struct hmapx dsts; /* Contains "struct ofbundle *"s. */
unsigned long *vlans; /* Bitmap of chosen VLANs, NULL selects all. */
- /* Output (mutually exclusive). */
+ /* Output (exactly one of out == NULL and out_vlan == -1 is true). */
struct ofbundle *out; /* Output port or NULL. */
int out_vlan; /* Output VLAN or -1. */
+ mirror_mask_t dup_mirrors; /* Bitmap of mirrors with the same output. */
};
static void mirror_destroy(struct ofmirror *);
* NULL if all VLANs are trunked. */
struct lacp *lacp; /* LACP if LACP is enabled, otherwise NULL. */
struct bond *bond; /* Nonnull iff more than one port. */
+ bool use_priority_tags; /* Use 802.1p tag for frames in VLAN 0? */
/* Status. */
bool floodable; /* True if no port has OFPPC_NO_FLOOD set. */
static void stp_run(struct ofproto_dpif *ofproto);
static void stp_wait(struct ofproto_dpif *ofproto);
+static bool ofbundle_includes_vlan(const struct ofbundle *, uint16_t vlan);
+
struct action_xlate_ctx {
/* action_xlate_ctx_init() initializes these members. */
static bool facet_is_controller_flow(struct facet *);
-static void flow_push_stats(const struct rule_dpif *,
- struct flow *, uint64_t packets, uint64_t bytes,
+static void flow_push_stats(const struct rule_dpif *, const struct flow *,
+ uint64_t packets, uint64_t bytes,
long long int used);
static uint32_t rule_calculate_tag(const struct flow *,
struct stp_port *stp_port; /* Spanning Tree Protocol, if any. */
enum stp_state stp_state; /* Always STP_DISABLED if STP not in use. */
long long int stp_state_entered;
+
+ struct hmap priorities; /* Map of attached 'priority_to_dscp's. */
+};
+
+/* Node in 'ofport_dpif''s 'priorities' map. Used to maintain a map from
+ * 'priority' (the datapath's term for QoS queue) to the dscp bits which all
+ * traffic egressing the 'ofport' with that priority should be marked with. */
+struct priority_to_dscp {
+ struct hmap_node hmap_node; /* Node in 'ofport_dpif''s 'priorities' map. */
+ uint32_t priority; /* Priority of this queue (see struct flow). */
+
+ uint8_t dscp; /* DSCP bits to mark outgoing traffic with. */
};
static struct ofport_dpif *
static void port_run(struct ofport_dpif *);
static void port_wait(struct ofport_dpif *);
static int set_cfm(struct ofport *, const struct cfm_settings *);
+static void ofport_clear_priorities(struct ofport_dpif *);
struct dpif_completion {
struct list list_node;
static void update_learning_table(struct ofproto_dpif *,
const struct flow *, int vlan,
struct ofbundle *);
-static bool is_admissible(struct ofproto_dpif *, const struct flow *,
- bool have_packet, tag_type *, int *vlanp,
- struct ofbundle **in_bundlep);
-
/* Upcalls. */
#define FLOW_MISS_MAX_BATCH 50
+
static void handle_upcall(struct ofproto_dpif *, struct dpif_upcall *);
static void handle_miss_upcalls(struct ofproto_dpif *,
struct dpif_upcall *, size_t n);
/* Flow expiration. */
static int expire(struct ofproto_dpif *);
+/* NetFlow. */
+static void send_netflow_active_timeouts(struct ofproto_dpif *);
+
/* Utilities. */
static int send_packet(struct ofproto_dpif *, uint32_t odp_port,
const struct ofpbuf *packet);
}
if (ofproto->netflow) {
- netflow_run(ofproto->netflow);
+ if (netflow_run(ofproto->netflow)) {
+ send_netflow_active_timeouts(ofproto);
+ }
}
if (ofproto->sflow) {
dpif_sflow_run(ofproto->sflow);
HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
bundle_wait(bundle);
}
+ if (ofproto->netflow) {
+ netflow_wait(ofproto->netflow);
+ }
mac_learning_wait(ofproto->ml);
stp_wait(ofproto);
if (ofproto->need_revalidate) {
htonll(s.n_hit + ofproto->n_matches));
}
-static int
-set_netflow(struct ofproto *ofproto_,
- const struct netflow_options *netflow_options)
-{
- struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
-
- if (netflow_options) {
- if (!ofproto->netflow) {
- ofproto->netflow = netflow_create();
- }
- return netflow_set_options(ofproto->netflow, netflow_options);
- } else {
- netflow_destroy(ofproto->netflow);
- ofproto->netflow = NULL;
- return 0;
- }
-}
-
static struct ofport *
port_alloc(void)
{
port->may_enable = true;
port->stp_port = NULL;
port->stp_state = STP_DISABLED;
+ hmap_init(&port->priorities);
if (ofproto->sflow) {
dpif_sflow_add_port(ofproto->sflow, port->odp_port,
if (ofproto->sflow) {
dpif_sflow_del_port(ofproto->sflow, port->odp_port);
}
+
+ ofport_clear_priorities(port);
+ hmap_destroy(&port->priorities);
}
static void
ofport->stp_state = state;
ofport->stp_state_entered = time_msec();
- if (fwd_change) {
+ if (fwd_change && ofport->bundle) {
bundle_update(ofport->bundle);
}
s->state = stp_port_get_state(sp);
s->sec_in_state = (time_msec() - ofport->stp_state_entered) / 1000;
s->role = stp_port_get_role(sp);
+ stp_port_get_counts(sp, &s->tx_count, &s->rx_count, &s->error_count);
return 0;
}
}
}
\f
+static struct priority_to_dscp *
+get_priority(const struct ofport_dpif *ofport, uint32_t priority)
+{
+ struct priority_to_dscp *pdscp;
+ uint32_t hash;
+
+ hash = hash_int(priority, 0);
+ HMAP_FOR_EACH_IN_BUCKET (pdscp, hmap_node, hash, &ofport->priorities) {
+ if (pdscp->priority == priority) {
+ return pdscp;
+ }
+ }
+ return NULL;
+}
+
+static void
+ofport_clear_priorities(struct ofport_dpif *ofport)
+{
+ struct priority_to_dscp *pdscp, *next;
+
+ HMAP_FOR_EACH_SAFE (pdscp, next, hmap_node, &ofport->priorities) {
+ hmap_remove(&ofport->priorities, &pdscp->hmap_node);
+ free(pdscp);
+ }
+}
+
+static int
+set_queues(struct ofport *ofport_,
+ const struct ofproto_port_queue *qdscp_list,
+ size_t n_qdscp)
+{
+ struct ofport_dpif *ofport = ofport_dpif_cast(ofport_);
+ struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofport->up.ofproto);
+ struct hmap new = HMAP_INITIALIZER(&new);
+ size_t i;
+
+ for (i = 0; i < n_qdscp; i++) {
+ struct priority_to_dscp *pdscp;
+ uint32_t priority;
+ uint8_t dscp;
+
+ dscp = (qdscp_list[i].dscp << 2) & IP_DSCP_MASK;
+ if (dpif_queue_to_priority(ofproto->dpif, qdscp_list[i].queue,
+ &priority)) {
+ continue;
+ }
+
+ pdscp = get_priority(ofport, priority);
+ if (pdscp) {
+ hmap_remove(&ofport->priorities, &pdscp->hmap_node);
+ } else {
+ pdscp = xmalloc(sizeof *pdscp);
+ pdscp->priority = priority;
+ pdscp->dscp = dscp;
+ ofproto->need_revalidate = true;
+ }
+
+ if (pdscp->dscp != dscp) {
+ pdscp->dscp = dscp;
+ ofproto->need_revalidate = true;
+ }
+
+ hmap_insert(&new, &pdscp->hmap_node, hash_int(pdscp->priority, 0));
+ }
+
+ if (!hmap_is_empty(&ofport->priorities)) {
+ ofport_clear_priorities(ofport);
+ ofproto->need_revalidate = true;
+ }
+
+ hmap_swap(&new, &ofport->priorities);
+ hmap_destroy(&new);
+
+ return 0;
+}
+\f
/* Bundles. */
/* Expires all MAC learning entries associated with 'port' and forces ofproto
bundle->floodable = true;
LIST_FOR_EACH (port, bundle_node, &bundle->ports) {
- if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)
- || !stp_forward_in_state(port->stp_state)) {
+ if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)) {
bundle->floodable = false;
break;
}
port->bundle = bundle;
list_push_back(&bundle->ports, &port->bundle_node);
- if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)
- || !stp_forward_in_state(port->stp_state)) {
+ if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)) {
bundle->floodable = false;
}
}
bundle->vlan_mode = PORT_VLAN_TRUNK;
bundle->vlan = -1;
bundle->trunks = NULL;
+ bundle->use_priority_tags = s->use_priority_tags;
bundle->lacp = NULL;
bundle->bond = NULL;
}
/* Set VLAN tagging mode */
- if (s->vlan_mode != bundle->vlan_mode) {
+ if (s->vlan_mode != bundle->vlan_mode
+ || s->use_priority_tags != bundle->use_priority_tags) {
bundle->vlan_mode = s->vlan_mode;
+ bundle->use_priority_tags = s->use_priority_tags;
need_flush = true;
}
return NULL;
}
+/* Update the 'dup_mirrors' member of each of the ofmirrors in 'ofproto'. */
+static void
+mirror_update_dups(struct ofproto_dpif *ofproto)
+{
+ int i;
+
+ for (i = 0; i < MAX_MIRRORS; i++) {
+ struct ofmirror *m = ofproto->mirrors[i];
+
+ if (m) {
+ m->dup_mirrors = MIRROR_MASK_C(1) << i;
+ }
+ }
+
+ for (i = 0; i < MAX_MIRRORS; i++) {
+ struct ofmirror *m1 = ofproto->mirrors[i];
+ int j;
+
+ if (!m1) {
+ continue;
+ }
+
+ for (j = i + 1; j < MAX_MIRRORS; j++) {
+ struct ofmirror *m2 = ofproto->mirrors[j];
+
+ if (m2 && m1->out == m2->out && m1->out_vlan == m2->out_vlan) {
+ m1->dup_mirrors |= MIRROR_MASK_C(1) << j;
+ m2->dup_mirrors |= m1->dup_mirrors;
+ }
+ }
+ }
+}
+
static int
mirror_set(struct ofproto *ofproto_, void *aux,
const struct ofproto_mirror_settings *s)
ofproto->need_revalidate = true;
mac_learning_flush(ofproto->ml);
+ mirror_update_dups(ofproto);
return 0;
}
ofproto->mirrors[mirror->idx] = NULL;
free(mirror->name);
free(mirror);
+
+ mirror_update_dups(ofproto);
}
static int
return bucket * BUCKET_WIDTH;
}
-static void
-facet_active_timeout(struct ofproto_dpif *ofproto, struct facet *facet)
-{
- if (ofproto->netflow && !facet_is_controller_flow(facet) &&
- netflow_active_timeout_expired(ofproto->netflow, &facet->nf_flow)) {
- struct ofexpired expired;
-
- if (facet->installed) {
- struct dpif_flow_stats stats;
-
- facet_put__(ofproto, facet, facet->actions, facet->actions_len,
- &stats);
- facet_update_stats(ofproto, facet, &stats);
- }
-
- expired.flow = facet->flow;
- expired.packet_count = facet->packet_count;
- expired.byte_count = facet->byte_count;
- expired.used = facet->used;
- netflow_expire(ofproto->netflow, &facet->nf_flow, &expired);
- }
-}
-
static void
expire_facets(struct ofproto_dpif *ofproto, int dp_max_idle)
{
struct facet *facet, *next_facet;
HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) {
- facet_active_timeout(ofproto, facet);
if (facet->used < cutoff) {
facet_remove(ofproto, facet);
}
* 'rule''s actions. */
static void
flow_push_stats(const struct rule_dpif *rule,
- struct flow *flow, uint64_t packets, uint64_t bytes,
+ const struct flow *flow, uint64_t packets, uint64_t bytes,
long long int used)
{
struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
}
static int
-rule_execute(struct rule *rule_, struct flow *flow, struct ofpbuf *packet)
+rule_execute(struct rule *rule_, const struct flow *flow,
+ struct ofpbuf *packet)
{
struct rule_dpif *rule = rule_dpif_cast(rule_);
struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto);
const struct flow *flow,
const struct user_action_cookie *cookie)
{
- size_t offset;
uint32_t pid;
pid = dpif_port_get_pid(ofproto->dpif,
ofp_port_to_odp_port(flow->in_port));
- offset = nl_msg_start_nested(odp_actions, OVS_ACTION_ATTR_USERSPACE);
- nl_msg_put_u32(odp_actions, OVS_USERSPACE_ATTR_PID, pid);
- nl_msg_put_unspec(odp_actions, OVS_USERSPACE_ATTR_USERDATA,
- cookie, sizeof *cookie);
- nl_msg_end_nested(odp_actions, offset);
-
- return odp_actions->size - NLA_ALIGN(sizeof *cookie);
+ return odp_put_userspace_action(pid, cookie, odp_actions);
}
/* Compose SAMPLE action for sFlow. */
}
static void
-commit_vlan_action(struct action_xlate_ctx *ctx, ovs_be16 new_tci)
+commit_vlan_action(const struct flow *flow, struct flow *base,
+ struct ofpbuf *odp_actions)
{
- struct flow *base = &ctx->base_flow;
-
- if (base->vlan_tci == new_tci) {
+ if (base->vlan_tci == flow->vlan_tci) {
return;
}
if (base->vlan_tci & htons(VLAN_CFI)) {
- nl_msg_put_flag(ctx->odp_actions, OVS_ACTION_ATTR_POP_VLAN);
+ nl_msg_put_flag(odp_actions, OVS_ACTION_ATTR_POP_VLAN);
}
- if (new_tci & htons(VLAN_CFI)) {
+ if (flow->vlan_tci & htons(VLAN_CFI)) {
struct ovs_action_push_vlan vlan;
vlan.vlan_tpid = htons(ETH_TYPE_VLAN);
- vlan.vlan_tci = new_tci & ~htons(VLAN_CFI);
- nl_msg_put_unspec(ctx->odp_actions, OVS_ACTION_ATTR_PUSH_VLAN,
+ vlan.vlan_tci = flow->vlan_tci;
+ nl_msg_put_unspec(odp_actions, OVS_ACTION_ATTR_PUSH_VLAN,
&vlan, sizeof vlan);
}
- base->vlan_tci = new_tci;
+ base->vlan_tci = flow->vlan_tci;
}
static void
ipv4_key.ipv4_src = base->nw_src = flow->nw_src;
ipv4_key.ipv4_dst = base->nw_dst = flow->nw_dst;
+ ipv4_key.ipv4_tos = base->nw_tos = flow->nw_tos;
+ ipv4_key.ipv4_ttl = base->nw_ttl = flow->nw_ttl;
ipv4_key.ipv4_proto = base->nw_proto;
- ipv4_key.ipv4_tos = flow->nw_tos;
- ipv4_key.ipv4_ttl = flow->nw_ttl;
ipv4_key.ipv4_frag = (base->nw_frag == 0 ? OVS_FRAG_TYPE_NONE
: base->nw_frag == FLOW_NW_FRAG_ANY
? OVS_FRAG_TYPE_FIRST : OVS_FRAG_TYPE_LATER);
commit_set_tun_id_action(flow, base, odp_actions);
commit_set_ether_addr_action(flow, base, odp_actions);
- commit_vlan_action(ctx, flow->vlan_tci);
+ commit_vlan_action(flow, base, odp_actions);
commit_set_nw_action(flow, base, odp_actions);
commit_set_port_action(flow, base, odp_actions);
commit_set_priority_action(flow, base, odp_actions);
}
static void
-compose_output_action(struct action_xlate_ctx *ctx, uint16_t odp_port)
-{
- nl_msg_put_u32(ctx->odp_actions, OVS_ACTION_ATTR_OUTPUT, odp_port);
- ctx->sflow_odp_port = odp_port;
- ctx->sflow_n_outputs++;
-}
-
-static void
-add_output_action(struct action_xlate_ctx *ctx, uint16_t ofp_port)
+compose_output_action__(struct action_xlate_ctx *ctx, uint16_t ofp_port,
+ bool check_stp)
{
const struct ofport_dpif *ofport = get_ofp_port(ctx->ofproto, ofp_port);
uint16_t odp_port = ofp_port_to_odp_port(ofp_port);
+ uint8_t flow_nw_tos = ctx->flow.nw_tos;
if (ofport) {
+ struct priority_to_dscp *pdscp;
+
if (ofport->up.opp.config & htonl(OFPPC_NO_FWD)
- || !stp_forward_in_state(ofport->stp_state)) {
- /* Forwarding disabled on port. */
+ || (check_stp && !stp_forward_in_state(ofport->stp_state))) {
return;
}
+
+ pdscp = get_priority(ofport, ctx->flow.priority);
+ if (pdscp) {
+ ctx->flow.nw_tos &= ~IP_DSCP_MASK;
+ ctx->flow.nw_tos |= pdscp->dscp;
+ }
} else {
- /*
- * We don't have an ofport record for this port, but it doesn't hurt to
- * allow forwarding to it anyhow. Maybe such a port will appear later
- * and we're pre-populating the flow table.
- */
+ /* We may not have an ofport record for this port, but it doesn't hurt
+ * to allow forwarding to it anyhow. Maybe such a port will appear
+ * later and we're pre-populating the flow table. */
}
commit_odp_actions(ctx);
- compose_output_action(ctx, odp_port);
+ nl_msg_put_u32(ctx->odp_actions, OVS_ACTION_ATTR_OUTPUT, odp_port);
+ ctx->sflow_odp_port = odp_port;
+ ctx->sflow_n_outputs++;
ctx->nf_output_iface = ofp_port;
+ ctx->flow.nw_tos = flow_nw_tos;
+}
+
+static void
+compose_output_action(struct action_xlate_ctx *ctx, uint16_t ofp_port)
+{
+ compose_output_action__(ctx, ofp_port, true);
}
static void
}
static void
-flood_packets(struct action_xlate_ctx *ctx, ovs_be32 mask)
+flood_packets(struct action_xlate_ctx *ctx, bool all)
{
struct ofport_dpif *ofport;
commit_odp_actions(ctx);
HMAP_FOR_EACH (ofport, up.hmap_node, &ctx->ofproto->up.ports) {
uint16_t ofp_port = ofport->up.ofp_port;
- if (ofp_port != ctx->flow.in_port
- && !(ofport->up.opp.config & mask)
- && stp_forward_in_state(ofport->stp_state)) {
- compose_output_action(ctx, ofport->odp_port);
+
+ if (ofp_port == ctx->flow.in_port) {
+ continue;
+ }
+
+ if (all) {
+ compose_output_action__(ctx, ofp_port, false);
+ } else if (!(ofport->up.opp.config & htonl(OFPPC_NO_FLOOD))) {
+ compose_output_action(ctx, ofp_port);
}
}
{
struct user_action_cookie cookie;
+ commit_odp_actions(ctx);
cookie.type = USER_ACTION_COOKIE_CONTROLLER;
cookie.data = len;
cookie.n_output = 0;
switch (port) {
case OFPP_IN_PORT:
- add_output_action(ctx, ctx->flow.in_port);
+ compose_output_action(ctx, ctx->flow.in_port);
break;
case OFPP_TABLE:
xlate_table_action(ctx, ctx->flow.in_port, ctx->table_id);
xlate_normal(ctx);
break;
case OFPP_FLOOD:
- flood_packets(ctx, htonl(OFPPC_NO_FLOOD));
+ flood_packets(ctx, false);
break;
case OFPP_ALL:
- flood_packets(ctx, htonl(0));
+ flood_packets(ctx, true);
break;
case OFPP_CONTROLLER:
- commit_odp_actions(ctx);
compose_controller_action(ctx, max_len);
break;
case OFPP_LOCAL:
- add_output_action(ctx, OFPP_LOCAL);
+ compose_output_action(ctx, OFPP_LOCAL);
break;
case OFPP_NONE:
break;
default:
if (port != ctx->flow.in_port) {
- add_output_action(ctx, port);
+ compose_output_action(ctx, port);
}
break;
}
xlate_enqueue_action(struct action_xlate_ctx *ctx,
const struct ofp_action_enqueue *oae)
{
- uint16_t ofp_port, odp_port;
+ uint16_t ofp_port;
uint32_t flow_priority, priority;
int error;
} else if (ofp_port == ctx->flow.in_port) {
return;
}
- odp_port = ofp_port_to_odp_port(ofp_port);
/* Add datapath actions. */
flow_priority = ctx->flow.priority;
ctx->flow.priority = priority;
- add_output_action(ctx, odp_port);
+ compose_output_action(ctx, ofp_port);
ctx->flow.priority = flow_priority;
/* Update NetFlow output port. */
if (ctx->nf_output_iface == NF_OUT_DROP) {
- ctx->nf_output_iface = odp_port;
+ ctx->nf_output_iface = ofp_port;
} else if (ctx->nf_output_iface != NF_OUT_FLOOD) {
ctx->nf_output_iface = NF_OUT_MULTI;
}
if (ctx->packet
&& connmgr_msg_in_hook(ctx->ofproto->up.connmgr, &ctx->flow,
ctx->packet)) {
- compose_output_action(ctx, OVSP_LOCAL);
+ compose_output_action(ctx, OFPP_LOCAL);
}
}
fix_sflow_action(ctx);
\f
/* OFPP_NORMAL implementation. */
-struct dst {
- struct ofport_dpif *port;
- uint16_t vid;
-};
-
-struct dst_set {
- struct dst builtin[32];
- struct dst *dsts;
- size_t n, allocated;
-};
-
-static void dst_set_init(struct dst_set *);
-static void dst_set_add(struct dst_set *, const struct dst *);
-static void dst_set_free(struct dst_set *);
-
static struct ofport_dpif *ofbundle_get_a_port(const struct ofbundle *);
/* Given 'vid', the VID obtained from the 802.1Q header that was received as
}
}
+/* Checks whether a packet with the given 'vid' may ingress on 'in_bundle'.
+ * If so, returns true. Otherwise, returns false and, if 'warn' is true, logs
+ * a warning.
+ *
+ * 'vid' should be the VID obtained from the 802.1Q header that was received as
+ * part of a packet (specify 0 if there was no 802.1Q header), in the range
+ * 0...4095. */
+static bool
+input_vid_is_valid(uint16_t vid, struct ofbundle *in_bundle, bool warn)
+{
+ switch (in_bundle->vlan_mode) {
+ case PORT_VLAN_ACCESS:
+ if (vid) {
+ if (warn) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+ VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %"PRIu16" tagged "
+ "packet received on port %s configured as VLAN "
+ "%"PRIu16" access port",
+ in_bundle->ofproto->up.name, vid,
+ in_bundle->name, in_bundle->vlan);
+ }
+ return false;
+ }
+ return true;
+
+ case PORT_VLAN_NATIVE_UNTAGGED:
+ case PORT_VLAN_NATIVE_TAGGED:
+ if (!vid) {
+ /* Port must always carry its native VLAN. */
+ return true;
+ }
+ /* Fall through. */
+ case PORT_VLAN_TRUNK:
+ if (!ofbundle_includes_vlan(in_bundle, vid)) {
+ if (warn) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+ VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %"PRIu16" packet "
+ "received on port %s not configured for trunking "
+ "VLAN %"PRIu16,
+ in_bundle->ofproto->up.name, vid,
+ in_bundle->name, vid);
+ }
+ return false;
+ }
+ return true;
+
+ default:
+ NOT_REACHED();
+ }
+
+}
+
/* Given 'vlan', the VLAN that a packet belongs to, and
* 'out_bundle', a bundle on which the packet is to be output, returns the VID
* that should be included in the 802.1Q header. (If the return value is 0,
}
}
-static bool
-set_dst(struct action_xlate_ctx *ctx, struct dst *dst,
- const struct ofbundle *in_bundle, const struct ofbundle *out_bundle)
+static void
+output_normal(struct action_xlate_ctx *ctx, const struct ofbundle *out_bundle,
+ uint16_t vlan)
{
- uint16_t vlan;
+ struct ofport_dpif *port;
+ uint16_t vid;
+ ovs_be16 tci, old_tci;
- vlan = input_vid_to_vlan(in_bundle, vlan_tci_to_vid(ctx->flow.vlan_tci));
- dst->vid = output_vlan_to_vid(out_bundle, vlan);
+ vid = output_vlan_to_vid(out_bundle, vlan);
+ if (!out_bundle->bond) {
+ port = ofbundle_get_a_port(out_bundle);
+ } else {
+ port = bond_choose_output_slave(out_bundle->bond, &ctx->flow,
+ vid, &ctx->tags);
+ if (!port) {
+ /* No slaves enabled, so drop packet. */
+ return;
+ }
+ }
- dst->port = (!out_bundle->bond
- ? ofbundle_get_a_port(out_bundle)
- : bond_choose_output_slave(out_bundle->bond, &ctx->flow,
- dst->vid, &ctx->tags));
- return dst->port != NULL;
+ old_tci = ctx->flow.vlan_tci;
+ tci = htons(vid);
+ if (tci || out_bundle->use_priority_tags) {
+ tci |= ctx->flow.vlan_tci & htons(VLAN_PCP_MASK);
+ if (tci) {
+ tci |= htons(VLAN_CFI);
+ }
+ }
+ ctx->flow.vlan_tci = tci;
+
+ compose_output_action(ctx, port->up.ofp_port);
+ ctx->flow.vlan_tci = old_tci;
}
static int
return ffs(mask);
}
-static void
-dst_set_init(struct dst_set *set)
-{
- set->dsts = set->builtin;
- set->n = 0;
- set->allocated = ARRAY_SIZE(set->builtin);
-}
-
-static void
-dst_set_add(struct dst_set *set, const struct dst *dst)
-{
- if (set->n >= set->allocated) {
- size_t new_allocated;
- struct dst *new_dsts;
-
- new_allocated = set->allocated * 2;
- new_dsts = xmalloc(new_allocated * sizeof *new_dsts);
- memcpy(new_dsts, set->dsts, set->n * sizeof *new_dsts);
-
- dst_set_free(set);
-
- set->dsts = new_dsts;
- set->allocated = new_allocated;
- }
- set->dsts[set->n++] = *dst;
-}
-
-static void
-dst_set_free(struct dst_set *set)
-{
- if (set->dsts != set->builtin) {
- free(set->dsts);
- }
-}
-
-static bool
-dst_is_duplicate(const struct dst_set *set, const struct dst *test)
-{
- size_t i;
- for (i = 0; i < set->n; i++) {
- if (set->dsts[i].vid == test->vid
- && set->dsts[i].port == test->port) {
- return true;
- }
- }
- return false;
-}
-
static bool
ofbundle_trunks_vlan(const struct ofbundle *bundle, uint16_t vlan)
{
struct ofport_dpif, bundle_node);
}
-static void
+static mirror_mask_t
compose_dsts(struct action_xlate_ctx *ctx, uint16_t vlan,
const struct ofbundle *in_bundle,
- const struct ofbundle *out_bundle, struct dst_set *set)
+ const struct ofbundle *out_bundle)
{
- struct dst dst;
+ mirror_mask_t dst_mirrors = 0;
if (out_bundle == OFBUNDLE_FLOOD) {
struct ofbundle *bundle;
if (bundle != in_bundle
&& ofbundle_includes_vlan(bundle, vlan)
&& bundle->floodable
- && !bundle->mirror_out
- && set_dst(ctx, &dst, in_bundle, bundle)) {
- dst_set_add(set, &dst);
+ && !bundle->mirror_out) {
+ output_normal(ctx, bundle, vlan);
+ dst_mirrors |= bundle->dst_mirrors;
}
}
ctx->nf_output_iface = NF_OUT_FLOOD;
- } else if (out_bundle && set_dst(ctx, &dst, in_bundle, out_bundle)) {
- dst_set_add(set, &dst);
- ctx->nf_output_iface = dst.port->odp_port;
+ } else if (out_bundle) {
+ output_normal(ctx, out_bundle, vlan);
+ dst_mirrors = out_bundle->dst_mirrors;
}
+
+ return dst_mirrors;
}
static bool
}
static void
-compose_mirror_dsts(struct action_xlate_ctx *ctx,
- uint16_t vlan, const struct ofbundle *in_bundle,
- struct dst_set *set)
+output_mirrors(struct action_xlate_ctx *ctx,
+ uint16_t vlan, const struct ofbundle *in_bundle,
+ mirror_mask_t dst_mirrors)
{
struct ofproto_dpif *ofproto = ctx->ofproto;
mirror_mask_t mirrors;
- uint16_t flow_vid;
- size_t i;
-
- mirrors = in_bundle->src_mirrors;
- for (i = 0; i < set->n; i++) {
- mirrors |= set->dsts[i].port->bundle->dst_mirrors;
- }
+ mirrors = in_bundle->src_mirrors | dst_mirrors;
if (!mirrors) {
return;
}
- flow_vid = vlan_tci_to_vid(ctx->flow.vlan_tci);
while (mirrors) {
- struct ofmirror *m = ofproto->mirrors[mirror_mask_ffs(mirrors) - 1];
- if (vlan_is_mirrored(m, vlan)) {
- struct dst dst;
-
- if (m->out) {
- if (set_dst(ctx, &dst, in_bundle, m->out)
- && !dst_is_duplicate(set, &dst)) {
- dst_set_add(set, &dst);
- }
- } else if (eth_dst_may_rspan(ctx->flow.dl_dst)) {
- struct ofbundle *bundle;
-
- HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
- if (ofbundle_includes_vlan(bundle, m->out_vlan)
- && set_dst(ctx, &dst, in_bundle, bundle))
- {
- /* set_dst() got dst->vid from the input packet's VLAN,
- * not from m->out_vlan, so recompute it. */
- dst.vid = output_vlan_to_vid(bundle, m->out_vlan);
-
- if (dst_is_duplicate(set, &dst)) {
- continue;
- }
-
- if (bundle == in_bundle && dst.vid == flow_vid) {
- /* Don't send out input port on same VLAN. */
- continue;
- }
- dst_set_add(set, &dst);
- }
- }
- }
- }
- mirrors &= mirrors - 1;
- }
-}
+ struct ofmirror *m;
-static void
-compose_actions(struct action_xlate_ctx *ctx, uint16_t vlan,
- const struct ofbundle *in_bundle,
- const struct ofbundle *out_bundle)
-{
- uint16_t initial_vid, cur_vid;
- const struct dst *dst;
- struct dst_set set;
-
- dst_set_init(&set);
- compose_dsts(ctx, vlan, in_bundle, out_bundle, &set);
- compose_mirror_dsts(ctx, vlan, in_bundle, &set);
- if (!set.n) {
- dst_set_free(&set);
- return;
- }
+ m = ofproto->mirrors[mirror_mask_ffs(mirrors) - 1];
- /* Output all the packets we can without having to change the VLAN. */
- commit_odp_actions(ctx);
- initial_vid = vlan_tci_to_vid(ctx->flow.vlan_tci);
- for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) {
- if (dst->vid != initial_vid) {
+ if (!vlan_is_mirrored(m, vlan)) {
+ mirrors &= mirrors - 1;
continue;
}
- compose_output_action(ctx, dst->port->odp_port);
- }
- /* Then output the rest. */
- cur_vid = initial_vid;
- for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) {
- if (dst->vid == initial_vid) {
- continue;
- }
- if (dst->vid != cur_vid) {
- ovs_be16 tci;
-
- tci = htons(dst->vid);
- tci |= ctx->flow.vlan_tci & htons(VLAN_PCP_MASK);
- if (tci) {
- tci |= htons(VLAN_CFI);
- }
- commit_vlan_action(ctx, tci);
-
- cur_vid = dst->vid;
- }
- compose_output_action(ctx, dst->port->odp_port);
- }
-
- dst_set_free(&set);
-}
-
-/* Returns the effective vlan of a packet, taking into account both the
- * 802.1Q header and implicitly tagged ports. A value of 0 indicates that
- * the packet is untagged and -1 indicates it has an invalid header and
- * should be dropped. */
-static int
-flow_get_vlan(struct ofproto_dpif *ofproto, const struct flow *flow,
- struct ofbundle *in_bundle, bool have_packet)
-{
- int vlan = vlan_tci_to_vid(flow->vlan_tci);
- if (vlan) {
- if (in_bundle->vlan_mode == PORT_VLAN_ACCESS) {
- /* Drop tagged packet on access port */
- if (have_packet) {
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
- VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
- "packet received on port %s configured with "
- "implicit VLAN %"PRIu16,
- ofproto->up.name, vlan,
- in_bundle->name, in_bundle->vlan);
- }
- return -1;
- } else if (ofbundle_includes_vlan(in_bundle, vlan)) {
- return vlan;
- } else {
- /* Drop packets from a VLAN not member of the trunk */
- if (have_packet) {
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
- VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged "
- "packet received on port %s not configured for "
- "trunking VLAN %d",
- ofproto->up.name, vlan, in_bundle->name, vlan);
+ mirrors &= ~m->dup_mirrors;
+ if (m->out) {
+ output_normal(ctx, m->out, vlan);
+ } else if (eth_dst_may_rspan(ctx->flow.dl_dst)
+ && vlan != m->out_vlan) {
+ struct ofbundle *bundle;
+
+ HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) {
+ if (ofbundle_includes_vlan(bundle, m->out_vlan)
+ && !bundle->mirror_out) {
+ output_normal(ctx, bundle, m->out_vlan);
+ }
}
- return -1;
- }
- } else {
- if (in_bundle->vlan_mode != PORT_VLAN_TRUNK) {
- return in_bundle->vlan;
- } else {
- return ofbundle_includes_vlan(in_bundle, 0) ? 0 : -1;
}
}
}
}
}
-/* Determines whether packets in 'flow' within 'br' should be forwarded or
+static struct ofport_dpif *
+lookup_input_bundle(struct ofproto_dpif *ofproto, uint16_t in_port, bool warn)
+{
+ struct ofport_dpif *ofport;
+
+ /* Find the port and bundle for the received packet. */
+ ofport = get_ofp_port(ofproto, in_port);
+ if (ofport && ofport->bundle) {
+ return ofport;
+ }
+
+ /* Odd. A few possible reasons here:
+ *
+ * - We deleted a port but there are still a few packets queued up
+ * from it.
+ *
+ * - Someone externally added a port (e.g. "ovs-dpctl add-if") that
+ * we don't know about.
+ *
+ * - The ofproto client didn't configure the port as part of a bundle.
+ */
+ if (warn) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+
+ VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown "
+ "port %"PRIu16, ofproto->up.name, in_port);
+ }
+ return NULL;
+}
+
+/* Determines whether packets in 'flow' within 'ofproto' should be forwarded or
* dropped. Returns true if they may be forwarded, false if they should be
* dropped.
*
- * If 'have_packet' is true, it indicates that the caller is processing a
- * received packet. If 'have_packet' is false, then the caller is just
- * revalidating an existing flow because configuration has changed. Either
- * way, 'have_packet' only affects logging (there is no point in logging errors
- * during revalidation).
+ * 'in_port' must be the ofport_dpif that corresponds to flow->in_port.
+ * 'in_port' must be part of a bundle (e.g. in_port->bundle must be nonnull).
*
- * Sets '*in_portp' to the input port. This will be a null pointer if
- * flow->in_port does not designate a known input port (in which case
- * is_admissible() returns false).
- *
- * When returning true, sets '*vlanp' to the effective VLAN of the input
- * packet, as returned by flow_get_vlan().
+ * 'vlan' must be the VLAN that corresponds to flow->vlan_tci on 'in_port', as
+ * returned by input_vid_to_vlan(). It must be a valid VLAN for 'in_port', as
+ * checked by input_vid_is_valid().
*
* May also add tags to '*tags', although the current implementation only does
* so in one special case.
*/
static bool
is_admissible(struct ofproto_dpif *ofproto, const struct flow *flow,
- bool have_packet,
- tag_type *tags, int *vlanp, struct ofbundle **in_bundlep)
+ struct ofport_dpif *in_port, uint16_t vlan, tag_type *tags)
{
- struct ofport_dpif *in_port;
- struct ofbundle *in_bundle;
- int vlan;
-
- /* Find the port and bundle for the received packet. */
- in_port = get_ofp_port(ofproto, flow->in_port);
- *in_bundlep = in_bundle = in_port ? in_port->bundle : NULL;
- if (!in_port || !in_bundle) {
- /* No interface? Something fishy... */
- if (have_packet) {
- /* Odd. A few possible reasons here:
- *
- * - We deleted a port but there are still a few packets queued up
- * from it.
- *
- * - Someone externally added a port (e.g. "ovs-dpctl add-if") that
- * we don't know about.
- *
- * - Packet arrived on the local port but the local port is not
- * part of a bundle.
- */
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+ struct ofbundle *in_bundle = in_port->bundle;
- VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown "
- "port %"PRIu16,
- ofproto->up.name, flow->in_port);
- }
- *vlanp = -1;
- return false;
- }
- *vlanp = vlan = flow_get_vlan(ofproto, flow, in_bundle, have_packet);
- if (vlan < 0) {
- return false;
- }
-
- /* Drop frames for reserved multicast addresses only if forward_bpdu
- * option is absent. */
+ /* Drop frames for reserved multicast addresses
+ * only if forward_bpdu option is absent. */
if (eth_addr_is_reserved(flow->dl_dst) && !ofproto->up.forward_bpdu) {
return false;
}
- /* Drop frames on bundles reserved for mirroring. */
- if (in_bundle->mirror_out) {
- if (have_packet) {
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
- VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port "
- "%s, which is reserved exclusively for mirroring",
- ofproto->up.name, in_bundle->name);
- }
- return false;
- }
-
if (in_bundle->bond) {
struct mac_entry *mac;
static void
xlate_normal(struct action_xlate_ctx *ctx)
{
+ mirror_mask_t dst_mirrors = 0;
+ struct ofport_dpif *in_port;
struct ofbundle *in_bundle;
struct ofbundle *out_bundle;
struct mac_entry *mac;
- int vlan;
+ uint16_t vlan;
+ uint16_t vid;
ctx->has_normal = true;
- /* Check whether we should drop packets in this flow. */
- if (!is_admissible(ctx->ofproto, &ctx->flow, ctx->packet != NULL,
- &ctx->tags, &vlan, &in_bundle)) {
- out_bundle = NULL;
- goto done;
+ /* Obtain in_port from ctx->flow.in_port.
+ *
+ * lookup_input_bundle() also ensures that in_port belongs to a bundle. */
+ in_port = lookup_input_bundle(ctx->ofproto, ctx->flow.in_port,
+ ctx->packet != NULL);
+ if (!in_port) {
+ return;
+ }
+ in_bundle = in_port->bundle;
+
+ /* Drop malformed frames. */
+ if (ctx->flow.dl_type == htons(ETH_TYPE_VLAN) &&
+ !(ctx->flow.vlan_tci & htons(VLAN_CFI))) {
+ if (ctx->packet != NULL) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+ VLOG_WARN_RL(&rl, "bridge %s: dropping packet with partial "
+ "VLAN tag received on port %s",
+ ctx->ofproto->up.name, in_bundle->name);
+ }
+ return;
+ }
+
+ /* Drop frames on bundles reserved for mirroring. */
+ if (in_bundle->mirror_out) {
+ if (ctx->packet != NULL) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+ VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port "
+ "%s, which is reserved exclusively for mirroring",
+ ctx->ofproto->up.name, in_bundle->name);
+ }
+ return;
+ }
+
+ /* Check VLAN. */
+ vid = vlan_tci_to_vid(ctx->flow.vlan_tci);
+ if (!input_vid_is_valid(vid, in_bundle, ctx->packet != NULL)) {
+ return;
+ }
+ vlan = input_vid_to_vlan(in_bundle, vid);
+
+ /* Check other admissibility requirements. */
+ if (!is_admissible(ctx->ofproto, &ctx->flow, in_port, vlan, &ctx->tags)) {
+ output_mirrors(ctx, vlan, in_bundle, 0);
+ return;
}
/* Learn source MAC. */
}
/* Don't send packets out their input bundles. */
- if (in_bundle == out_bundle) {
- out_bundle = NULL;
- }
-
-done:
- if (in_bundle) {
- compose_actions(ctx, vlan, in_bundle, out_bundle);
+ if (in_bundle != out_bundle) {
+ dst_mirrors = compose_dsts(ctx, vlan, in_bundle, out_bundle);
}
+ output_mirrors(ctx, vlan, in_bundle, dst_mirrors);
}
\f
/* Optimized flow revalidation.
}
return error;
}
+\f
+/* NetFlow. */
+
+static int
+set_netflow(struct ofproto *ofproto_,
+ const struct netflow_options *netflow_options)
+{
+ struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_);
+
+ if (netflow_options) {
+ if (!ofproto->netflow) {
+ ofproto->netflow = netflow_create();
+ }
+ return netflow_set_options(ofproto->netflow, netflow_options);
+ } else {
+ netflow_destroy(ofproto->netflow);
+ ofproto->netflow = NULL;
+ return 0;
+ }
+}
static void
get_netflow_ids(const struct ofproto *ofproto_,
dpif_get_netflow_ids(ofproto->dpif, engine_type, engine_id);
}
+
+static void
+send_active_timeout(struct ofproto_dpif *ofproto, struct facet *facet)
+{
+ if (!facet_is_controller_flow(facet) &&
+ netflow_active_timeout_expired(ofproto->netflow, &facet->nf_flow)) {
+ struct ofexpired expired;
+
+ if (facet->installed) {
+ struct dpif_flow_stats stats;
+
+ facet_put__(ofproto, facet, facet->actions, facet->actions_len,
+ &stats);
+ facet_update_stats(ofproto, facet, &stats);
+ }
+
+ expired.flow = facet->flow;
+ expired.packet_count = facet->packet_count;
+ expired.byte_count = facet->byte_count;
+ expired.used = facet->used;
+ netflow_expire(ofproto->netflow, &facet->nf_flow, &expired);
+ }
+}
+
+static void
+send_netflow_active_timeouts(struct ofproto_dpif *ofproto)
+{
+ struct facet *facet;
+
+ HMAP_FOR_EACH (facet, hmap_node, &ofproto->facets) {
+ send_active_timeout(ofproto, facet);
+ }
+}
\f
static struct ofproto_dpif *
ofproto_dpif_lookup(const char *name)
/* Convert string to datapath key. */
ofpbuf_init(&odp_key, 0);
- error = odp_flow_key_from_string(arg1, &odp_key);
+ error = odp_flow_key_from_string(arg1, NULL, &odp_key);
if (error) {
unixctl_command_reply(conn, 501, "Bad flow syntax");
goto exit;
unixctl_command_register("fdb/flush", "bridge", ofproto_unixctl_fdb_flush,
NULL);
unixctl_command_register("fdb/show", "bridge", ofproto_unixctl_fdb_show,
- NULL);
+ NULL);
unixctl_command_register("ofproto/clog", "", ofproto_dpif_clog, NULL);
unixctl_command_register("ofproto/unclog", "", ofproto_dpif_unclog, NULL);
}
get_stp_status,
set_stp_port,
get_stp_port_status,
+ set_queues,
bundle_set,
bundle_remove,
mirror_set,