_desc);
4019 ovs_strlcpy(ods->hw_desc, p->hw_desc, sizeof ods->hw_desc);
4020 ovs_strlcpy(ods->sw_desc, p->sw_desc, sizeof ods->sw_desc);
4021 ovs_strlcpy(ods->serial_num, p->serial_desc, sizeof ods->serial_num);
4022 ovs_strlcpy(ods->dp_desc, p->dp_desc, sizeof ods->dp_desc);
4023 ofconn_send_reply(ofconn, msg);
4029 handle_table_stats_request(struct ofconn *ofconn,
4030 const struct ofp_header *request)
4032 struct ofproto *p = ofconn_get_ofproto(ofconn);
4033 struct ofp_table_stats *ots;
4036 msg = start_ofp_stats_reply(request, sizeof *ots * 2);
4038 /* Classifier table. */
4039 ots = append_ofp_stats_reply(sizeof *ots, ofconn, &msg);
4040 memset(ots, 0, sizeof *ots);
4041 strcpy(ots->name, "classifier");
4042 ots->wildcards = (ofconn_get_flow_format(ofconn) == NXFF_OPENFLOW10
4043 ? htonl(OFPFW_ALL) : htonl(OVSFW_ALL));
4044 ots->max_entries = htonl(1024 * 1024); /* An arbitrary big number. */
4045 ots->active_count = htonl(classifier_count(&p->cls));
4046 put_32aligned_be64(&ots->lookup_count, htonll(0)); /* XXX */
4047 put_32aligned_be64(&ots->matched_count, htonll(0)); /* XXX */
4049 ofconn_send_reply(ofconn, msg);
4054 append_port_stat(struct ofport *port, struct ofconn *ofconn,
4055 struct ofpbuf **msgp)
4057 struct netdev_stats stats;
4058 struct ofp_port_stats *ops;
4060 /* Intentionally ignore return value, since errors will set
4061 * 'stats' to all-1s, which is correct for OpenFlow, and
4062 * netdev_get_stats() will log errors. */
4063 netdev_get_stats(port->netdev, &stats);
4065 ops = append_ofp_stats_reply(sizeof *ops, ofconn, msgp);
4066 ops->port_no = port->opp.port_no;
4067 memset(ops->pad, 0, sizeof ops->pad);
4068 put_32aligned_be64(&ops->rx_packets, htonll(stats.rx_packets));
4069 put_32aligned_be64(&ops->tx_packets, htonll(stats.tx_packets));
4070 put_32aligned_be64(&ops->rx_bytes, htonll(stats.rx_bytes));
4071 put_32aligned_be64(&ops->tx_bytes, htonll(stats.tx_bytes));
4072 put_32aligned_be64(&ops->rx_dropped, htonll(stats.rx_dropped));
4073 put_32aligned_be64(&ops->tx_dropped, htonll(stats.tx_dropped));
4074 put_32aligned_be64(&ops->rx_errors, htonll(stats.rx_errors));
4075 put_32aligned_be64(&ops->tx_errors, htonll(stats.tx_errors));
4076 put_32aligned_be64(&ops->rx_frame_err, htonll(stats.rx_frame_errors));
4077 put_32aligned_be64(&ops->rx_over_err, htonll(stats.rx_over_errors));
4078 put_32aligned_be64(&ops->rx_crc_err, htonll(stats.rx_crc_errors));
4079 put_32aligned_be64(&ops->collisions, htonll(stats.collisions));
4083 handle_port_stats_request(struct ofconn *ofconn, const struct ofp_header *oh)
4085 struct ofproto *p = ofconn_get_ofproto(ofconn);
4086 const struct ofp_port_stats_request *psr = ofputil_stats_body(oh);
4087 struct ofp_port_stats *ops;
4089 struct ofport *port;
4091 msg = start_ofp_stats_reply(oh, sizeof *ops * 16);
4092 if (psr->port_no != htons(OFPP_NONE)) {
4093 port = get_port(p, ofp_port_to_odp_port(ntohs(psr->port_no)));
4095 append_port_stat(port, ofconn, &msg);
4098 HMAP_FOR_EACH (port, hmap_node, &p->ports) {
4099 append_port_stat(port, ofconn, &msg);
4103 ofconn_send_reply(ofconn, msg);
4108 calc_flow_duration__(long long int start, uint32_t *sec, uint32_t *nsec)
4110 long long int msecs = time_msec() - start;
4111 *sec = msecs / 1000;
4112 *nsec = (msecs % 1000) * (1000 * 1000);
4116 calc_flow_duration(long long int start, ovs_be32 *sec_be, ovs_be32 *nsec_be)
4120 calc_flow_duration__(start, &sec, &nsec);
4121 *sec_be = htonl(sec);
4122 *nsec_be = htonl(nsec);
4126 put_ofp_flow_stats(struct ofconn *ofconn, struct rule *rule,
4127 ovs_be16 out_port, struct ofpbuf **replyp)
4129 struct ofp_flow_stats *ofs;
4130 uint64_t packet_count, byte_count;
4132 size_t act_len, len;
4134 if (rule_is_hidden(rule) || !rule_has_out_port(rule, out_port)) {
4138 act_len = sizeof *rule->actions * rule->n_actions;
4139 len = offsetof(struct ofp_flow_stats, actions) + act_len;
4141 rule_get_stats(rule, &packet_count, &byte_count);
4143 ofs = append_ofp_stats_reply(len, ofconn, replyp);
4144 ofs->length = htons(len);
4147 ofputil_cls_rule_to_match(&rule->cr, ofconn_get_flow_format(ofconn),
4148 &ofs->match, rule->flow_cookie, &cookie);
4149 put_32aligned_be64(&ofs->cookie, cookie);
4150 calc_flow_duration(rule->created, &ofs->duration_sec, &ofs->duration_nsec);
4151 ofs->priority = htons(rule->cr.priority);
4152 ofs->idle_timeout = htons(rule->idle_timeout);
4153 ofs->hard_timeout = htons(rule->hard_timeout);
4154 memset(ofs->pad2, 0, sizeof ofs->pad2);
4155 put_32aligned_be64(&ofs->packet_count, htonll(packet_count));
4156 put_32aligned_be64(&ofs->byte_count, htonll(byte_count));
4157 if (rule->n_actions > 0) {
4158 memcpy(ofs->actions, rule->actions, act_len);
4163 is_valid_table(uint8_t table_id)
4165 if (table_id == 0 || table_id == 0xff) {
4168 /* It would probably be better to reply with an error but there doesn't
4169 * seem to be any appropriate value, so that might just be
4171 VLOG_WARN_RL(&rl, "controller asked for invalid table %"PRIu8,
4178 handle_flow_stats_request(struct ofconn *ofconn, const struct ofp_header *oh)
4180 const struct ofp_flow_stats_request *fsr = ofputil_stats_body(oh);
4181 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4182 struct ofpbuf *reply;
4184 COVERAGE_INC(ofproto_flows_req);
4185 reply = start_ofp_stats_reply(oh, 1024);
4186 if (is_valid_table(fsr->table_id)) {
4187 struct cls_cursor cursor;
4188 struct cls_rule target;
4191 ofputil_cls_rule_from_match(&fsr->match, 0, NXFF_OPENFLOW10, 0,
4193 cls_cursor_init(&cursor, &ofproto->cls, &target);
4194 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4195 put_ofp_flow_stats(ofconn, rule, fsr->out_port, &reply);
4198 ofconn_send_reply(ofconn, reply);
4204 put_nx_flow_stats(struct ofconn *ofconn, struct rule *rule,
4205 ovs_be16 out_port, struct ofpbuf **replyp)
4207 struct nx_flow_stats *nfs;
4208 uint64_t packet_count, byte_count;
4209 size_t act_len, start_len;
4210 struct ofpbuf *reply;
4212 if (rule_is_hidden(rule) || !rule_has_out_port(rule, out_port)) {
4216 rule_get_stats(rule, &packet_count, &byte_count);
4218 act_len = sizeof *rule->actions * rule->n_actions;
4220 append_nxstats_reply(sizeof *nfs + NXM_MAX_LEN + act_len, ofconn, replyp);
4221 start_len = (*replyp)->size;
4224 nfs = ofpbuf_put_uninit(reply, sizeof *nfs);
4227 calc_flow_duration(rule->created, &nfs->duration_sec, &nfs->duration_nsec);
4228 nfs->cookie = rule->flow_cookie;
4229 nfs->priority = htons(rule->cr.priority);
4230 nfs->idle_timeout = htons(rule->idle_timeout);
4231 nfs->hard_timeout = htons(rule->hard_timeout);
4232 nfs->match_len = htons(nx_put_match(reply, &rule->cr));
4233 memset(nfs->pad2, 0, sizeof nfs->pad2);
4234 nfs->packet_count = htonll(packet_count);
4235 nfs->byte_count = htonll(byte_count);
4236 if (rule->n_actions > 0) {
4237 ofpbuf_put(reply, rule->actions, act_len);
4239 nfs->length = htons(reply->size - start_len);
4243 handle_nxst_flow(struct ofconn *ofconn, const struct ofp_header *oh)
4245 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4246 struct nx_flow_stats_request *nfsr;
4247 struct cls_rule target;
4248 struct ofpbuf *reply;
4252 ofpbuf_use_const(&b, oh, ntohs(oh->length));
4254 /* Dissect the message. */
4255 nfsr = ofpbuf_pull(&b, sizeof *nfsr);
4256 error = nx_pull_match(&b, ntohs(nfsr->match_len), 0, &target);
4261 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
4264 COVERAGE_INC(ofproto_flows_req);
4265 reply = start_nxstats_reply(&nfsr->nsm, 1024);
4266 if (is_valid_table(nfsr->table_id)) {
4267 struct cls_cursor cursor;
4270 cls_cursor_init(&cursor, &ofproto->cls, &target);
4271 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4272 put_nx_flow_stats(ofconn, rule, nfsr->out_port, &reply);
4275 ofconn_send_reply(ofconn, reply);
4281 flow_stats_ds(struct rule *rule, struct ds *results)
4283 uint64_t packet_count, byte_count;
4284 size_t act_len = sizeof *rule->actions * rule->n_actions;
4286 rule_get_stats(rule, &packet_count, &byte_count);
4288 ds_put_format(results, "duration=%llds, ",
4289 (time_msec() - rule->created) / 1000);
4290 ds_put_format(results, "idle=%.3fs, ", (time_msec() - rule->used) / 1000.0);
4291 ds_put_format(results, "priority=%u, ", rule->cr.priority);
4292 ds_put_format(results, "n_packets=%"PRIu64", ", packet_count);
4293 ds_put_format(results, "n_bytes=%"PRIu64", ", byte_count);
4294 cls_rule_format(&rule->cr, results);
4295 ds_put_char(results, ',');
4297 ofp_print_actions(results, &rule->actions->header, act_len);
4299 ds_put_cstr(results, "drop");
4301 ds_put_cstr(results, "\n");
4304 /* Adds a pretty-printed description of all flows to 'results', including
4305 * hidden flows (e.g., set up by in-band control). */
4307 ofproto_get_all_flows(struct ofproto *p, struct ds *results)
4309 struct cls_cursor cursor;
4312 cls_cursor_init(&cursor, &p->cls, NULL);
4313 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4314 flow_stats_ds(rule, results);
4318 /* Obtains the NetFlow engine type and engine ID for 'ofproto' into
4319 * '*engine_type' and '*engine_id', respectively. */
4321 ofproto_get_netflow_ids(const struct ofproto *ofproto,
4322 uint8_t *engine_type, uint8_t *engine_id)
4324 dpif_get_netflow_ids(ofproto->dpif, engine_type, engine_id);
4328 query_aggregate_stats(struct ofproto *ofproto, struct cls_rule *target,
4329 ovs_be16 out_port, uint8_t table_id,
4330 struct ofp_aggregate_stats_reply *oasr)
4332 uint64_t total_packets = 0;
4333 uint64_t total_bytes = 0;
4336 COVERAGE_INC(ofproto_agg_request);
4338 if (is_valid_table(table_id)) {
4339 struct cls_cursor cursor;
4342 cls_cursor_init(&cursor, &ofproto->cls, target);
4343 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4344 if (!rule_is_hidden(rule) && rule_has_out_port(rule, out_port)) {
4345 uint64_t packet_count;
4346 uint64_t byte_count;
4348 rule_get_stats(rule, &packet_count, &byte_count);
4350 total_packets += packet_count;
4351 total_bytes += byte_count;
4357 oasr->flow_count = htonl(n_flows);
4358 put_32aligned_be64(&oasr->packet_count, htonll(total_packets));
4359 put_32aligned_be64(&oasr->byte_count, htonll(total_bytes));
4360 memset(oasr->pad, 0, sizeof oasr->pad);
4364 handle_aggregate_stats_request(struct ofconn *ofconn,
4365 const struct ofp_header *oh)
4367 const struct ofp_aggregate_stats_request *request = ofputil_stats_body(oh);
4368 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4369 struct ofp_aggregate_stats_reply *reply;
4370 struct cls_rule target;
4373 ofputil_cls_rule_from_match(&request->match, 0, NXFF_OPENFLOW10, 0,
4376 msg = start_ofp_stats_reply(oh, sizeof *reply);
4377 reply = append_ofp_stats_reply(sizeof *reply, ofconn, &msg);
4378 query_aggregate_stats(ofproto, &target, request->out_port,
4379 request->table_id, reply);
4380 ofconn_send_reply(ofconn, msg);
4385 handle_nxst_aggregate(struct ofconn *ofconn, const struct ofp_header *oh)
4387 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4388 struct nx_aggregate_stats_request *request;
4389 struct ofp_aggregate_stats_reply *reply;
4390 struct cls_rule target;
4395 ofpbuf_use_const(&b, oh, ntohs(oh->length));
4397 /* Dissect the message. */
4398 request = ofpbuf_pull(&b, sizeof *request);
4399 error = nx_pull_match(&b, ntohs(request->match_len), 0, &target);
4404 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
4408 COVERAGE_INC(ofproto_flows_req);
4409 buf = start_nxstats_reply(&request->nsm, sizeof *reply);
4410 reply = ofpbuf_put_uninit(buf, sizeof *reply);
4411 query_aggregate_stats(ofproto, &target, request->out_port,
4412 request->table_id, reply);
4413 ofconn_send_reply(ofconn, buf);
4418 struct queue_stats_cbdata {
4419 struct ofconn *ofconn;
4420 struct ofport *ofport;
4425 put_queue_stats(struct queue_stats_cbdata *cbdata, uint32_t queue_id,
4426 const struct netdev_queue_stats *stats)
4428 struct ofp_queue_stats *reply;
4430 reply = append_ofp_stats_reply(sizeof *reply, cbdata->ofconn, &cbdata->msg);
4431 reply->port_no = cbdata->ofport->opp.port_no;
4432 memset(reply->pad, 0, sizeof reply->pad);
4433 reply->queue_id = htonl(queue_id);
4434 put_32aligned_be64(&reply->tx_bytes, htonll(stats->tx_bytes));
4435 put_32aligned_be64(&reply->tx_packets, htonll(stats->tx_packets));
4436 put_32aligned_be64(&reply->tx_errors, htonll(stats->tx_errors));
4440 handle_queue_stats_dump_cb(uint32_t queue_id,
4441 struct netdev_queue_stats *stats,
4444 struct queue_stats_cbdata *cbdata = cbdata_;
4446 put_queue_stats(cbdata, queue_id, stats);
4450 handle_queue_stats_for_port(struct ofport *port, uint32_t queue_id,
4451 struct queue_stats_cbdata *cbdata)
4453 cbdata->ofport = port;
4454 if (queue_id == OFPQ_ALL) {
4455 netdev_dump_queue_stats(port->netdev,
4456 handle_queue_stats_dump_cb, cbdata);
4458 struct netdev_queue_stats stats;
4460 if (!netdev_get_queue_stats(port->netdev, queue_id, &stats)) {
4461 put_queue_stats(cbdata, queue_id, &stats);
4467 handle_queue_stats_request(struct ofconn *ofconn, const struct ofp_header *oh)
4469 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4470 const struct ofp_queue_stats_request *qsr;
4471 struct queue_stats_cbdata cbdata;
4472 struct ofport *port;
4473 unsigned int port_no;
4476 qsr = ofputil_stats_body(oh);
4478 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
4481 COVERAGE_INC(ofproto_queue_req);
4483 cbdata.ofconn = ofconn;
4484 cbdata.msg = start_ofp_stats_reply(oh, 128);
4486 port_no = ntohs(qsr->port_no);
4487 queue_id = ntohl(qsr->queue_id);
4488 if (port_no == OFPP_ALL) {
4489 HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) {
4490 handle_queue_stats_for_port(port, queue_id, &cbdata);
4492 } else if (port_no < ofproto->max_ports) {
4493 port = get_port(ofproto, ofp_port_to_odp_port(port_no));
4495 handle_queue_stats_for_port(port, queue_id, &cbdata);
4498 ofpbuf_delete(cbdata.msg);
4499 return ofp_mkerr(OFPET_QUEUE_OP_FAILED, OFPQOFC_BAD_PORT);
4501 ofconn_send_reply(ofconn, cbdata.msg);
4506 /* Updates 'facet''s used time. Caller is responsible for calling
4507 * facet_push_stats() to update the flows which 'facet' resubmits into. */
4509 facet_update_time(struct ofproto *ofproto, struct facet *facet,
4512 if (used > facet->used) {
4514 if (used > facet->rule->used) {
4515 facet->rule->used = used;
4517 netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, used);
4521 /* Folds the statistics from 'stats' into the counters in 'facet'.
4523 * Because of the meaning of a facet's counters, it only makes sense to do this
4524 * if 'stats' are not tracked in the datapath, that is, if 'stats' represents a
4525 * packet that was sent by hand or if it represents statistics that have been
4526 * cleared out of the datapath. */
4528 facet_update_stats(struct ofproto *ofproto, struct facet *facet,
4529 const struct dpif_flow_stats *stats)
4531 if (stats->n_packets || stats->used > facet->used) {
4532 facet_update_time(ofproto, facet, stats->used);
4533 facet->packet_count += stats->n_packets;
4534 facet->byte_count += stats->n_bytes;
4535 facet_push_stats(ofproto, facet);
4536 netflow_flow_update_flags(&facet->nf_flow, stats->tcp_flags);
4541 facet_push_stats(struct ofproto *ofproto, struct facet *facet)
4543 uint64_t rs_packets, rs_bytes;
4545 assert(facet->packet_count >= facet->rs_packet_count);
4546 assert(facet->byte_count >= facet->rs_byte_count);
4547 assert(facet->used >= facet->rs_used);
4549 rs_packets = facet->packet_count - facet->rs_packet_count;
4550 rs_bytes = facet->byte_count - facet->rs_byte_count;
4552 if (rs_packets || rs_bytes || facet->used > facet->rs_used) {
4553 facet->rs_packet_count = facet->packet_count;
4554 facet->rs_byte_count = facet->byte_count;
4555 facet->rs_used = facet->used;
4557 flow_push_stats(ofproto, facet->rule, &facet->flow,
4558 rs_packets, rs_bytes, facet->used);
4562 struct ofproto_push {
4563 struct action_xlate_ctx ctx;
4570 push_resubmit(struct action_xlate_ctx *ctx, struct rule *rule)
4572 struct ofproto_push *push = CONTAINER_OF(ctx, struct ofproto_push, ctx);
4575 rule->packet_count += push->packets;
4576 rule->byte_count += push->bytes;
4577 rule->used = MAX(push->used, rule->used);
4581 /* Pushes flow statistics to the rules which 'flow' resubmits into given
4582 * 'rule''s actions. */
4584 flow_push_stats(struct ofproto *ofproto, const struct rule *rule,
4585 struct flow *flow, uint64_t packets, uint64_t bytes,
4588 struct ofproto_push push;
4590 push.packets = packets;
4594 action_xlate_ctx_init(&push.ctx, ofproto, flow, NULL);
4595 push.ctx.resubmit_hook = push_resubmit;
4596 ofpbuf_delete(xlate_actions(&push.ctx, rule->actions, rule->n_actions));
4599 /* Implements OFPFC_ADD and the cases for OFPFC_MODIFY and OFPFC_MODIFY_STRICT
4600 * in which no matching flow already exists in the flow table.
4602 * Adds the flow specified by 'ofm', which is followed by 'n_actions'
4603 * ofp_actions, to the ofproto's flow table. Returns 0 on success or an
4604 * OpenFlow error code as encoded by ofp_mkerr() on failure.
4606 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
4609 add_flow(struct ofconn *ofconn, struct flow_mod *fm)
4611 struct ofproto *p = ofconn_get_ofproto(ofconn);
4612 struct ofpbuf *packet;
4617 if (fm->flags & OFPFF_CHECK_OVERLAP
4618 && classifier_rule_overlaps(&p->cls, &fm->cr)) {
4619 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_OVERLAP);
4623 if (fm->buffer_id != UINT32_MAX) {
4624 error = ofconn_pktbuf_retrieve(ofconn, fm->buffer_id,
4628 in_port = UINT16_MAX;
4631 rule = rule_create(&fm->cr, fm->actions, fm->n_actions,
4632 fm->idle_timeout, fm->hard_timeout, fm->cookie,
4633 fm->flags & OFPFF_SEND_FLOW_REM);
4634 rule_insert(p, rule);
4636 rule_execute(p, rule, in_port, packet);
4641 static struct rule *
4642 find_flow_strict(struct ofproto *p, const struct flow_mod *fm)
4644 return rule_from_cls_rule(classifier_find_rule_exactly(&p->cls, &fm->cr));
4648 send_buffered_packet(struct ofconn *ofconn,
4649 struct rule *rule, uint32_t buffer_id)
4651 struct ofproto *ofproto = ofconn_get_ofproto(ofconn);
4652 struct ofpbuf *packet;
4656 if (buffer_id == UINT32_MAX) {
4660 error = ofconn_pktbuf_retrieve(ofconn, buffer_id, &packet, &in_port);
4665 rule_execute(ofproto, rule, in_port, packet);
4670 /* OFPFC_MODIFY and OFPFC_MODIFY_STRICT. */
4672 struct modify_flows_cbdata {
4673 struct ofproto *ofproto;
4674 const struct flow_mod *fm;
4678 static int modify_flow(struct ofproto *, const struct flow_mod *,
4681 /* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code as
4682 * encoded by ofp_mkerr() on failure.
4684 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
4687 modify_flows_loose(struct ofconn *ofconn, struct flow_mod *fm)
4689 struct ofproto *p = ofconn_get_ofproto(ofconn);
4690 struct rule *match = NULL;
4691 struct cls_cursor cursor;
4694 cls_cursor_init(&cursor, &p->cls, &fm->cr);
4695 CLS_CURSOR_FOR_EACH (rule, cr, &cursor) {
4696 if (!rule_is_hidden(rule)) {
4698 modify_flow(p, fm, rule);
4703 /* This credits the packet to whichever flow happened to match last.
4704 * That's weird. Maybe we should do a lookup for the flow that
4705 * actually matches the packet? Who knows. */
4706 send_buffered_packet(ofconn, match, fm->buffer_id);
4709 return add_flow(ofconn, fm);
4713 /* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error
4714 * code as encoded by ofp_mkerr() on failure.
4716 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
4719 modify_flow_strict(struct ofconn *ofconn, struct flow_mod *fm)
4721 struct ofproto *p = ofconn_get_ofproto(ofconn);
4722 struct rule *rule = find_flow_strict(p, fm);
4723 if (rule && !rule_is_hidden(rule)) {
4724 modify_flow(p, fm, rule);
4725 return send_buffered_packet(ofconn, rule, fm->buffer_id);
4727 return add_flow(ofconn, fm);
4731 /* Implements core of OFPFC_MODIFY and OFPFC_MODIFY_STRICT where 'rule' has
4732 * been identified as a flow in 'p''s flow table to be modified, by changing
4733 * the rule's actions to match those in 'ofm' (which is followed by 'n_actions'
4734 * ofp_action[] structures). */
4736 modify_flow(struct ofproto *p, const struct flow_mod *fm, struct rule *rule)
4738 size_t actions_len = fm->n_actions * sizeof *rule->actions;
4740 rule->flow_cookie = fm->cookie;
4742 /* If the actions are the same, do nothing. */
4743 if (fm->n_actions == rule->n_actions
4745 || !memcmp(fm->actions, rule->actions, actions_len))) {
4749 /* Replace actions. */
4750 free(rule->actions);
4751 rule->actions = fm->n_actions ? xmemdup(fm->actions, actions_len) : NULL;
4752 rule->n_actions = fm->n_actions;
4754 p->need_revalidate = true;
4759 /* OFPFC_DELETE implementation. */
4761 static void delete_flow(struct ofproto *, struct rule *, ovs_be16 out_port);
4763 /* Implements OFPFC_DELETE. */
4765 delete_flows_loose(struct ofproto *p, const struct flow_mod *fm)
4767 struct rule *rule, *next_rule;
4768 struct cls_cursor cursor;
4770 cls_cursor_init(&cursor, &p->cls, &fm->cr);
4771 CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) {
4772 delete_flow(p, rule, htons(fm->out_port));
4776 /* Implements OFPFC_DELETE_STRICT. */
4778 delete_flow_strict(struct ofproto *p, struct flow_mod *fm)
4780 struct rule *rule = find_flow_strict(p, fm);
4782 delete_flow(p, rule, htons(fm->out_port));
4786 /* Implements core of OFPFC_DELETE and OFPFC_DELETE_STRICT where 'rule' has
4787 * been identified as a flow to delete from 'p''s flow table, by deleting the
4788 * flow and sending out a OFPT_FLOW_REMOVED message to any interested
4791 * Will not delete 'rule' if it is hidden. Will delete 'rule' only if
4792 * 'out_port' is htons(OFPP_NONE) or if 'rule' actually outputs to the
4793 * specified 'out_port'. */
4795 delete_flow(struct ofproto *p, struct rule *rule, ovs_be16 out_port)
4797 if (rule_is_hidden(rule)) {
4801 if (out_port != htons(OFPP_NONE) && !rule_has_out_port(rule, out_port)) {
4805 rule_send_removed(p, rule, OFPRR_DELETE);
4806 rule_remove(p, rule);
4810 handle_flow_mod(struct ofconn *ofconn, const struct ofp_header *oh)
4812 struct ofproto *p = ofconn_get_ofproto(ofconn);
4816 error = reject_slave_controller(ofconn, "flow_mod");
4821 error = ofputil_decode_flow_mod(&fm, oh, ofconn_get_flow_format(ofconn));
4826 /* We do not support the emergency flow cache. It will hopefully get
4827 * dropped from OpenFlow in the near future. */
4828 if (fm.flags & OFPFF_EMERG) {
4829 /* There isn't a good fit for an error code, so just state that the
4830 * flow table is full. */
4831 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_ALL_TABLES_FULL);
4834 error = validate_actions(fm.actions, fm.n_actions,
4835 &fm.cr.flow, p->max_ports);
4840 switch (fm.command) {
4842 return add_flow(ofconn, &fm);
4845 return modify_flows_loose(ofconn, &fm);
4847 case OFPFC_MODIFY_STRICT:
4848 return modify_flow_strict(ofconn, &fm);
4851 delete_flows_loose(p, &fm);
4854 case OFPFC_DELETE_STRICT:
4855 delete_flow_strict(p, &fm);
4859 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_BAD_COMMAND);
4864 handle_tun_id_from_cookie(struct ofconn *ofconn, const struct ofp_header *oh)
4866 const struct nxt_tun_id_cookie *msg
4867 = (const struct nxt_tun_id_cookie *) oh;
4868 enum nx_flow_format flow_format;
4870 flow_format = msg->set ? NXFF_TUN_ID_FROM_COOKIE : NXFF_OPENFLOW10;
4871 ofconn_set_flow_format(ofconn, flow_format);
4877 handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh)
4879 struct nx_role_request *nrr = (struct nx_role_request *) oh;
4880 struct nx_role_request *reply;
4884 if (ofconn_get_type(ofconn) != OFCONN_PRIMARY) {
4885 VLOG_WARN_RL(&rl, "ignoring role request on service connection");
4886 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
4889 role = ntohl(nrr->role);
4890 if (role != NX_ROLE_OTHER && role != NX_ROLE_MASTER
4891 && role != NX_ROLE_SLAVE) {
4892 VLOG_WARN_RL(&rl, "received request for unknown role %"PRIu32, role);
4894 /* There's no good error code for this. */
4895 return ofp_mkerr(OFPET_BAD_REQUEST, -1);
4898 ofconn_set_role(ofconn, role);
4900 reply = make_nxmsg_xid(sizeof *reply, NXT_ROLE_REPLY, oh->xid, &buf);
4901 reply->role = htonl(role);
4902 ofconn_send_reply(ofconn, buf);
4908 handle_nxt_set_flow_format(struct ofconn *ofconn, const struct ofp_header *oh)
4910 const struct nxt_set_flow_format *msg
4911 = (const struct nxt_set_flow_format *) oh;
4914 format = ntohl(msg->format);
4915 if (format == NXFF_OPENFLOW10
4916 || format == NXFF_TUN_ID_FROM_COOKIE
4917 || format == NXFF_NXM) {
4918 ofconn_set_flow_format(ofconn, format);
4921 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
4926 handle_barrier_request(struct ofconn *ofconn, const struct ofp_header *oh)
4928 struct ofp_header *ob;
4931 /* Currently, everything executes synchronously, so we can just
4932 * immediately send the barrier reply. */
4933 ob = make_openflow_xid(sizeof *ob, OFPT_BARRIER_REPLY, oh->xid, &buf);
4934 ofconn_send_reply(ofconn, buf);
4939 handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg)
4941 const struct ofp_header *oh = msg->data;
4942 const struct ofputil_msg_type *type;
4945 error = ofputil_decode_msg_type(oh, &type);
4950 switch (ofputil_msg_type_code(type)) {
4951 /* OpenFlow requests. */
4952 case OFPUTIL_OFPT_ECHO_REQUEST:
4953 return handle_echo_request(ofconn, oh);
4955 case OFPUTIL_OFPT_FEATURES_REQUEST:
4956 return handle_features_request(ofconn, oh);
4958 case OFPUTIL_OFPT_GET_CONFIG_REQUEST:
4959 return handle_get_config_request(ofconn, oh);
4961 case OFPUTIL_OFPT_SET_CONFIG:
4962 return handle_set_config(ofconn, msg->data);
4964 case OFPUTIL_OFPT_PACKET_OUT:
4965 return handle_packet_out(ofconn, oh);
4967 case OFPUTIL_OFPT_PORT_MOD:
4968 return handle_port_mod(ofconn, oh);
4970 case OFPUTIL_OFPT_FLOW_MOD:
4971 return handle_flow_mod(ofconn, oh);
4973 case OFPUTIL_OFPT_BARRIER_REQUEST:
4974 return handle_barrier_request(ofconn, oh);
4976 /* OpenFlow replies. */
4977 case OFPUTIL_OFPT_ECHO_REPLY:
4980 /* Nicira extension requests. */
4981 case OFPUTIL_NXT_TUN_ID_FROM_COOKIE:
4982 return handle_tun_id_from_cookie(ofconn, oh);
4984 case OFPUTIL_NXT_ROLE_REQUEST:
4985 return handle_role_request(ofconn, oh);
4987 case OFPUTIL_NXT_SET_FLOW_FORMAT:
4988 return handle_nxt_set_flow_format(ofconn, oh);
4990 case OFPUTIL_NXT_FLOW_MOD:
4991 return handle_flow_mod(ofconn, oh);
4993 /* OpenFlow statistics requests. */
4994 case OFPUTIL_OFPST_DESC_REQUEST:
4995 return handle_desc_stats_request(ofconn, oh);
4997 case OFPUTIL_OFPST_FLOW_REQUEST:
4998 return handle_flow_stats_request(ofconn, oh);
5000 case OFPUTIL_OFPST_AGGREGATE_REQUEST:
5001 return handle_aggregate_stats_request(ofconn, oh);
5003 case OFPUTIL_OFPST_TABLE_REQUEST:
5004 return handle_table_stats_request(ofconn, oh);
5006 case OFPUTIL_OFPST_PORT_REQUEST:
5007 return handle_port_stats_request(ofconn, oh);
5009 case OFPUTIL_OFPST_QUEUE_REQUEST:
5010 return handle_queue_stats_request(ofconn, oh);
5012 /* Nicira extension statistics requests. */
5013 case OFPUTIL_NXST_FLOW_REQUEST:
5014 return handle_nxst_flow(ofconn, oh);
5016 case OFPUTIL_NXST_AGGREGATE_REQUEST:
5017 return handle_nxst_aggregate(ofconn, oh);
5019 case OFPUTIL_INVALID:
5020 case OFPUTIL_OFPT_HELLO:
5021 case OFPUTIL_OFPT_ERROR:
5022 case OFPUTIL_OFPT_FEATURES_REPLY:
5023 case OFPUTIL_OFPT_GET_CONFIG_REPLY:
5024 case OFPUTIL_OFPT_PACKET_IN:
5025 case OFPUTIL_OFPT_FLOW_REMOVED:
5026 case OFPUTIL_OFPT_PORT_STATUS:
5027 case OFPUTIL_OFPT_BARRIER_REPLY:
5028 case OFPUTIL_OFPT_QUEUE_GET_CONFIG_REQUEST:
5029 case OFPUTIL_OFPT_QUEUE_GET_CONFIG_REPLY:
5030 case OFPUTIL_OFPST_DESC_REPLY:
5031 case OFPUTIL_OFPST_FLOW_REPLY:
5032 case OFPUTIL_OFPST_QUEUE_REPLY:
5033 case OFPUTIL_OFPST_PORT_REPLY:
5034 case OFPUTIL_OFPST_TABLE_REPLY:
5035 case OFPUTIL_OFPST_AGGREGATE_REPLY:
5036 case OFPUTIL_NXT_ROLE_REPLY:
5037 case OFPUTIL_NXT_FLOW_REMOVED:
5038 case OFPUTIL_NXST_FLOW_REPLY:
5039 case OFPUTIL_NXST_AGGREGATE_REPLY:
5041 if (VLOG_IS_WARN_ENABLED()) {
5042 char *s = ofp_to_string(oh, ntohs(oh->length), 2);
5043 VLOG_DBG_RL(&rl, "OpenFlow message ignored: %s", s);
5046 if (oh->type == OFPT_STATS_REQUEST || oh->type == OFPT_STATS_REPLY) {
5047 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_STAT);
5049 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_TYPE);
5055 handle_openflow(struct ofconn *ofconn, struct ofpbuf *ofp_msg)
5057 int error = handle_openflow__(ofconn, ofp_msg);
5059 send_error_oh(ofconn, ofp_msg->data, error);
5061 COVERAGE_INC(ofproto_recv_openflow);
5065 handle_miss_upcall(struct ofproto *p, struct dpif_upcall *upcall)
5067 struct facet *facet;
5070 /* Obtain in_port and tun_id, at least. */
5071 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
5073 /* Set header pointers in 'flow'. */
5074 flow_extract(upcall->packet, flow.tun_id, flow.in_port, &flow);
5076 /* Handle 802.1ag and LACP. */
5077 if (ofproto_process_special(p, &flow, upcall->packet)) {
5078 ofpbuf_delete(upcall->packet);
5082 /* Check with in-band control to see if this packet should be sent
5083 * to the local port regardless of the flow table. */
5084 if (connmgr_msg_in_hook(p->connmgr, &flow, upcall->packet)) {
5085 ofproto_send_packet(p, ODPP_LOCAL, 0, upcall->packet);
5088 facet = facet_lookup_valid(p, &flow);
5090 struct rule *rule = rule_lookup(p, &flow);
5092 /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */
5093 struct ofport *port = get_port(p, flow.in_port);
5095 if (port->opp.config & htonl(OFPPC_NO_PACKET_IN)) {
5096 COVERAGE_INC(ofproto_no_packet_in);
5097 /* XXX install 'drop' flow entry */
5098 ofpbuf_delete(upcall->packet);
5102 VLOG_WARN_RL(&rl, "packet-in on unknown port %"PRIu16,
5106 COVERAGE_INC(ofproto_packet_in);
5107 send_packet_in(p, upcall, &flow, false);
5111 facet = facet_create(p, rule, &flow, upcall->packet);
5112 } else if (!facet->may_install) {
5113 /* The facet is not installable, that is, we need to process every
5114 * packet, so process the current packet's actions into 'facet'. */
5115 facet_make_actions(p, facet, upcall->packet);
5118 if (facet->rule->cr.priority == FAIL_OPEN_PRIORITY) {
5120 * Extra-special case for fail-open mode.
5122 * We are in fail-open mode and the packet matched the fail-open rule,
5123 * but we are connected to a controller too. We should send the packet
5124 * up to the controller in the hope that it will try to set up a flow
5125 * and thereby allow us to exit fail-open.
5127 * See the top-level comment in fail-open.c for more information.
5129 send_packet_in(p, upcall, &flow, true);
5132 facet_execute(p, facet, upcall->packet);
5133 facet_install(p, facet, false);
5137 handle_upcall(struct ofproto *p, struct dpif_upcall *upcall)
5141 switch (upcall->type) {
5142 case DPIF_UC_ACTION:
5143 COVERAGE_INC(ofproto_ctlr_action);
5144 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
5145 send_packet_in(p, upcall, &flow, false);
5148 case DPIF_UC_SAMPLE:
5150 odp_flow_key_to_flow(upcall->key, upcall->key_len, &flow);
5151 ofproto_sflow_received(p->sflow, upcall, &flow);
5153 ofpbuf_delete(upcall->packet);
5157 handle_miss_upcall(p, upcall);
5160 case DPIF_N_UC_TYPES:
5162 VLOG_WARN_RL(&rl, "upcall has unexpected type %"PRIu32, upcall->type);
5167 /* Flow expiration. */
5169 static int ofproto_dp_max_idle(const struct ofproto *);
5170 static void ofproto_update_stats(struct ofproto *);
5171 static void rule_expire(struct ofproto *, struct rule *);
5172 static void ofproto_expire_facets(struct ofproto *, int dp_max_idle);
5174 /* This function is called periodically by ofproto_run(). Its job is to
5175 * collect updates for the flows that have been installed into the datapath,
5176 * most importantly when they last were used, and then use that information to
5177 * expire flows that have not been used recently.
5179 * Returns the number of milliseconds after which it should be called again. */
5181 ofproto_expire(struct ofproto *ofproto)
5183 struct rule *rule, *next_rule;
5184 struct cls_cursor cursor;
5187 /* Update stats for each flow in the datapath. */
5188 ofproto_update_stats(ofproto);
5190 /* Expire facets that have been idle too long. */
5191 dp_max_idle = ofproto_dp_max_idle(ofproto);
5192 ofproto_expire_facets(ofproto, dp_max_idle);
5194 /* Expire OpenFlow flows whose idle_timeout or hard_timeout has passed. */
5195 cls_cursor_init(&cursor, &ofproto->cls, NULL);
5196 CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) {
5197 rule_expire(ofproto, rule);
5200 /* All outstanding data in existing flows has been accounted, so it's a
5201 * good time to do bond rebalancing. */
5202 if (ofproto->has_bonded_bundles) {
5203 struct ofbundle *bundle;
5205 HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
5207 bond_rebalance(bundle->bond, &ofproto->revalidate_set);
5212 return MIN(dp_max_idle, 1000);
5215 /* Update 'packet_count', 'byte_count', and 'used' members of installed facets.
5217 * This function also pushes statistics updates to rules which each facet
5218 * resubmits into. Generally these statistics will be accurate. However, if a
5219 * facet changes the rule it resubmits into at some time in between
5220 * ofproto_update_stats() runs, it is possible that statistics accrued to the
5221 * old rule will be incorrectly attributed to the new rule. This could be
5222 * avoided by calling ofproto_update_stats() whenever rules are created or
5223 * deleted. However, the performance impact of making so many calls to the
5224 * datapath do not justify the benefit of having perfectly accurate statistics.
5227 ofproto_update_stats(struct ofproto *p)
5229 const struct dpif_flow_stats *stats;
5230 struct dpif_flow_dump dump;
5231 const struct nlattr *key;
5234 dpif_flow_dump_start(&dump, p->dpif);
5235 while (dpif_flow_dump_next(&dump, &key, &key_len, NULL, NULL, &stats)) {
5236 struct facet *facet;
5239 if (odp_flow_key_to_flow(key, key_len, &flow)) {
5243 odp_flow_key_format(key, key_len, &s);
5244 VLOG_WARN_RL(&rl, "failed to convert ODP flow key to flow: %s",
5250 facet = facet_find(p, &flow);
5252 if (facet && facet->installed) {
5254 if (stats->n_packets >= facet->dp_packet_count) {
5255 facet->packet_count += stats->n_packets - facet->dp_packet_count;
5257 VLOG_WARN_RL(&rl, "unexpected packet count from the datapath");
5260 if (stats->n_bytes >= facet->dp_byte_count) {
5261 facet->byte_count += stats->n_bytes - facet->dp_byte_count;
5263 VLOG_WARN_RL(&rl, "unexpected byte count from datapath");
5266 facet->dp_packet_count = stats->n_packets;
5267 facet->dp_byte_count = stats->n_bytes;
5269 facet_update_time(p, facet, stats->used);
5270 facet_account(p, facet, stats->n_bytes);
5271 facet_push_stats(p, facet);
5273 /* There's a flow in the datapath that we know nothing about.
5275 COVERAGE_INC(ofproto_unexpected_rule);
5276 dpif_flow_del(p->dpif, key, key_len, NULL);
5279 dpif_flow_dump_done(&dump);
5282 /* Calculates and returns the number of milliseconds of idle time after which
5283 * facets should expire from the datapath and we should fold their statistics
5284 * into their parent rules in userspace. */
5286 ofproto_dp_max_idle(const struct ofproto *ofproto)
5289 * Idle time histogram.
5291 * Most of the time a switch has a relatively small number of facets. When
5292 * this is the case we might as well keep statistics for all of them in
5293 * userspace and to cache them in the kernel datapath for performance as
5296 * As the number of facets increases, the memory required to maintain
5297 * statistics about them in userspace and in the kernel becomes
5298 * significant. However, with a large number of facets it is likely that
5299 * only a few of them are "heavy hitters" that consume a large amount of
5300 * bandwidth. At this point, only heavy hitters are worth caching in the
5301 * kernel and maintaining in userspaces; other facets we can discard.
5303 * The technique used to compute the idle time is to build a histogram with
5304 * N_BUCKETS buckets whose width is BUCKET_WIDTH msecs each. Each facet
5305 * that is installed in the kernel gets dropped in the appropriate bucket.
5306 * After the histogram has been built, we compute the cutoff so that only
5307 * the most-recently-used 1% of facets (but at least 1000 flows) are kept
5308 * cached. At least the most-recently-used bucket of facets is kept, so
5309 * actually an arbitrary number of facets can be kept in any given
5310 * expiration run (though the next run will delete most of those unless
5311 * they receive additional data).
5313 * This requires a second pass through the facets, in addition to the pass
5314 * made by ofproto_update_stats(), because the former function never looks
5315 * at uninstallable facets.
5317 enum { BUCKET_WIDTH = ROUND_UP(100, TIME_UPDATE_INTERVAL) };
5318 enum { N_BUCKETS = 5000 / BUCKET_WIDTH };
5319 int buckets[N_BUCKETS] = { 0 };
5320 struct facet *facet;
5325 total = hmap_count(&ofproto->facets);
5326 if (total <= 1000) {
5327 return N_BUCKETS * BUCKET_WIDTH;
5330 /* Build histogram. */
5332 HMAP_FOR_EACH (facet, hmap_node, &ofproto->facets) {
5333 long long int idle = now - facet->used;
5334 int bucket = (idle <= 0 ? 0
5335 : idle >= BUCKET_WIDTH * N_BUCKETS ? N_BUCKETS - 1
5336 : (unsigned int) idle / BUCKET_WIDTH);
5340 /* Find the first bucket whose flows should be expired. */
5341 for (bucket = 0; bucket < N_BUCKETS; bucket++) {
5342 if (buckets[bucket]) {
5345 subtotal += buckets[bucket++];
5346 } while (bucket < N_BUCKETS && subtotal < MAX(1000, total / 100));
5351 if (VLOG_IS_DBG_ENABLED()) {
5355 ds_put_cstr(&s, "keep");
5356 for (i = 0; i < N_BUCKETS; i++) {
5358 ds_put_cstr(&s, ", drop");
5361 ds_put_format(&s, " %d:%d", i * BUCKET_WIDTH, buckets[i]);
5364 VLOG_INFO("%s: %s (msec:count)", ofproto->name, ds_cstr(&s));
5368 return bucket * BUCKET_WIDTH;
5372 facet_active_timeout(struct ofproto *ofproto, struct facet *facet)
5374 if (ofproto->netflow && !facet_is_controller_flow(facet) &&
5375 netflow_active_timeout_expired(ofproto->netflow, &facet->nf_flow)) {
5376 struct ofexpired expired;
5378 if (facet->installed) {
5379 struct dpif_flow_stats stats;
5381 facet_put__(ofproto, facet, facet->actions, facet->actions_len,
5383 facet_update_stats(ofproto, facet, &stats);
5386 expired.flow = facet->flow;
5387 expired.packet_count = facet->packet_count;
5388 expired.byte_count = facet->byte_count;
5389 expired.used = facet->used;
5390 netflow_expire(ofproto->netflow, &facet->nf_flow, &expired);
5395 ofproto_expire_facets(struct ofproto *ofproto, int dp_max_idle)
5397 long long int cutoff = time_msec() - dp_max_idle;
5398 struct facet *facet, *next_facet;
5400 HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) {
5401 facet_active_timeout(ofproto, facet);
5402 if (facet->used < cutoff) {
5403 facet_remove(ofproto, facet);
5408 /* If 'rule' is an OpenFlow rule, that has expired according to OpenFlow rules,
5409 * then delete it entirely. */
5411 rule_expire(struct ofproto *ofproto, struct rule *rule)
5413 struct facet *facet, *next_facet;
5417 /* Has 'rule' expired? */
5419 if (rule->hard_timeout
5420 && now > rule->created + rule->hard_timeout * 1000) {
5421 reason = OFPRR_HARD_TIMEOUT;
5422 } else if (rule->idle_timeout && list_is_empty(&rule->facets)
5423 && now >rule->used + rule->idle_timeout * 1000) {
5424 reason = OFPRR_IDLE_TIMEOUT;
5429 COVERAGE_INC(ofproto_expired);
5431 /* Update stats. (This is a no-op if the rule expired due to an idle
5432 * timeout, because that only happens when the rule has no facets left.) */
5433 LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) {
5434 facet_remove(ofproto, facet);
5437 /* Get rid of the rule. */
5438 if (!rule_is_hidden(rule)) {
5439 rule_send_removed(ofproto, rule, reason);
5441 rule_remove(ofproto, rule);
5445 rule_send_removed(struct ofproto *p, struct rule *rule, uint8_t reason)
5447 struct ofputil_flow_removed fr;
5449 if (!rule->send_flow_removed) {
5454 fr.cookie = rule->flow_cookie;
5456 calc_flow_duration__(rule->created, &fr.duration_sec, &fr.duration_nsec);
5457 fr.idle_timeout = rule->idle_timeout;
5458 fr.packet_count = rule->packet_count;
5459 fr.byte_count = rule->byte_count;
5461 connmgr_send_flow_removed(p->connmgr, &fr);
5464 /* Obtains statistics for 'rule' and stores them in '*packets' and '*bytes'.
5465 * The returned statistics include statistics for all of 'rule''s facets. */
5467 rule_get_stats(const struct rule *rule, uint64_t *packets, uint64_t *bytes)
5470 struct facet *facet;
5472 /* Start from historical data for 'rule' itself that are no longer tracked
5473 * in facets. This counts, for example, facets that have expired. */
5474 p = rule->packet_count;
5475 b = rule->byte_count;
5477 /* Add any statistics that are tracked by facets. This includes
5478 * statistical data recently updated by ofproto_update_stats() as well as
5479 * stats for packets that were executed "by hand" via dpif_execute(). */
5480 LIST_FOR_EACH (facet, list_node, &rule->facets) {
5481 p += facet->packet_count;
5482 b += facet->byte_count;
5489 /* Given 'upcall', of type DPIF_UC_ACTION or DPIF_UC_MISS, sends an
5490 * OFPT_PACKET_IN message to each OpenFlow controller as necessary according to
5491 * their individual configurations.
5493 * If 'clone' is true, the caller retains ownership of 'upcall->packet'.
5494 * Otherwise, ownership is transferred to this function. */
5496 send_packet_in(struct ofproto *ofproto, struct dpif_upcall *upcall,
5497 const struct flow *flow, bool clone)
5499 struct ofputil_packet_in pin;
5501 pin.packet = upcall->packet;
5502 pin.in_port = odp_port_to_ofp_port(flow->in_port);
5503 pin.reason = upcall->type == DPIF_UC_MISS ? OFPR_NO_MATCH : OFPR_ACTION;
5504 pin.buffer_id = 0; /* not yet known */
5505 pin.send_len = upcall->userdata;
5506 connmgr_send_packet_in(ofproto->connmgr, upcall, flow,
5507 clone ? NULL : upcall->packet);
5511 pick_datapath_id(const struct ofproto *ofproto)
5513 const struct ofport *port;
5515 port = get_port(ofproto, ODPP_LOCAL);
5517 uint8_t ea[ETH_ADDR_LEN];
5520 error = netdev_get_etheraddr(port->netdev, ea);
5522 return eth_addr_to_uint64(ea);
5524 VLOG_WARN("could not get MAC address for %s (%s)",
5525 netdev_get_name(port->netdev), strerror(error));
5527 return ofproto->fallback_dpid;
5531 pick_fallback_dpid(void)
5533 uint8_t ea[ETH_ADDR_LEN];
5534 eth_addr_nicira_random(ea);
5535 return eth_addr_to_uint64(ea);
5538 static struct ofproto *
5539 ofproto_lookup(const char *name)
5541 struct ofproto *ofproto;
5543 HMAP_FOR_EACH_WITH_HASH (ofproto, hmap_node, hash_string(name, 0),
5545 if (!strcmp(ofproto->name, name)) {
5553 ofproto_unixctl_list(struct unixctl_conn *conn, const char *arg OVS_UNUSED,
5554 void *aux OVS_UNUSED)
5556 struct ofproto *ofproto;
5560 HMAP_FOR_EACH (ofproto, hmap_node, &all_ofprotos) {
5561 ds_put_format(&results, "%s\n", ofproto->name);
5563 unixctl_command_reply(conn, 200, ds_cstr(&results));
5564 ds_destroy(&results);
5567 struct ofproto_trace {
5568 struct action_xlate_ctx ctx;
5574 trace_format_rule(struct ds *result, int level, const struct rule *rule)
5576 ds_put_char_multiple(result, '\t', level);
5578 ds_put_cstr(result, "No match\n");
5582 ds_put_format(result, "Rule: cookie=%#"PRIx64" ",
5583 ntohll(rule->flow_cookie));
5584 cls_rule_format(&rule->cr, result);
5585 ds_put_char(result, '\n');
5587 ds_put_char_multiple(result, '\t', level);
5588 ds_put_cstr(result, "OpenFlow ");
5589 ofp_print_actions(result, (const struct ofp_action_header *) rule->actions,
5590 rule->n_actions * sizeof *rule->actions);
5591 ds_put_char(result, '\n');
5595 trace_format_flow(struct ds *result, int level, const char *title,
5596 struct ofproto_trace *trace)
5598 ds_put_char_multiple(result, '\t', level);
5599 ds_put_format(result, "%s: ", title);
5600 if (flow_equal(&trace->ctx.flow, &trace->flow)) {
5601 ds_put_cstr(result, "unchanged");
5603 flow_format(result, &trace->ctx.flow);
5604 trace->flow = trace->ctx.flow;
5606 ds_put_char(result, '\n');
5610 trace_resubmit(struct action_xlate_ctx *ctx, struct rule *rule)
5612 struct ofproto_trace *trace = CONTAINER_OF(ctx, struct ofproto_trace, ctx);
5613 struct ds *result = trace->result;
5615 ds_put_char(result, '\n');
5616 trace_format_flow(result, ctx->recurse + 1, "Resubmitted flow", trace);
5617 trace_format_rule(result, ctx->recurse + 1, rule);
5621 ofproto_unixctl_trace(struct unixctl_conn *conn, const char *args_,
5622 void *aux OVS_UNUSED)
5624 char *dpname, *in_port_s, *tun_id_s, *packet_s;
5625 char *args = xstrdup(args_);
5626 char *save_ptr = NULL;
5627 struct ofproto *ofproto;
5628 struct ofpbuf packet;
5636 ofpbuf_init(&packet, strlen(args) / 2);
5639 dpname = strtok_r(args, " ", &save_ptr);
5640 tun_id_s = strtok_r(NULL, " ", &save_ptr);
5641 in_port_s = strtok_r(NULL, " ", &save_ptr);
5642 packet_s = strtok_r(NULL, "", &save_ptr); /* Get entire rest of line. */
5643 if (!dpname || !in_port_s || !packet_s) {
5644 unixctl_command_reply(conn, 501, "Bad command syntax");
5648 ofproto = ofproto_lookup(dpname);
5650 unixctl_command_reply(conn, 501, "Unknown ofproto (use ofproto/list "
5655 tun_id = htonll(strtoull(tun_id_s, NULL, 0));
5656 in_port = ofp_port_to_odp_port(atoi(in_port_s));
5658 packet_s = ofpbuf_put_hex(&packet, packet_s, NULL);
5659 packet_s += strspn(packet_s, " ");
5660 if (*packet_s != '\0') {
5661 unixctl_command_reply(conn, 501, "Trailing garbage in command");
5664 if (packet.size < ETH_HEADER_LEN) {
5665 unixctl_command_reply(conn, 501, "Packet data too short for Ethernet");
5669 ds_put_cstr(&result, "Packet: ");
5670 s = ofp_packet_to_string(packet.data, packet.size, packet.size);
5671 ds_put_cstr(&result, s);
5674 flow_extract(&packet, tun_id, in_port, &flow);
5675 ds_put_cstr(&result, "Flow: ");
5676 flow_format(&result, &flow);
5677 ds_put_char(&result, '\n');
5679 rule = rule_lookup(ofproto, &flow);
5680 trace_format_rule(&result, 0, rule);
5682 struct ofproto_trace trace;
5683 struct ofpbuf *odp_actions;
5685 trace.result = &result;
5687 action_xlate_ctx_init(&trace.ctx, ofproto, &flow, &packet);
5688 trace.ctx.resubmit_hook = trace_resubmit;
5689 odp_actions = xlate_actions(&trace.ctx,
5690 rule->actions, rule->n_actions);
5692 ds_put_char(&result, '\n');
5693 trace_format_flow(&result, 0, "Final flow", &trace);
5694 ds_put_cstr(&result, "Datapath actions: ");
5695 format_odp_actions(&result, odp_actions->data, odp_actions->size);
5696 ofpbuf_delete(odp_actions);
5699 unixctl_command_reply(conn, 200, ds_cstr(&result));
5702 ds_destroy(&result);
5703 ofpbuf_uninit(&packet);
5708 ofproto_unixctl_fdb_show(struct unixctl_conn *conn,
5709 const char *args, void *aux OVS_UNUSED)
5711 struct ds ds = DS_EMPTY_INITIALIZER;
5712 const struct ofproto *ofproto;
5713 const struct mac_entry *e;
5715 ofproto = ofproto_lookup(args);
5717 unixctl_command_reply(conn, 501, "no such bridge");
5721 ds_put_cstr(&ds, " port VLAN MAC Age\n");
5722 LIST_FOR_EACH (e, lru_node, &ofproto->ml->lrus) {
5723 struct ofbundle *bundle = e->port.p;
5724 ds_put_format(&ds, "%5d %4d "ETH_ADDR_FMT" %3d\n",
5725 ofbundle_get_a_port(bundle)->odp_port,
5726 e->vlan, ETH_ADDR_ARGS(e->mac), mac_entry_age(e));
5728 unixctl_command_reply(conn, 200, ds_cstr(&ds));
5733 ofproto_unixctl_init(void)
5735 static bool registered;
5741 unixctl_command_register("ofproto/list", ofproto_unixctl_list, NULL);
5742 unixctl_command_register("ofproto/trace", ofproto_unixctl_trace, NULL);
5743 unixctl_command_register("fdb/show", ofproto_unixctl_fdb_show, NULL);
projects / openvswitch / blob